Euro Banks Block Billions In Rogue Paypal Direct Debits After Fraud Glitch

Shoppers and merchants in Germany found themselves dealing with billions of euros in frozen transactions this week, thanks to an apparent failure in PayPal’s fraud-detection systems.

According to the Association of German Banks, the problem hit on Monday when banks noticed a slew of recent unauthorized direct debits from PayPal. The body said the banks responded in various ways, which is one way of putting it – the Süddeutsche Zeitung reported that some stopped all PayPal transactions, with the total number of frozen payments likely to be around €10 billion.

A spokesperson for the German Savings Banks Association (DSGV), which represents hundreds of regional banks across the country, confirmed the issue to The Register. The DSGV said PayPal had assured it the problem was resolved, adding that PayPal payments had been running smoothly since Tuesday morning and the US payments platform was informing affected customers “directly.”

The DSGV said the unauthorized payments had a “significant impact on transactions throughout Europe, particularly in Germany.” However, there have been no confirmed reports of the incident being felt outside Germany. Austrian media reported that the banks there had seen no problems.

PayPal is the most popular method of online payment in Germany, having been used for 28.5 percent of online purchases last year, according to research by the EHI Retail Institute. (The next most popular option is buying on account.)

Tested: Microsoft Recall can still capture credit cards and passwords, a treasure trove for crooks

READ MORE

That’s largely down to PayPal’s payment protection, which appeals to privacy-conscious Germans. In the wake of the unauthorized direct debit issue, financial industry consultant Peter Woeste Christensen told local media that PayPal’s particular strength in Germany was partly thanks to the poor user experience of German banks’ own apps.

PayPal had not responded to The Register‘s request for comment at the time of publication, although SZ quoted a spokesperson as saying PayPal had quickly identified the cause and was working with banks to “ensure all accounts are updated.” The US company referred to the incident as a “temporary service interruption.”

PayPal’s reputational hit in Germany is likely to be exacerbated by last week’s reports of hackers offering millions of PayPal credentials that they claimed PayPal had recently exposed in plaintext. The hackers’ claims appear dubious, with PayPal denying any recent breach, but the reports gained significant traction in Germany.

“It’s possible that the data is incorrect or outdated,” read a Wednesday advisory from the German consumer organization Stiftung Warentest, which bundled the leak report with this week’s snafu. “Nonetheless, PayPal users should change their passwords as a precaution.” ®

Original Source