There’s a lot of things I don’t like about PayPal: Their UI is horrible, search is weak and slow, and they seem to like randomly freezing accounts. Up until Stripe came to Canada, however it was one of the only choices for easy credit card acceptance online.

Will and I actually talked about selling WonderProxy to a US corporation we’d start, just to get more payment processing options.

One of the things that annoys me most is their handling of fraud. When someone accuses you of something, you’re given an incredibly short list of options to resolve the dispute. The options are heavily weighted towards providing a FedEx or UPS tracking number, or refunding the money. These are in fact your options even when you describe your account and payment options as “Services” rather than “Goods” (something PayPal asks you). As providers of an online service, I find this lack of personalization bothersome.

An average fraud case goes something like this:

  1. Get notified that someone bought something
  2. Get notified that there’s a dispute
  3. Provide some details regarding the person who used our service
  4. Lose dispute
  5. Lose the amount of the sale
  6. Pay a bonus penalty
Occasionally both of the first two steps occur before I wake up in the morning.

Resolving a dispute today, the options I was presented really bugged me:

Examining my options:

  • I can provide proof that the item was shipped through an approved shipper to the address on the Transaction Details page.
  • Clearly not applicable, we don’t ship things. I considered sending registered mail postcards once, but I think PayPal only covers your cost of the item, not the actual sale price.
  • I can provide evidence other than proof of shipment.
  • Not applicable here, the person didn’t actually use the service.
  • I can provide proof that I refunded payment for this transaction.
  • No freaking clue how this could apply. Maybe if the person PayPal’d me money, and I sent it back Western Union?
  • I will accept liability for this transaction.
  • My only option.
The choice “I will accept liability for this transaction” makes me feel like I’m telling PayPal that this is my fault, that I’m taking responsibility for the good people at PayPal processing a transaction that was clearly fraudulent. I’ve tarnished their good name through my failure.

This couldn’t be further from the truth: They’ve failed me.

Fraud Reduction is in fact one of the features they’re advertising (and we're paying for, over $3k in fees since January 2011). Apart from that, the entire fraud checking process is a black box to us. We’re not passed a fraud-score with any transaction: either we get the money or we don’t. We’re not even passed granular details about how the transaction occurred: Did the CVV test pass? what about zip code matching? user’s country (as determined by IP) vs credit card country? etc. We get none of that. Nor can we tweak our fraud protection options, I can stop people from paying us with eChecks, that’s about it.

We’ve contacted PayPal in the past when we suspected a transaction was fraudulent, the only option we were given was to pre-emptively refund it. There was no way for us to recommend that they flag that transaction for review, or perhaps examine other transactions on the same account/card further. We reach out to customers making suspicious transactions now, and just refund them if we don’t hear back. This is far from the optimal solution, and I feel it robs their fraud team of useful information, but it’s all we’ve got.

As it stands, WonderNetwork will be using Stripe for all new products. As our payment processing system matures with our new products we’ll be migrating it over to WonderProxy as well. I’m just tired of being treated like a criminal by PayPal for using their system in the manner it was designed.


Comments »

Weblog: mistressofinformation.com
Tracked: Nov 26, 12:33
No comments

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
 

Hi, I’m Paul Reinheimer, a developer working on the web.

I wrote a book titled Professional Web APIs with PHP back in 2006, and am currently working in Biomedical Informatics for a major public health company.

I’m working on a project to help developers called WonderProxy which has proxies all over the world. Working on GeoIP development? Now you can finally test properly! We've also released Global Ping Statistics for expected ping times between cities, as well as a Load Testing Tool to measure your site's ability to handle load. Our most recent site checking tool is Where's it Up? which checks your sites availability globally, returning HTTP, DNS, and Traceroute details

My hobbies are cycling, photography, travel, and engaging Allison Moore in intelligent discourse. I frequently write about PHP and other related technologies.

I co-founded:

WonderNetwork Logo

Search