PayPal’s (NASDAQ: PYPL) peer-to-peer payment solution Venmo is neither secure nor a reliable payment method, the U.S. Federal Trade Commisison (FTC) alleged.
“Consumers suffered real harm when Venmo did not live up to the promises it made to users about the availability of their money,” Acting FTC Chairman Maureen K. Ohlhausen alleged in a press release. “The payment service also misled consumers about how to keep their transaction information private. This case sends a strong message that financial institutions like Venmo need to focus on privacy and security from day one.”
Banks did always make funds released to Venmo available for payment; the FTC alleged in the settlement of a lawsuit with PayPal Holdings Inc. Venmo also had serious holes in its security that PayPal did not tell users about. The FTC is a U.S. government agency charged with regulating some aspects of business and commerce.
Ohlhausen did not provide any proof that anybody suffered “real harm” because of Venmo’s problems. Nor did she say what the real harm was or who the consumers who suffered it were.
Venmo is not Secure FTC claims
PayPal refused to tell consumers when funds would really be available, the FTC claims. Some users’ private information was apparently posted on Venmo’s social media. PayPal might have violated a federal law called the Gramm-Leach-Bliley Act by not keeping Venmo users’ information secure and private.
If that was not bad enough, Venmo did not have “bank-grade” security even though PayPal claimed it did in advertising and websites as late as 2015. PayPal got ownership of Venmo when it acquired the payment processor Braintree.
One way this occurred was Venmo settings that allowed a user to inadvertently display private information on Venmo’s social media. If that was not bad enough Venmo did not have a written information-security plan as late as 2014.
How Secure are P2P Apps
The FTC’s allegations against PayPal raise serious questions about the security of all peer-to-peer (P2P) apps. If the industry leader, a financial technology specialist, is that bad one has to wonder about the security of Apple Pay Cash and Google Pay.
It sounds as if Venmo might need a serious upgrade before it can make money. That means PayPal CEO Dan Schulman’s promise to monetize Venmo might have to wait. Despite the problems, Schulman still believes in Venmo and stands by it.
“I have full confidence that we will monetize Venmo,” Schulman said at the Morgan Stanley Technology, Media & Telecom Conference on 28 February 2018. “We are clearly seeing the network effects of Venmo.”
Schulman was still trying to sell Venmo to investors at the conference, Bloomberg Technology reported. That sounds as if the security holes might have been fixed before the FTC settlement. PayPal agreed to be more transparent about Venmo’s security and funds availability in a settlement with the FTC.
Fraudsters love Venmo and Zelle
Venmo has found one group of users that Schulman would love to get rid of – fraudsters apparently love the P2P app.
Venmo enabled a Los Angeles man named Andy Mai to steal iPhones and other high-value items through Facebook Marketplace, The Verge alleged. Mai used Venmo to pay for the items and picked them up. Mai cancelled the accounts he used to buy them, which enabled him to steal the stuff for free.
Mai was eventually arrested and charged with grand theft for his activities Los Angeles County Superior Court records uncovered by The Verge indicate. He is out of business, but fraudsters are pulling similar scams in other cities such as New York.
Zelle, a P2P app run by a consortium banks might be worse than Venmo. Several people told TechCrunch that they lost hundreds or thousands of dollars to Craigslist fraudsters using Zelle.
The fraudsters told people how to set up Zelle accounts and had them send money. Many people fell for the scams, which demanded cash for items like concert tickets, because Zelle is backed by banks. Some of them even found the Zelle app at their bank’s websites.
The banks did not reimburse customers for the losses even though the funds came from their bank accounts, TechCrunch reported. All Zelle customer support did was to refer victims to a policy that warned against sending money to strangers. One man had his money refunded by Wells Fargo (NYSE: WFC) after complaining to the Consumer Financial Protection Bureau.
Disturbingly, most of the victims did not realize that Zelle was a P2P app. They thought it was a digital wallet like PayPal which it is not.
There are serious flaws to P2P that need to be worked out before it is ready for prime time. The company that fixes those flaws will make a lot of money from P2P. This might be an opening for cryptocurrency and other next-generation payment solutions.
This blog originally appeared at the Market Mad House. Please visit to see more articles on payment issues and cryptocurrency.