Photo: mlaakerEvery time we pay for something over the internet – as anyone who loves technology and gadgets surely does – many of us still shrivel with fear inside. Some are just aware of identity theft and the army of fraudsters lurking in the system. Some may have established and maintained internet merchant setups, and know how byzantine and self-serving that system is. In the last day or so, two seemingly trivial discoveries made me cringe. 1. PayPal asks for a bank or credit card number before letting you close a PayPal account. PayPal then takes $1.50 out of that bank account, so that you can prove it's yours by reporting to PayPal the secret code it leaves in the transaction details there. PayPal will then refund the money within 24 hours – to the PayPal account you just shut down! 2. At the Authorize.net payment processor, if you try to refund two payments for the same amount from the same customer (for example, recurring subscription payments from sequential months), the system frequently thinks you're trying to refund the same transaction over and over again, and refuses to cooperate. Two trivial events, for sure. And they're not even the kind of thing that consumers are likely to ever confront. But they're perfect examples of how half-arsed and error-strewn the business of taking people's money online remains in 2007. Consider that these companies now manage the transfer of colossal sums of money. Banks and credit card companies complain publicly about intermediaries like PayPal and CC processors. The truth, I suspect, is that they rely on them to soak up legal liability inherent in the messed-up world of card-not-present electronic transactions. When you (either merchant or customer) get done over, who do you blame: shifty fraud-encouraging transaction skimmers like eBay and PayPal, or the banking industry types, such as VISA and Mastercard, which maintains the obsolete system that facilitates it all?