I've had a PP merchant account for well over a decade, to sell a boring, non computer related gadget. I make roughly one sale per business day, with typical statistical variation. PP has been nearly 100% reliable.
Some advantages for me:
1. I don't touch your credit card or personal info. I don't want to know those things. I don't want to be responsible for keeping them secure.
2. Integration with the post office for generating shipping labels is seamless.
3. I think people are more confident to buy something from a little known business if they feel that PP is protecting them. The increase in sales probably covers the PP fee.
4. I can run my business from a passive web page. All of the other services require me to manage some kind of server, running code, that I become responsible for maintaining. I love coding, but don't want it to be part of this business.
From reading articles and forum posts two main sources of horror stories seem to be:
1. People who just seem to be "accident prone" in terms of getting into disputes with others.
2. Selling non-physical goods, which I can only imagine has its own pitfalls that I don't know about.
To your horror stories, while I'm sure many of them do involve legitimate disputes, I stopped accepting PayPal payments about a decade ago after what they did to a friend of mine. He and his wife owned a small hotel that took payment several ways, including Paypal. They didn't have too many customers paying that way and had allowed something over $10,000 to pile up in their Paypal account over time. When they tried to withdraw it, Paypal froze their account and requested all sorts of additional verification. But even after they provided all this, Paypal refused to unfreeze the account. This dragged on for over a year. By the time they paid lawyers and brought legal proceedings, it was hardly worth it.
So, I'll use PayPal these days to pay someone with my credit card, but I'd be extremely cautious about receiving more than a small amount of money through them.
Indeed, my orders never exceed 100 bucks, and I have an automatic sweep into my bank account when it exceeds X dollars.
Might not be enough. PayPal is notorious for draining connected bank accounts in some cases.
That would be next level... do you have any links to examples?
I have my lived experience, which take it for the anecdata it is:
A few months ago, I checked an infrequently-used email address and noticed some unusual notifications about a "new user added to your PayPal account." I hadn't even remembered this was the email associated with my PayPal account - so after managing to reset my password and log back in, I managed to figure out that someone must have skimmed or brute-forced my PayPal password, set up a second account, attached their bank account to that new account, and begun draining my own bank account. By this point they'd gotten around $5,000 out of it.
Some features I noticed on the PayPal side that seemed obviously bad: PayPal sends no indication via email of these literal bank transfers, and there is a "feature" on the PayPal site where you can hide (but not, thankfully, wholesale delete) previously concluded transactions. The criminals had just hidden every one of the transfers. They also consistently used something like $499.99 as the transfer value, presumably because that amount prevents some automated level of scrutiny from kicking in.
Additional bad points: the interface for registering a complaint is in a highly counterintuitive workflow through the PayPal site, and seems almost entirely set up for people to register "normal" complaints, not fraudulent transactions.
The good side, however, was that I managed to find the right place, opened a case, and got the thing resolved and the money refunded to my bank account within 24 hours. So, excellent job, fraud resolution team at PayPal!
To tie back to the theme of this thread: my assumption is this fraud will become vastly easier after PayPal breaks (further?) with FDIC-insured fiat currency and people can just turn hacked bank accounts into BTC.
I believe that after 10k USD additional AML regulations kick in. Then there are a related class of pseudo-crimes around structuring payments to avoid the 10k threshold. Part of it may be PayPal's policies, but as I understand these things are generally to cover things on their end from regulatory risk factors.
That's just one of the headaches they deal with. Also one of the reasons for using cryptocurrencies. PayPal may be creating the worst of both worlds by combining the complexity of cryptocurrency transactions with the need to abide by byzantine regulations.
Yep 100% agreed here. I run a member management platform[1] for small clubs which generally use PP to fundraise and collect member dues.
Works perfectly well for us, we don't handle any PI or CC details and clubs can connect their PP account to our platform for their registration / event management needs.
[1] https://embolt.app
Plus the convenience for users. Don't make me fill dozens of fields on some forms every time I want to buy something.