PayPal Infrastructure

PayPal doesn't fundamentally change the way merchants interact with banks and credit card companies. It just acts as a middleman. Credit and debit card transactions travel on different networks. When a merchant accepts a charge from a card, the merchant pays an interchange, which is a small fee of about ten cents plus approximately 2 percent. The interchange is made up of a variety of small fees paid to all the different companies that have a part in the transaction -- the merchant's bank, the credit card association and the company that issued the card [ref]. If someone pays by check, a different network is used, one that costs the merchant less but moves more slowly.

What part does PayPal play in all this? Both buyer and seller deal with PayPal, having already provided their bank account or credit card information. PayPal, in turn, handles all the transactions with various banks and credit card companies, and pays the interchange. They make this back on the fees they charge for receiving money, as well as the interest they collect on money left in PayPal accounts.

PayPal touts its presence as an extra layer as a security feature, because everyone's information, including credit card numbers, bank account numbers and address, stays with PayPal. With other online transactions, that information is transmitted from the buyer to the merchant to the credit card processor.

PayPal also offers a $5 PayPal Security Key -- a portable device that creates a six-digit code every 30 seconds. The user links this key to his or her eBay or PayPal account. The six-digit code is used in conjunction with the user ID and password to create a unique security code [source: PayPal].

All the money held in PayPal accounts is placed into one or more bank accounts, where PayPal collects interest. Account holders do not receive any of the interest gained on their money. Some PayPal critics claim that one of the reasons PayPal locks accounts and puts people through a long, frustrating appeal process is so they can keep the funds in the bank longer to collect more interest.

Next, we'll learn about the history of PayPal.

Security After a series of scams, PayPal formulated a plan to prevent criminals from using computer programs to open dozens of fraudulent accounts with stolen credit card numbers. This system, known as the "Gausebeck-Levchin" test, is now widely used by thousands of Web sites [ref]. It requires new account creators to type in a word found in a small image file on the account creation page. A script or a bot can't read this word -- only a human can decipher it. The Gausebeck-Levchin test on PayPal: The sight-impaired (who use text-based Web browsers) can listen to a recording of the letters instead. PayPal also uses special programs to detect potentially fraudulent activity. These programs watch for certain red flags that might be a sign of fraud. These red flags include sudden increases in volume or quantity of transfers, denied credit card charges or invalid IP addresses.