PayPal transaction without logging in — WTF? 2014-05-01

On 2014-04-29 I initiated buying something using PayPal on website X using the desktop version of Mozilla Firefox. While I expected to be taken to a PayPal log-in page, to log-in using my password and to explicitly confirm that transaction as with any transaction before, I was not taken to the PayPal site but website X took me to the “payment successful” page right away. At first, I assumed this to be a bug in website X and that I would have gotten for free what I should have paid for. To my surprise, a few minutes later, a mail from PayPal did confirm the payment that I intended to do but never authorized. WTF? It also seems, website X has set up a periodical withdrawal (“Zahlung per Händlerabbuchung” or “aktive Händlerabbuchung” in German) that I just cancelled. I should note that website X is not the problem here: it seems to be PayPal not asking for my permission.

I contacted PayPal complaining about it but so far the support is not helpful or even getting the problem.

If you experienced something similar, please get in touch.

One Comments
Flameeyes May 1st, 2014

It depends on whether you connected website X with your PayPal account before. PayPal supports, since I think last year or so, OAuth2 authentication of users, and the ability for services to create an “open bill”.

Comixology and Xbox Live do it the same way: you can set up a non-periodic, repetitive billing account; whenever you want to pay something with PayPal through them you should be given the option to proceed to the PayPal website to change the source for the funds, but if the default source works for you, they don’t require you to access at all.

Leave a Reply

You must be logged in to post a comment.