Whoops! Crypto company Gemini is having some trouble with fraud
Image: Alex Castro / The Verge
We’ve talked before about the problems in the early days of PayPal, which was then called X. Elon Musk, in his infinite wisdom, decided customer acquisition was the most important thing, and as a result, PayPal had to deal with rampant fraud. Don’t just take my word for it — here’s Peter Thiel, describing those days:
We had decided to give credit cards to absolutely anybody who wanted them. You got a up to $10,000 credit limit. Elon had told the woman who was rolling the service out that he wanted a million people to be using the new credit card by the end of the year. Fortunately, it was about two levels down from the front page, and so not that many people were able to discover this. Some people did; they wrote us back and said, “This is fantastic, I haven’t had credit in years. I can’t believe you’re offering me credit. I haven’t even had a checking account in 10 years.” These were people who wrote so many bad checks that banks wouldn’t allow them to have checking accounts. It turned out we ended up with something like a 50 percent charge-back rate. The worst subprime companies were like 4 to 6 percent. Then, happily, we rolled that product back very quickly.
Now, to be clear, I’ve met a lot of members of the crypto community, and many of them are avid financial history buffs. But it appears our friends, the errant sea gods Tyler and Cameron Winklevoss, did not learn about the early history of PayPal, despite there being several excellent books on the subject. And so, perhaps inevitably, when they launched their crypto rewards credit card at Gemini, what they got was fraud.
“Gemini approved a surge of new customers that had signed up with stolen identities.”
Unlike Musk’s credit card for PayPal, they advertised on billboards and social media platforms. And when the card launched, “Gemini approved a surge of new customers that had signed up with stolen identities,” The Information writes, citing two anonymous sources. They had to pause the card rollout — and the fraud cost Gemini “millions of dollars,” according to three anonymous sources.
I don’t mean to pick on Gemini. Fraud is a widespread and very funny problem in the banking industry. The ideal amount of fraud in finance isn’t zero — the classic example is the husband whose porn payment is discovered by his spouse on their shared credit card statement and who calls the bank to say, lying, that it’s a fraudulent charge in order to avoid a nasty marital fight. The customer is, technically, committing fraud — he knowingly approved the payment! — but to keep him as a customer, the bank goes along with it. This “friendly fraud” can happen for a lot of reasons, but a certain amount of it is built into payment systems.
With something like cryptocurrency, though, a lot of people who are using it are using it for a reason: either they can’t access the regular banking industry or they don’t want to, for instance, because they are trying to get the ransom payment on the hack they did on some business. I mean, the first widespread use for crypto was drugs, people. This is a group that is maybe a little bit more likely to do some shady stuff than the general population, you know?
Anyway, this isn’t the only fraud problem Gemini is having. You know how a lot of financial services, for instance, PayPal, prefer you to give them your bank account number rather than your credit card number? That’s because of the Automated Clearing House, which is the system that your job might use to direct deposit your paycheck. ACH is old as hell, but it’s cheaper than credit cards because it doesn’t incur as many fees.
Because it’s cheap, a lot of fintechs, including crypto providers, prefer it. The only problem is if the account information is stolen — or, crucially, if the owner of the account disputes the transfer. Now, remember, for banks, this kind of friendly fraud is part of the cost of doing business, so they’ll just believe their customer. But Gemini, hilariously, let people withdraw their crypto before their ACH deposit cleared! Here’s The Information on how that worked out:
For example, if a user initiated a transfer of $100 to buy crypto and the value of that crypto rose to $150 before the transfer settled, the user could take out $50 worth of crypto.
This scenario made Gemini a target for fraudsters initiating ACH transfers using stolen bank account information, two people familiar with the matter said, because they could quickly exploit this loophole to take out crypto. That left the exchange with less crypto to seize if the bank transfer was eventually disputed by the real bank account owner and the exchange had to pay the transfer back, and therefore even bigger losses if crypto prices fell again.
There’s a part of me that wonders if Gemini would have avoided all of this if someone in a position of power had read, like, Ashlee Vance’s Elon Musk biography, or Max Chafkin’s The Contrarian, or Jimmy Soni’s The Founders. PayPal set out to revolutionize the financial industry pretty recently, after all. I’m assuming there were people inside Gemini who had an inkling about how this would go, and they probably ripped out all their bountiful hair. But the Winklevii needed to go to band practice, and here we all are.
Image: Alex Castro / The Verge
We’ve talked before about the problems in the early days of PayPal, which was then called X. Elon Musk, in his infinite wisdom, decided customer acquisition was the most important thing, and as a result, PayPal had to deal with rampant fraud. Don’t just take my word for it — here’s Peter Thiel, describing those days:
We had decided to give credit cards to absolutely anybody who wanted them. You got a up to $10,000 credit limit. Elon had told the woman who was rolling the service out that he wanted a million people to be using the new credit card by the end of the year. Fortunately, it was about two levels down from the front page, and so not that many people were able to discover this. Some people did; they wrote us back and said, “This is fantastic, I haven’t had credit in years. I can’t believe you’re offering me credit. I haven’t even had a checking account in 10 years.” These were people who wrote so many bad checks that banks wouldn’t allow them to have checking accounts. It turned out we ended up with something like a 50 percent charge-back rate. The worst subprime companies were like 4 to 6 percent. Then, happily, we rolled that product back very quickly.
Now, to be clear, I’ve met a lot of members of the crypto community, and many of them are avid financial history buffs. But it appears our friends, the errant sea gods Tyler and Cameron Winklevoss, did not learn about the early history of PayPal, despite there being several excellent books on the subject. And so, perhaps inevitably, when they launched their crypto rewards credit card at Gemini, what they got was fraud.
Unlike Musk’s credit card for PayPal, they advertised on billboards and social media platforms. And when the card launched, “Gemini approved a surge of new customers that had signed up with stolen identities,” The Information writes, citing two anonymous sources. They had to pause the card rollout — and the fraud cost Gemini “millions of dollars,” according to three anonymous sources.
I don’t mean to pick on Gemini. Fraud is a widespread and very funny problem in the banking industry. The ideal amount of fraud in finance isn’t zero — the classic example is the husband whose porn payment is discovered by his spouse on their shared credit card statement and who calls the bank to say, lying, that it’s a fraudulent charge in order to avoid a nasty marital fight. The customer is, technically, committing fraud — he knowingly approved the payment! — but to keep him as a customer, the bank goes along with it. This “friendly fraud” can happen for a lot of reasons, but a certain amount of it is built into payment systems.
With something like cryptocurrency, though, a lot of people who are using it are using it for a reason: either they can’t access the regular banking industry or they don’t want to, for instance, because they are trying to get the ransom payment on the hack they did on some business. I mean, the first widespread use for crypto was drugs, people. This is a group that is maybe a little bit more likely to do some shady stuff than the general population, you know?
Anyway, this isn’t the only fraud problem Gemini is having. You know how a lot of financial services, for instance, PayPal, prefer you to give them your bank account number rather than your credit card number? That’s because of the Automated Clearing House, which is the system that your job might use to direct deposit your paycheck. ACH is old as hell, but it’s cheaper than credit cards because it doesn’t incur as many fees.
Because it’s cheap, a lot of fintechs, including crypto providers, prefer it. The only problem is if the account information is stolen — or, crucially, if the owner of the account disputes the transfer. Now, remember, for banks, this kind of friendly fraud is part of the cost of doing business, so they’ll just believe their customer. But Gemini, hilariously, let people withdraw their crypto before their ACH deposit cleared! Here’s The Information on how that worked out:
For example, if a user initiated a transfer of $100 to buy crypto and the value of that crypto rose to $150 before the transfer settled, the user could take out $50 worth of crypto.
This scenario made Gemini a target for fraudsters initiating ACH transfers using stolen bank account information, two people familiar with the matter said, because they could quickly exploit this loophole to take out crypto. That left the exchange with less crypto to seize if the bank transfer was eventually disputed by the real bank account owner and the exchange had to pay the transfer back, and therefore even bigger losses if crypto prices fell again.
There’s a part of me that wonders if Gemini would have avoided all of this if someone in a position of power had read, like, Ashlee Vance’s Elon Musk biography, or Max Chafkin’s The Contrarian, or Jimmy Soni’s The Founders. PayPal set out to revolutionize the financial industry pretty recently, after all. I’m assuming there were people inside Gemini who had an inkling about how this would go, and they probably ripped out all their bountiful hair. But the Winklevii needed to go to band practice, and here we all are.