SoftBank’s network meltdown was only the start of QR Code PayPay troubles. The 100 Million Yen giveaway startup campaign that was supposed to run December 4~March 31 was suddenly and unceremoniously shutdown at 11:59 pm December 13. The official excuse was that 100 million yen had been given away, but then Japanese tweets started appearing complaining of credit card holders charged for PayPay purchased items that they did not purchase. There were also reports that store staff were not checking customer IDs which they are supposed to do with PayPay purchases over 30,000 JPY. Last but not least once you register a PayPay account, there is no way to delete it.
2 days later top Japanese tech journalists Tsutsumu Ishikawa and Junya Suzuki started to pick up the story on Twitter. PayPay PR answers to Suzuki san’s questions were particularly damning: PayPay apparently allowed unlimited attempts to register credit card numbers and security code numbers, reported credit card fraud cases are “in the double digits” but PayPay does not have a handle on the problem and requests that anybody with suspicious credit card PayPay charges to contact the company (good luck with the user unfriendly ‘Help’ page). Yomiuri later reported that card frauders apparently used stolen card identities to register PayPay accounts with unlimited security code attempts. PayPay PR says this security lapse has been fixed.
Ishikawa san summed it up nicely: somehow it’s so ‘SoftBank’ that the very campaign meant to kick start a QR Code payment boon in Japan ends up destroying the opportunity to do so.