> Maybe the answer is money that doesn't settle instantly.. Kind of like how your paypal payments are "on hold" whenever you get them to give the sender time to realise they've been scammed. Maybe all payments take 2 weeks to settle, and everyone lives on free credit up to the unsettled amount..

Well, all credit card payments are basically exactly this (which you’d know, given your previous job). The crypto crowd always yell “no chargebacks!” when trying to attract people to their platforms, but chargebacks are actually a feature, not a bug — for the very reason you just described.

I don’t like it, though. It seems totally inefficient, and there are better ways to do this.

Edit: I want to add, because of chargebacks, any credit card processor that doesn’t hold your money for, like, 6 months or whatever, is accepting the credit risk associated with what would happen if all of your transactions were charged back and you weren’t good for the money. Hence why their risk management is a nightmare, and why anyone who enters that space ends up looking like a bad guy who arbitrarily freezes people’s money (unless they choose to use humans rather than AI, but that doesn’t “scale,” right?).

My father was scammed out of $1200 USD. He had a pop-up on his browser that said his computer was broken. It's the most cheesy scam on the web but this 80 year old man didn't know better. He thought he was getting a great deal - $1200 for lifetime support of his computer.

Anyway, he told us the same day and we immediately called his bank. It was under 24 hours and they shut down the payment. He didn't lose a penny.

So, yeah, I totally agree with you. The slowness of payments and chargebacks are a feature, not a bug. Same way that we have checkpoints before we deploy code to prod. Not having this assumes that everyone is making decisions in their best interest all the time. In reality, we do bone-headed things quite often and need a fair redo.

> Maybe all payments take 2 weeks to settle

I'm not sure how that would help with regards to APP fraud. APP fraud is possible because scammers are successfully able to social-engineer people into sending their money away despite the various warnings (including on the payments UI in bank apps, or - in the US where this scam uses gift cards - to not tell the cashier or the bank what you're buying the gift cards for). I would expect the same social-engineering to be able to convince the user to not raise the alarm during the 2 week cooldown period.

I think the problem with APP fraud is a lack of user education (and maybe consequences - users expect the bank to always make them whole and so don't take security seriously) as well as insufficient enforcement on the other side - not enough is being done to prevent scammers from operating (why is it still possible for them to robocall and spoof UK numbers? why is there no AML/KYC equivalent before being able to place calls?) and getting away with it.

> I would expect the same social-engineering to be able to convince the user to not raise the alarm during the 2 week cooldown period.

It would be interesting to test this. Having read through a number of APP fraud cases, including victim statements. One persistent theme is that the pressure cooker environment that scammers create to get victims to send money is very effective as getting them to ignore warning signs. But after they've sent the money, and the immediate pressure is off, they quickly realise they've been scammed.

I strongly suspect that introducing even short delays of a few hours would be very effective. Especially if the victim is immediately made aware that a delay has been introduced. This give the victim a little time to cool-off and realise that they've been scammed, and then hopefully alert the bank.

Haha I wonder if you've read my case. I was scammed out of 100k this year.

The scammer had control of my solicitor's email and timed the attack perfectly so I was absolutely convinced I was sending money to the right place.

Didn't realize until a few days later when the solicitor called me wondering where the money was. The two week thing might have helped us but the scammer would probably just time their attack differently. Although it would increase the time they have to keep the fish on a hook.

Not sure if you managed to get your money back. But if you didn't, go research the contingent reimbursement model (CRM). Pretty much every major bank has signed up to it, and the CRM requires banks to reimburse victims, if the scam is sophisticated and the victim took reasonable steps to avoid the scam.

A basic house deposit payment redirection scam should be covered, assuming you have evidence that the emails were sent from your solicitors email address.

Yep I did. Thanks.

> I think the problem with APP fraud is a lack of user education (and maybe consequences - users expect the bank to always make them whole and so don't take security seriously) as well as insufficient enforcement on the other side

We know that banks don't want to discourage people from spending money or using their services, but even as a consumer I hate dealing with chargebacks.

My significant other doesn't watch their credit card statement and signed up for some LinkedIn service that was never used for like 6 months. LinkedIn isn't going to refund money that far back and chargebacks won't go back that far, either. I don't think any lesson was learned.

Maybe I'm more sympathetic to merchants and avoid charge backs? If I don't recognize a charge, I usually assume I don't recognize the merchant and investigate and reach out to them first. I feel like half the time I do have to issue charge backs the bank invalidates my card (even though I know it was not lost or stolen). I feel like they're penalizing me.

> Maybe the answer is money that doesn't settle instantly.. Kind of like how your paypal payments are "on hold" whenever you get them to give the sender time to realise they've been scammed. Maybe all payments take 2 weeks to settle, and everyone lives on free credit up to the unsettled amount..

This would be extremely annoying. I hope it would be opt-out.

2 weeks to settle would be very annoying for people who are getting used to same-day shipping. It works when all of the goods are virtual/revocable but once you need to ship an actual product you want to be sure that you actually have the money (within some margin of error).