[tyingq]

PayPal has a similar problem. They do really loose string matching on the OFAC list[1], for any data, in any payment field...even a comment. Match a magic string in a comment, and your PayPal account gets locked down in a way that's very hard to undo.

[1] https://www.treasury.gov/resource-center/sanctions/sdn-list/...

[vultour]

Yeah this was a big thing back in the heyday of CSGO skin trading. Putting the word "damascus" into a transaction comment would get your account locked.

[myself248]

Which seems inept, as "Damascus steel" is a sought-after material for knife blades.

[andybak]

How loose is the string matching? That list looks full of incredibly common names from around the world.

[tyingq]

It seems pretty damn loose, but of course, it's hard to test since the outcome ruins your PayPal account. I found this: https://m.imgur.com/a/RnpRm

[WrtCdEvrydy]

that's what the SDN list really is, just some common names of people, organizations and countries.

it's up to you to figure out how to turn that into not selling to the wrong people and going to prison.

[tyingq]

True, but that doesn't seem like a good excuse for a dumb grep-ish solution on all fields.

Some smart terrorist is going to legally to change their name to "Thank You" and screw PayPal :)

[WrtCdEvrydy]

Because there's no downside to doing it this way while a lot of upside for 'being tough on terrorism'.

Good luck if someone sends you a payment for 'Cuban food' or 'Iranian Weapons of Mass Destruction'

[Shank]

There’s already a story about Venmo seizing money from someone who used “ISIS beer funds” in a comment: https://www.inverse.com/article/13700-i-wrote-isis-beer-fund...

[tyingq]

USA Family owned dance studio: https://imgur.com/a/QjQYCst

Imagine the bullshit they've had to deal with, on many angles.