| Leading Payment Engineer of one the most aggressive challenger banks in EU here: - first, SEPA has several message types - SEPA SCT: A standard transfer, usually settled the next day - SEPA SCT Inst: a realtime transfer, to be settled within 10 seconds max (check rulebook on ECB website) - SEPA SDD Core: Direct debit, this can be used to pay your utility bills e.g.; though you can revert this one up to a couple of month - SEPA SDD B2B: Direct debit for businesses, this one can't be reverted as you gave an explicitly signed permission to execute those (this one is used between businesses) So, my idea here would be that COINBASE is supporting/using a partnerbank/PSP which allows SEPA SCT Instant. Regarding fraud: - if one gets aware of your IBAN, the other party can try to pull an SDD, thats right. But: you can claim this one at your bank and you will be refunded immediately. (with SEPA SDD B2B, this wouldn't be possible as you would have a signed a permission) Though, unless a fraudster is counterfeiting your signature, no one will pull a SEPA SDD B2B. But, sure: Check your accounts regulary. - regarding SEPA SCT Instant: To execute such transaction, you need to verify it by 2FA. If you give permission on your 2FA device, the money is send out. - what if you do a typo with SEPA SCT Instant or if someone get somehow around your 2FA? In this case, you could reach out to the other bank with a so called R-Transaction, though if a fraudster is aware of all this, i'm pretty sure the person is capable of managing the rest of the track to pull the money out by doing additional subsequent transfers to other banks P.S.: As far as i can see, Coinbase is not running through us, you may check your bank statement to see which way the money went ;-) |