Can we trade you this for the ChatGPT iOS app (non-)availability in Europe? I can't unfortunately speak for all Europeans but personally I'd gladly leave PayPal to the US folks only. :D
Very interesting to see this descriptor here “Learn about PayPal, a digital wallet popular with customers in Europe” considering paypal is basically regarded as the inventor of digital payment systems…
for some reason there is a lot of hate for PayPal among the US fintech startups... at least the ones i've dealt with... which I always thought as strange since whatever their flaws they do have half a billion money-moving users, which is a massive opportunity
(Personally I fucking despise PayPal so much but lately I see more and more foreign companies start offering iDeal payment option. Even though they charge an extra fee for it I'll gladly take it over PayPal).
As shady as PayPal is, I trust them more with my credit card information than having to give it to every single site I buy from.
Stripe's "solution" is especially ridiculous, since it theoretically sends the info directly to Stripe... but it still runs in the merchant's browser origin and can be phished trivially.
PayPal redirects you to a PayPal site (hosted on paypal.com, UX controlled by PayPal) to enter your payment information, and then redirects you back to the merchant once you're done.
Stripe supplies a script that merchants embed and style themselves. In theory the script sends the payment info off to Stripe directly for tokenization... but the user has no way of knowing that the merchant site didn't sniff it, or even that the script was used at all.
Why would the merchant site need to sniff anything? Once a customer has made any purchase, the merchant then has direct access to charge their cards from the Stripe dashboard. That's why it is a huge responsibility to use these services.
Yes, that's another problem with Stripe. PayPal also requires you to verify the charge in their UI, with the amount shown.
But a Stripe token (as implemented correctly) is still not quite as powerful as the card info itself, since it can only be reused with Stripe by that merchant.
Just here to post this is another reason to get off Gumroad when you get a chance. Do NOT use Gumroad. Using Stripe directly will save you so much money. Still bitter at those exploitive jerks jacking the payments price to a total of 12.9% (and something like 17% when through PayPal).
You get a lot more on gumroad for that don’t you? I tried to find MoR services like Gumroad and there are a bunch, so you don’t need to use them. But it’s not that trivial to replace all they offer for that price; that depends of course on how much you sell. It becomes more interesting to move the more you make, but I would skip Stripe too and go to a ‘local’ acquirer which will tons cheaper than Stripe.
Gumroad should’ve gone about it another way; just do fixed price extra’s for instance. Ah well.
If you're a software dev, you shouldn't be using gumroad. You're not their target market. Gumroad explicitly states that they're for creators, and that software folks are better off just integrating Stripe.
Gumroads USP isn’t payment processing. Gumroads USP is that they handle international sales tax (also know as Merchant of Record), which, I’ve you’ve ever tried selling something on the Internet without committing tax fraud¹, will know that 12.9% is _cheap_.
¹) I’d estimate some 95% of all small online business are doing sales tax wrong. Hell, Basecamp just now cleaned up their act.
Ignoring the ~2.9% of Credit Card Processing Fees ( on average it would still be higher than 2.9% ), I dont see how they charge 10% for their services is exploitive jerks.
Changing the fee from 3%-5% total to 12.9% (17% on paypal!) total when you already have a large customer base there, meaning you'd have to painfully migrate them to another provider, is not a nice thing to do in my eyes.
And also why I'm working on completely migrating off.
As someone who's been trying to get into the PayPal platform program (PPCP) for nearly two years now, I almost had a stroke reading this headline thinking I could have all along just committed to Stripe and received the same functionality in my product.
Beyond the fact that this is EU only, it does seem like ON_BEHALF_OF will probably never be supported considering PayPal would be directly feeding their competitor with the same functionality that their own platform offers.
That being said... onboarding into PPCP feels like getting selected for the lottery compared to just how easy it is to get running with Stripe's platform. If Stripe ever does support PayPal payments on behalf of I'd be switching over in a heartbeat.
To Stripe: please open this game-changing feature up to US customers. Tech is a global platform, and US based tech companies need access to global customers.
My site (mage.space) has hundreds of potential customers waiting for this. It was our most asked for feature after releasing our premium features this January.
It enables Stripe to capture market share that might go to PayPal exclusively otherwise. For many businesses with a European customer base and an on-demand product, Stripe-only is a nonstarter.
For e-commerce and digital goods (i.e. courses) sales, PayPal is the preferred payment method in EU. Given the choice, we see EU customers choosing to pay with PayPal instead of Apple or Google pay about 50% of the time. Stripe doesn't want to lose out on these sales.
I forget that Apple Pay is even an option online since I use Firefox. Not sure why Apple wouldn't open those APIs to third-party browsers, they make money every time someone uses Apple Pay.
Icelandic banks pushed some bad code for Mastercard to meet a Paypal standard. This caused transactions to have an extra 00 added to each transaction. Took a week or two to resolve.
Yep, with closed-source financial applications such issues are a common thing, just on a smaller scale so they do not meet the news.
Many of contemporary financials are also still being worked on the mainframes, utilizing the technology stack of 80s, and there are many differences between vendor implementations in the space.
While there are many argues about usability of crypto for payments today, crypto standards do exist in form of RFCs that are open source, produced by community, and are enforced world wide by application developers.
Very progressive step forward IMO as compared to software side of traditional finance today.
Sorry but this is such a bad take. Many of the bigger banks and financial institutions have very mature and well architected tech stacks, as do many newer fintechs. They have the funding to hire some of the best engineers, and they do. Being open has advantages, yes, but it's not inherently better.
There have been plenty of bugs and vulnerabilities in blockchain technologies over the years.
Yes, crypto is definitely not the solution to this. This was a transient problem, that was resolved within the week. Everyone got paid back. An issue with the EVM overcharging people is irreversible. Those funds would be lost for good. At least with trad-fi, you can click a few buttons and revert payments.
There's a big caveat to using PayPal: most marketplaces are not really supported.
From the Stripe page OP link: PayPal is available for online marketplaces using Stripe Connect. These online marketplaces include businesses such as Deliveroo and ManoMano that collect payment from customers, and later pay out to sub-accounts or service providers. PayPal isn’t available for platforms that onboard other businesses and enable them to accept payments directly, such as Shopify or Squarespace.
I'm not sure this is a huge caveat. This basically just says that if you're using a marketplace that you can plug Stripe details into to take card payments, PayPal isn't going to work. That's to be expected as that would be something the marketplace provider such as Shopify/Squarespace would need to implement.
Most marketplaces are not Shopify or Squarespace, and most customers on those few are probably already able to take PayPal payments via their marketplace where appropriate.
Stripe appear to have been building this for quite a long time. I remember seeing bits of this in the API back in ~2018, and it may have been there significantly longer.
I think in general they experiment with building lots of connections that most customers never see. At my previous place of work we integrated Klarna with Stripe, I see this has also now launched, but we used it in private beta for a long time.
While it's nice that this is now available, I wonder how well it works in practice. We had numerous problems with our Klarna integration – mismatches in expected flows between Stripe/Klarna, needing to use some Klarna APIs directly and some via Stripe, and neither Stripe support nor Klarna support having any idea how the integration worked.
Not sure if you still use the Klarna/Stripe integration at your current place, but curious to hear what went wrong. Could you email me at edwin@stripe.com?
I'm afraid I left that company and went to a big tech company. I think it was just a combination of it being a private beta product so support/engineering were fairly uninformed, difficulty getting support for things that were in between Stripe and Klarna's services (a bit of blaming each other), and the fact that the Klarna flow didn't really fit Stripe's charge flow, so in terms of tech the integration was nearly as complex as a direct Klarna integration (obviously still beneficial in terms of the business side).
It's funny that I was just on the phone with PayPal customer support for the past hour. I told them PayPal is a sinking ship. I was also questioning how PayPal can be a multi-national business when the CSR (customer service rep) literally told me "I don't recommend you [US citizen] use PayPal if you live or travel abroad"
Yesterday I login to PayPal and it text messages a 2FA auth code to an old, supposed-to-be deleted, phone number. There is an option to "try another way" where they call the new phone on file and I dial in a code they show on the web. This worked yesterday and I confirmed the old phone number is not visible in the UI.
I've been living abroad and originally signed up for Google Fi. One day, Google Fi disconnected my data and phone access. SMS still works, but there are cases where you need to "authenticate" with a phone call. Turns out Google Fi has a policy in place where they disable your data/phone access if you've been abroad for over a year. Due to covid and other situations, it didn't seem worthwhile to return to the United States just to resolve this phone issue. CSR didn't seem to be trained on this case, and it took several hours and multiple escalations before anyone in customer support knew about this policy existed. Google has a bad reputation for customer service, and they made a half-baked attempt at building out a customer support team with Google Fi, but it's a joke. As a former Google employee, I understand but still find it absolutely unacceptable. The performance review cycle is broken when no one has any ownership about the product after it's shipped. Customer Support felt 80% implemented, and the product manager moved on to the next shiny thing. Google's effort to invest in training the customer support staff to be exceedingly nice and soft spoken really shows. I just wish the customer support staff were trained to actually fix issues instead of re-iterating the also useless online documents and in-app copytext of Google Fi. I've worked with GCP tech writers to publish some docs for GCP, and if it's the same org producing the customer support FAQ/script and peripheral copy in the app/online docs, I'm not surprised why it's useless.
Google Fi has all the traits of an abandoned Google project. Funny enough, I noticed yesterday they rebranded to "Google Fi Wireless". I'm sure someone got a promotion as part of that initiative. At any rate, because of the inability to do authentication over the phone, I migrated to Google Voice as I was able to keep my phone number. Google Voice has signs of age and abandonment too. But it did the job... for a while.
Today I followed the same pathway to login to PayPal and was locked out.
Yesterday there's a bug in Chrome where I do not hear sound from Google Voice calls. The initial ring makes a sound, but then nothing, so I know my browser and OS has been configured to play sound for Chrome. This was after Google showed a banner linking me to docs, which in turn instructed me to go to chrome://settings/content/sound to allowlist Google Voice. Not sure why this is needed, when the default behavior is "Sites can play sound". Still didn't work. Hopped over to Firefox and got a warning that "this browser is not supported" when attempting to login to Google Mail. Not sure what kind of security vulnerability exists at the seam between Google Account login and a few months old version of Firefox. Thankfully with an update I was able to get Firefox to produce sounds for Google Voice calls and was able to 2FA into PayPal.
Today I forgot about the Chrome bug, and after 3 attempts, PayPal locked me out. I was told to call customer support. The CS rep said they will "disable 2FA" on my account. They noted that did not see the old number listed on their side either. PayPal still has my old phone number in a database somewhere, even though I requested it deleted. Can...
72 comments
[ 3.0 ms ] story [ 138 ms ] threadSome integration happened, but there are still separate parts, so they're not one and the same at the moment.
Stripe does not allow customers from the US to participate in this.
https://twitter.com/OpenAI/status/1661488013275435008
(Personally I fucking despise PayPal so much but lately I see more and more foreign companies start offering iDeal payment option. Even though they charge an extra fee for it I'll gladly take it over PayPal).
Ah yes, the little known EU payment provider PayPal.
To the point: is Paypal even popular in Europe?
For my app, I offer purchase via Stripe, wiretransfer or PayPal. 75% choose PayPal.
Stripe's "solution" is especially ridiculous, since it theoretically sends the info directly to Stripe... but it still runs in the merchant's browser origin and can be phished trivially.
Stripe supplies a script that merchants embed and style themselves. In theory the script sends the payment info off to Stripe directly for tokenization... but the user has no way of knowing that the merchant site didn't sniff it, or even that the script was used at all.
Unless it is something that I've misunderstood?
But a Stripe token (as implemented correctly) is still not quite as powerful as the card info itself, since it can only be reused with Stripe by that merchant.
It’s quite convenient as a payment method if you don’t want to use a credit card. Especially for international purchases.
https://www.europeanpaymentscouncil.eu/what-we-do/sepa-insta...
https://www.reuters.com/technology/more-banks-join-european-...
Instant payment networks: https://news.ycombinator.com/item?id=36012262
The setup took maybe 15min, and an hour later we had already received our first PayPal payments.
Gumroad should’ve gone about it another way; just do fixed price extra’s for instance. Ah well.
¹) I’d estimate some 95% of all small online business are doing sales tax wrong. Hell, Basecamp just now cleaned up their act.
https://saas.transistor.fm/episodes/nobody-in-saas-wants-to-...
And also why I'm working on completely migrating off.
[0] https://stripe.com/docs/connect/account-capabilities
[1] https://stripe.com/docs/connect/required-verification-inform...
Beyond the fact that this is EU only, it does seem like ON_BEHALF_OF will probably never be supported considering PayPal would be directly feeding their competitor with the same functionality that their own platform offers.
That being said... onboarding into PPCP feels like getting selected for the lottery compared to just how easy it is to get running with Stripe's platform. If Stripe ever does support PayPal payments on behalf of I'd be switching over in a heartbeat.
This essentially means you still cannot accept PayPal as a payment method if you're a platform using Stripe.
My site (mage.space) has hundreds of potential customers waiting for this. It was our most asked for feature after releasing our premium features this January.
Do Canada next!
[1] https://www.idownloadblog.com/2022/08/01/ios-16-apple-pay-ch...
Icelandic banks pushed some bad code for Mastercard to meet a Paypal standard. This caused transactions to have an extra 00 added to each transaction. Took a week or two to resolve.
Many of contemporary financials are also still being worked on the mainframes, utilizing the technology stack of 80s, and there are many differences between vendor implementations in the space.
While there are many argues about usability of crypto for payments today, crypto standards do exist in form of RFCs that are open source, produced by community, and are enforced world wide by application developers.
Very progressive step forward IMO as compared to software side of traditional finance today.
There have been plenty of bugs and vulnerabilities in blockchain technologies over the years.
From the Stripe page OP link: PayPal is available for online marketplaces using Stripe Connect. These online marketplaces include businesses such as Deliveroo and ManoMano that collect payment from customers, and later pay out to sub-accounts or service providers. PayPal isn’t available for platforms that onboard other businesses and enable them to accept payments directly, such as Shopify or Squarespace.
Most marketplaces are not Shopify or Squarespace, and most customers on those few are probably already able to take PayPal payments via their marketplace where appropriate.
I think in general they experiment with building lots of connections that most customers never see. At my previous place of work we integrated Klarna with Stripe, I see this has also now launched, but we used it in private beta for a long time.
While it's nice that this is now available, I wonder how well it works in practice. We had numerous problems with our Klarna integration – mismatches in expected flows between Stripe/Klarna, needing to use some Klarna APIs directly and some via Stripe, and neither Stripe support nor Klarna support having any idea how the integration worked.
Yesterday I login to PayPal and it text messages a 2FA auth code to an old, supposed-to-be deleted, phone number. There is an option to "try another way" where they call the new phone on file and I dial in a code they show on the web. This worked yesterday and I confirmed the old phone number is not visible in the UI.
I've been living abroad and originally signed up for Google Fi. One day, Google Fi disconnected my data and phone access. SMS still works, but there are cases where you need to "authenticate" with a phone call. Turns out Google Fi has a policy in place where they disable your data/phone access if you've been abroad for over a year. Due to covid and other situations, it didn't seem worthwhile to return to the United States just to resolve this phone issue. CSR didn't seem to be trained on this case, and it took several hours and multiple escalations before anyone in customer support knew about this policy existed. Google has a bad reputation for customer service, and they made a half-baked attempt at building out a customer support team with Google Fi, but it's a joke. As a former Google employee, I understand but still find it absolutely unacceptable. The performance review cycle is broken when no one has any ownership about the product after it's shipped. Customer Support felt 80% implemented, and the product manager moved on to the next shiny thing. Google's effort to invest in training the customer support staff to be exceedingly nice and soft spoken really shows. I just wish the customer support staff were trained to actually fix issues instead of re-iterating the also useless online documents and in-app copytext of Google Fi. I've worked with GCP tech writers to publish some docs for GCP, and if it's the same org producing the customer support FAQ/script and peripheral copy in the app/online docs, I'm not surprised why it's useless.
Google Fi has all the traits of an abandoned Google project. Funny enough, I noticed yesterday they rebranded to "Google Fi Wireless". I'm sure someone got a promotion as part of that initiative. At any rate, because of the inability to do authentication over the phone, I migrated to Google Voice as I was able to keep my phone number. Google Voice has signs of age and abandonment too. But it did the job... for a while.
Today I followed the same pathway to login to PayPal and was locked out.
Yesterday there's a bug in Chrome where I do not hear sound from Google Voice calls. The initial ring makes a sound, but then nothing, so I know my browser and OS has been configured to play sound for Chrome. This was after Google showed a banner linking me to docs, which in turn instructed me to go to chrome://settings/content/sound to allowlist Google Voice. Not sure why this is needed, when the default behavior is "Sites can play sound". Still didn't work. Hopped over to Firefox and got a warning that "this browser is not supported" when attempting to login to Google Mail. Not sure what kind of security vulnerability exists at the seam between Google Account login and a few months old version of Firefox. Thankfully with an update I was able to get Firefox to produce sounds for Google Voice calls and was able to 2FA into PayPal.
Today I forgot about the Chrome bug, and after 3 attempts, PayPal locked me out. I was told to call customer support. The CS rep said they will "disable 2FA" on my account. They noted that did not see the old number listed on their side either. PayPal still has my old phone number in a database somewhere, even though I requested it deleted. Can...
I actually got really confused by the instructions because I went into the dashboard and couldn't find PayPal.