Square thinks I don’t exist

To the OP:<p>If I were you, I would check your credit report IMMEDIATELY.<p>I&#x27;m in the same boat as you, except I&#x27;m in my 40s. Most companies use Experian or Equifax to do some sort of credit verification by asking these questions. However, about 5 years ago, the credit agencies merged my credit record with someone else with the same name, but entirely different birthday and location.<p>Evidently, they don&#x27;t give a fuck because it took me years to get this wrong information off of my credit records. I don&#x27;t understand how this isn&#x27;t libel, since they are spreading false information about me, and that drastically affected my credit, and I had to jump through hoops to get everything corrected.<p>The thing that really sucks is that Experian STILL has the wrong information about me, so when I&#x27;m asked these credit questions, it&#x27;s mixed with the other person&#x27;s data, so I always fail the credit check. Despite having nearly perfect credit, I&#x27;ve failed the credit check numerous times, and like you, the decision has always been final, because no one appears to give a fuck.<p>The problem is I have no idea how to get Experian to refresh their data, even though it&#x27;s several years old now.<p>It might be the case that the OP&#x27;s credit history has been merged with someone else, and if this is the case, they need to fix it as soon as possible. Use the yearly free credit report to make sure there is no loans or credit cards associated with your name, and if so, you need to call every single credit agency and dispute it. It really sucks, and I don&#x27;t understand how we let the credit agencies have this much power, where we the consumers have to suffer like this whenever THEY fuck up.

From the recent story - Square faces rancor from merchants over customer service:<p>&quot;Barry said she grew so frustrated exchanging e-mails with customer service representatives that she drove two hours to the company&#x27;s San Francisco headquarters to get some help in person.<p>Instead, she cooled her heels in the lobby for a couple of hours. No one would speak to her, she said, and the security guards threatened to call the police. Then Square deactivated her account, saying &quot;high-risk activity was detected.&quot;<p><a href="http://www.sfgate.com/business/article/Square-faces-rancor-from-merchants-over-customer-5177314.php" rel="nofollow">http:&#x2F;&#x2F;www.sfgate.com&#x2F;business&#x2F;article&#x2F;Square-faces-rancor-f...</a>

The response &quot;I&#x27;m sorry our decision is final and we cannot communicate any further&quot; that vendors give (Google, Square in this case, etc.) is nothing short of stomach-clenching maddening. Just reading it fires up rage inside me.<p>I understand why they do it -- it&#x27;s pretty clearly related to their anti-fraud &#x2F; anti-spam &#x2F; security systems, and I understand that by giving any further information, they&#x27;re exposing those prevention measures to weakness. And I&#x27;m sure in cases of real fraud &#x2F; spam &#x2F; security risk, this is the right approach.<p>But man, does it stink for everyone involved when there&#x27;s a false positive (i.e. in this case). There&#x27;s got to be a better way of handling this. Some sort of escalation &#x2F; appeal process?<p>(And if there isn&#x27;t -- hint hint, companies that haven&#x27;t gotten big enough to be immobile on this issue: Implement one.)

I went through this almost two years ago, with the key difference being that I was able to sign up with Square and accept payments around four years ago (whenever they launched). I even interviewed there at one point, just like you.<p>After two months, they closed my account because I was living in Puerto Rico at that time and there are no partner banks in Puerto Rico. Once I moved to San Francisco and linked Square with my new California bank account, I was able to accept payments again.<p>Then one day I got a notification indicating that my account had been closed, and that the decision is final. I contacted Support, and they reiterated that their decision was final, and could not communicate with me any further.<p>It is the weirdest interaction I&#x27;ve ever had with a company. I still use them as a payment method and I&#x27;m a big fan of the company, but I feel disappointed whenever I log in and they remind me that my merchant account is disabled.

So this is what millions of low income, undesirable customers face every day when they try to join the financial system by opening a checking account. What OP has experienced is the next iteration of that. What happens to society when the gatekeepers of our technologically enhanced future decide for some arbitrary, non-appealable reason that you are an undesirable and you may not participate. Everything from accepting payments via a dohickey on your iphone to even having an iphone. Or maybe the internet. Maybe you can&#x27;t have the internet cause the we say so authority says they don&#x27;t like the neighborhood you live in or something that was in your credit history.<p>I&#x27;m getting failed on a similar knowledge based identification on coinbase right now. Failed twice already. At least it&#x27;s not a final decision, to their credit.<p>There needs to be laws against this almost certain dystopia. That&#x27;s one reason why I support the EFF.

File a complaint with the:<p>(1) Consumer Financial Protection Bureau (CFPB): <a href="http://www.consumerfinance.gov/complaint/" rel="nofollow">http:&#x2F;&#x2F;www.consumerfinance.gov&#x2F;complaint&#x2F;</a>, and,<p>(2) New York State Department of Financial Services (DFS): <a href="http://www.dfs.ny.gov/consumer/fileacomplaint.htm" rel="nofollow">http:&#x2F;&#x2F;www.dfs.ny.gov&#x2F;consumer&#x2F;fileacomplaint.htm</a>.<p>This will make it more likely that you see a favourable resolution. Further, this assists due process in identifying and resolving problems in our financial system.

Just to add some context, this is a not unexpected consequence of Square&#x27;s approach, which in many ways parallels what Paypal did in the ecommerce space.<p>Prior to Square the individual &#x2F; very small business market was underserved (for real-world transactions). You had to go through a PITA application and due diligence process with a processor. And you typically had to pay significant up-front costs and ongoing fees to maintain your account.<p>There&#x27;s a reason for that: the processor is <i>financially liable</i> for any fraudulent merchant charges. If a merchant signs up and puts through $10K of fraudulent charges and skips town with the money, it&#x27;s the processor that pays.<p>So Square did two things. First it lowered the upfront costs by piggybacking mobile devices to turn them into low-cost swipers.<p>But the second very crucial thing they did is hidden on the back-end: they streamlined the signup process and support costs. They did that by doing exactly what you see here, using alternative ID and credit check methods. And making their customer support largely a self-service operation.<p>The good news is that the particular case you see here is probably fixable with continued improvement. But that&#x27;s why it happened.. they are replacing an otherwise more costly and burdensome signup process with something largely automated. And there&#x27;s a lot of money at stake if they screw it up and let fraudsters on board.

The comparison to Paypal is funny. Paypal has decided that I don&#x27;t exist, or, if I do, that I&#x27;m somehow ineligible to buy things through Paypal using my credit card.<p><i>Buy</i>. <i>Things</i>.<p>If your site does payment processing through Paypal then, through some accident of account processing or technology or the history of my account, I can&#x27;t use any of my 3 payment cards to buy what you&#x27;re selling, because Paypal believes it needs to (for reasons passing understanding) link directly to my bank account before any card with my name on it can be used through Paypal.

I am seeing some parallels between how Paypal operates and deals with their customers and how Square deals with their customers, you know the ones that make them profit from the fees they charge for using their service? Sadly, this is how big commerce works. You try and try to get a human response and you&#x27;re met with the old favourite, &quot;Our decision is final&quot; nonsense.<p>I recently encountered this with Electronic Arts and their Battlefield 4 game. I forked out about $150 AUD for the base game and premium addition only to be informed my account has been permanently banned after coming back from a month in Europe on holiday because they said I was cheating. Well actually, they wouldn&#x27;t give the exact reason, but that was essentially what their response implied. When I asked for whatever proof they had, they said our decision is final and we can&#x27;t show you any proof.<p>I am in the process of getting a refund as I paid by credit card, but this is definitely a commonly recurring theme amongst larger companies who struggle to deal with their customers and ultimately retain them. What kind of business model punishes their customers?<p>Good luck, I think you have a real chance of getting some human response now that this is on the front page of Hacker News. My understanding is that this is how people get responses from people over at Paypal as well, create a loud enough noise for someone higher up to respond as to avoid a PR nightmare and get your problems resolved.

From the fine print on the linked Identity Verification Service page [1]:<p>&gt;Due to the nature of the origin of public record information, the public records and commercially available data sources used in reports may contain errors. Source data is sometimes reported or entered inaccurately, processed poorly or incorrectly, and is generally not free from defect. This product or service aggregates and reports data, as provided by the public records and commercially available data sources, and is not the source of the data, nor is it a comprehensive compilation of the data. Before relying on any data, it should be independently verified.<p>I&#x27;d guess the failure rate of using this service was deemed an acceptable trade off to implementing an independently verified service.<p>[1]<a href="http://www.lexisnexis.com/risk/solutions/instantid-qa.aspx" rel="nofollow">http:&#x2F;&#x2F;www.lexisnexis.com&#x2F;risk&#x2F;solutions&#x2F;instantid-qa.aspx</a>

TL;DR =&gt; go to the top.<p>First, I had worked for one of California State&#x27;s departments as a contractor, but hadn&#x27;t been paid in two months. I called my State Senator, said I had working for the California in his district without pay for two months, and that I needed his help. I got paid the next day.<p>Second, I had been wrongly charged over $10,000 USD at a city hospital, and hadn&#x27;t been able to fix the situation. I contacted the Mayor, explained that I was being charged for a service I didn&#x27;t receive, and asked for his help. The bill went away.<p>Last, American Express sent me to collections (related to the hospital bill above), and the collections agency was trying to con me into paying more than I owed. I called the office of American Express&#x27; Chairman of the Board, and asked if they could help me deal with the collection agency&#x27;s shenanigans. They pulled my account of out collections, and started dealing with me directly.<p>Recommeneation =&gt; track down Jack Dorsey or someone on their board, and explain the situation. It just might work!

(Disclaimer: I write fraud detection algorithms for Eventbrite, and work closely with the team that built the fraud systems at PayPal.)<p>I&#x27;m sorry this happened to you. I personally believe the burden of proof should be on the company. However, that some choose to err on the side of caution is perfectly understandable.<p>The thing is that companies that handle credit card payments are very vulnerable to fraud because they are liable for consumer chargebacks [1], at least in the US. This is particularly unfortunate since US cards also happen to have pretty poor security (which also has probably something to do with the fact the merchants are liable, and not the banks). Stolen credit card numbers are <i>extremely</i> easy to obtain (cf. Target breach) [2], and once this is done fraudsters have basically two main ways to extract money out of it:<p>1) Use the card number to make purchases online, or better yet, find a self-service platform that lets you become a merchant then purchase your own offerings (eBay&#x2F;PayPal, Eventbrite, etc.).<p>2) Duplicate the card (made much easier by the US&#x27; slowness in adopting chip-and-pin), and use it to pay for goods or to load the money on some account. Square is perfect for this since you own the card-reading device, which makes it much less risky than attempting to use a duplicated card at an ATM or at a retailer.<p>Now, the problem is that you potentially need <i>a lot</i> of cushioning to withstand fraud attacks: while the processor only makes profit from the transaction fee, they are liable for the entirety of the charge, so one single fraudulent transaction can wipe out the profit of <i>thousands</i> of good ones. Being attacked by a fraud ring for hundreds of thousands or even millions of dollars in a single day is not impossible (in fact we&#x27;ve seen this happen, and Eventbrite&#x27;s transaction volume is much smaller than PayPal&#x27;s or even Square&#x27;s), so this is a lot of risk to take on for a company, especially a startup.<p>Regarding the bad customer service you&#x27;ve received, there is a specific reason why companies often decline to comment on fraud security checks: by allowing you a way of recourse, they would be disclosing information about how their system works, which makes it potentially vulnerable to attackers. For example, if they said &quot;sure, just send us a copy of your driver&#x27;s license and we&#x27;ll lift the ban&quot;, this would be a signal for fraudsters to try to fake such documentation.<p>Overall, it&#x27;s a complex issue and unfortunately frustration is part of the game (trust me, if PayPal could have found a way to make operations smoother and less frustrating, they&#x27;d have done it). At Eventbrite we&#x27;ve chosen to assume this risk and be more liberal with verification because we decided that providing a good user experience is worth losing some money over (and because we have faith in our ability to keep up with the fraudsters), but this is a decision every company that handles money has to make and it&#x27;s not an easy one.<p>[1] <a href="http://en.wikipedia.org/wiki/Credit_card_fraud#Merchants" rel="nofollow">http:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Credit_card_fraud#Merchants</a><p>[2] fun fact: you&#x27;d be surprised to see how big this underground economy is; it&#x27;s so well-oiled that some sellers even provide customer service on the credit card numbers they sold, and offer money back guarantees if the card has already been deactivated

I had a similar experience recently when I tried to get my free annual credit report. To verify my identity they asked me questions about my financial history, mainly about my credit history. Well, I haven&#x27;t had a loan in many years, so they had to dig deep into the archives and asked me about the monthly payment amount on a car loan that my <i>wife</i> had over ten years ago. My financial records actually go back that far, but hers don&#x27;t, so I was unable to &quot;prove&quot; that I am me (with &quot;prove&quot; in scare quote because IMO it&#x27;s highly questionable whether getting the right answer on a multiple-choice quiz can possibly &quot;prove&quot; anything about anyone).

And don&#x27;t be forgetful or old... I&#x27;m way over 60 and since I cannot remember names and places I lived 30 or 40 years ago, I am constantly locked out.<p>So if they have the data, why couldn&#x27;t a pirate, NSA officer or errant banker?<p>Perhaps a better test is what I choose to forget.

I really dislike these ID verification services. I had my identity stolen about a decade ago; worked it out with the police and credit bureau. To this day, I still get verification questions related to the fraudulent credit card account. Do I answer truthfully and not get verified, or play the game and choose the &quot;correct&quot; yet wrong answer? (answer: play the game.)

So could I potentially vex an enemy by trying to sign up for Square in his name, and blowing the questions, so that he gets banned from Square?<p>(I realize I could possibly answer this experimentally, but I&#x27;d rather keep this theoretical)

The whole &quot;Prove you are who you say you are by answering questions a fuzzy computer system says you should know&quot; seems very Kafkaesque.

It&#x27;s sort of funny, that all three verification questions listed would be answerable by an attacker, but at least two would be easy for normal people to get wrong.

I like how I had no problem, when I was sixteen, setting up Paypal so that I could buy some random components for some old PDA&#x27;s from china on ebay.<p>But this is seriously upsetting, the tone of this writing wants to rip my heart out for the author. I can only wish that this gets resolved decently.<p>His comparison also reminds me how Amazon&#x27;s customer service is absent as much as possible. Automation and all that. Yet on that topic, it seems people don&#x27;t mention Google as much. (I wonder if they filter that out in their results..)

I ran into a similar issue trying to get verified by Coinbase. I answered all of the questions truthfully, but still failed. After 2-3 times I just began to brute force it. It turned out that one question in regards to a duration of time was completely wrong. Luckily Coinbase let&#x27;s you do it as many times as you please, just with a 24 hour pause between each try. Come to think of it, they should probably send you an e-mail whenever an attempt it started.

I enjoyed reading all the explanations for why this is a hard problem to solve but it really boils down to a simple problem: customer support.<p>Any decent support operation would actually talk to this guy, provide workarounds for their broken system (which is clearly broken for this particular occurrence), apologize and promise to improve things.<p>The fact they they provided a shitty service would be the top on my root causes list.

There are also lots of reports online regarding Square holding payments to sellers, without much info why. Plus they have no phone support, only an email address.

This was much more frustrating than I might have expected when it happened to me on Amazon marketplace. My girlfriend listed some books for sale and was a model citizen of the ecosystem, but they killed her account and held her money for 90 days after the first book sold. When I went to sell some things a few months later, my account was closed minutes after opening it. I have a stellar rating on ebay with 15 years&#x27; experience, excellent credit, and a long history as an Amazon customer.<p>After living in that apartment a bit longer we got some mail for old tenants that seemed to indicate some sketchy activity. I believe they may have been fraudsters. However, despite several emails and calls to Amazon I am told there is no appeal whatsoever any reason, and that&#x27;s that. The callous disregard for customers is breathtaking.<p>Needless to say I use DigitalOcean, ebay (that a company can be more user-hostile than ebay is shocking) and avoid Amazon whenever possible.

And people keep asking what the advantages of BitCoin are over Paypal&#x2F;Square&#x2F;Credit Cards&#x2F;you name it.

As a long term employee at PayPal, it has always amazed me how much of the bad rep we carry is because of the abstractions we bottle and sell as a company. Money, banks, credit, identity, regulation, fraud, cash, etc. are all loaded, fragile and complicated systems on top of which online payments is built and it is a very different problem as compared to sending and receiving e-mail. Money itself is thousands of years old and is not an invention of the internet. It is done differently everywhere and the sheer number of middle men involved is expected but still mind blowing.<p>A good payment system has to fix the leaky abstractions below it someday somehow, to be really great.

Well crap. I have social data for millions of people. I could put togeather a backup version of this easily. Does anyone have a use?

Square is just another PayPal and I don&#x27;t understand why people can&#x27;t see that.

You have to be 18 to sign up because you need to be able to sign a legal contract.

I would just work with Braintree.<p>I was implementing payment system for <a href="https://appenlight.com" rel="nofollow">https:&#x2F;&#x2F;appenlight.com</a> from paypal to some other solution that would not require paypal account. We&#x27;ve evaluated Braintree and Paymill - as App Enlight is european company, so our options were limited. Before Paymill took its time to reply to me (~22 days), I already managed to validate, sign all the papers and actually implement Braintree solution to our application.<p>One more thing at first Braintree support told me they might not be able to work with us because of some restrictions on company legal form by processor bank, but after I have sent them all the documents, everything went fine and got approved. Maybe you can try with them.

You mentioned that your name is common, and reminded me reading about the frequency of certain Chinese surnames. So I looked up this:<p><a href="http://en.wikipedia.org/wiki/List_of_common_Chinese_surnames" rel="nofollow">http:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;List_of_common_Chinese_surnames</a><p>I&#x27;m making an assumption that your ancestry is Chinese, I believe it is even more popular in Taiwan.<p>Apparently, according to a summary of the 2007 census there were 7 surnames which were shared by over 20 million people, of which one of them was &quot;Chen&quot;.<p>For a comparison, the article also mentions that the most common surname in the USA, &quot;Smith&quot;, is occupied by 2.4 million people.<p>Let&#x27;s look at some population estimates:<p><a href="http://en.wikipedia.org/wiki/List_of_countries_by_population" rel="nofollow">http:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;List_of_countries_by_population</a><p>China is estimated to have 1,360,720,000 people, whereas the USA is estimated to have 317,559,000. The first article states that the frequency of &quot;Smith&quot; is about 0.84%. A quick calculation on the old python interpreter gave the frequency of &quot;Chen&quot; as roughly 1.47%.<p>What surprised me reading those two articles is that the USA is the third largest country by population.<p>I though I&#x27;d look to see if my surname, &quot;Tucker&quot; (no prizes for guessing which expletive it rhymes with) was popular in the UK. I first looked at this:<p><a href="http://www.dolltoy.com/uk2.html" rel="nofollow">http:&#x2F;&#x2F;www.dolltoy.com&#x2F;uk2.html</a><p>... Listing the 50 most popular surnames. I didn&#x27;t find it, but the list has a column titled &quot;Associated Town&quot; (I was not aware of this convention). At the bottom of the list is &quot;Davis&quot;, which is associated with the town of Gloucester, my home town. I&#x27;ll have to look a bit harder for its actual frequency, it is also used as a first name for both boys <i>and</i> girls. My first name is &quot;Robert&quot;, which can also be used as a surname if appended with an &#x27;s&#x27;. I could have been called &quot;Robert Roberts&quot;, or &quot;Tucker Tucker&quot;. Reminds me of Rik Mayall&#x27;s character &quot;Richard Richard&quot; off that vile comedy &quot;Bottom&quot;, while co-star Ade Edmonson&#x27;s character had the charming name of &quot;Eddie Hitler&quot;.<p>Come to think of it, what&#x27;s the etymology and frequency of &quot;Hitler&quot;? ....

It&#x27;s trying to be a non-repudiation system based on something only you and they know. Unfortunately, without a credit history or paying utility bills, credit sources alone aren&#x27;t enough. So why not use other facts such as partial DoB, partial SSN, parent&#x2F;s SSN, etc. only when no other details are available? It&#x27;s not ideal, but it&#x27;s better than either losing business or falling back on something much less secure eg facts that are in the public record.

I always seem to fail these kind of identity verification systems. It has made it a pain to get a bank account online and to get a credit report.

It&#x27;s time for us to understand that Square is the bare-bones bottom-of-the-market provider. Just because they seem slick and high-tech doesn&#x27;t mean they&#x27;re Apple. They want to be the Wal-Mart of payments, driving down their costs at every turn. There&#x27;s nothing wrong with that, but it&#x27;s something that we, as potential customers, have to be clear about.

This is another problem with payments that rely on the Credit Card rail. I hate the credit card rail. The CC rail doesn&#x27;t know who you are, it doesn&#x27;t know anything, isn&#x27;t convenient online, and charges merchants insane fees. Forget it, unless you want to pay with money you don&#x27;t have (aka credit, aka how only 30% of consumers use CC&#x27;s)

I know that names are somewhat holy to some, but your <i>legal name</i> is another matter. User Kevin Chen, but change your legal name to include a middle name. Preferably something unusual but fluent.<p><a href="http://en.wikipedia.org/wiki/Name_change" rel="nofollow">http:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Name_change</a>

I&#x27;m in my 40&#x27;s and have this problem with any system that attempts to use this method to identify me. My father has the same name as me. (I&#x27;m a II not a JR)This seems to be too much for these systems to handle. I&#x27;ve never managed to authenticate successfully with this sort of system.

This is the same kind of issue I&#x27;ve run into with T-Mobile and their adult content filter. I can&#x27;t turn it off because they use financial data to find out if your 18. So because I didn&#x27;t have student loans or a credit card I can&#x27;t disable it without going into a store.

If you visited and interviewed there, I&#x27;m assuming you tried emailing one of your contacts?

Welcome to the world of financial services. They&#x27;re not designed to help you.

I want to quickly chime in as well. I don&#x27;t want to defend Square, but they are simply using a service and are relying on its information. It sucks that your account didn&#x27;t get approved, but I do not agree with your final statement: &quot;Design is how it works, not how it looks.&quot;. Square uses a third party service, and I actually know which one it is. They regularly update their information, yet there are still issues with identities, as it is not a perfect &quot;science&quot;. Square definitely did the best to their ability, but due to the fact that they rely on someone else, it won&#x27;t be perfect. I have worked with the provider in question myself, and I know of the pitfalls. I believe Square definitely solved the issue as best as they could considering the limitations.

Same exact thing happened with Dwolla. Couldn&#x27;t figure out if the identity verification service used my old address, current address, or my parents&#x27; address. I&#x27;m still locked out...

Sounds really silly and backwards. Why they simply don&#x27;t use strong online identity detection? Should be simple and secure.

identity verification of small merchants is a really hard problem to solve with 100% accuracy. (or even 90% accuracy) At WePay, we use Facebook identity to help supplement KBA. It&#x27;s not 100%, but does dramatically increase success rate.

I have the same problem with raise.com - they refuse to sell me anything.

&gt; <i>Design is how it works, not how it looks.</i><p>+1

Does Bitcoin think you exist?

&gt; When they can’t find you in their database, they pull irrelevant questions associated with somebody else’s dossier — especially if you have a common name like I do.<p>How is this not an information leak? If I know there is only one other person with my name within the area, then I can obtain information from him this way. (Since there will be multiple choices about that person suggested in that questionare)

Ironically, when I opened this page it showed me this:<p><a href="https://image.bayimg.com/d3e7f68ca0e50daf6e77a0eb56eb2b6c61e03817.jpg" rel="nofollow">https:&#x2F;&#x2F;image.bayimg.com&#x2F;d3e7f68ca0e50daf6e77a0eb56eb2b6c61e...</a>

This story loaded right above <a href="https://news.ycombinator.com/item?id=7131231" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=7131231</a> (the Bitcoin exchange arrests). Kind of ironic.

The way I see it, this is the same as trying to check into a hotel without a valid ID or credit card. If they can&#x27;t verify to a reasonable extent who you are, the hotel will just refuse doing business with you. Is that discrimination? No, they would be certain to lose money overall if they didn&#x27;t do that, even if you in particular are a nice person and intended to pay cash on checkout.<p>As long as Stripe made clear what their position was, as to not waste this person&#x27;s time or money, I don&#x27;t see a problem here. It can be a business decision to flip a coin and permanently turn away all the customers that get the wrong side, if doing that magically increases profits. You can&#x27;t even call it bad customer service since they are not a customer and will never be one.