I'm out of the loop and trying to understand - people lent over half a billion dollars of their 'real' fake money (ETH) to a game studio so they could transact on the studio's sidechain because gas fees are prohibitively expensive on ETH, and then the game studio got hacked and lost it all?
How was this ever going to end any other way? Imagine how preposterous the idea of storing $650mm in USD in a random game studio's checking account would be.
Someone actually made a gif of that scene with those words at that point, during the bitcoin scaling debate (where some wanted the block size to increase and decentralization was being ridiculed as a spurious defense of the small size).
Customer support answers for most things crypto is of the "the fault is yours alone" variety.
Reminds me of the line in 30 Rock:
"Gentlemen, we have moved our customer support offices to a part of India that has no telephone service. We're now providing the same quality of service at zero the cost".
If you haven't watched American TV you've missed the commercials touting gloves and elbow wraps made with copper threads woven in to help ease and heal tired muscles from a distance
Giving $650mm in USD to a random company is still infinitely safer than doing so with crypto. If a regulated bank claims they got hacked and lost that amount, there are a slew of federal and state laws and agencies in place to investigate it. With crypto, it could very well be in the wallet of the CEO or IT guy and no one would know.
That's all well and good when the thieves are in the US or a country that will extradite them. What happens when the thieves are operating out of a country without an extradition treaty?
In the regular financial world you can at least reverse the transaction. With crypto, is there anything you can do?
You can't always reverse the transaction in regular financial world. It is typically possible if all parties involved act in good faith, and often possible in other cases too, if you act fast, or the bad faith actor is less than competent. However, this is not always the case.
Imagine the following scenario: bank A sends $100M to bank B, which then sends it to bank C. By "reversing" the A->B transaction, all you're doing is making bank B on the hook for the $100M. Bank B will obviously not be very happy about this, and if you try to force it through some legal means, this will effectively amount to stealing $100M from bank B and its customers.
Reversing erroneous transactions is a useful feature of regular financial system, and lack of it in blockchains often poses huge and avoidable practical problems. At the same time, this in no way should be seen as panacea for restoring stolen money, neither in real financial systems, nor in blockchain.
Reversing erroneous transactions is a useful feature of regular financial system.
Yes. A friend of mine is a branch manager for a major bank. She's one of the people who has to deal with unhappy customers victimized by scams. Recently, she had a customer who wanted to send a significant amount of money to a country in Southeast Asia. That's not unusual for a California bank. Then the customer showed up at the branch in tears.
It turned out the customer was being victimized by a "relative in trouble" scam. Fortunately, the receiving bank had flagged the account at their end as suspicious,
and hadn't yet let the recipient withdraw the funds. This allowed the transaction to be clawed back. It took phone calls, messages, management signoffs, and work by people in multiple banks to unwind the transaction, but the money was back in the customer's account in the US in a week.
Reversing a fraud transaction in the banking system is a rare event, and not easy, but it is often possible for a few days after the event.
I'd imagine "customer suddenly initiates an international wire transfer for a large amount, with no previous history of doing so" is a pretty reliable signal.
I've certainly had banks call me and explain the nature of wires, in an attempt to prevent me from financially foot-gunning.
Yes, there are flaws in the real world financial system as well.
Yet, we’ve heard of more of these scams in years of crypto than in decades and centuries of banking.
And no one has still provided an explanation of why crypto is better than the established working system other than “it’s decentralized” except as we find repeatedly, it’s not decentralized.
I wouldn't go with "centuries" of banking on that one. Truth to tell the early days of banking, which is most of the 19th century for the US, were replete with exactly the kinds of frauds and cons that crypto is now replete with. Which is what has led to the regulation and supervision that crypto is in de facto rebellion against.
Of course, the best way to find out why something is not done a certain way, is to try doing it that way.
It's not really goalpost shifting - thieves in countries without extradition treaties and with justice systems that don't care are a serious ongoing problem with the existing banking system, and those transactions are not in general reversable. Hell, someone managed to steal a substantial sum of money from Bangladesh's central bank and almost none of it could be recovered. The only reason they didn't manage to rob all 1 billion dollars of the central bank's reserves was a random false positiver in some AML check.
Yes. How else do you police criminals? It's an absurd question anyway, they can and do, while there are methods people use to try and evade them. There's nothing about Crypto that changes that. It's just another system.
So your argument is that cash is also used by criminals so cash should be banned. Do you realise how ridiculous that sounds now apply the same logic to crypto.
Isn't the obvious solution to also reverse the transfer from Bank B to Bank C? If multi-hop transfers are treated as irreversible, then it creates an incentive for fraudulent sellers to collect all payments through multiple hops. If instead fraudulent transactions may be reversed at the first payment processor, the payment processor then has a financial incentive to make sure that they only pass through valid transactions.
In an analogous situation, suppose I go to a physical store and buy a TV, only to find that it doesn't turn on. I have the right to return it to the same store that I bought it from, and to receive a full refund. Nobody at that store manufactured or designed the TV, so why should they take the financial hit for a broken TV? Except that without that financial incentive, the store has little reason to bargain with their suppliers about defective merchandise, and the supplier has little incentive to fix a defective product.
> If instead fraudulent transactions may be reversed at the first payment processor, the payment processor then has a financial incentive to make sure that they only pass through valid transactions.
Yes, but it's only one of the incentives they're facing. Another one is to provide useful and convenient service to its customers.
Try to think more about the example I provided. The account in bank A is victim's, while accounts in banks B and C are owned by the fraudster. The transfer from A to B is fraudulent, but the transfer from B to C is perfectly legitimate as far as B bank knows: the name on the destination account in bank C might even be exactly the same as in bank B, so why would bank B have any suspicions? At best, it could reject incoming transfer from bank A if it had suspicions (which, by the way, why would it have?). Would you want to be a customer of a bank that can just reject incoming transfers, so that you have trouble getting paid?
Finally, consider that bank C might then allow the fraudster to withdraw the proceeds in cash. Bank C might be foreign, and B communicates with it through SWIFT, and might simply refuse reversing the transaction, or again might already have sent the funds to bank D in yet another country. The point is that you cannot treat regular financial transactions as reversible either. They might be reversible sometimes, especially if everyone involved acts in good faith, but there is no guarantee.
> In an analogous situation, suppose I go to a physical store and buy a TV, only to find that it doesn't turn on. I have the right to return it to the same store that I bought it from, and to receive a full refund.
That's not really an analogous situation. Here's what would be closer: imagine you order a specialty TV online from China. The retailer A orders a company B that manages it warehouse to pack it on a truck of company C that specializes in LTL, which then ships it to company D which coalesces LTL freight into packed containers, then puts on containers owned by a shipping company E, which ships them across the Pacific to port authority F, then we have a shipping company in G in states, another truck company H to ship it to train yard H that gets it to LTL company I's warehouse, which then is passed on to courier company J, an independent subcontractor K of which finally gets it to your front door. Then your TV doesn't work, and you want to return it.
Will you try to unravel the chain back the same way it arrived? Are you going to find the subcontractor K, and have him ship it back to courier company J, to send it back to the LTL company K etc? No, you'll go straight for the original retailer. Similarly, with financial fraud, you'd need to go straight for the fraudster.
> Isn't the obvious solution to also reverse the transfer from Bank B to Bank C? If multi-hop transfers are treated as irreversible, then it creates an incentive for fraudulent sellers to collect all payments through multiple hops.
Well ... some kinds of transferring wealth are legally harder to reverse after the first transfer.
In the United States, an old-fashioned way of moving money between people, the "check", has behavior specified in Uniform Commercial Code Article 3, Negotiable Instruments.
Article 3 is worth a read; it has filled in a lot of gaps for me about the bare-minimum legal requirements associated with activities like writing a check, post-dating a check, negotiating a check, stopping payment, etc. (In practice banks may do more than the minimum for customer service but it's interesting to understand the basics).
One of my favorite parts is the "holder in due course" rule ("§ 3-202. NEGOTIATION SUBJECT TO RESCISSION.")
If a check gets endorsed a couple of times and a new person takes it in good faith, then that new person is a holder in due course. Some remarkable things happen: even if the check has gotten a stop payment or has otherwise been dishonored, a holder in due course now has the right to the money promised by the check.
I wondered why the law would set up such a convoluted way of making certain payments irreversible. My dad explained:
"""[A] a widely accepted legal framework for negotiable instruments was critical to trade in the era before electronic payments. The problem is convenience - how can a buyer safely pay for goods or services without carrying around a lot of cash? The holder in due course rule basically lets the buyer's bank rely on the form of the negotiable instrument (including a genuine signature) without risking a claim for wrongful payment based on other facts about the sale it can't know."""
So -- can someone take advantage of this behavior to turn a dubiously valid check into an irreversibly one, and get the money?
Yeah! Totally! There's a guy named Robert Triffin who is, like, famous for buying dodgy checks at below their value, cashing them, and suing to get his money when the payor refuses to pay up. I don't have firsthand info about this, I just read news articles, but I think he gets a decent ROI. (See e.g. http://appellatelaw-nj.com/the-first-triffin-case-of-2011/
P.S. Some of my other favorite things about this instrument in the UCC:
* a signature is any mark you intend to be your signature (§ 3-401);
* a check can be written with almost any text and in almost any format on whatever you want (§ 3-104);
* checks can go stale six months after the datestamp but banks can choose to honor them anyway (§ 4-404);
* writing a future date on a check doesn't legally prevent it from being cashed unless you also tell your bank about the postdating in the same way you would make a stop payment order ( § 3-113, § 4-401 )
* If you have a dispute with someone about how much money they owe you for a service, and they give you a check, you can cash the check and write "without prejudice" to indicate that you aren't agreeing that this is the correct amount owed but you do want their money (§1-308). UNLESS the payor has written on the check "a conspicuous statement to the effect that the instrument was tendered as full satisfaction of the claim" (§ 3-311), in which case cashing that check discharges your claim. Which all frankly seems like a mess.
Even if that is desired and wouldn't spark a philosophical debate about wether centralized entities should get involved at all, there is a much deeper problem.
Every transaction that is occurring now on the chain will be invalidated.
That means you can't even reverse a single transaction you will have to reverse one transaction and ALL other transactions that happened after the one you want to reverse.
If that happens too often why would I want to to transact on a chain that is under constant threat to be forked off?
You're thinking too narrowly about the types of "hard forks" that are possible and what the space of all possible regulations could be. For example, one possible idea (with a lot of downsides! this is just an example, not a proposal), is that the US government could just promulgate a "US super-key" that allowed it to sign any transaction and have it be considered valid, and require users running blockchain software in relation to financial applications to respect those transactions. This would be a bad proposal for a number of reasons, but it's possible, because blockchains and the code that enforce them are inherently a social construct, an agreement made between all participants.
But the answer to "why would I want to to transact on a chain that is under constant threat to be forked off" is even simpler: It's because, in this hypothetical, the regulatory environment you operate in gives you no other choice. Unless you and everybody you transact with has the ability to boycott or subvert the regular financial system entirely (e.g. you're doing entirely black market transactions), then you'd have to fall in line if a government that was crucial to your operations or your downstream supplier's operations required it.
Anyone could start a cryptocurrency today with such a key and give it to the FBI, and if people thought that made them safer, they could buy that currency and use it.
You wouldn't have to reverse all the transactions. You could trivially create a fork (which has to be longer, and therefore have more transactions available) that includes every transaction but one from the blockchain. Well, that is you can create that fork as trivially as you can create any other fork.
Sure maybe. But that only really works if few (if not all) entities have control over the consensus mechanism.
On a regular PoW blockchain you will have to recalculate all the hashes according to the difficulty which will up to the miners.
But even if you could, it's an absolute technical nightmare.
To build an analogy that somehow fits. If you have git repo and you find out that a particular commit that you want to undo, what do you do?
- Rebase all changes to an earlier commit, remove the faulty commit and recalculate all commit hashes that follow it.
or?
- Create a new commit that reverts the old commit.
In reality you opt for option 2 99.99% of the time. The only reason you would ever want to remove a commit from history is if you accidentally exposed information to an audience that is not supposed to see it.
When you first responded to chippiewillie you talked about how forking would produce a reversal of all the transactions. That's not true, but it is what you identified as a "much deeper problem"
My apologies, I used “reverse” and “invalidate” synonymously.
Nevertheless on a public blockchain all transactions would be invalidated and that indeed is a problem.
Because everyone who received coins would have to wait again for n confirmations in order to be sure they got their money. In theory nobody should be able to add a double spend transaction to the pool but I wouldn’t bet on it.
That’s what I mean with technical nightmare.
You would have to make sure to properly identify all transactions. Possibly take down the system, exclude a single transaction. Make sure that the miner who will find the next block will include the right transactions. Make sure of that for the following block. I don’t see that happening with a large coordination effort, meaning: centralization.
And when you come to that conclusion you should probably take a step back and rethink “why are we doing all of thatch blockchain stuff when we need to rely on a central authority?”
> when you come to that conclusion you should probably take a step back and rethink “why are we doing all of thatch blockchain stuff when we need to rely on a central authority?”
I think blockchain is going to eventually die for that exact chain of reasoning.
Sure, why not? You could even automate it, using a SWIFT-like messaging pipeline that all mining companies have to subscribe to. Blockchains are fundamentally a social construct, and governments have the ability to regulate the individuals who are creating the blockchain. If there was enough political will for it, you could absolutely bolt a "reversal" mechanism onto any existing blockchain. Unless you're doing your mining operation entirely on the black market, you're going to rely on the government for enforcement of your colo rent agreements, your electricity agreements, etc, so there's lots of incentive to comply.
What you have when you're done with the process you've described is a centralized banking system managed by world governments, which is what we already have. It's not perfect, but it works, and lots of people are actively working on improving it in ways that don't involve the contradiction inherent in centralized decentralization.
Yes? That's the point of my comment? I'm confused about what you're saying. I'm trying to answer your question "And do that every time a hack occurs?". The answer is yes, it's completely feasible and within the powers of a government or inter-government treaty organization to do this every time a hack occurs, because they already do. I'm not trying to say that such a system is good, just that it's possible. There is nothing "special" about blockchains that exempts them from normal government regulation.
Ah, I misunderstood what you were saying. I thought you were advocating that we should do that, and I was wondering why that would be better than the status quo.
You'd have to be forking it once a week, because there is so much stealing going on. We'd probably end up with a weekly split. Imagine how crazy that is. And of course people would make false stealing claims. Maybe you are on vacation when they reverse something that takes your money, because you have a chance to weigh in.
Sounds like a non-sequitur. Theft of cryptocurrency being illegal does not mean that it is safe, and doesn't offer any evidence at all against the parent's post that it is "safer" to use banking systems than to use blockchain.
It's only an open question to people who haven't actually looked into it. Yeah, criminals get caught trying to move around stolen cryptocurrencies all the time.
I looked up the first six (#11-#6) projects on this list and I didn't see that in any of those cases the perpetrators have been caught nor the funds returned. I could be missing something though.
Plenty of crypto companies insure their deposits through third parties. Actually, Ronin users should have been able to insure their deposits with Nexus Mutual.
Sure. Google how many bank robbers got caught the past ten years. Do the same for BTC. Then look at what percent of BTC has been stolen. Look up what percent of USD has been stolen.
Conclusion? Far less effort spent on BTC cases and far less thefts resolved.
Unlike traditional banks with their burdensome regulations and gate-keepers, the permissionless, decentralized nature of the blockchain means that they can't get the money back.
The increased risk of total loss in the edge case is in exchange for a more efficient system with lower prices in the average case. Individual users should make an informed decision about the tradeoff.
This sounds like an argument for why companies should be allowed to sell unregulated drugs and use asbestos and lead paint.
Individual consumers, who we all know are extremely knowledgeable and informed on all topics interacting with their lives, should weigh the increased risk of total loss against generally lower prices. And then in the event they unluck into in the total loss case, they should just shrug their shoulders and accept that they were lucky.
Companies selling "unregulated drugs" could also mean people getting the covid vaccine in mid 2020 rather then waiting months and months for trials. People could have made that personal choice based on their own situation and risk factors. Also compare the regulation between "drugs" and "supplements" in the USA.
I find it hard to argue that "asbestos and lead paint" are the same kind of individual choice as a bank or unregulated drugs.
The difference is Starbucks have 6.5B in cash/cash equivalents, and there is no ways to convert SB gift card balances to cash. What is the hacker going to do with it, order 1B cups of coffee?
The chance of $650 million being drained from a game studio’s bank account is significantly less than it being drained from their ETH wallets, at least as of now.
Not true in the EU, we got scammed into making a bank transfer from Germany to Belgium for a bicycle that never arrived. We contacted the police and bank with all the details, and had to pay our bank about 40 euros to ask the scammer if they would refund the money, they said no and that was it. EU banking laws protected them. On the plus side the website appears to be gone now.
Voluntarily transferring money is very different from having it stolen. The bank should protect your money while holding it from theft. They can't protect you from your own decisions on how to use your money.
They voluntarily accepted a contract wherein they would transfer money in exchange for receiving a bicycle. No bicycle was received, so this voluntary decision does not mean that the money transfer was voluntary. They did not accept a contract wherein they would transfer money in exchange for nothing. Since they did not accept this contract, this does not make the money transfer be voluntary.
Being a victim of fraud is not "voluntary" in any meaningful way.
> this voluntary decision does not mean that the money transfer was voluntary
Voluntary or not is a red herring. The word this discussion is looking for is authorized.
The transfer was authorized by the account holder. They were defrauded. But when they made the transfer, then intended to do so. (The situation is murkier with credit card transactions, at least in America, because they chose to accept a role in dispute resolution.)
The $625mm drained out of Axie's account wasn't authorized by Sky Mavis. That's a different type of fraud than being ripped off.
In the old American paper check system there was an important but subtle distinction between "fraud in the making" and "fraud in the inducement". If a criminal stole your checkbook and forged a check then an intermediary (like a bank or a grocery store) which cashed a stolen check could be on the hook for the money--if you protested to your bank the transaction could be reversed. However if the criminal simply induced you to write them a valid check (e.g. as payment for a non-existent bicycle) then any intermediary that cashed the check is not on the hook, and the only recourse is to get the money back from the criminal.
They sometimes do reverse these transactions, but the amount of money involved here (1 bicycle worth) is probably easy for the scammer to put out-of-reach of the bank very quickly -- withdrawing cash, buying gift cards etc.
Yeah, just like they won't reverse cash transaction. Pay someone on street for something, they take the money and don't give you what you wanted. Go to police, and they won't get your original cash back...
That's because you didn't use an escrow service between your account and the seller. If you did, the escrow service would provide some measure of legally-supported reversibility.
The FDIC insurance of $250,000 is by the government in case the bank becomes insolvent. The FDIC can easily cover $650 MM in a single bank that has 3,000+ customers. Or really even fewer than that with multiple account types.
But even then, if you store $650 MM in a Bank of America account, that money is protected against being stolen by BOA's anti-fraud software, laws, the trillions of dollars of assets BOA has.
Interesting thought. Bitcoin circulates, and you have to wonder how much of it has passed through a fraudulent transaction -- at any time in the past. Someday when it becomes straightforward to walk the entire life of bitcoin backwards, there may be people who want their bitcoin back...because it's stolen property.
If A has a TV, B steals the TV and sells it to C, who sells it to D...then the TV is still returned to A, and D is out of luck.
This isn't a single user, FDIC insurance is for $250k per user per bank. The point is that for regulated banks that number is clear and if you exceed it you will be aware of it, and if you haven't exceeded it you have a federal guarantee to recover your money. What assurance does anyone have in this case?
It protects again bank failure. If the one's assets are drained from the bank, as long as the bank has not failed, it will have to make the account holder whole.
That's why a company would be stupid to hold $200M at Podunk Bank of Littletown, KS but is perfectly fine to hold it in a DDA account at Bank of America, Citi or Chase
Depends on if the studio's bank account has security questions like "mother's maiden name", "first concert", etc type stuff and an employee with those answers that like to take quizzes on facebook. Otherwise, it could be quite simple to drain the account
What do you mean not common? Bank account fraud is extremely common here in montreal, it even has a slang name "peter des guichets". It's probably much more common than crypto fraud here, and up until a couple of years ago it was so easy that your average person with no real technical knowledge could do it. Reversing an interac transfert here is just very very hard to do too
Just like SMS access to 'mfa' your bank account also provides an attack vector if they steal your number, stupid (aka all find-able) security questions don't help protect, they are another attack vector. I thought everyone puts fake answers and keeps them in a separate location. Then of course someone can come in an steal them too!
Since 16 year olds can hack into auth providers like okta and then hack into microsoft and steal source code, and this crypto stealing endless happens, there's just not good electronic security. But what is good is I can go to my bank in person and fix things. It would be so much harder for someone to get fake id. I actually have a personal relationship with my advisor at my 401k. Those things do give me some additional security, at least I think so.
Yes. People worked hard for electronic dollars to be transferred to their electronic wallets.
They tried to use some of that digital money (in another electronic format) in a digital game, but the game got hacked and now those dollars are someone’s else dollars.
The hacker may have some difficulty transforming digital money into paper bills, because KYC, but he can launder it like old school people used to and have some.
> but he can launder it like old school people used to and have some.
Crypto provides exciting new ways to do that, too. First send it through a mixer service. Then, invest in some new NFT project. Six months later, oh nice, someone bought your NFT for 10x what you paid for it. What a great investment.
If I recall correctly, so did most people in 1929 but when it came time to exit, the to rush to the exits overwhelmed the order sale system so people couldn't sell until it was too late.
I report each of these schemes that advertise on facebook as scams; they used to have a rule against crypto advertising but apparently that was lifted last December.
when it comes to banking, random checking accounts are hacked into very rarely. to the point that in USA the FDIC is protecting your account up to $250,000. I don't recall last time seeing news on someone's bank account being hacked and drained, if anything its mostly family fraud.
also there are all sorts of checks when you try to wire or withdraw more than $10,000, not to mention wire hundreds of millions. Such transaction will manually cross a desk of at least 2 different bank managers.
> I don't recall last time seeing news on someone's bank account being hacked and drained, if anything its mostly family fraud.
Anecdote time. My wife and I have a shared checking account that got hacked and drained. First her debit card got skimmed. Then the perp called USAA a half dozen times claiming to be her and asking for account credentials. Finally they got a helpful account rep to reset the password, disable MFA, and tell them the username. Yep. You heard that right. Social engineering works even on bank tellers who should know better.
Fortunately it's just a daily use account and I'm paranoid, so there was only 5K they could access there. USAA owned up to the whole thing and restored the funds, but now they punish my wife with a 10-minute interrogation to prove her identity if she ever has to get them on the phone for a legitimate reason.
I just want to point out that this comment is exactly why social engineering is a problem. You have been a victim of what happens when a company doesn't put in enough effort to verify the identity of the person they have on the phone. Yet when that company starts putting in that effort, you object and call it a "punishment".
Convenience and security are often in direct competition with each other. Almost all of us would expect convenience in this situation. You should know better more than most the cost of choosing convenience and even you want that convenience. Is there any wonder why businesses select convenience over security?
I call it a punishment because it's over the top. It was a lot of money for an individual, not a lot of money for the bank. So the security should be proportional. Instead of putting in a 10-ton vault door in front of every customer interaction, I'd prefer they only escalated to that level when someone calls in saying things like "I lost my wallet and I'm stuck away from home, give me access to 'my' money, and oh by the way I don't even know my own login name."
This type of escalating validation is also ripe for social engineering. You said this person called 10 times. They don't need to do everything in one call. Instead the goal for earlier calls can be to gather information. You gave the example of the person trying to take over the account without knowing the login name. What information would someone need to supply to get the account name? Does that require escalation? If not, what is the value of requiring that as part of the identity validation process?
If the company is going to provide some level of support to people they haven't verified, that support will be abused as a means of passing the verification.
At the risk of being a software developer that always sees everything as a software problem, I feel like this could largely be mitigated with very simple improvements to the customer service application.
Back when this happened, that was my first question to USAA and one for which the security guy didn't have a ready answer, though probably it boils down to some version of "we are heavily regulated and continue to rely on software built for mainframes."
There are so many possible ways to mitigate the risk which should be triggered well before a half dozen attempts finally gets to a teller credulous enough to believe their excuses for ignorance.
When I was in a lot of debt, banks outsourced collections agency called many times on a private number and wanted me to verify myself before they would verify themselves. No. Bank denied they would do that but that was lies. They couldn’t even admit to trying to get in contact with me. Collections agency couldn’t even play the theoretically game of maybe there’s a certain someone out there, who knows who, who hasn’t paid off a credit card, maybe this certain someone would want to consider going into his bank and having a chat but that’s not for me to say ah capishe? I’ve got a rock you’ve got a sword how are we gonna play this out? Good times haha
> but now they punish my wife with a 10-minute interrogation to prove her identity if she ever has to get them on the phone for a legitimate reason.
How is that punishment? If USAA knows you or your wife were a target of somewhat sophisticated attack that ultimately broke their security barriers, wouldn't you yourself actually want some extra protection? If anything, this is a positive sign for USAA, I doubt with my Bank of America anyone would care with any sort of extra layers of security if my account would ever get hacked in a sophisticated way.
I call it punishment because I don't think the attack was really sophisticated, I think USAA's internal training and software was wholly inadequate to defend against a persistent unsophisticated attacker. Why were they still routing his calls to regular bank tellers after the first couple attempts? Why wasn't the security department involved at that point as the only allowable contact point? Why did they actually hand out the login name and password for an account without doing the 10 minute deep-dive identity verification they now make my wife do?
Weird, USAA froze my cards and funds immediately the only time I've had suspicious transactions. I guess the social portion is where we diverge though, they definitely tried harder to get in to yours. Ours was just a guy in Vancouver trying to order Thai food through a delivery app.
They froze the card, but only after six consecutive withdrawals from an ATM in Miami. I was getting notifications on my phone about the withdrawals (did I mention I'm paranoid) but since I was driving, I didn't see them for about half an hour when I arrived at my destination. Called USAA immediately and they had already frozen the card. But the money had already been withdrawn.
I can't explain why it took many consecutive withdrawals in a short time, in a city that I've never visited, 3000 miles away from the most recent use of the card, to trigger USAA's protection algorithms.
USAA did finally take care of it. My biggest beefs with them are 1) they dragged their feet a couple days on the investigation until I called them myself (I'm the veteran, my wife is not, and they were much more responsive to me), and 2) they really do punish my wife for something not her fault. You know those questions you get which are sourced from your credit file? What street did you live on, what's your mortgage payment, things like that? That's what they ask every time, after asking for a secret password and PIN code to be used for phone calls.
I'll give them credit though, for actually sharing the gory details with me once they were done tracking down everything, and admitting that one of their own employees had broken their rules and handed over the credentials to my wife's account.
Ever, never, never use your debit card where credit card can be used in its place.
The mechanisms for restoring the charge on your credit card are much stronger than on your debit card. And a credit card is a FUTURE charge, so you have time to fix the problem. Whereas a debit card is your CURRENT money, so it's just gone unless you get it back.
I do not understand why people use debit cards linked to their actual bank account out in the world. Paying bills securely through the utility is the only thing we use that for.
Agreed. I almost never use my debit card. And now, my wife doesn't either. Though her card got skimmed at an ATM, not during a debit card transaction, so this advice doesn't work. Now she just doesn't ever use ATMs. For better or worse, we now keep a few grand in the safe at home and pull from that for the occasional cash need. When I need to replenish that, I walk into the bank and take it out the old fashioned way.
It's not paranoia when they really are out to get you...
>I do not understand why people use debit cards linked to their actual bank account out in the world.
Because this advice is USA only. All of my credit cards (well... two) are linked to the bank account and I don't even think there's a way to get a credit card without bank connection.
There is, but often it cost extra and we at least don't have the whole cashback system to cover those. Though the fees for merchants are lower so the prices should be too.
100%. The account linked to my debit card is empty unless I want to make an immediate withdrawal at an ATM. This being 2022, I can transfer whatever funds are necessary into the account in a minute or two using an app on my phone. I also have a separate checking account for linking to external services like Cash App, Venmo, or third-party bill pay systems. Again, the account remains permanently empty except for the brief window where I'm moving money between these services or paying a bill.
Given how quick and painless it is to transfer money between accounts, leaving substantial amounts of money in accounts linked with mechanisms that can remove that money is insane to me.
I have stopped using credit cards for two reasons:
1. My debit cards allow me to directly import transactions into my personal accounting software while my credit cards don’t; and
2. when I shop online, my debit cards allow me to use them as a 2nd factor (using a USB card reader) while my credit cards require either an iOS or Android device for 2FA.
You’re right in that a credit card is a future charge and debit isn’t. But are debit cards really so much more insecure? What threat model do you have in mind?
Credit card transactions are much easier to reverse. For example, I went to a restaurant and a few days later I noticed they double charged the bill. I called the restaurant, they wouldn't fix the issue, so I called the credit card company and it was quickly reversed. That doesn't happen with a debit card.
Credit cards also come with all sorts of benefits. You can easily get 1-2% off all purchases through cash-back or gift card rewards. You can get free insurance with car rentals. Many cards also offer an extra one year warranty on most purchases, so if you paid for your laptop or phone with your credit card and it dies just outside of the manufacturer warranty, you might still be covered.
The scenario you described will absolutely fall under most card networks' transaction dispute rules. In day-to-day spending a debit card is just as safe as a credit card when it comes to fraud or malicious merchants.
The only time a credit card will be better is grey areas where a card network dispute doesn't succeed, in which case the law in most countries forces the credit card provider to eat the loss. In some of those cases, the reason why a credit card chargeback succeeds is not necessarily because you are right (if you were, the dispute process would've succeeded anyway) but because the amount is too low for the issuer to care so they just eat it to not have to investigate and/or litigate the issue.
There’s no reason to want your credit card to have 2FA. It’s not your money, so the only point is to annoy you when you’re spending someone else’s money.
Well, or to use it with sites that require 3D Secure, but that’s still something to help the merchant not you.
Absolutely do not use your debit card ... well, anywhere if you can help it.
(Apologies, saw the wrong parent comment) How many utilities, credit card companies require a checking account for autopay? How many times have you thrown out an old checkbook that contains routing and account numbers on a carbon copy pages?
Bank accounts are not especially secure, we mostly hope to limit the risk/reward calculation for hacking them and basic security controls.
> How many utilities, credit card companies require a checking account for autopay?
In my experience, this is getting better! I now have all but one of my bills being paid by my credit card. Used to be that the utility companies made you pay extra and use a third party service if you wanted to use your credit card.
Not all, though. Verizon, for example, will let you pay with a credit card, but they give a substantial discount if you use a debit card instead. For obvious reasons. I hope that does not become normal. I'm used to Verizon being scummy, I hope it doesn't become the default behavior for the other utilities I pay for.
The US needs an automatic bill payment system with strong guarantees.
In Britain, most people¹ pay bills (electricity, water, phone, internet, insurance, car loan, credit card etc) by "Direct Debit"². (Most European countries have a similar system with similar guarantees, but this one is described in English.)
If anything should go wrong, the bank must fix it. There's a list of direct debits in the bank's interface, and they can be cancelled/suspended with one click (or by phoning or going to the bank).
It isn't perfect (see 3 from two weeks ago) but that sort of problem is rare enough that it was reported in newspapers.
¹ "Direct Debits are used by nine in ten UK consumers to pay some or all of their regular bills".
This is one reason to keep at least some accounts with a large national bank or credit union. If you need to prove your identity or deal with a lost card while traveling you can at least walk into a physical branch and talk to a manager.
FDIC protects against bank failures (like the bank goes bankrupts and looses all the deposited money). It has nothing to do with unauthorized transactions as far as I know.
Story time: I also once had my bank account hacked - in a manner of speaking.
I tell you this story in the hopes that it helps you recognize if you have similar flaws in your own security.
I used to run a VNC server on my home PC (flaw 1). Chinese hackers discovered it and spent three weeks brute-forcing the password (flaw 2). Once in, they installed TeamViewer to allow themselves future access. Then, they logged in at 3am and used my browser-saved PayPal credentials (flaw 3) to paypal themselves $5k from my linked chequing account (flaw 4).
I discovered this several days afterwards when I saw the withdrawals hit my bank account. I then found a few further pending Paypal transactions, and pieced the rest together from VNC and router logs.
Thankfully my credit union believed me that I didn't authorize the transactions and reversed them, making me whole again.
But damn, it's a scary feeling having someone break into your computer, not knowing what they might have looked at or accessed. Very similar to having your home broken into.
We talk about eth/btc as if they're just covering the function of the checking account, but it's also covering the function of the checks, wire transfers, ACH transfers, etc. So for a real comparison you'd have to count up all the related fraud from legacy checking accounts and their various mechanisms to move money between them.
At least with a checking account you may be able to have the transfer reversed.
The idea of buying game credits and trading them in game makes sense, but you would want the game publisher to have root on the ledger so that if there was a hack they could reverse it.
Cash app, Venmo, Wise, and hundreds of other payment apps are also this - perhaps a bit larger, more reputable, more regulated, but not fundamentally different (or am I missing something?)
How was this ever going to end any other way? Imagine how preposterous the idea of storing $650mm in USD in a random game studio's checking account would be.