i've seen too many businesses destroyed by sudden "your account is closed" with no human contact
The problem is, many folks have absolutely no comprehension of how difficult it is to build a payment processor that can serve lots of customers they don't personally know. The fraud is just insane. The regulation is insane. The card network rules are insane.
> “We had problems when we started accepting cryptocurrencies as a payment option. 50% of those transactions were fraudulent, which is a mind-boggling number. These were customers we didn’t want to have.” [1]
[1] https://finance.yahoo.com/news/steam-co-founder-reveals-why-...
There are parts of me that can see some appeal in cryptocurrency but I can’t see any way around this, at least not without impacting what made it appealing in the first place.
A mandatory waiting period for your horny impulse purchase doesn't necessarily seem like a bad thing, anyway.
And yes, that is on Valve to prevent.
Like you could get money from ransomware, buy a ton of games on steam, then sell the account to a third party.
The thread from 2022 does discuss this in detail.
PCI-DSS compliance wasn't even mentioned and it is easily able to overwhelm organizations like Valve and Itch on its own. The hardest part of payment processing is the network. Connecting the acquirers to the issuers in such a way that everyone is happy with the arrangement. Just like the hardest part of the power grid is the transmission infrastructure. The endpoints are far more trivial to replace. If you want to use the existing network, you have to play by all of the rules. The only real way out of this system is to use a completely different kind of currency.
“Financial institutions and financial services providers are barred from blocking, interfering with, restricting, or refusing any consensual transaction that complies with laws regarding content, materials, goods, or services.”
Admittedly in the USA this tees up a 1A case over whether companies have freedom of speech (they shouldn’t), but in other jurisdictions it could be the game changer needed to unshackle commerce from the control of a handful of boardroom puritans and risk-adverse compliance departments. If porn has a high rate of chargebacks, then stop allowing them without a higher burden of proof on the person requesting them, for instance. There’s ample room to enforce accountability on consumers and processors without upending the proverbial produce cart.
Thing is, that would absolutely be blocked by current payment providers and their lobbyists. I fully agree with you, though.
EDIT: Hah, I’m late to this party. Physical international money orders have already been discontinued by the USPS as of last year and are dwindling globally thanks to FinTech. The lack of a digital equivalent is definitely frustrating, as their flat fees and discretion were rather appealing.
To WU and Moneygram's credit, however, they do offer more digital wallet integrations and direct bank transfers nowadays. Their product lines are growing, but their fees aren't decreasing as they effectively have a captured (impoverished) market. Still, since money orders can be as safe as cash, having them as a viable alternative to the private payment card industry is necessary for business to function and smaller vendors to thrive, particularly in niche industries.
Regulation is not a bad thing, but it has the potential to be a bad thing. Done right, it's meant to protect people from being exploited, fleeced, or harmed; done wrong, it does the exact opposite.
Most banking regulations, at least in my exposure to them (mainly through PCI-DSS and FDIC), are sensible regulations trying to combat known exploits or problems. Yes, it's inconvenient at times for legitimate use cases, but the solution there is making those legitimate cases easier or safer without weakening regulations stopping, slowing, or tracing bad ones.
The issue being a "human"/societal problem, instead of technology, makes me wonder if this could be slowly changed over a few generations. The amount of momentum required would be quite high tough.
My understanding is that steam already has to do this? Like when I buy a game on steam it goes to steam, who then redistributes the funds to themselves, developer and tax man. Since they are holding the money, are they not defacto already a Payment Facilitator?
A digital alternative to cash offered by the central banks which are the ones responsible to enable financial transactions. Since so many are moving to cashless it is important for the central bank to retain control of the currency alternative to cash.
We can not allow this explosion of middle men all taking a cut of something they should not be part off especially since they now have such power that they decide what you can and cannot buy instead of the laws of the land.
Privatizing water supply is an awful deal for citizen - ask the UK - since the incentives are anti-consumer and public infrastructure is more often than not a monopoly by definition. I'd count transferring money online as public infrastructure and it should get the same treatment.
Our popular QR payment system, known as MobilePay, is owned by banks that have a financial interest in letting payments continue to process via visa/mc cards underneath, as they get a big interchange fee from reusing the legacy payment system. (around 0,2% interchange on a typical danish visa transaction).
In the past, we had a popular nationally owned cheaper safeguard against foreign payment monopolies in the form of Dankort, a local visa/mc alternative, but the company operating Dankort (NETS) has been sold by our gov+danish banks to an american equity firm, further removing any incentive for danish banks to not just quietly force visa/mc on everyone, so Dankort is now slowly dying.
The rent seeking is made even more perverse by the EU PSD2 legislation from 2018 that makes it illegal to forward payment fees onto shoppers, which removes all the textbook consumer behavior (judging price vs quality) from the equation. That law has created a situation where shoppers use whatever payment method their bank hands out to them and merchants are forced to blindly accept whatever shoppers use and pay up the fees which goes back to the same banks that decided what to give shoppers in the first place.
End result of this is that the banks best move is to push visa/mc, make everything seem hard to change & confuse politicians. Systems like Pix give me hope but I don't believe the existing system can be saved, it needs to be replaced by a new actor, aggressively supported at EU or national level, probably both.
The problem with things like UK water is privatisation and bad regulation. UK rail privatisation has not been too bad (the numbers do not support the claims made about it making things worse) - successful enough that the EU seems heading towards emulating it.
The problem, at the end of the day still comes down to quality of Government.
https://paymentexpert.com/2024/07/08/visa-mastercard-europea...
It is far from perfect, but perfect is the enemy of good.
It's ultimately the approach that got USB-C standardized for mobile device charging, but didn't mean subject matter experts at the firms building things were cut out of the process.
You can still process through the Interac network, but again you get get the same purchase insurance and also there is nothing stopping a group of people from pressuring interact not to process payments from a certain website as was the case with Itch.
I think Valve could actually find a bank to work with to run a QR payments scheme for the gaming industry (SteamPay perhaps?) that’s “topped up” via ACH. Just ignore the whole card part, since it’s online you don’t even need it. Require biometrics and you can make the fraud burden easier.
Of course this would cost a lot of money, but it’s at least in the realm of possible versus a PayFac etc.
There are services where you enter your username and password for your bank, and they log into your online banking for you, and make a giro transfer outwards, and they can confirm the transfer was sent because they sent it. Bank security departments don't like this, but they can't always do anything about it.
I highly doubt banks would choose some completely new payment processor (or card, etc.) over Visa or Mastercard: Visa and Mastercard can just put in their terms of service that you're not allowed to use that payment processor and that'll kill them real quick. Highly unlikely any existing bank would give up Visa or Mastercard just for that.
The author mentions the storefront pocketing the money, that seems implausible? If an unscrupulous storefront can pocket money that would be wired, it could also pocket money that would be paid by CC.
And then there's the weird thing about payment volumes...that's been a solved problem for half a century?
No.
The card processor will return the customer's funds for various reasons. In many cases, "no reason" is sufficient for a chargeback, especially if you are dealing in intangibles, such as software licenses or digital media. In addition to returning the customer's funds, the merchant is typically penalized a "chargeback fee". This means as a merchant, if your chargeback fee is $25 and the product is $5, one chargeback can set you back 6 sales.
For these reasons, as well as other minimum rates, certain price levels are untenable. Consequently, many products are either not sold at all or sold at a much higher price.
The conditions make it more sensible for the merchant to sell high priced items to less troublesome customers. The percentage of the card processor's fees are relatively less. The probability of a chargeback is lower. As you have less customers, you can more easily provide support and contact them directly.
Also: no-reason chargebacks are absolute BS. I worked on a PSP for a largeish adult entertainment business, and I remain convinced that most porn chargebacks are a case of "post nut clarity".
US wire transfers generally can't be reversed --- sometimes, if an error is noted immediately, and the destination bank cooperates, they'll send the money back; but the recipient can pull cash out immediately or wire the funds somewhere else immediately, and then your recourse is through the courts. ACH transactions are like checks; they can be reversed, but only if there was a mistake or they were unauthorized, not because of a service complaint; again, if you have a service problem, recourse is through the courts.
Being ashamed of an impulse purchase certainly counts as a reason to regret-- and potentially request a chargeback for-- such a purchase.
Also a chargeback is what the bank does to the merchant. From your perspective as the end user, you don't do a chargeback. What you do is you complain to your bank and they decide how to proceed from there.
Was wondering what anyone's experience with chargebacks are in general. I could imagine that, in the worst case, if combined with 'card testing' as a merchant you could immediately get slammed with thousands in unavoidable charge back fees? Maybe i'm hyperventilating but thats huge, really. I hope theres some stop gap.
Card testing won't (usually) do it, because that doesn't (usually) generate chargebacks[0], but yes, you will absolutely get smacked with fees if it happens. It really sucks.
https://stripe.com/resources/more/chargebacks-101
--
[0] it totally can, but card testers usually try to fly under the radar somewhat
We do have ACH (single nightly batch), same day ACH (four? batches throughout the day), and the new FedNow (immediate). But all of those involve providing account numbers and we don't like to provide those (both payers and receivers prefer not to give the other participant their ach numbers). Also, there's not a consistent way to link a payment/debit with an invoice, because memo fields don't necessarily show up with the payment.
Also, credit card purchases can be reversed without the cooperation of the merchant. Most issuers are generous with chargebacks (at least historically). You could take a merchant to court if you did a wire transfer, but that's expensive and time consuming.
This is because in the US, anyone can pull money out of your account with only the ACH numbers; which is an insane design[1]. In most other countries, the worst you can do is deposit money. The equivalent of ACH pulls requires significantly more paperwork and proof of consent by account owner.
1. Much like SSNs, which can be debilitating if not kept secret. US payments run in "true names" magic, and simultaneously expect you to register with your one true name at random places with questionable security practices, and it's your fault if there's a breach.
Yes, if a financial institution allows you to originate a debit from another account without verification, you could take money from anyone's account. The max liability you should have given prompt reporting of fraud (less than 60 days) is $50, and if your institution doesn't give it all back then find a new one.
ACH is also technically reversible, whereas wires/other instant transfers are not.
FIs also do fraud checks on ACH, I believe it may be a regulatory requirement now (sometime in the past few years?) to have some form of fraud check before sending originations to the FED. Typically this is verification of the other party being a known entity/account, which would ideally burn fraudsters very quickly.
Most transaction facilitators don't play around with any of this though, and have some "account linking" step before they are willing to originate transactions. Micro-deposits that you would need to verify on the other account.
Whoa, I don't blame people for not wanting to provide ACH numbers in that case. Is there any groundswell to provide a system where this doesn't happen?
However, I'm not sure if it uses different account numbers from ACH. It could be that sharing account numbers could be secure with FedNow and dangerous for ACH.
That’s the default for at least Germany and SWIFT, too. You can ask your bank to disable this, but that means losing the pull functionality completely; I think some banks have an interface to whitelist individually, but the majority doesn’t.
It can become a problem especially when you list your account number publicly somewhere for payments or donations: somebody will eventually use that account number to pay for random stuff. You’re contractually obliged to check your bank statements and ask for a (free) chargeback within a certain period of time (some weeks?).
At our projects, we solve this by having a separate “public“ bank account for incoming donations that blocks pulls, and a much less public one for pulls.
Apart from this use case, abuse seems to be rare enough that banks typically don’t expose the functionality to disable but only do it manually when asked specifically. I doubt most people even know they could.
13 months!
After that, it's a much more formal process where your bank has to get in contact with the other bank and it can take weeks.
So in the EU, anyone can indeed pull money with your account number (and with RTP that may change someday). But we can also revoke any such direct debit within a certain period of time.
I had to do it once, over my banking app, money was back the moment after I clicked.
I also encourage you to read about Chesterton’s Fence. Make sure you understand why something exists before you think about how to replace it, then maybe you won’t see Americans’ use of credit cards as “irrational,” but instead, reasonable under the circumstances that exist.
That said… the US did roll out FedNow (similar to SEPA) but because the US banking ecosystem is more fragmented, adoption takes a while.
Wire transfers here are expensive and don’t provide consumer benefits (cash back, credit options, consumer protections like fraud and chargeback, or merchant coupons). In your example, if an unscrupulous store pockets the credit card payment, the credit card / issuer will often reimburse your purchase. (This is a law in the US.)
This is true in the EU too. It’d also why you don’t tend to pay for goods and services via transfer unless it’s a very high value item and you have a contract to go alongside it.
I'm assuming "wire transfer" means something different to you than what it means in America. In the US, a wire transfer is when you call up your bank, give them a routing number and account number, tell them to wire however much money to it, agree to pay like $20 or something for the transfer, and then they tell you the transfer will happen tomorrow morning because it's 3:30 PM and the last batch gets handled at 3:00. They're not so much hated as pretty much entirely irrelevant to everyone. I've made one wire transfer in my life, and that was for buying a house.
1. A lack of a mechanism for using it for things like online purchases. 2. What about the 1% of the time when it is not instant?
On top of that you are not allowed, by law, to charge customers more for a card purchase so customers have no incentive to switch from cards and the existing mobile phone payment systems.
It does sometimes take two business days to clear, so it's not good if your service requires fast turnaround (e.g. pizza delivery). Of course, it's always good to have another option, and perhaps even for pizza delivery you could accept it on trust with customers you have a good relationship with.
(On the software side, unlike a credit card payment, this does require that you temporally decouple ordering and billing. Besides the processing delay, a lazy user might not send the payment immediately. Two weeks seems to be a typical length of time, and of course you don't ship anything until payment is received. Treat it a bit like a cash-by-mail payment.)
That's not the American way. Our services are both expensive and slow. You see, it's about freedom! We are the Most Free (lol, sorry) and therefore corporations are free to be bad in both ways simultaneously. :D
The key difference here is that you communicate with your bank, giving them a direct instruction to send money to the recipient at their bank. With cheque or card, the recipient communicates with the recipient's bank, to forward an authorization written by you, which is sooner or later verified against your bank. Which is convenient for you, but involves more steps.
Americans aren't opposed to it. Like so many problems with America, our institutions are simply opposed to anything other than maximal profit extraction at any and all costs.
Americans are, however opposed to the kind of national ID system you'd want for this kind of national banking scheme. For some reaon, they think it's more private or secure to use a 9-digit number assigned at birth.
Still haven’t gotten it a year or two later.
Our economy is now financialization of everything, rent seeking, wealth transfer instead of wealth creation, ad nauseum.
I'm nostalgic for when we could create wealth by making and doing, and punished people for stealing. (Perhaps it was never true, I've always been delusional.)
Stablecoins are not without issues, but they've largely solved the problem of price volatility. Objections around issuance and backing might be raised, but this is more interesting for trading and less relevant for merchant transactions.
Yes, there are no chargebacks with cryptocurrencies. This is an advantage for the merchant. Before anyone goes off the deep end here, let's recall the context of the discussion: one time payments to reputable merchants for trivial amounts. Game purchases do not require life changing amounts of currency to change hands. Steam and Itch are well known brands.
So what is left to object to? My impression is that there is excessive cultural and political baggage.
From the article:
>Capitalism sucks. The economic ecosystem sucks. People unrelated to transactions in any way except "They have the tech to facilitate them" deciding that entire industries don't get to make money and feed their staff because "It's risky to handle these payments" suck. That these entities can also be attacked by PACs and shamed into being the morality police sucks.
...
>But I still hate crypto.
Note that even though the author correctly observes the high regulatory overhead and political, non-market forces, they still manage to blame "Capitalism".
Got as far as several emails to vendors who all replied they wouldn't facilitate the payments, and saying "Good luck" trying to find one that would
Absolutely stupid system if you ask me.
Everybody, except for the few that are holding crypto and expect it to irrationally keep rising forever, are looking to convert it into ironically fiat money which they swear is the enemy.
This means other than bordering purely illegal or prohibited businesses that payment processors cannot handle (remember there are adult processors too), crypto will never become mainstream replacement for fiat.
Right now liquidity is there to absorb the ramping process but long term observers will note how fragile and quickly this can go away. Already, the number of new wallets being created on Bitcoin is plummeting. Search terms for bitcoin has tapered off. There is almost no real interest in it being a replacement for fiat or gold.
I wish gold could become more accepted but we all know the history of e-gold and many of us know its connection to Bitcoin and its curious proximity of origin.
It's just not a good look for companies selling mainstream products to suddenly accept a medium which is clearly being used for pump and dump and laundering of money for transnational crime and no amount of gaslighting or pushing crypto will change it, in fact it achieves the opposite of their goals.
We might at some point see a digital currency but this would be completely different from the crypto in existence today and all stablecoins that isn't issued by the government runs the risk of reporting what is different than what is there in the vaults as if governments haven't been caught doing this in the past. ex) Tether's reserves unaudited unverified mystery
I built and ran a site that allowed users to upload a stable diffusion model and generate images with them. I originally received money via stripe, and then promptly got kicked off after about 9 months. They threatened (via a clearly automated message), that the fines could be as high as 400k, ended up paying a 4k fine and getting off ASAP.
While we were on stripe though, the charge back rate was probably ~2-3%, which, I think is probably fine.
Moved over to Coinbase commerce and sales dropped from ~5k / month to 1k / month.
Having written all the code and founded my own "Payment Processor" twice in the last few decades, this is an interesting space that demands subject matter expertise 24/7/365. Having lived through many global events of all kinds, that the general public never saw since being in payments at the inception of the internet, I learned things not possible today. I recall vividly those that laughed at me in the 90's when responding to inquiries about what I did for a living. After stating that I was building a payment server for the internet all balked stating no one would pay for anything online and then PayPal became our client followed by many other well known brands. Is anyone still paying online?
Stay Healthy!
throwanem•5mo ago