- This topic has 3 replies, 2 voices, and was last updated 12 years ago by
.
-
Posts
-
Hi I use eStore as the corner stone for my site, I use it to sell licence keys just codes which are emailed to the buyer’s email after purchase. I use paypal along side eStore as my payment processors and although I am yet to I am very worried about paypal’s guiding on digitally delivered goods, which is to put it bluntly, don’t sell digital goods.
Obviously that is no good for me (and many other merchants) as we live in a ever changing world and people want their product now, not in 3 days time.
My concern is that a users paypal maybe obtained by someone who wants to use it maliciously ie to spend as much money in my store and run off with the goods!
I understand that if a user buys from my store they are technically not covered by any paypal protection as they are intangible goods (no proof of delivery no evidence they have been sent)
But I have spoken to paypal and they have told me if someone’s PP account has been compromised and I do not have proof of delivery I am not eligible for protection, ie paypal will take the money from my account and give it back. Obviously I dont want this to happen, what I sell are unique keys so once used they are useless, bottom line I lose out big time if this happens. I have setup strict paypal emailing to at the very least reduce the number of problems I will face but obviously this will not prevent everything.
I was wandering if there a way to prove an email has been sent, I have evidence of the product being sent on my server thanks to eStore keeping track of everything but I feel when it comes down to paypal they will not regard that information as credible.
Thank you for reading and information will be appreciated !
Luke
That’s the problem, “proof of delivery.” The debug logs only track “proof of emailing,” to the buyer’s PayPal address. In a court of law, this is not “proof of delivery.”
And since a thief or liar would claim that “someone else” used their PayPal account, the logs would be useless anyways, because the license keys are sent to whatever email address is associated with the allegedly compromised PayPal account.
The best legal advice I can give you is to get business insurance, with a rider that covers this kind of loss.
Alternatively, you can add $20 to the product cost, and then overnight mail the license code, with signature required. That way, you will have a traceable “proof of delivery” receipt.
Hi thanks for the response unfortunately I was right, the person’s account I suspected of being hacked had indeed been hacked, and I am not legible for protection ..
I’ve spoken to company’s similar to mine they have told me the money has gone and theres no way of getting it back.
Ive also contacted trading standards to see if they have any knowledge on the subject, although I wont hold my breath
I’m looking into business insurance to protect me if this happens again
Thanks wpz
Serious cyber businesses should take all the same precautions that brick and mortar businesses do. This includes business insurance and various contingency plans.
You didn’t indicate whether or not the software you are selling is your own, or someone else’s product. If the software is of your own design, you might consider a built-in kill switch; like Microsoft and Apple use.
- You must be logged in to reply to this topic.