PayPal outage highlights API vulnerabilities and payments risks
The news: PayPal experienced a global outage last week due to a failure in its Braintree GraphQL application programming interface (API), which facilitates in-app payment processing. This disruption affected services like payments, withdrawals, express checkout, cryptocurrency transactions, Venmo, and Xoom for thousands globally.
- Users reported difficulties logging in, sending or receiving money, and accessing linked bank accounts. Merchants encountered increased HTTP 500 errors during REST API calls, hindering payment processing and potentially losing revenues.
- While PayPal confirmed that the issue was resolved within two hours, it did not identify what specifically caused the outage.
It’s unclear how many of PayPal’s 212.2 million core users worldwide were affected by the outage.
The risks of digital finance: This incident underscores the inherent vulnerabilities in highly integrated payment systems. These mobile apps or online-only services have no real-world failsafes (e.g., access through bank branches).
- Reliance on interconnected APIs can create a single point of failure, where an issue in one component cascades across the entire system, causing devastating results.
- Online payment services like Venmo, PayPal, and Stripe are the leading finance-related apps that 80% of US adults have on their phones, per MX, indicating a continued shift to services reliant on APIs.
Outages are also becoming more common: PayPal’s outage is not isolated. Just two months ago, a Bank of America (BofA) outage disrupted digital and in-branch services for thousands of users. API-related flaws jumped 21% from Q2 to Q3 2024, per a recent Wallarm report. Of those, 32% were linked to cloud-native applications and services.
What it means for PayPal: While the outage was short-lived, customer frustrations from not being able to complete their transactions could have long-term consequences for the payments giant.
- It may have dampened consumer trust of the brand, which can be difficult to win back.
- And it could have pushed consumers to use an alternative digital wallet like Shop Pay or Cash App Pay to check out online. If consumers had a good experience with these other wallets, they may also be more willing to use them in the future, affecting PayPal’s future volume.
Zooming out: The Consumer Financial Protection Bureau (CFPB) finalized a rule this week subjecting large payment apps like PayPal to the same supervision and regulation as banks.
As part of this, the CFPB will begin monitoring disruptions to payment apps that prevent consumers from accessing payments. If future outages occur under the CFPB’s watch, PayPal could face fines or other enforcement actions.
Our take: PayPal should work to remove its single point of failure to prevent future outages. If more outages occur, the damage they may have on customer trust would likely amplify. This gives competitors the opportunity to capture PayPal’s customers by guaranteeing more reliable alternatives.
%20scale(0.100000,-0.100000)%22%0A%20%20fill=%22%23000000%22%20stroke=%22none%22%3E%0A%20%20%3C/g%3E%0A%3C/svg%3E%0A)
This article is part of EMARKETER’s client-only subscription Briefings—daily newsletters authored by industry analysts who are experts in marketing, advertising, media, and tech trends. To help you finish 2024 strong, and start 2025 off on the right foot, articles like this one—delivering the latest news and insights—are completely free through January 31, 2025. If you want to learn how to get insights like these delivered to your inbox every day, and get access to our data-driven forecasts, reports, and industry benchmarks, schedule a demo with our sales team.