Topic: Coinbase feedback thread - page 2. (Read 5673 times)

Who gives a fuck how long it takes to get money into a bank account?  Only people who are living completely hand-to-mouth as far as I can see.  For my part I would be perfectly happy if it took several weeks as long as it is reliable and predictable.

So far I have made a small experimental sale and a somewhat larger one in the $3k range.  I very much appreciated the unambiguous and easy to find estimates of when the funds would be available.  It was like 4 or 5 days.  In the fist case my money was actually available the next day.  In the second case, the money was available several days before their estimated 'by' date.

This is a violation of Bitpay's TOS just so you know. Bitpay only allows merchants to accept bitcoin for goods and services.

when you sell on coinbase it takes 4 days for them to pay you! freaking stupid!  I set up a bitpay account and get it the same day now!

buy through coinbase - sell through bitpay!

coinbase aint gonna make it like this!

Try it again, only change the order. That worked for me.

I started the verification process but the bank account verification says that the two deposits do not match their records. I sent a sup ticket on friday morning but have yet to hear anything. Not the greatest first experience with them. I will update this when I get things worked out.

I'm probably fairly unusual among their customers in that I don't buy Bitcoin, but do sell it, and every one of those transactions has gone smoothly.  From the recipient's perspective, there's basically no way to defraud them.  I also have a credit union account I use solely for BTC-related transactions so if anything weird happens, it won't mess up my other finances.

The 30 day verification process sucks, it's really not fun to buy BTC and not have access to it for 5 days, but once you're Tier 2, they let you transact a rolling 10 BTC instantly, which is awesome considering that the ACH takes 3 days to hit your bank account, i.e. they are operating completely on good faith that you have the funds in your account that you say you have. I bought 3 BTC from them yesterday around 8pm and as of this moment I can instant purchase 7.3; this number will be 8 by 8pm tonight. This instant BTC is not your total buy limit for the day, they let you buy or sell up to 50 BTC a day, but these larger transactions will not show up immediately and available for use in your wallet beyond your available instant balance.

The buy price and sell price on Coinbase are both unique, loosely tracking a couple dollars above bitstamp but significantly below Mt. Gox. They are essentially market making here, you are the price taker, no limit orders.

My review of coinbase.

I did quite a bit of research before deciding to go with coinbase. The criteria I used to make my choice included but was not limited to, the following:

Trustworthiness: Their funders played a huge role wrt my perception of their trustworthiness. That they are headquartered in San Francisco also played a role. The bay area tech industry is a fairly small circle and reputation is everything. That they were able to acquire funding from y-combinator was/is huge, imho.

Verification process: This process is quite simple, and similar to paypal's bank verification. Once you provide your bank routing/account numbers, they make 2 small ACH deposits, and of course, withdraw the sum. Once these deposits appear, it is a matter of clicking on their verify bank link, and entering the deposits. The deposit order is important. So, if they don't verify the first time around, change the order. They should verify at that point. This process is the same for their visa card.

Once your bank account is verified, you can purchase BTCs. One thing I am not crazy about is that if you want to purchase partial BTCs, say, $50 worth, you have to play around with your BTC value to get as close to $50 as possible. It would be great if they allowed you to fill in the dollar amount the way bitstamp does.

After you've executed your purchase, you must wait 5 business days for the BTCs to be credited to your account. This is done to ensure your bank transaction completes. ACH transactions take 3-5 business days, depending upon your financial institution. Which is why they chose the max before crediting your account with BTCs.

Additionally, once you've executed our purchase, a sort of 30 day count-down clock begins. You are not considered fully verified until after 30 days has passed. The primary reason for this is to ensure you do not attempt a charge-back against their company.

Once you've completed this level of verification, you can add a credit card (VISA only) to your account and verify that. This will place you in the level 2 verification status, allowing instant BTC purchases.

This process can be frustrating to the new customer, esp in this day and age of, gimme nao!1! However one could think of the overall process as a bi-directional trust protocol.

BTC to fiat process: This was a huge one for me. In the event I want to convert BTCs to cash, I did not want to have to deal with the headache of over-seas wire transfers. So, being able to hook up my bank account (I set up a separate account from my primary) was a huge factor for deciding to go with coinbase. I have both purchased and sold BTCs without any real problems. In fact, the process is very much like paypal. Which makes it quite convenient.

Okay, that's the up side of coinbase.

The down side? Their fees seem to be higher than other bitcoin businesses, though, they're not exorbitant. The biggest downside, imho, is the BTC prices. The buy prices appear to be tracking MtGox, while the purchase prices appear to be tracking bitstamp. So, you end up with anywhere from a $3 to $10, and even greater, variance (i.e, buy: $215 sell:205). As such, I am less inclined to make a habit of purchasing BTCs through them.

In summary, I think coinbase is pretty decent. Esp now that they've released an iPhone app (yeah, I'm a macgeek). The few times I dealt with their customer service as I was learning the ropes of their process, have been educational and pleasant. So, my overall rating of them is 4.5 stars out of 5 (minus 0.5 stars due to the BTC pricing).

For starters, Oracle (yes, I know, teh big evul! lol) has published a nice overview wrt AML (see Best Practices for Anti Money Laundering (AML): System Selection and Implementation). In this day of fast paced technology, it is a bit outdated, but still a comprehensive and well thought out piece.

As for the feedback bit? I think the rather poorly written "high risk: your transaction has been reversed" notification, should be rewritten. For starters, imho, it comes across as neither professional or knowledgeable. Yes, it is important not to "give away the farm" so to speak. Even so, there are ways to avoid revealing "trade secrets," while still helping the customer understand what triggered their system.  But that would require them to understand how their system is implemented. And honestly, that email does not lead me to believe the writer actually understands that bit.

As for how it's normally dealt with? It varies within and between industries, of course. Take credit card companies, for example. If your spending behavior deviates from "your norm" you may receive a friendly (usually an automated voice system [AVS]) call from the credit card company asking you to confirm recent purchases. If not, your card will be frozen, and you will be asked to speak to a real person who will basically do the same as the AVS, with the additional benefit of actually being able to ask them what triggered the process. At which point, they will likely explain that, for example, the sudden flurry of charges and diverse locations, triggered their fraud management system [FMS].

In the case of bitcoin transactions, my guess is that extremely large transactions could potentially trigger their seemingly "trigger happy" system. But that is primarily a guess based upon the various reports I've read. Even so, they do face a challenge that most banks do not. And that is the irreversible nature of bitcoin along with its distributed p2p transaction implementation. In fact, I strongly suspect that is one reason they've implemented their own "internal" bitcoin setup, which, if executed completely within coinbase, never touches the block chain.

And finally, as for false positives? This is where the AML/fraud department comes in. Their job is to investigate flagged transactions to determine whether it really meets the risk criteria. Importantly an experienced and well-trained AML/fraud team will be able to weed out most false positives, leaving the overall stats at under 5%.

As for false negatives? There really is no such thing. If a customer manages to complete criminal transactions without being flagged by the system, that would be considered a weakness in the system. And no system is fool proof and they're always evolving... as will coinbase, as will any company dipping their toe in the bitcoin waters.

Case in point (from the dark ages). A group of convicts figured out the credit card numbering scheme, proceeded to create fake credit card numbers, and made several mail order purchases (like I said, dark ages). There was not much that could be done from a prosecution pov. After all, they were already in jail. What did occur, however, is that little 3 digit number that is now printed on the back of cards... used to verify that yes, it is a valid card. That, along with the expiration date, and, in some cases, the customer's address, helps to reduce fraud.

@vrhax:  Interesting stuff.  Thanks for it.  Couple of comments/questions.

I'm a big fan of providing good feedback, but I can also see an argument for being a little circumspect with information about why, exactly, a flag was triggered.  This of course because it would be useful information for someone who is genuinely guilty of attempted fraud to adjust their methods.  How is this normally dealt with?  Is there a sort of a financial industry standard?

I suggest that it might be difficult to pick an all around number for false positives because some environments have a higher incidence of fraud and generally more persons who are proficient at it.  Bitcoin is likely one of these.  I could see it being the case that a system which got, say, 5% false positives might let an excessive number of false negatives through.  Thoughts?

Although I have not been flagged by their AML/AF system, I have been following these various discussions with interest.

While financial institutions are required to implement such a system, I, personally question their implementation. Having worked in both iSec and Banking fraud, I fully understanding the complexity of these systems... which primarily rely upon actuarial data and pattern/trend analysis to detect money laundering and/or fraud.

The primary problem I see with this implementation is that the filter is being applied after the fact. That is, rather than applying the filter prior to attempting to execute the transaction, they are applying it after the funds are withdrawn from the customer account. This leads me to wonder how much they truly understand about these sort of systems. And importantly, how little they seem to understand with regard to consumer perception.

That being said, the way these systems "should" be implemented is fairly simple.

Joe customer attempts to execute a buy/sell. The AML/AF filter should be applied before they try to execute a transaction with his bank, at which point, if he is flagged, he would be notified that the transaction did not complete, and why. Moreover, if the system is executed correctly, it should have less than 5% false positives. Though, if Joe customer is fairly new, there will not be enough data to necessarily correctly raise an alert. It is the over-time transaction activity of Joe customer that these systems monitor. For example, if Joe customer is a merchant, then his transaction activity will reflect commerce patterns. Whereas if he is a bitcoin speculator, his transaction activity will reflect stock market speculation patterns.

Regardless, the number of positives, true or false, should be low enough for their fraud team to review. Although, I suspect, given the small size of their company, they do not have a fraud team, and are relying upon a fully automated process. Which in turn, is likely playing a role in the seeming high number of false positives.

The aforementioned is, of course, nothing more than an oversimplified hypothetical, as I have no idea how this particular company has implemented their AML/AF system. I only have the 10K foot view based upon various customer complaints that have been posted to the forums and elsewhere. Nonetheless, from my pov, I do think this company needs to spend some time revisiting and revising their implementation. But that's just my opinion. And you know what they say about those.

As for claims that they are defrauding their customers? Serious claims, those. And, imho, wholly without merit.

And finally, as for the speed (or lack there of) of receiving BTCs, once purchased? That is one of the unfortunate challenges (that is company independent, btw) wrt mainstreaming bitcoins. Simply due to the irreversible nature of BTC as opposed to their reversible fiat counterpart.

Once you're Tier 2 verified, Coinbase is the most fantastic bitcoin buying and selling experience out there. If you have a US bank account, I highly recommend setting up a Coinbase and getting a transaction under your belt to get into the 30 day waiting period for Tier 2 verification as soon as possible. If you don't have an account yet, use my referral link here to sign up and we will both get $5 worth of Bitcoin when you initiate your first transaction of 1 BTC or more (buy or sell). Win, win!

The anti fraud system called "high risk transaction" is an intricate system to defraud the customer.  The reason is because you don't gain any extra info by receiving the ACH transfer that would dictate the chances it would be fraudulent.  Verification of bank is all the info they have and they could very well reject prior to taking the money.

I give them props for their AML and anti-fraud systems, which are why those limits exist. I was maxing my buys through them for awhile, and started getting hit with those high-risk letters. Complained to customer service, talked to them a bit, and they whitelisted me so I don't get hit by that. Really liked that level of customer service. I know my mainstream bank doesn't give it to me, no matter how much cash I run through/store in their system.

Also, just by implementing a "high risk transaction" system that does not discriminate, it will still guarantee that they profit and the customer loses, because bitcoin prices in general is going up.  For example, say the high risk transaction system randomly flags 5% of all trades and returns it, they will profit more in the long run because of the trend of bitcoin.  This is assuming the high risk thing doesnt discriminate.  If it does discriminate which it probably does at least a lil bit so people don't notice, they make even more and customer gets shafted more.

The deciding factor for what is high risk and what isn't should be the money that reaches them.  As far as I know, there is NO extra info that they will have gathered by the money reaching them.  Hence, they could very well flag a transaction as high risk BEFORE taking one's money, but they don't do that.  They cancel it after they receive the money and have 2 choices: release the bitcoins or keep the bitcoins and send the money back to your account.

Fair point.  The best way to explore that would be to identify if it is systemic.  Hard to do without a random sample of user's providing data though.  Alas.

but they cancel the transactions after the money has reached their end.  they are not receiving any new information, except money.  a good way of doing that would be to deny the transaction to be taken place altogether.

It isn't a few peanuts though.  $800 off one customer is quite a lot.  They've got a 300k customer base.  So there are lots of "peanuts" to be gathered.  They said it themselves, "We don't get it right all the time." 

Thx for the pointer.  I actually have been following it.

It remains unclear in my mind exactly what types of things can trigger a cancellation, and I would dearly like to know.

It is a completely valid hypothesis that cancellations are nothing more than a stop-loss on Coinbase trades gone sour, but the argument against it is that it would make little sense for an outfit which is well capitalized to ruin their reputation for a few peanuts on a 10BTC trade.

A hypothesis which strikes me as more likely is that Coinbase relies on various triggers and flags which are generated 'upstream' in the bowels of the USD financial services system.  This is a much more interesting area to me generally and is why I am keen to discover any reliable information about these cancellations that I can.

see this thread:

https://bitcointalksearch.org/topic/coinbase-steals-and-profits-off-customers-via-high-risk-transaction-scheme-322229

Ironically, that was one of the things I didn't care for.  For one, it can be a bitch for one who lives outside of cell phone range.

For two, I don't consider my phone reliable enough from a security perspective to have anything to do with access to any financial related web site, and I don't even let it access my real mail.  Of course allowing it to receive access codes is not going to allow it to be used as a sole attack vector, but the attacks that I worry most about would be highly sophisticated ones where an attacker could compromise all of my communication methods simultaneously.

Anyway, I hope they eventually allow users to make their own choice about OTP.  I never trust any institution with more funds than I can afford to lose, and have a special checking account to hook up to their service such that Coinbase could not be used as a vector to siphon money out of my mainstream bank account (in quantity.)