I get that you need a PIN, but this is saying that your phone number is your creditcard number, so everyone you give your phone number to now has your CC#
PayPal is consigning the shop till to the dustbin in a way that could completely wipe Visa and MasterCard out of the shopping equation. The website is gearing up to allow punters to pay for products in-store by scanning barcodes with a mobile, and allow payments to be authorised with a phone number - among other new features …
I get that you need a PIN, but this is saying that your phone number is your creditcard number, so everyone you give your phone number to now has your CC#
Although I am naturally wary (Paypal seeming to be one of the most hackable transaction systems out there) it's about time they did this. If it's done right, and there's enough takeup (especially the scan&pay bit) this could seriously improve (i.e. speed up, the worst part of any shopping is the time it takes!) shopping.
I'll reserve judgement until I see it in action, but I'm cautiously optimistic.
One of the biggest drawbacks of PayPal over using credit cards directly is the lack of legal protection afforded to UK shopping through Section 75 (of the Consumer Credit Act 1974) <http://www.moneysavingexpert.com/shopping/section75-protect-your-purchases>. I avoid using PayPal for transactions over £100. Admittedly most of my transactions are much smaller than that though.
The world minus the UK is still a big market place.
Scan the barcode, pay for it via an app, and trigger the security alarms as you leave because a checkout operator hasn't cancelled the security tag? I can see that working. Not.
PayPal thinks it can do this cheaply because it doesn't have the overheads of a bank, but those overheads are there for security and protection. As usual, when the new boy thinks it can solve a problem better than the folks who've been doing it for 50-odd years, it generally means that they don't really understand the fine details of the problem. Wait until the first time someone gets conned, and discovers that theyt have no legal protection, because Paypal isn't a bank.
I believe in europe, paypal is actually incorperated as a bank, so this sort of thing MAY be covered by the various banking laws. If not there's always the small claims court.
On one hand, this is the part I find most interesting as it would remove the queueing bit, but my first thought was basically the same 'How do they know I've paid when I walk out the door?'...
I'll look forwards to hearing more though.
But they act like they are.
I wouldn't trust PayPal with a drop of piss, let alone money.
They are registered as an electronic money issuer, not a bank, that means they are required to employ "fit and proper persons", and maintain adequate capital, but you don't have any comeback if they go bust other than that they "should" have enough money in "low risk" investments to pay back everyone. It didn't work for Crown Currency Exchange though.
Newsflash - the security alarms will go off anyway for certain purchases.
I bought a portable harddrive in a Tesco store just the other day and despite paying for it and having it removed from a massive protective plastic box (with a debit card with additional protection, actually) the alarm went off.
I (despite knowing I wasn't legally obligated to comply) showed the security guy my receipt and the item in question (he tested it). He said that the company who make the drive install the security tag INSIDE the box (I don't know if it's inside the actual drive, that would be interesting) and that there's nothing they can do about it.
So everytime you buy a hard drive from a store with those security gates, you're going to set off the alarm.
Next time I may exercise my freedom to ignore it, knowing I haven't done anything wrong and don't have to either submit to an unlawful search or unlawful detention. Alternatively, I may take the packaging with me and walk in and out of the shop for the lulz.
You've thought about whom you might trust with a drop of piss?
Most should know that there are security tags inside, where chiclets (little plastic strips with an adhesive back), protected stickers or other plastic doo-has and open the package and remove them. Or deactivate the tag.
Also they *might* not be able to search you (it can be a very grey area), but they can pass your details onto the police as someone suspected of shoplifting, along with any other shop (many round here are part of an anti theft scheme) so enjoy being closely followed by staff and security guards wherever you go not to mention being potentially banned from every outlet in the chain (unlikely but have worked in places where lists were kept of those under a company wide ban for various reasons....being an arse / abusive was one of them)
Then again certain cities (dundee for one) have a culture of running when an alarm goes off, even if you have paid.....says something about the honesty of your average dundonian......
But I've thought about what I'm willing to trust PayPal with.
The IT angle? The forward slash, obviously.
Option 3 seems logistically difficult, how does the store tell that you paid for the item which you're now carrying out of the store without going to the checkout.
Presumably each item will carry a unique, peel-unfriendly QR code (or similar) sticker so you can't do some cheeky "grab, scan, walk out, toss phone to mate, mate walks in, grabs, walks out" move to get yourself some freebies.
Presumably door lurkers will carry a mobile device to rescan your unique sticker as you leave to confirm /someone/ has paid for it (a quick shufty at your mobile device would show that you coughed up the necessary, should they actually give a shit about that).
"(a quick shufty at your mobile device would show that you coughed up the necessary, should they actually give a shit about that)."
You were obviously not of the generation that faked 'cleared memory' screens on to their graphical calculators before taking them into an exam, chock full of handy hints and tips...
Option 3 still seems either too insecure or too pointless, I mean if you can walk in, scan a shirt "pay" for it and walk out then it's open to abuse.
If on the other hand you have to walk in, scan, "pay", go to a security guard to ensure you've paid, well, you might as well have gone to the checkout?
Also, if option 3 did take off and they implemented the checking of every item in every shoppers bag then the queues would be horrendous?
Just saying, it sounds like a great idea if we lived in some paradise where everyne was honest and could be trusted.
My old physics teacher used to claim that a high voltage cable around the doorway would generate a magnetic field strong enough to erase the memories of anyone's calculator who was trying that trick. I'd love to think that this would work.
It is an option so it depends up on how the store is set-up. Before the selfscan tills Safeways use to let you scan your things as you put them in your trolley and pay on the way out of the shop. They would stop people randomly to check they had not made any "mistakes".
So he didn't hit the 'd' key hard enough and didn't notice before posting big f'ing whoop!
Even if that is not how it happened it's not the end of the world, it's not a long post full of glaring errors.
Get over it and get a life.
"Your Retarded" - so I assume that spelling was deliberate as opposed to "You're Retarded"???
Perhaps you should review the name under which you post before attempting to criticise someone else's grammar quite so aggressively.
I think you'll find that, besides being offensive to many, the name you've chosen should use 'you're' in place of 'your'.
If that tantrum is an example of the way you conduct yourself then I can only assume that meeting was at the jobcentre.
But the fact is that MOST people think that is the correct way to write the expression.
However, as the use of self-operated checkouts at Safeway and other supermarkets is contemporary, the present tense is correct.
Your user name is most apt - you are indeed *our* retarded. Though to be a bit of a grammar pedant, in English you would actually say "your retard" or "your retarded person". Hope that helps.
First time poster, long time reader.
What this is good for, is small businesses like me. I've longed for an app or similar in the UK where I can take card payments while out and about or have my Cash On Delivery option also be a Card/Cash On Delivery.
As for the security behind it, it is open to fraud but as a business you pay paypal a fairly large cut that if there is any problems they cover the costs of it and generally sort it. The old banking model doesn't work for a lot of new innovation, saying "the new boy thinks he can solve it blah blah blah" still has small businesses looking else where and willing to take a chance to make their business work. Hopefully banks will go the way of the music industry, get caught sleeping about new innovation, miss the train and go out of business.
I've heard about dongles that plug into iphones/android phones that allow you to swipe credit cards and authorise payments over their phone/data link. Don't have any experience with them but they might be worth a look?
Holy crap titles are optional now!
"As for the security behind it, it is open to fraud but as a business you pay paypal a fairly large cut that if there is any problems they cover the costs of it and generally sort it."
As a small business to business company we rarely deal with credit/debit cards so not worth having a merchant account.
We used to use Paypal to process these odd transactions, at least once a month there was stolen card, paypal inform you everything is fine only for weeks later to reverse the transaction and you get nothing. Their in depth investigation consists of replying one nano-second after you send them the details saying sorry nothing they can do.
When google checkout came on the scence we swapped and in the last 4 years we have had 0 chargebacks, so paypal would be the last company on the planet I would entrust.
@auburnman, these systems are not permitted in Europe (and other regions). Magstripe is too easily forged, and merchants must use Chip+PIN for card-present transactions. Submitting lots of swiped transactions will get you your merchant account suspended.
For mobile card payments, you can use a CNP (Card Not Present) interface hosted on a mobile app. One example I know (haven't used this, but have been a satisfied customer of theirs for a regular online card acceptance system): http://www.worldnettps.com/feature-tour/iphone-virtual-terminal It even takes debit cards.
PayPal are not a good choice for a small business. They're far too quick to refund purchases, even when the buyers are obviously acting in bad faith or actively trying to defraud the merchant. They're not even cheap once you're beyond the "kitchen table" stage of your business - you can get set up with an properly certified online processor for less than £40/month, with a big bundle of transactions thrown in for free.
Still, even PayPal is better than Google Checkout..
"I paid for it gov... honest... there must be a problem at paypal"
Indeed, but presumably your phone's app would have some sort of record as well as the shop having a way of checking it against Pay Pal...
This will take off if the retailers are not charged flat fees or % per transaction as they are with the CCs.
Good tip by another about legal protection on items over £100 though.
PayPal is a business. The purpose of their existence is to make money.
PayPal has always charged fees. They must continue to charge fees in order for their business to be viable. Their fees resemble closely the kinds of fees that merchant banks charge to retailers, except they are generally higher.
There are two options for charging a fee to process a transaction. One is to charge a flat or one-off fee. The other is to charge a percentage of the transaction value.
How do you think PayPal would make any money if they didn't charge fees?
Scan the barcode, you get an identifier of the product. Database of shop holds the relation between this code and the price.
So the shop owner must pass that on to paypal? All sounds more complicated than the article suggests....
What happens when my generic smartphone's battery runs out halfway through my shopping?
Then you put your replacement battery in of course...
Folding money and a choice of debit or credit card for me.
Mine's the one with plenty of unoccupied pocket space...
if my credit card is linked to paypal and that's ultimately the source of funding for my purchase am I not protected by the consumer credit act as it's effectively a credit card transaction?
I remember reading something on the MoneySavingExpert.com forums that said the Section 75 protection does not apply to purchases made through PayPal.
Typical rubbish that comes from thinking, "How can we make money from this market" instead of, "How can we fix this problem".
Yes and no. You are effectively covered because you can in fact dispute the charge with your credit card company.
You aren't covered because Paypal will then freeze your account, all the money in it and send you a bill for the amount you disputed + fees. I've personally had to take them to court over this when they refused to refund a fraudulent transaction, I had my bank pull it and they froze my account and sent me a bill. Small claims court here in the Netherlands found them in the wrong and gave them a 100 euro fine for every day my account was frozen, starting 14 days after the judgement was passed.
Difficult to cast comment with out technical info but a few questions spring to mind
Option 1) seems to forget that Chip and PIN ever happened. Whatever it's potential vulnerabilities it has reduced Point of Sale fraud significantly http://www.theregister.co.uk/2010/03/10/uk_plastic_fraud/
It also assumes banks will be happy to handle transactions received from retailers that use a phone number instead of a card number. This would not be a trivial change. There are quite a few ISO standards that dictate how this stuff should work. Alternatively retailers would have to implement enhanced terminals or software to dial a unique PayPal authorisation system. Neither of these sound cheap.
Option 2) fits the existing infrastructure better but then why not use your credit or debit card ? In addition as previous posters have pointed out there's the question of legal protection.
Option 3) employing door lurkers to check the receipt on your phone doesn't sound like a cost saving and would seem to just move the queue from the checkout to the door. Plus the difficulties in verifying the receipt seem complex.
Interested to hear more, but doesn't sound like a sea change in payments processing to me.
Employing door lurkers to check the receipt on your phone does more than move the problem from the checkout to the door, it actually makes things worse by taking multiple short, parallel queues and turning them into one long, serial queue.
The queue at the door might not be enforceable.
You have to queue at the checkout because you have goods you haven't paid for.
At the store exit however, you have paid for your goods and the store has no legal right to detain you. Wanting to you queue so as to check your receipt isn't enforceable. As long as you have paid for your goods you can bypass any queue and walk out the store.
Not sure whether there's been any ruling to clarify this ... however, when Google Checkout came out I signed up for it as they were offering a 10% discount at various merchants for the first few weeks to drum up business. I remember giving the T&Cs a cursory scan and one thing jumped out at me was that they said you were buying "virtual money" from Google which was then transferred to the account of the store you were "buying" from and then they'd be able to convert this back into real money. So I saw that in case of a dispute you could have a situation where the CC company would say "well, the "virtual google money" you bought seems to have worked ok so no come back on us"
Need a few things fixed first of all.
1) Network coverage into the deepest bowels of the store.
2) Unlimited data contracts (no female could ever manage a single shopping trip on only 500MB!)
3) Improved battery technology so you can use your smart phone to do smart things in the low signal areas without it gasping for a top up after an hour.
Oh, and some protection from Paypal and their rather wild-west banking techniques, although judging from events of the last couple of years, even official banks don't behave any better!
Apart from that, flawless. Patent it.
In order to Patent something it needs to be novel, i.e. not have prior art.
If you tell anyone your idea or publish it, tough luck - your chance to patent it has gone.
Tell that to the US patent office!