PayPal Offers $150,000 In Developer Challenge 80
blackbearnh writes "As previously reported on Slashdot, PayPal recently released a series of new APIs that allow developers to embed PayPal into their web sites and applications without requiring the user to go to the PayPal web site to complete the transaction. To encourage developers to use these new APIs, PayPal is offering two prizes totaling $150,000 for interesting new applications. The entry deadline to register ideas is December 16th, and O'Reilly has an interview with the director of the PayPal Developer Network that covers the details of the contest. In it, Naveed Anwar talks about why PayPal is throwing money at developers. 'When Facebook opened up their platform, it allowed people to work in that particular environment, in the Facebook environment. When the iPhone opened up their platform, they allowed people to work in their environment which was build the applications on the iPhone. When PayPal was looking at opening up its platform, we are not limited by one particular area. We go into the enterprises. We go into social networking. We go into all the places where payment as a solution is needed. And if we can actually reduce that barrier of entry — because at the end of the day, when anyone is building out a business and anyone is building out an application, they're looking at ways of monetizing it.'"
Lame way to underpay. (Score:1, Offtopic)
This is nothing more than a ploy to significantly underpay for an enormous number of applications.
Not to mention that their new API just turns paypal into a processing center.
Re:Lame way to underpay. (Score:5, Insightful)
I wouldn't consider it a ploy at all. Essentially this is what Developers and Producers have wanted from PayPal for a LONG time. There are ways to store your paypal account info in other services (Steam comes to mind) but you always had to go to the paypal site to complete the transaction.
Paypal has never been anything but a processing center. All it ever did was hold your bank accounts and Credit cards online so that you don't have to enter that number in more than one place on the internet. All it ever did was keep the #'s secure, in a sort of "I'll give paypal my money if paypal pays for the product" - thus you only ever have to trust 1 person online. If you ever thought it was anything different, you were sadly mistaken.
Anyways, this is good, it's kind of a "Here's what you asked for" and a little kicker to make sure the rest of the world knows, to help it take off quicker.
Re:Lame way to underpay. (Score:4, Interesting)
Paypal has never been anything but a processing center. All it ever did was hold your bank accounts and Credit cards online so that you don't have to enter that number in more than one place on the internet. All it ever did was keep the #'s secure, in a sort of "I'll give paypal my money if paypal pays for the product" - thus you only ever have to trust 1 person online. If you ever thought it was anything different, you were sadly mistaken.
This new API completely removes that benefit. this makes it so that any paypal merchant can randomly charge whatever they want to my account. Previously I would have had to explicitly approve the transaction.
Re: (Score:2)
Right - and you will STILL have that option.
They are simply making it more convenient for those who do not want to have to explicitly approve each and every transaction. Specifically subscription based items, Like World of Warcraft, Lottery Tickets, online Poker, etc etc.
Re:Lame way to underpay. (Score:4, Insightful)
After hearing so many stories about PayPal requiring people to sign away rights like credit card chargebacks,
You can still do a charge-back to Paypal if you paid with a CC. Of course, PP will probably cancel your account if you do that, but that's why you shouldn't trust your PP account too much, and just use it for buying shit on Ebay. If you need to rely on it more than that, then open multiple Paypal accounts; use one for selling, one for buying, etc. That way, if PP closes one, you'll still have the other one.
and their allegedly arbitrary process of deciding without warning and without due process that you're committing "fradulent" activities, which of course entitles them to take the money from your account or freeze it
Yes, this is why you should NEVER link Paypal to your main bank account. That's just stupid. Instead, have a separate bank account (at a different bank or credit union even), and link your PP account to that. Never keep any substantial amount of money there; just use it as a place to move money to/from your Paypal account. For instance, if you sell a lot of stuff, have a single PP account just for selling, and link that to an empty bank account. Periodically (every few hundred $$$ or so), transfer money from your PP account to the bank account, then withdraw it (in person or by check, whatever's easier) and move it to your main account that way. Don't give PP a path to your main store of funds, that's just asking for trouble.
PAYPAL IS FOR ***.
I won't comment on that, but anyone that trusts PP too much is asking for trouble IMO. However, it is pretty much a "necessary evil" for a lot of online transactions. I have my own little web store I sell some widgets on, and PP is the only realistic way to get money from people all over the world without asking them to send me money orders, which would result in very few sales, or having to pay thousands of $$$ to set up a credit card merchant account (these fees are probably more money than I've made selling my little widgets). It's entirely possible to use PP and set yourself up so that you're protected in case they try to screw you over.
Re: (Score:2)
I agree with all the facts you set forth, but the way you present them sounds too much like blaming the victim.
Re: (Score:2)
I'm not blaming the victim at all, but you do have to realize that when Paypal gets entangled with your main bank account, that's a BIG vulnerability, and there's been lots of horror stories involving Paypal stealing money from someone's account over a dispute or whatever. A prudent person recognizes risks, and takes steps to avoid them; I just suggested some steps to avoid excessive risk when dealing with Paypal. They can't suck money out of an account if there's no money there.
Re: (Score:2)
I'm waiting for this to seem like a problem. (Score:2)
I'm waiting for "All it ever did was keep the #'s secure" and "you o
Re: (Score:1)
The bad part was that it was Paypal that you had to trust. From where I sit, they didn't have anything to throw away.
Re: (Score:2)
You win one (1) lol. I'd still rather trust one Paypal than forty Paypals, which is what they want me to do now.
Re: (Score:2)
>> I'm waiting for "All it ever did was keep the #'s secure" and "you only ever have to trust 1 person online" to seem like a BAD thing. I mean, there has to be a problem with that for them to be throwing that way. Maybe you can explain it to me.
I'll explain. Imagine using Pandora or Lala or whatever kids use these days to listen to music. You like some very obscure artist, and want to buy the (physical) CD online. To buy the CD you can:
a) Give your email address (and wait for that confirmation email)
Re: (Score:2)
a) Give your email address (and wait for that confirmation email), credit card, & password
b) Click "buy with paypal"
In the first case I am giving Panlala information that they can use to charge me late fees if I don't ship the mp3 back to them by the end of the week.
In the second case I'm giving Panlala precisely what I've entered on the Paypal site, no more, no less.
In the new scheme I'm giving Panlala information that they can use to charge me late fees if I don't ship the mp3 back to them by the end
Re: (Score:3, Informative)
"Paypal has never been anything but a processing center. "
Actually it's a bank located in Luxembourg since a couple of years.
http://www.businessweek.com/technology/content/jun2007/tc20070614_606853.htm?chan=technology_technology+index+page_top+stories [businessweek.com]
MOD THIS UP - PAYPAL IS NOT A BANK IN THE US (Score:1)
"Paypal has never been anything but a processing center. "
Actually it's a bank located in Luxembourg since a couple of years.
http://www.businessweek.com/technology/content/jun2007/tc20070614_606853.htm?chan=technology_technology+index+page_top+stories
Wrong! Paypal is only a bank for European customers. Here's an exact quote from the article you linked to "PayPal is not regulated as a bank in the U.S."
Re: (Score:2)
That's even worse...
Re:Lame way to underpay. (Score:5, Funny)
Nah, the real problem is that, even if you "win the Challenge" you will win a Paypal account with $150,000usd
What? (Score:4, Insightful)
What? Grammar aside, if that's true, it's rather more newsworthy than this somewhat confused story,
Wait... (Score:5, Insightful)
Entering my PayPal login details on some random webpage, without even the convenience of being able to verify the https://www.paypal.com/ [paypal.com] in the address bar?
Phishing begins in 3... 2... 1...
Re: (Score:1, Troll)
It makes no difference. Either you can trust the site or not. I mean if you go through a transaction with them after logging into to Paypal does it really make a difference? Paypal sends you an email for each purchase, and if it's not right you can respond immediately. You can change your password if you suspect the site of phishing.
Any site I'll be entering my Paypal Info will have an SSL of its own that I have to login with different details.
Re:Wait... (Score:4, Informative)
Which is why the current paypal system works better. I dont have to buy a Security certificate for my web store. you order your crap and buy it on my non-secure site, and when it needs to be secure, it drops you to paypal where you verify the amount and click on "yes, send the money"
I have ZERO interest in using their new system if it will cost me more money by having to buy a cert I really do not need.
Re: (Score:2)
Certs are cheap. You'll more than make that money back when people like me don't avoid you anymore. As it stands a PayPal logo says, "GO AWAY!" to a lot of people.
Re: (Score:2)
I suspect this API's TOS requires a "Powered by PayPal" logo or similar on your site, so I doubt it'll help much.
Re:Wait... (Score:4, Insightful)
Re: (Score:2)
I think the point you are missing is that this is not replacing the old system: it is an addition. You can still use paypal EXACTLY how it was before, completely secure and all that.
This is merely allowing Paypal to do subscription based services without explicitly requiring a user "Yes" every single month. Before now you HAD to enter your credit card to these websites, websites you could deem insecure. Websites that would steal your credit card info as easily as they would steal your paypal username and pa
Re: (Score:2)
You're right. It's good news for Paypal. But it's bad news for everyone else...
Re: (Score:2)
Again, there's no possible way paypal
Re: (Score:2)
It makes no difference. Either you can trust the site or not.
It most definitely does make a difference, and that difference is simple.
The PayPal site says “ABC is charging you $y. Okay?”, and I can contest the payment if they don’t deliver.
By contrast, if ABC phished my PayPal e-mail and password I’ll probably have $0.00 in my account next time I log in.
Re: (Score:2)
Of course it makes a difference. You are potentially allowing the site to take as much as they like from your account, whereas by instead logging into the PayPal page, the merchant never has to even know what method you use to authenticate with PayPal and will only provide the amount of funds shown on the payment confirmation page to the merchant.
With the second method, there is no requirement to trust the merchant with anything more than the value of the single transaction, your name and your delivery addr
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
Sweet! Hold on, let me find my account number and PIN...
Re: (Score:2, Insightful)
The only reason I use paypal is because I don't trust the website I am on with my credit card. Now I have to log into that site and expose my credentials to that untrusted site. No thank you.
For paypal this could be great. Customer finds their bank account emptied and paypal will point fingers at the website they logged into. They are just transferring liability with this imo.
Re: (Score:2)
Actually, the phishing exists because the user HAS to check the address and fails at doing so. If we skip that step, it becomes safer.
Or do you really believe they would develop something less secure?
Re: (Score:3, Insightful)
It's not a matter of belief. Those who are paying attention know this is worse.
Re: (Score:3, Informative)
Exactly my thoughts when I heard this. I once implemented half a dozen pretty different payment APIs into a web page.
There are only two ways to make this secure:
1. Direct the user to PayPal, and then let PayPal direct him back, sending a special encrypted session id and/or data forth and back.
2. Embedding a Java applet in the page, which has a certificate, and so can communicate directly with PayPal (encrypted) and your server (also encrypted). Then call a Javascript function, to load the next page, where,
Re: (Score:2)
I prefer the first variant though, because...
It also lets you verify the address bar. The Java applet, though secure, does not. If a phishing site builds a Java applet to mimic the secure one, you have no way of detecting it short of viewing the source of the page in question.
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
If you’re referring to this [slashdot.org] — well, I use Firefox.
Re: (Score:2)
Yeah, but most people don't even understand what you just said, and those are the big spenders anyway.
Now you can finally pay for a lapdance (Score:3, Interesting)
Re: (Score:1)
twittering your wealth away (Score:2)
Re: (Score:3, Informative)
Infrastructure costs money. Today you can go anywhere - to a store or on the internet - and purchase something with a credit card and the tranaction will be approved in a matter of seconds. It took many years and LOTS of money to create that infrastructure.
And that's the problem with transactions involv
How to monetize this feature (Score:3, Funny)
Call it a feature that lowers bandwidth costs by reducing overhead incurred by page redirects
Give it away for free for 6 months, then charge a 0.5% convenience fee on all transactions.
For fun, in 1 year, start charging a 0.5% legacy implementation fee on all old-style transactions.
There you go. Where's my $150k?
PayPal is a scam, should be regulated, FTC asleap (Score:5, Insightful)
PayPal operates like, and should be regulated like, a bank. The way they have treated their customers, like me, and many, many, many others, should be a warning to all; You can't afford to do business with PayPal. They will seize your money, and when they do, it will be months before you see a resolution. The horror stories are true: I know, I have mine.
Re:PayPal is a scam (Score:5, Insightful)
Mod parent up. PayPal needs to become a regulated bank. Until then, take your business elsewhere, to sites that accept credit cards. If someone can't qualify for a merchant account, you probably don't want to deal with them anyway.
Re: (Score:1)
Re: (Score:2)
>> PayPal needs to become a regulated bank. Until then, take your business elsewhere, to sites that accept credit cards. If someone can't qualify for a merchant account, you probably don't want to deal with them anyway.
You are confusing things. PayPal is fine for the buyer, and is usually better that creating another account to buy one time something.
For the seller, they are terrible^4. This is why Google Checkout is taking over.
I buy things from Google Products all the time. As a buyer, there is a lo
Re: (Score:1)
Re: (Score:1, Informative)
Paypal in the EU is a regulated bank, registered as such in Luxembourg: Daily Telegraph article [telegraph.co.uk]
Re: (Score:2)
i agree that paypal needs to be regulated, but most problems are people not following the instructions. like when you accept payment make sure it's only from verified people and send only to confirmed addresses. and use a tracking #, insurance and signature confirmation for expensive items. the #1 rule is only send to confirmed addresses. i haven't sold on ebay for a long time but my rule was anything over $15 or $25 had to go to a confirmed address. my auction stated that all paypal payments had to be sent
Re: (Score:2)
I agree: while they should perhaps have some limited regulation, I've been using them for nearly as long as they've been around without any problem, for both personal and business. A really big plus is that I don't have to have the responsibility of dealing with credit card security. I would *never* enter paypal credentials into a random web site, but haven't looked at the new api yet to see if that's really what they're doing. It would be really stupid for them to do that. I'd venture to guess that fra
Re: (Score:3, Insightful)
I don't know about the US, but in Europe PayPal's User Agreement [paypal.com] says that it is "licensed as a Luxembourg credit institution". Also I don't really get where all the hate for PayPal comes from.
Yes I read a dozen times that they froze the account of SomethingAwful or some loud-mouthed bloggers under dubious circumstances, but for me it always worked just fine. Actually I really like PayPal because it allows me to send a seller money that is instantly credited to his account, without trust issues on either si
Re: (Score:2)
I got a warning from PayPal saying that I am getting close to my 'send limit'. I've been using it for probably 6 - 8 years now, and now they're telling me I have to 'confirm' my identity in order to continue using their service. Confirmation requires me 1. giving them my bank account number or 2. getting a PayPal credit card.
Why the fuck would I want to do that? And if it really is for security purposes, why can't I just fax my driver's license?
Re: (Score:1)
People keep crying "Oh noes! PayPal seezees my monies!" Why the hell do you leave money in there?
Once a week, transfer everything out of PayPal to your real bank; you know, the one regulated by the FDIC, has potential to earn interest, and you use to pay all your bills.
So, you take a fee-hit every time you do so. Either suck it up, buttercup and consider it a business expense --OR-- figure out how much you would spend on a real Merchant Account so you can accept credit cards, plus the time, energy, and reso
Re: (Score:2)
Re: (Score:2)
It's probably paypal's last attempt at getting someone to care. They're probably just now realizing that the winner of this thing is going to be some incredibly boring shopping cart script written in PHP because it's going to be the only entry.