SoylentNews is people
SoylentNews
from the Email-confirmation-just-slows-us-down dept.
Recently, I received an email from PayPal asking to confirm my email address for a new account. Since I do not use PayPal, I figured it was a phishing scam and ignored it. However, I started getting other emails, which included updated address information and a sales transaction. The name for the account was not mine (but the first name was the same), and the address was in a different state.
Looking at the raw email headers, it appeared to be legitimate emails from PayPal. What confused me was that I never responded to the email confirmation message, so why would PayPal allow a person to perform a transaction without confirmation? Since the email in question is a Gmail account, I have had since Gmail beta, I wondered if my account had been compromised, but there is nothing to indicate that. Another idea was someone could be intercepting/listening to my email, but that is a lot of effort to do for a simple paypal transaction.
The likely scenario is PayPal failed to check the account email and suspend any further actions until the address is confirmed. PayPal sends an email to confirm the address, but does not bother to wait for the confirmation.
I called PayPal support, and after some time and educating the support person on how technology works, the person put in a support ticket. Not sure if the problem will ever get resolved or if PayPal will admit they have a problem. As of now, I have not received any more emails. I will have to decide if it is worth my time to call support again and get the disposition of the ticket.
(Score: 3, Interesting) by AthanasiusKircher on Tuesday April 18 2017, @07:06PM (5 children)
Knowing then, what I know of Paypal today, I probably wouldn't open an account with them.
Agreed. Paypal -- despite its claim to be "convenient" -- has mostly just caused me headaches over the years. I signed up for Paypal for one or two transactions over a decade ago. For some stupid reason, I somehow ended up with a credit card linked to that account. (Maybe I forgot to uncheck a "remember my card" box or something; I just don't remember. Frankly, I NEVER tend to "save" card info except on 1 or 2 sites I use very frequently and trust, so I can't imagine I'd allow this -- but maybe I used it once and somehow it linked.) Anyhow, maybe 5 years go by, and I try to pay online for something with my card. The people I'm paying (whom I trust, because it's a small organization I'm a member of) use Paypal. I just want to use a credit card to make a payment, but Paypal won't let me -- because my card number is associated with a Paypal account.
Except I don't know what that account is. I don't remember associating the card. I don't know if I even remember the username; I certainly don't have the password. And the email it was likely linked to (which presumably could do a password reset) has been dead for years. I swear that I had made payments through the Paypal interface with this card with no problems before -- i.e., without logging in. Everyone else on the planet who doesn't have a Paypal account can make a payment that way with a credit card. But now I couldn't use my credit card -- because I somehow was stupid enough to associate it with a Paypal account, so they wouldn't process my transaction without my logging in.
After trying to find something on their website that will help (and I think emailing support, which wasn't helpful), I finally give up and use a different credit card. I did that 1 or 2 more times over the next few years when I encountered a Paypal transaction. I tried to close the Paypal account at some point, but without the necessary info, there were some weird hurdles. For "security" reasons, I couldn't open a new Paypal account and add that card either.
But then my card number was changed by my bank -- I think because I had made a Target transaction back when that whole security breach happened. Anyhow, I thought, "Finally! I'll be able to use my credit card again, even for the occasional Paypal transaction." No dice. Now the transaction would seemingly go through until the end, until it would fail with some bizarre error, which caused me to have to contact the organization and check to see whether the transaction even went through or not. Somehow they still had associated my card with an account, even though the original card had long expired AND the number had changed. (I didn't even think that was normally possible.)
After the second time a transaction blew up, I finally called Paypal support and waited on hold for nearly an hour. I explained the situation and just said I NEVER, EVER, EVER want an account with them again -- that I really had used it only once a decade ago, and I don't even know how my card number got saved as associated with that account in the first place. After jumping through a bunch of hoops on the phone, I finally got the card disassociated from the account so I can actually use it again like any other normal person who wants to pay with a credit card and NEVER had a Paypal account.
So I find the summary actually really funny (in a terrible way) -- they insisted on making me log in and verify myself to use my own credit card, even though I never wanted to be associated with them. But they won't take the time to verify an email address before using it for transactions. Huh? Maybe that's how I got stuck in my whole mess in the first place too -- maybe I did something with a card transaction at some point and didn't realize I was logged into Paypal and it just saved the number or something without my confirmation to do so. I don't know... all I know is Paypal has only ever been an impediment to online payments for me.
(Score: 1) by purple_cobra on Tuesday April 18 2017, @10:45PM (1 child)
All these stories about PayPal being shitty and my own experience has been quite the opposite.
A couple of wankers tried to rip me off on eBay, once with a cloned/copied GameBoy Colour cart and once with a broken PowerMac Airport card (shows you how long ago these happened!). The wireless card was being resold by someone who said it didn't work on their machine and it turns out this was because it was broken; the vendor then tries to tell me if the *original* vendor refunds them, they'll refund me. One complaint to PayPal later and they refund what's in the vendor's account - about half the amount - then a few months later I get the rest. That knackered card is still at dad's place somewhere as they stopped responding to all e-mails about it after my initial e-mail.
The only cock-up was I bought something recently and PayPal sent an "e-cheque" instead; turns out this was because I'd let my credit card details lapse and they just hadn't told me about it. Fixed that and it's been fine since, he said with his fingers crossed.
(Score: 0) by Anonymous Coward on Wednesday April 19 2017, @01:48AM
I had a similar happy ending story although not necessarily because of paypal. Bought a phone on eBay and paid with a credit card via PayPal. Used the phone for four months when it suddenly stopped working. Carrier told me that it was just reported stolen and blacklisted (Presumably by the seller). Had to be an insurance scam. EBay and PayPal both told me it was outside the 90 day dispute policy, but the Paypal guy told me to dispute to credit card company. PayPal refunded credit card because seller didn't counter the dispute. I hope the seller pissed.
I don't like the PayPal horror stories, but I haven't had problems.
(Score: 4, Informative) by cubancigar11 on Wednesday April 19 2017, @03:13AM (2 children)
As someone who used to work at PayPal I think I can bring some background to this. PayPal is not considered a bank in USA. I don't know why, but the government allows it and PayPal wants it that way to avoid a myriad of regulations. Because of this distinction, PayPal is regulated in a different way - if a transaction happens on PayPal via a stolen card, it will be held legally held responsible unless they refund the whole amount to the buyer. There are many other factors and many other regulations that come because PayPal operates in multiple countries and handles forex etc.
Because of this, they have developed an internal engine called 'Risk' that gives flags every transaction with 'go ahead' and 'stop'. The whole company relies on this engine, which means two things: A) Help won't come easy if the Risk engine has stopped something to happen. B) The engine itself is slow moving, i.e., it is not easy to tweak it for the current season.
Now, when I used to work, this engine would flag close to 30%-40% of all transaction as a no-go. There is always a talk to lower the risk engine, but management has decided that anything below this has is too... risky (sorry for the pun :P)
While this gets them a constant stream of user with bad experience, they think any competitor won't be able to challenge them by taking more risks.
I personally don't use PayPal unless paying to my domain reseller... and that's it I suppose.
(Score: 2) by cubancigar11 on Wednesday April 19 2017, @03:21AM
Damn, going to get a coffee.
(Score: 0) by Anonymous Coward on Wednesday April 19 2017, @04:28AM
Very interesting, thanks for this story on the Risk engine. A recent transaction of mine was made "pending" and then I received an email asking for an explanation of who I was paying and why. Once I explained, it went through, so no long term trouble. As best I could tell, the reason it was questioned was that the message I sent was a 4 letter acronym that was quite close to "ISIS" ... but not quite, had one letter different--was actually the initials of a small university.