Minifree used to accept payments via PayPal, but since 7 December 2015, Minifree no longer accepts payments via PayPal. PayPal is evil.
- What’s wrong with PayPal?
- Why are wire transfers better?
- What about credit/debit cards?
- Western Union?
Minifree accepts payments via wire transfer (SEPA, SWIFT, BACS – direct bank to bank transfer), and has done so for some time now. This payment method has proven to be rather popular with our customers already; it is now the only option on the Minifree website.
We are philosophically opposed to PayPal and all credit/debit card payment processors, whenever an alternative is viable. Just to be clear, we are hurting our profits by refusing to use them. That’s how serious we are. We also pay for most of our stock (to our suppliers) via wire transfer. Very few of Minifree’s purchases are done using a debit/credit card, often none.
We pay our hosting provider via wire transfer. Minifree is now self-hosted, because our old hosting provider sucked. Now Minifree Ltd is Minifree Ltd’s hosting provider… we pay our ISP via wire transfer though! (well, direct debit)
What’s wrong with PayPal?
Here are just some of the things that PayPal does to projects/companies that use it:
- Blocks payments, for no reason (PayPal did this to Minifree all the time. Customers often made several attempts before payments went through – we know this, we have the logs of failed order attempts, and memory of many telephone/email conversations with customers who had troubles ordering)
- Freezes accounts (PayPal did this to Minifree, twice), regardless of whether all or most of your money is currently in the account.
- Charges ridiculously high percentage fees to sellers, especially for income from foreign countries, despite the fact that PayPal provides poor quality service and is actually quite uncompetitive in general with other payment processors. (most credit/debit card processors are cheaper than PayPal, and don’t have nearly the same problems).
- In addition to the high percentage value fees, PayPal’s foreign currency exchange rates are generally very low, so they rip you off twice. That, combined with blocking some payments, means that PayPal costs your business thousands per month or more, potentially.
- PayPal is particularly hostile towards Free Software projects and companies related to Free Software development. (Minifree fits this bill, and the director of Minifree is also the lead developer of Libreboot, the free BIOS replacement that Minifree installs onto the computers that it sells)
Really? Just look at this well-known project and what they had to say:
- They blocked Diaspora from receiving donations
- More general information: http://www.paypalsucks.com/
- More general information: https://en.wikipedia.org/wiki/PayPal#Criticism
- They were also one of the payment processors that blocked WikiLeaks: https://wikileaks.org/Banking-Blockade.html
- Many bittorrent-related projects that accept donations via PayPal are simply blocked (and threatened with legal action), even if what they’re doing is legal in their own country. https://torrentfreak.com/paypal-demands-invites-to-private-bittorrent-trackers-130108/
There are thousands of stories online. These are just a few examples pulled from a very large proverbial hat.
Initially, Minifree had decided to use PayPal because, as is often believed by small start ups, it seemed like an easy option to us, and it looked decent enough since so many other sites use it, even the big ones. It even offered an option for non-paypal-users to pay with a credit/debit card without creating a PayPal account. So we thought, it was acceptable. We were wrong.
Minifree apologises on behalf of all of its customers who felt compelled to use PayPal when ordering from Minifree (or Gluglug, Minifree’s previous incarnation) in the past, even if they hated PayPal. PayPal should never be used.
Why are wire transfers better?
A wire transfer is when you (payee) give your bank account number (IBAN, SWIFT, etc) to the payer. They then give this information to their bank, and tell their bank to transfer the money to your bank account. This has been the standard way of sending money to foreign countries for decades.
Wire transfers usually have zero fees for the merchant, and usually low or zero fees for the purchaser (in the UK and other EU countries, it usually costs nothing to initiate a wire transfer). Not only that, but you’re not even taking any private financial details from the customer; this is far more secure by design, and it means that you don’t have to comply with PCI DSS standards, since you’re not taking card payments. Your bank also does not receive any private financial details about your customers.
It’s much more federated, since your customers will all have different bank accounts with different banks (in different countries); you’re removing an intermediary from the equation entirely. The way to accept wire transfers these days are also pretty much standardised in most of the world.
In practise, wire transfers are probably less susceptible to fraud (fraudulent buyers), because getting a bank account is much harder than getting a credit card in most countries, and often involves showing up to a meeting with your bank manager (your face will be on their cameras).
In some cases, a wire transfer can also be initiated somewhat anonymously. If you’re in the UK, you can walk into a branch, without a bank account, and pay cash at the counter, giving them Minifree’s sort code and account number, which they will then use to deposit that amount into Minifree’s account. You only need to specify the correct payment reference (usually the invoice number), and then the payment would be received and identified correctly. – New money laundering regulation in the UK mean that you now need to show ID.
What about credit/debit cards?
This presents similar issues to PayPal. For low value sales, credit/debit cards certainly do make sense, but Minifree mainly focusses on higher-value (laptops, desktops, servers) and is not interested in anything else.
- You have to maintain the code, and make sure that everything works. You have to talk to the payment processor during checkout, for tokenization, validating cards and so on. They can change their API any time, without warning – this either means that you have to spend a lot of time maintaining the software on your website, or you have to pay a lot for them to do it (probably giving them access to your site, which introduces security issues).
- The PCI DSS compliance becomes much more expensive and time consuming. Several checks have to be made every year, and there are many long questionaires to fill out.
This means that you have less time to focus on what actually matters; providing products and services to your customers.
- You more or less have to self-host everything, and cannot outsource your hosting, because you have to make sure that everything is stored securely (how can you trust your webhosting provider to keep you secure? You have no way to verify their practises, and they won’t necessarily inform you of a breach or even be aware of one, and not only that, large hosting companies are large targets for intrusions for this exact reason)
Credit/debit card payment processors also typically take a very large portion of your income per sale; typically anywhere between 2-4 percent, usually on the higher end of this scale. It may seem small, but this percentage applies regardless of how much you charge for your products. For high value sales, this can become very expensive.
Even if you do meet PCI standards (which you have to) when taking card payments, think about it: you are being trusted to store peoples payment details in your company. Why should you need to do that? Is this not inherently insecure? What if a breach occurs?
This requires the director of Minifree to show her ID to a cash pickup point, which she doesn’t want to do.
Minifree does not accept this method of payment, due to several practical issues that exist with it. For instance, there are long delays processing international cheques at the bank, and that’s notwithstanding the possibility of a bounced cheque.