00:30:51

(someone): At the time, we were celebrating first survival and then ultimately success.

00:30:57

Roelof Botha: Throughout 2001, PayPal continued to gain momentum, and we gained confidence in the quality of our business. To give you a sense of our growth, we went from roughly $8 million in revenue in Q4 of 2000 to nearly $50 million one year later, while shrinking our fraud loss rate. But with this growth came friction with eBay. Our presence on the site became a bigger and bigger issue.

00:31:22

(someone): Tension at the PayPal eBay intersection was that on the one hand PayPal was the most popular, fastest growing, most convenient way to pay for purchases on eBay. On the other hand, it was the only part of eBay experience that eBay didn't own. They did own a competing product called Billpoint, which they thought should have killed PayPal and made it or at least made it irrelevant a very long time ago. And yet somehow they failed to do so. And so as told from their side or their point of view, PayPal was throwing a party in their backyard and charging attendance and not paying any rent for it. And so we were told by their execs time and time again that, hey, this will not stand. We'll eventually build something that competes with you and make you relevant.

00:32:17

(someone): Over the course of three years, eBay does everything in its power to gum up the works for PayPal, and PayPal does everything in its power to stay alive on eBay because it's the place that's providing at that point, you know, sometimes upwards of 90% of its transaction volume. eBay would go out of their way to do changes to code on eBay's website that would make elements of PayPal stop working.

00:29:17

(someone): We don't even consider it. And those all came about in the effort of this one tiny Silicon Valley startup

00:29:26

(someone): One of Peter's favorite expressions is this is an experiment you can only run once. It's very hard to tell whether we could have or should have done anything particularly differently relative to what eventually ended up happening. Maybe if we had prevented fraud really successfully from day zero, we wouldn't have been able to grow as quickly and as well as we did. And so maybe we're in fact better off having a Having gone through this sort of a moment of near death by a thousand paper cuts by these bad prostitutes, perhaps we could have done better by telling everyone, you know, what do you need to fax us your driver's license and, you know, show up to our office and log in in person to prove that you are who you say you are. Really hard to tell. I think the general pattern of lean in, get bruised but not killed by adversity, figure out how to get out of it, do it again. It's a pretty good formula for startups. I think it becomes harder and harder to do when you have a lot to lose, but we were at the time probably still very close to failure in just all kinds of other ways. And the fact that we grew very quickly and we had lots and lots of very happy, legitimate consumers, pushed us on to invent a way to remove fraud and bite it. At the time, we were celebrating first survival and then ultimately success.

00:30:57

Roelof Botha: Throughout 2001, PayPal continued to gain momentum, and we gained confidence in the quality of our business.

00:24:55

(someone): It's not an impossible problem to solve, but it makes it a lot harder.

00:25:00

Roelof Botha: If you've ever had to look at a series of squiggly letters and retype them to prove that you're a human, not a robot, you can thank the PayPal team. That's the Gauss-Pick left-chin test, now considered one of the earliest uses and first commercial application of Captcha.

00:25:16

(someone): I stayed up for three days writing code with no sleep, trying to bring it to the side as quickly as possible.

00:25:22

(someone): There was a 48-hour coding, crazy, you know, caffeine-fueled marathon in which David and Max build this technology to defeat these fraudsters. And it just sort of happens over a weekend, and it is intense. And at the very end of it, when the technology is deployed, a bedraggled Max Levchin takes a big speaker and hooks it up to his computer And he turns on Riot of the Valkyries as a celebratory anthem for having developed the technology and defeated the bots, or at least some share of the bots.

00:25:55

(someone): It had the exact desired effect. The real-time account creation fell off by 50%, which we knew half of the accounts that were being created were actually fraudulent.

00:26:05

(someone): Easy, automated, high-volume attacks just instantly shut off. And Igor, who had been taunting Max and sending these emails about how he would always win and he was smarter than our development team and all of this.

00:26:24

(someone): The moment of extreme triumph for me at the time was when I got an email from him basically saying, F you. And I knew it worked because he couldn't have broken it by then.

00:26:24

(someone): The moment of extreme triumph for me at the time was when I got an email from him basically saying, F you. And I knew it worked because he couldn't have broken it by then.

00:26:35

Roelof Botha: The PayPal team went on to build pattern recognition tools to identify and stop laundering operations. We developed a system to verify a user's bank account to make sure the person who was transferring money in or out was really the owner. Another breakthrough invention.

00:26:51

(someone): Sanjay Bhargava, who was recruited by Elon to work at x.com, who was on a walk with a colleague, Todd Pearson. They were noodling on this problem of how do you verify and authenticate bank accounts? And Sanjay said, well, what if we give people two deposits and then it's a code? It's a four-digit code.

00:27:09

(someone): So you would have two transfers into your bank account, let's say for $0.1235, and then you'd be asked to enter it back in at the PayPal site. You would basically have to type in $0.1235, kind of similar to the four-digit PIN codes people get all the time now with SMS verification.

00:27:26

(someone): The person standing next to him while they're on this walk for coffee, Todd, looks at Sanjay and says, you are a genius. And they get back to the office, and they start building that technology right away. The way that David Sachs, who is the head of product, describes the launch of Random Deposit, he says, it's an idea that's like Velcro. It's so good, you wish you would have thought of it yourself.

00:20:27

Roelof Botha: Every engineer was redeployed to fend off the fraudsters.

00:20:32

(someone): There is a photo that an employee shared with me. And when you look at the photo, there's a kind of room. It's got a glass window on one side. And stacked next to this glass window are a whole bunch of cardboard boxes. And then you see something you wouldn't expect, which is you see a human being sleeping on top of the cardboard boxes. It's Max Levchin. And he is there. catching precious hours of sleep or minutes of sleep while he is mid all of these fights, he's mid the fraud fight, he's mid the growth of the company, and he is sleeping on top of cardboard boxes in the office.

00:21:09

(someone): Look, in a startup, everybody is always burning the midnight hours and the work intensity at PayPal was immense. For the people involved with PayPal, that was what they lived and breathed 24 hours a day.

00:21:25

Roelof Botha: As PayPal engineers became increasingly immersed in fighting fraud, something strange happened.

00:21:31

(someone): The team at PayPal is actually communicating with its fraudsters.

00:21:38

(someone): One of the people who was creating these fraudulent accounts on PayPal somehow figured out my email address and would email me summaries of his takedowns of my latest idea. So before we got to the final version, I would get half a dozen of emails per week from this person somewhere in Eastern Europe saying, aha, you tried to rename form names in HTML and confuse me. My scripts are not confused. I create 20,000 accounts today. Sort of menacing emails.

00:22:04

(someone): I create 20,000 accounts today. Sort of menacing emails.

00:22:08

(someone): It would be like a bank executive talking to a bank robber as the robbery is happening. Or someone breaks into your house and you have a delightful conversation before they steal something from you. born in part of the background of a group of fraudsters who are based in Russia and the background of the company's CTO, Max Levchin, who was born in Ukraine. And because Max is able to communicate in the fraudster's native tongue, he is sleuthing. He is visiting the forums where they spend time and share tips about tradecraft. He's in these little chat rooms and kind of picking up intel about PayPal and what people are saying about this company PayPal.

00:22:54

Roelof Botha: Finally, late one night, we had a breakthrough.

00:22:59

(someone): My name is Dave Gaussbeck and I'm one of the creators of the Gaussbeck Love Gin Test.

00:23:04

(someone): When PayPal was being defrauded in droves, one of the kinds of fraud they faced were from computers, bots, that were basically creating fake accounts by the hundreds so that they could fleece the company for its bonus payments.

00:23:19

(someone): I remember this very, very vividly. I was in a cubicle right next to dozens of cubicles of our engineering team. David Gausbeck was sort of sitting down writing code. It was late on a Friday night. And I said, we have all these horrible human beings writing scripts to sign up for PayPal. I want to make them do a puzzle every time they go for a signup, but I make it too difficult.

00:23:30

(someone): And I said, we have all these horrible human beings writing scripts to sign up for PayPal. I want to make them do a puzzle every time they go for a signup, but I make it too difficult. will slow down the signups and it would be bad for user conversion or user signups. If you make it too easy, you will automate it or the bad guys will automate it and it wouldn't work.

00:23:54

(someone): Thinking back to computer vision classes from college, the idea that I had one night was, well, Really, let's just go for any task not related to our site that is easy for humans and hard for computers. And reading text is one of the classic problems for that. And I thought, well, why don't we just stick that into our site?

00:24:21

(someone): Gauss-Mick looked up for his computer and said, optical character recognition, OCR. A squiggly name is still very easy to read for a human, but computers struggle with OCR. And that was through a holy crap moment. My next move actually was to sprint out to Fry's Electronics now, sadly departed, where I bought every boxed version of OCR software available in the market to test my squiggly line introduction code to make sure that computers in fact could not OCR

00:24:52

(someone): We figured, this will be a new arms race. It's not an impossible problem to solve, but it makes it a lot harder.

00:25:00

Roelof Botha: If you've ever had to look at a series of squiggly letters and retype them to prove that you're a human, not a robot, you can thank the PayPal team.

00:27:37

(someone): The way that David Sachs, who is the head of product, describes the launch of Random Deposit, he says, it's an idea that's like Velcro. It's so good, you wish you would have thought of it yourself.

00:27:48

(someone): It's one of or two of many that we had to come up with in a hurry and without mention go literally hundreds and hundreds of ideas that we had come up with implemented only to find out that they didn't work.

00:28:00

Roelof Botha: With the implementation of these tools, gradually, we saw our efforts to curb fraud pay off. Each month, we lost less and less money to fraud. Towards the end of 2000, I thought, you know, we might just make it.

00:28:13

(someone): bookends of the miracle measure of fraud at PayPal was we were probably over 1% of all transaction processed were fraudulent, which by any measure in any stretch of imagination is a horrific number. At the time we went public, I think we were the gross margin on each transaction was probably 65, 75 basis points or 0.6%. When I was leaving PayPal, the fraud numbers were down to about 19 basis points, 0.1%, and at the time I thought that was the theoretical minimum. You really could not do any better.

00:28:55

(someone): I think one of the more remarkable things about PayPal's fraud-fighting techniques and tools is that a lot of those tools are still in wide use 20 years later, and almost nobody recognizes where they originated. And so you have things like random deposit, you have things like capture tests that we use at this point unthinkingly. We don't even consider it. And those all came about in the effort of this one tiny Silicon Valley startup

00:20:27

Roelof Botha: Every engineer was redeployed to fend off the fraudsters.

00:20:32

(someone): There is a photo that an employee shared with me. And when you look at the photo, there's a kind of room. It's got a glass window on one side. And stacked next to this glass window are a whole bunch of cardboard boxes. And then you see something you wouldn't expect, which is you see a human being sleeping on top of the cardboard boxes. It's Max Levchin. And he is there. catching precious hours of sleep or minutes of sleep while he is mid all of these fights, he's mid the fraud fight, he's mid the growth of the company, and he is sleeping on top of cardboard boxes in the office.

00:21:09

(someone): Look, in a startup, everybody is always burning the midnight hours and the work intensity at PayPal was immense. For the people involved with PayPal, that was what they lived and breathed 24 hours a day.

00:21:25

Roelof Botha: As PayPal engineers became increasingly immersed in fighting fraud, something strange happened.

00:21:31

(someone): The team at PayPal is actually communicating with its fraudsters.

00:21:38

(someone): One of the people who was creating these fraudulent accounts on PayPal somehow figured out my email address and would email me summaries of his takedowns of my latest idea. So before we got to the final version, I would get half a dozen of emails per week from this person somewhere in Eastern Europe saying, aha, you tried to rename form names in HTML and confuse me. My scripts are not confused. I create 20,000 accounts today. Sort of menacing emails.

00:18:59

Roelof Botha: And you can get a million of them. And if there's a way for you to write a computer program to automatically sign up for accounts on PayPal, add credit cards, charge them, funnel that money into a central account, withdraw it to a bank account and run off, you could make off with millions of dollars. And that's exactly what happened to us.

00:19:16

(someone): No one's ever encountered this kind of thing before, which leaves the company, PayPal, in a very precarious position. It is being defrauded to the tune of over $10 million a month at one point. And it's also not going to be able to raise more money because venture capital funding in Silicon Valley has all but dried up in the summer of 2000.

00:19:36

(someone): The tone of the market changed dramatically. Cash became hard and then impossible to raise. there was money flying out the door because of the cost of fraud.

00:19:54

(someone): Get very clear to all of us that if we were to project fraud losses, we would be out of cash and out of business basically in a few months. And so we sort of went from this is a problem, let's address it to this is a survival moment. And if we don't figure out how to destroy what fraud is doing to us, it will destroy us instead.

00:20:17

Roelof Botha: How do you fight fraud and stem losses to stabilize the business? This was PayPal's next crucible moment and solving it required all hands on deck. Every engineer was redeployed to fend off the fraudsters.

00:20:32

(someone): There is a photo that an employee shared with me.

00:02:33

Roelof Botha: Again and again, we thought the company was going to die. Three defining crucible moments in PayPal's early history played out nearly simultaneously. Just as we had wrestled one under control, another challenge reared its head. In this episode, we'll look at how a 50-50 merger nearly tore PayPal apart, how pressure to stabilize the business led to innovative fraud-fighting measures still in use today, and how a series of acquisition offers tested our team's resilience and our resolve to fight and better ourselves. You know the PayPal of today. Let's get into the early days that defined it.

00:03:15

(someone): My name is Jimmy Soni. I'm the author of The Founders, the story of PayPal and the entrepreneurs who shaped Silicon Valley.

00:03:24

(someone): When PayPal was in its infancy, it was two companies. One company was called X.com, and it was founded by a then late 20-something named Elon Musk. The other component of what became what we know as PayPal was called Confinity, and it was co-founded by Peter Thiel and Max Levchin.

00:03:45

(someone): My name is Max Levchin. I co-founded PayPal and was its chief technical officer. The company was really started around kind of this broad idea of cryptography coming to devices with small screens, of course, this mid 90s or late 90s. And so things like iPhone don't exist yet, but Palm Pilots do. And so you have this maybe possible interesting area of opportunity where things like documents and payments will have to be secured. My background was in cryptography.

00:17:40

Roelof Botha: As the two teams struggled to get along, the company's losses were out of control. We had another big problem brewing.

00:17:49

(someone): Right after the merger, the management team started to realize that our fledgling payments businesses, now combined into one, were really getting abused by what the term became known as the fraudsters.

00:18:04

Roelof Botha: This summer of 2000 was a very scary time at PayPal. We knew we had a massive fraud problem. It wasn't obvious that it was solvable. The primary source of fraud that risked our survival at PayPal was so-called unauthorized fraud. What this meant was a user who didn't actually have authorization to use a given card would enter that card into PayPal's system, charge $200 or $300, funnel that money into another account, and maybe consolidate it with a bunch of other accounts that they'd use with stolen credit card information, withdraw that money, and then they'd run off with it. So this was just theft. And so that was the primary source. And the reason this is a very scary type of fraud is it's very scalable. You can go to the dark web, so to speak, and you can purchase stolen credit cards for probably less than a dollar today. And you can get a million of them. And if there's a way for you to write a computer program to automatically sign up for accounts on PayPal, add credit cards, charge them, funnel that money into a central account, withdraw it to a bank account and run off, you could make off with millions of dollars.

00:30:51

(someone): At the time, we were celebrating first survival and then ultimately success.

00:30:57

Roelof Botha: Throughout 2001, PayPal continued to gain momentum, and we gained confidence in the quality of our business. To give you a sense of our growth, we went from roughly $8 million in revenue in Q4 of 2000 to nearly $50 million one year later, while shrinking our fraud loss rate. But with this growth came friction with eBay. Our presence on the site became a bigger and bigger issue.

00:31:22

(someone): Tension at the PayPal eBay intersection was that on the one hand PayPal was the most popular, fastest growing, most convenient way to pay for purchases on eBay. On the other hand, it was the only part of eBay experience that eBay didn't own. They did own a competing product called Billpoint, which they thought should have killed PayPal and made it or at least made it irrelevant a very long time ago. And yet somehow they failed to do so. And so as told from their side or their point of view, PayPal was throwing a party in their backyard and charging attendance and not paying any rent for it. And so we were told by their execs time and time again that, hey, this will not stand. We'll eventually build something that competes with you and make you relevant.

00:32:17

(someone): Over the course of three years, eBay does everything in its power to gum up the works for PayPal, and PayPal does everything in its power to stay alive on eBay because it's the place that's providing at that point, you know, sometimes upwards of 90% of its transaction volume. eBay would go out of their way to do changes to code on eBay's website that would make elements of PayPal stop working.

00:22:04

(someone): I create 20,000 accounts today. Sort of menacing emails.

00:22:08

(someone): It would be like a bank executive talking to a bank robber as the robbery is happening. Or someone breaks into your house and you have a delightful conversation before they steal something from you. born in part of the background of a group of fraudsters who are based in Russia and the background of the company's CTO, Max Levchin, who was born in Ukraine. And because Max is able to communicate in the fraudster's native tongue, he is sleuthing. He is visiting the forums where they spend time and share tips about tradecraft. He's in these little chat rooms and kind of picking up intel about PayPal and what people are saying about this company PayPal.

00:22:54

Roelof Botha: Finally, late one night, we had a breakthrough.

00:22:59

(someone): My name is Dave Gaussbeck and I'm one of the creators of the Gaussbeck Love Gin Test.

00:23:04

(someone): When PayPal was being defrauded in droves, one of the kinds of fraud they faced were from computers, bots, that were basically creating fake accounts by the hundreds so that they could fleece the company for its bonus payments.

00:23:19

(someone): I remember this very, very vividly. I was in a cubicle right next to dozens of cubicles of our engineering team. David Gausbeck was sort of sitting down writing code. It was late on a Friday night. And I said, we have all these horrible human beings writing scripts to sign up for PayPal. I want to make them do a puzzle every time they go for a signup, but I make it too difficult.

00:18:59

Roelof Botha: And you can get a million of them. And if there's a way for you to write a computer program to automatically sign up for accounts on PayPal, add credit cards, charge them, funnel that money into a central account, withdraw it to a bank account and run off, you could make off with millions of dollars. And that's exactly what happened to us.

00:19:16

(someone): No one's ever encountered this kind of thing before, which leaves the company, PayPal, in a very precarious position. It is being defrauded to the tune of over $10 million a month at one point. And it's also not going to be able to raise more money because venture capital funding in Silicon Valley has all but dried up in the summer of 2000.

00:19:36

(someone): The tone of the market changed dramatically. Cash became hard and then impossible to raise. there was money flying out the door because of the cost of fraud.

00:19:54

(someone): Get very clear to all of us that if we were to project fraud losses, we would be out of cash and out of business basically in a few months. And so we sort of went from this is a problem, let's address it to this is a survival moment. And if we don't figure out how to destroy what fraud is doing to us, it will destroy us instead.

00:20:17

Roelof Botha: How do you fight fraud and stem losses to stabilize the business? This was PayPal's next crucible moment and solving it required all hands on deck. Every engineer was redeployed to fend off the fraudsters.

00:20:32

(someone): There is a photo that an employee shared with me.

00:26:24

(someone): The moment of extreme triumph for me at the time was when I got an email from him basically saying, F you. And I knew it worked because he couldn't have broken it by then.

00:26:35

Roelof Botha: The PayPal team went on to build pattern recognition tools to identify and stop laundering operations. We developed a system to verify a user's bank account to make sure the person who was transferring money in or out was really the owner. Another breakthrough invention.

00:26:51

(someone): Sanjay Bhargava, who was recruited by Elon to work at x.com, who was on a walk with a colleague, Todd Pearson. They were noodling on this problem of how do you verify and authenticate bank accounts? And Sanjay said, well, what if we give people two deposits and then it's a code? It's a four-digit code.

00:27:09

(someone): So you would have two transfers into your bank account, let's say for $0.1235, and then you'd be asked to enter it back in at the PayPal site. You would basically have to type in $0.1235, kind of similar to the four-digit PIN codes people get all the time now with SMS verification.

00:27:26

(someone): The person standing next to him while they're on this walk for coffee, Todd, looks at Sanjay and says, you are a genius. And they get back to the office, and they start building that technology right away. The way that David Sachs, who is the head of product, describes the launch of Random Deposit, he says, it's an idea that's like Velcro. It's so good, you wish you would have thought of it yourself.

00:24:55

(someone): It's not an impossible problem to solve, but it makes it a lot harder.

00:25:00

Roelof Botha: If you've ever had to look at a series of squiggly letters and retype them to prove that you're a human, not a robot, you can thank the PayPal team. That's the Gauss-Pick left-chin test, now considered one of the earliest uses and first commercial application of Captcha.

00:25:16

(someone): I stayed up for three days writing code with no sleep, trying to bring it to the side as quickly as possible.

00:25:22

(someone): There was a 48-hour coding, crazy, you know, caffeine-fueled marathon in which David and Max build this technology to defeat these fraudsters. And it just sort of happens over a weekend, and it is intense. And at the very end of it, when the technology is deployed, a bedraggled Max Levchin takes a big speaker and hooks it up to his computer And he turns on Riot of the Valkyries as a celebratory anthem for having developed the technology and defeated the bots, or at least some share of the bots.

00:25:55

(someone): It had the exact desired effect. The real-time account creation fell off by 50%, which we knew half of the accounts that were being created were actually fraudulent.

00:26:05

(someone): Easy, automated, high-volume attacks just instantly shut off. And Igor, who had been taunting Max and sending these emails about how he would always win and he was smarter than our development team and all of this.

00:26:24

(someone): The moment of extreme triumph for me at the time was when I got an email from him basically saying, F you. And I knew it worked because he couldn't have broken it by then.

00:29:17

(someone): We don't even consider it. And those all came about in the effort of this one tiny Silicon Valley startup

00:29:26

(someone): One of Peter's favorite expressions is this is an experiment you can only run once. It's very hard to tell whether we could have or should have done anything particularly differently relative to what eventually ended up happening. Maybe if we had prevented fraud really successfully from day zero, we wouldn't have been able to grow as quickly and as well as we did. And so maybe we're in fact better off having a Having gone through this sort of a moment of near death by a thousand paper cuts by these bad prostitutes, perhaps we could have done better by telling everyone, you know, what do you need to fax us your driver's license and, you know, show up to our office and log in in person to prove that you are who you say you are. Really hard to tell. I think the general pattern of lean in, get bruised but not killed by adversity, figure out how to get out of it, do it again. It's a pretty good formula for startups. I think it becomes harder and harder to do when you have a lot to lose, but we were at the time probably still very close to failure in just all kinds of other ways. And the fact that we grew very quickly and we had lots and lots of very happy, legitimate consumers, pushed us on to invent a way to remove fraud and bite it. At the time, we were celebrating first survival and then ultimately success.

00:30:57

Roelof Botha: Throughout 2001, PayPal continued to gain momentum, and we gained confidence in the quality of our business.

00:27:37

(someone): The way that David Sachs, who is the head of product, describes the launch of Random Deposit, he says, it's an idea that's like Velcro. It's so good, you wish you would have thought of it yourself.

00:27:48

(someone): It's one of or two of many that we had to come up with in a hurry and without mention go literally hundreds and hundreds of ideas that we had come up with implemented only to find out that they didn't work.

00:28:00

Roelof Botha: With the implementation of these tools, gradually, we saw our efforts to curb fraud pay off. Each month, we lost less and less money to fraud. Towards the end of 2000, I thought, you know, we might just make it.

00:28:13

(someone): bookends of the miracle measure of fraud at PayPal was we were probably over 1% of all transaction processed were fraudulent, which by any measure in any stretch of imagination is a horrific number. At the time we went public, I think we were the gross margin on each transaction was probably 65, 75 basis points or 0.6%. When I was leaving PayPal, the fraud numbers were down to about 19 basis points, 0.1%, and at the time I thought that was the theoretical minimum. You really could not do any better.

00:28:55

(someone): I think one of the more remarkable things about PayPal's fraud-fighting techniques and tools is that a lot of those tools are still in wide use 20 years later, and almost nobody recognizes where they originated. And so you have things like random deposit, you have things like capture tests that we use at this point unthinkingly. We don't even consider it. And those all came about in the effort of this one tiny Silicon Valley startup

00:17:40

Roelof Botha: As the two teams struggled to get along, the company's losses were out of control. We had another big problem brewing.

00:17:49

(someone): Right after the merger, the management team started to realize that our fledgling payments businesses, now combined into one, were really getting abused by what the term became known as the fraudsters.

00:18:04

Roelof Botha: This summer of 2000 was a very scary time at PayPal. We knew we had a massive fraud problem. It wasn't obvious that it was solvable. The primary source of fraud that risked our survival at PayPal was so-called unauthorized fraud. What this meant was a user who didn't actually have authorization to use a given card would enter that card into PayPal's system, charge $200 or $300, funnel that money into another account, and maybe consolidate it with a bunch of other accounts that they'd use with stolen credit card information, withdraw that money, and then they'd run off with it. So this was just theft. And so that was the primary source. And the reason this is a very scary type of fraud is it's very scalable. You can go to the dark web, so to speak, and you can purchase stolen credit cards for probably less than a dollar today. And you can get a million of them. And if there's a way for you to write a computer program to automatically sign up for accounts on PayPal, add credit cards, charge them, funnel that money into a central account, withdraw it to a bank account and run off, you could make off with millions of dollars.