Time:2023-11-06 Click:114
Crypto is a brand-new world, so new that most ordinary people consider it a grand scam. These same ideas have been mentioned numerous times in film and television works. The recently very popular Chinese movie "No More Bets" has proven to be the case, and the audience seems to also buy into this perspective.
This is an entirely new realm, wild enough to be likened to the Wild West, rife with scams, where it's survival of the fittest, a dark forest. However, it's undeniable that the development of crypto up to today is thanks to the diligent and genuine efforts of countless teams, contributing bit by bit. Many of these teams might not exist anymore due to the objective circumstances, but the progress made is accumulated from their contributions.
FaTPay began building in this industry in early 2022, naively choosing a path that now appears incredibly challenging — on-ramp. This term might sound unfamiliar to most. The meaning of "on-ramp" in English is the entrance to get on a highway. This word vividly describes the process for an ordinary user to go from the traditional fiat world into the crypto world. Through fiat on-ramp, which is what we commonly refer to as depositing fiat to purchase cryptocurrency. Specifically, stablecoins.
How can one purchase stablecoins with fiat?
In the absence of on-ramp solutions, most people trade via OTC (Over the Counter). If you open any exchange app, there's typically a section labeled "Buy Coins," where various sellers list their offerings. The transaction process between the user and the seller is straightforward: the user specifies the amount of coin they wish to purchase, then makes a payment to the seller via bank transfer (or through platforms like WeChat Pay or Alipay in China). Once the seller confirms receipt of the payment, they send the stablecoins to the user's account within the exchange.
Everything seems fine, but problems do occur from time to time.
One is the issue of trade disputes. When users transfer fiat to the seller, they often use bank transfers or payment platforms. These fiat transfers are external to the exchange, meaning the exchange lacks any information about whether the transaction was successful. If any problems arise during this process, such as transfer failures, incorrect account details entered, or one party acting dishonestly, disputes occur. The user might claim they've transferred the funds, while the seller denies receiving them. The only resolution is for both parties to provide evidence, like screenshots of the transaction.
But screenshots can be faked. The exchange does not have access to bank systems and cannot obtain bank data to make a fair judgment. In this case, the exchange usually protects the customer's interests. As long as the user can provide screenshots, the exchange will forcibly transfer the stablecoins to the user's account. This is because the merchant's stablecoins are held in an account on the exchange. When an OTC trade begins, the exchange will first lock the corresponding amount from the merchant's account. After the user's transfer is confirmed successful, then the stablecoins will be sent to the user's account and unlocked.
Due to the above, the exchange cannot provide two-way guarantees for OTC trades. If a trade dispute occurs, it's very likely one side will suffer losses.
Another serious issue is the source of the fiat. The merchants selling the coins accept transfers to their own bank accounts, which could be company accounts or personal accounts, mostly personal. The merchants do not know the source of the user's funds. Once the user's money is involved in fraud or illegal activities, the merchant's account will quickly end up on the bank's watch list after receiving such money. Best case the account gets frozen, worst case law enforcement gets involved with criminal liability.
I believe many of you have encountered similar issues. Before crypto appeared, bad actors could only disperse and then aggregate funds through multiple bank accounts in the banking system, needing to go through N accounts, which was troublesome and costly with high fees. With the emergence of crypto, it provides natural liquidity and transaction mediums for illegal actors, making it perfectly easy to find channels to turn fiat into crypto. Hence, OTC trading became a hotbed for such funds, with merchant accounts frequently frozen and no proper recourse available.
When FaTPay entered the crypto industry, we saw these two pain points, which were truly too painful. At that time, companies like MoonPay had already launched on-ramp solutions. A few partners of us slapped their thighs and decided to do it!
How does on-ramp solve these problems?
Firstly, when users utilize on-ramp products, they don't pay fiat via bank transfers but employ common 'payment methods' to pay merchants. Readers unfamiliar with the payment industry may not understand these two concepts very clearly. But don't worry, let's explain them simply. Transfers refer to directly transferring money through a bank app by inputting the recipient's account name, account number and other information. Payments are different from transfers. Actions like card payments, payment apps are considered payments. Payments do not require knowing the recipient's account information. Money can be paid through methods like POS machines, QR codes, etc.
When a merchant opens a business, they need to accept various payment methods from customers. Before payment apps like Alipay and WeChat were widely adopted, merchants would have payment processors (readers unfamiliar with this term can roughly understand payment processors as payment companies, institutions that provide payment services) install POS machines. When customers come to make purchases, one swipe of the card on the POS machine would tell the merchant if the card payment was successful and if the transaction was completed. For Alipay and WeChat using QR codes, after the user scans to make payment, the merchant's phone would also receive a notification of successful payment.
See, this perfectly addresses the first issue. By paying using 'payment methods', the acquiring institution or payment company informs the merchant of the payment outcome through system APIs or dedicated devices like POS machines. The payment industry has been around for years, and both consumers and merchants trust the results provided by payment companies. If a platform integrates with a payment company's services, they too are informed of the payment outcome, eliminating the disputes arising from the lack of transfer information in bank transactions.
Secondly, regarding the issue of illegal funds, when paying via "payment", the money does not directly transfer from customer to merchant account but goes through an intermediary payment company. Identifying fund sources is the job of the payment company, not the merchant. So even if dirty money is received, it does not affect the merchant's account. Of course, this is not absolute, the payments industry is very complex, readers can understand the basics for now. The issue of black money can be discussed separately.
In summary, it seemed perfect! Absolutely perfect! Let's get to it!
FaTPay decided to operate compliantly from the early beginning. So, mainland China was not considered. Naturally Alipay and WeChat were excluded. Then, what's the most common payment method for overseas users? That's right, credit cards. In many Southeast Asian countries, the situation is similar to mainland China, where locals use local e-wallets (akin to Alipay). So, these e-wallets were also part of our considerations.
The first order of business was to find an acquiring institution that could offer credit card payment services. Credit card acquiring is a longstanding industry, and there are numerous overseas acquiring institutions like Stripe, Checkout.com, WorldPay, and several regional entities to choose from. So, the discussions began.
To use the services of an acquiring institution, we had to clearly explain our business model and the flow of funds. When they heard it involved crypto, the first question was, 'Do you have a license?'
Alright, then began the global quest to learn about license applications, associated costs, and the intricacies involved. After much effort and exploration, we settled on Lithuania. Lithuania, a small Eastern European country without any major industries, is a member of the European Union. Having a Lithuanian license meant we could operate compliant crypto businesses throughout the EU. The Lithuanian government was astute; with no significant industries or infrastructure, how could they attract investments? Being an EU member state, they decided to lure businesses with affordable licensing.
I'll skip the licensing process for now, it went relatively smoothly, and we obtained it in months. With license in hand, we went back to payment processors. After an extremely lengthy and painful documentation and review process, we finally partnered with one, using FaTPay's Lithuanian entity to provide credit card payment services for the on-ramp business.
Now they're willing to provide payment services, but we need a bank account, otherwise where can they settle the funds collected for us? So began another long journey of applying for accounts. We tried many banks in Lithuania, most rejected providing services upon hearing it's for crypto, seeing it as super high-risk business. These conservative Europeans absolutely won't service such high-risk businesses.
After searching everywhere, the only banks willing to open accounts for crypto companies were EMI institutions. EMI stands for e-Money Institution. From the name you can tell that e-Money is different from Money. The funds in these institutions exist in traditional bank accounts. They themselves are not traditional banks, more like institutions similar to PayPal,Alipay - they open accounts at banks while also taking customer deposits. According to European law, EMI institutions can only accept deposits but cannot loan. Readers with some banking knowledge know banks' main revenue comes from the interest rate spread between loans and deposits. EMIs can only take deposits, not loan, so how do they earn money? That's right, you probably realized - money deposited at EMIs does not earn interest, instead you have to pay them fees for safekeeping! Beyond that, every fund transfer in or out is charged a fee of a fraction of a percent of the transfer amount. This is simply blatant money grabbing! All kinds of other miscellaneous fees abound, like account opening fees, monthly account maintenance fees, statement printing fees, overnight balance holding fees, account closing fees, and many more.
After comparing, you will deeply understand the significance and greatness of de-centralization in the crypto sector.
Unfortunately, traditional banks refuse to open accounts for us, so EMI is the only one willing to accept a crypto company. We have to grit our teeth and open an account there. With a bank account, we can proceed to open merchant accounts at payment processors. We just received quotes from payment processors - as is typical for international credit card processing, they use an Interchange pricing model. I won't go into too much detail about this model, but basically domestic processing fees are around 1.x% of transaction amount, while cross-border fees are around 3.x%.
Let me briefly explain domestic and cross-border processing. Credit cards are internationally accepted payment methods. For example, if you have a Visa/ Master card card issued by your local bank, you can use it for payments home and abroad. When a local-issued card is used at home, it's domestic processing; when used abroad, it's cross-border. For cross-border transactions, you pay in local currency, but the merchant receives funds in their local currency - the currency conversion is handled by the issuing bank and Visa. In this sense, credit cards are very convenient payment products.
Our merchant entity is based in Lithuania, an EU member state, so EU-issued cards paying us will be domestic processing; non-EU cards are cross-border. I'm simplifying a bit here to help less experienced folks understand, please don't take this too literally if you have actual expertise in payments!
1.x% local acquiring fees and 3.x% cross-border acquiring fees are incredible high when compared to ordinary businesses. However, the justification provided by these acquiring institutions is the same as the banks: since you're in the crypto business, which is considered high-risk, the rate is higher.
Facing such systems and rules, what could FaTPay, a startup, possibly do? We had no choice but to grit our teeth and forge ahead!
After much hard work and development, our widget was finally launched. Users could smoothly make payments using credit cards and purchase stablecoins through FaTPay. On-ramp is a B2B business, as the use case for on-ramp is too specific to support it being a B2C business. Therefore, FaTPay provides on-ramp services to exchanges, NFT platforms, wallets, and more, allowing their users to utilize FaTPay services to purchase stablecoins.
The first to launch was a mid-sized exchange. On the day of launch, traffic poured in, and each successful payment brought immense excitement to the entire team. After such prolonged efforts and enduring various challenges, they finally saw the fruits of their labor. However, unbeknownst to us, we were about to fall into a massive pitfall: credit card fraud.
First, let's explain what credit card fraud is. Most of you have used credit cards for online purchases, right? For instance, when shopping on Amazon, during the payment process, you're required to enter the three essential details of your credit card: the card number, expiration date, and CVV (typically a three-digit number printed on the back of the card). Amazon sends these details to a payment company, which then verifies them, deducts the amount from your card, and completes the payment. If Amazon or the payment company mishandles this information leading to a data breach, anyone with access to these details can make purchases using your card.
Credit card fraud has been a longstanding issue overseas, forming a fairly comprehensive industry chain. There are those specialized in stealing card information, called 'data dealers', and the stolen cards are known as 'black cards'. Others are responsible for swiping money from these black cards, and some further manage the consolidation and transfer of this swiped money. Credit card fraud is a complex system, deserving its own dedicated discussion. For now, a general understanding will suffice.
Besides credit card fraud, there are also scam hubs similar to those in Northern Myanmar. Typically, a young lady (often a front for a group of male fraudsters) builds a relationship with a victim and, after some time, convinces them to invest in a certain product. The victim might then make a payment using a credit card.
Before crypto appeared, bad actors could only disperse and then aggregate funds through multiple bank accounts in the banking system, needing to go through N accounts, which was troublesome and costly with high fees. With the emergence of crypto, it provides natural liquidity and transaction mediums for illegal actors, making it perfectly easy to find channels to turn fiat into crypto. As an on-ramp service provider, our original intention was to serve users just starting to access digital assets and allow them to buy crypto assets easily and quickly. But now, credit card fraud and scam call centers are swarming in and on-ramp has become their best tool.
Even worse, exchanges and credit card fraud groups are colluding together to fleece on-ramp service providers. FaTPay has encountered situations where right after launching with an exchange, we see fraud transactions quickly rise. Within a day we notify the exchange: "Your fraud transactions are too high; we need to pause the service first." But before we could even pause the service, in just over an hour, the fraud transaction ratio suddenly dropped. What more could we say?
So, what is the impact of these fraudulent transactions on the on-ramp industry? The most direct impact is cost.
Credit card fraud is nothing new. Visa, Mastercard and other card networks already have mechanisms to protect users. If you discover your credit card was used fraudulently, you can directly submit a chargeback request to the issuing bank (for example, if your card was issued by the Citibank, then the Citibank is the issuing bank). Card networks have specialized processes for handling chargeback disputes. During the process, both buyer and seller need to submit evidence for the card network to arbitrate and determine if it was truly fraudulent.
In reality, if it really was fraudulent use, the buyer can surely submit evidence that it was an unauthorized transaction, while the seller can submit evidence that this was a normal purchase made at their establishment. For card networks, the cardholder is the customer, the customer is always right, so card networks tend to side with protecting the cardholder's interests. The direct result is a high probability of the cardholder winning and a low probability for the merchant. If the merchant loses, they need to refund the transaction amount. On top of refunding the original transaction value, they also need to pay a $ 25 penalty fee to the card network. In reality, many merchants directly refund upon encountering this situation instead of going through arbitration, since they probably won't win anyway.
For on-ramp service providers like FaTPay, this is simply hell. Fraud groups use victim's credit cards to make purchases on our platform, immediately take the stablecoins and walk away scot-free. When victims discover the unauthorized use and initiate chargebacks, we have to obediently refund. But I've already given out the coins, I can't take them back! Broad daylight losses!
For on-ramp service providers, how do they hedge against these losses? There's no other way, they can only raise prices. The simplest calculation method - assume 1% of transactions will result in chargebacks, then raise coin selling prices by 1% to hedge against that risk.
But reality is not so simple. For scammers, after going through so much effort to finally hook a victim, why wouldn't they take as much as possible? From our perspective, while the average order value may be $ 100, for the transactions that end up disputed, the average is probably around $ 1000. You see, if I raise my selling price by 1% , that's not enough to cover my losses, I would need to raise it by 10% . Of course, this number is just for illustration purposes, the actual situation is not that high.
In the end, the cost of fighting fraud across the industry ends up paid by consumers. Some may say this is just how it is in crypto world; normal consumption doesn't have these kinds of messy problems. Just the other day, my colleague discovered his credit card was used fraudulently at a McDonald's in Canada. The reality is that this happens from time to time even for ordinary merchants doing business. Assuming a 1% fraud rate, the merchant can only raise prices by 1% to hedge. From the cardholder's perspective, the chargeback mechanism is great in protecting oneself. But zooming out to the whole consumer ecosystem, all consumers are paying 1% more for purchases. Yes, your 1% , under one set of rules, ultimately ended up in the scammers' hands.
Knowledgeable readers may say there are specialized anti-fraud service providers whose systems can detect these fraudulent transactions and directly decline them when cards are used fraudulently. That's right, FaTPay also uses these services, and more than one provider. But guess how these providers charge fees?
If I were the provider, I would tell you: look, without using our system, you face 10% loss. With our system, that 10% loss is gone, we only charge you an 8% fee.
These anti-fraud services demonstrate their value in the whole system by decreasing fraud rates and lowering transaction costs. But they don't address the crux of the issue.
Aside from the direct costs caused by fraud, there are other costs derived from it. As mentioned earlier, payment services are provided through payment processors. Payment processors receive the funds from users and settle them into the merchant's bank account. If a chargeback occurs, the merchant needs to refund the cardholder, so the processor will deduct it from the merchant's settlement funds.
There's a detail here - the average chargeback occurs around one month after the transaction. This makes sense, the cardholder does not realize something is wrong the moment the card is misused. It's typically after receiving the monthly statement and needing to make payments that they discover something seems off, how did I end up spending so much this month? Only then do they find out and initiate a chargeback. The chargeback process from the issuing bank to the merchant also takes some time. So chargebacks typically occur around one month after the transaction.
As mentioned earlier, credit card fraud has existed as an industry chain for many years. Some merchants registered solely to help fraud groups withdraw money from stolen cards, which for payment processors that encounter such merchants, is truly nightmare fuel. Using one month's time to aggressively process transactions, taking the money and vanishing into thin air once received. By the time cardholders initiate chargebacks, the merchant side is long gone. What to do? No choice, the processor has to eat the loss and pay out of their own pocket.
How do payment processors hedge against this risk? The industry standard approach is this: Let's say FaTPay as a merchant receives $ 100 today. The processor should settle the full $ 100 to FaTPay. But the processor says, no can do, I don't know yet if you are a good actor. There is potential chargeback risk in the future. So, of this $ 100, I will only settle $ 90 to you for now. The remaining 10% is held temporarily on my side, so that if a chargeback occurs in the future, I can deduct it from this 10% . Let's say a chargeback deducts $ 3, then the remaining $ 7 is released after 180 days into your account. Why 180 days? Because in card network rules, the chargeback dispute window is 180 days. That means the cardholder who discovers a fraudulent transaction must initiate a dispute within 180 days. Beyond 180 days, the card network will not handle it.
As FaTPay, I sold 100 USDT, which in theory means I should receive $ 100 (ignoring other fees and profits for simplicity). But in reality I can only receive $ 90. But the 100 USDT I sold to the customer; I transferred in full already. I certainly can't give the customer only 90 USDT and say the remaining 10 USDT I'll give you after 180 days!
You see, losing money on one transaction after another, losing money day after day. Moreover, this 10% reserve is on rolling collateral. Meaning the $ 100 I receive today; I will be withheld $ 10 until that unlocks after 180 days. Tomorrow, I receive another $ 100, I will be withheld $ 10 again, and this $ 10 unlocks 180 days after tomorrow. So, across all turnovers, there is constantly 10% locked away. For a startup company, growing transaction volumes is absolutely a good thing if cash flow is positive. But in this situation, with negative cash flow, growing volumes means more money locked away. It's fine if I can get it back after 180 days, but in the current economic climate, who knows what black swans may occur. FTX only took 4 days before it was gone. Who can say if a payment processor will still be around after 180 days?
How to solve this problem? Actually, many traditional businesses face the same issue, it's a working capital issue. There are many institutions willing to lend to help solve working capital problems. But borrowing has costs. If I borrow $ 100, I need to pay back $ 105 at maturity. Who ends up bearing this cost? You guessed correctly, it's you the user buying coins through on-ramp services.
Exchange rates are also a huge problem. Most on-ramp service providers are based in Europe, because Europe has very clear regulatory policies allowing compliant crypto operations. Being based in Europe means only able to accept Euros. But I'm selling stablecoins pegged to the US dollar like USDT, USDC. For us, stablecoins are the "goods". We buy wholesale and sell retail. So, there is naturally a time gap between purchasing inventory versus selling to customers. Exchange rate fluctuations become a risk during this period. Do you still remember last year when the US dollar rapidly appreciated against the Euro over the span of a month, with the Euro devaluating nearly 5% against the US dollar? For us, the money we receive, when we next need to purchase inventory, we find we can buy less with the same amount of Euros. How can we continue operating like this?
To hedge against exchange rate risk, the only option is again to build it into pricing costs passed on to consumers.
By now, you should understand why buying coins through on-ramp is so expensive. As an ordinary user, the payment operation is just entering some information and clicking confirm. But behind the scenes, the fiat payment process involves N participants in an extremely complex system. It encompasses banks, card networks, payment processors, cardholders, merchants, payment system vendors, anti-fraud system vendors, KYC system vendors, scammers, victims, and so on. Each role is trying to protect their own interests and minimize their risks. Such multi-party conflicts are unavoidable in this process. The fiat system in today's world is a system accumulated through long-term interactions between multiple parties. While it appears stable and safe on the surface, enormous costs are consumed invisibly, borne by ordinary consumers.
Crypto is a brand-new world, completely different from the fiat system. It naturally has global liquidity transcending national borders. In this sense, crypto's transaction frictions are far smaller compared to the fiat system. But crypto has also developed other transaction costs that we won't expand on here.
It takes courage to go from the old world to the new world. As the bridge linking the two worlds, there are some problems in the short term that are extremely difficult to resolve. These problems seem to us like conflicts and clashes between the two worlds. These issues cannot be solved by any single person or company alone but require persistent building by all participants in the industry over the course of 10, 20, 50, 100 years.
As one member, FaTPay is fortunate to be able to participate in the greatest transformation in human history, to be able to live in this era. This is an extremely fortunate thing. We will solve the problems mentioned one by one and publish a series of articles to gradually dissect for everyone how we solve problems and grow together with the industry.
Stay tuned for more!