I recently noticed that I had received a small deposit in one of the wallets I have registered with Freewallet.org (an XMR wallet). I have had an account with them since 2017, but have only made/received a handful of small transactions since then, all of them under . 2fa is enabled on my account (and has been working normally for a long time).
Yesterday I tried to withdraw the XMR from my Freewallet, and after successfully entering the Google Authenticator code, it said I also needed to confirm the withdrawal via email, so I did that, too. It said the transaction was pending, but when I clicked on the details, I noticed it said "failed." So, tried again, and it played out exactly the same aa the first time. So, I submitted a support ticket.
Support responded a few hours later and said my account had been suspended due to suspicious activity, and I would need to verify my identity in order to re-activate my account and be able to attempt the withdrawal again.
Now, keep in mind the total amount of my withdrawal was for about the equivalent of (US). Flagging my withdrawal and requiring me to pass an identity verification procedure over a transaction is obviously absurd, but to be a good sport, I went ahead and followed the link to initiate the identity verification.
I was required to take two photos of my ID, front and back... pretty standard. I was alsp required to then take a selfie holding my ID and a piece of paper on which I was required to hand write "Freewallet.org" as well as the date and the email address associated with my account. So, I did all that, and it said that the verification was complete and pending review. Once it was reviewed and approved, presumably, I would then be granted access to my four dollars.
I let Freewallet support know that I had completed the verification (because they told me to tell them when it was complete). Then, they responded with a new set of requirements that I was expected to fulfill. This is what is known as moving the goal post. This new challenge required me to take a new selfie, this time holding a new note, which was to read: "Attention! I confirm that I am the Freewallet account owner by taking a photo with this picture.
I also realize that if I am not the Freewallet account owner, I am participating in criminal activity by taking a photo with this picture." Oh, and in my other hand I was told I needed to be holding my phone with the Freewallet app open and my account info displayed visibly on the screen.
Now, forget about the fact that taking this photo would require that I enlist the aid of another person and another phone (to take the new photo). All of that is pretty absurd. But the thing that baffles me the most about this hoop jumping exercise is the fact that it was all triggered by A FOUR DOLLAR TRANSACTION.
They even included a little cartoon example graphic of some poor guy holding up the note in one hand and his phone in the other with a fearful yet ingratiating smile on his face.
Hopefully this is just another fraudulent company stealing from its customers and you guys don't actually think that this policy is the slightest bit sensical (let alone sane).
Enjoy the .
Oh I almost forgot the best part, their response when I refused to satisfy the new requirements:
"We understand that providing the requested photo may be challenging for you"
LOL
Desired outcome: Give me my four dollars. Or at least apologize for the insulting, demoralizing, and ever expanding verification requirements. That is not a verification procedure, that's a carnival game.
I understand the rationale behind KYC policies/procedures. Why would you think any of that should apply to an account/transaction with a total value of $4? Or do you subject all accounts/transactions to these extensive verification procedures? Can you give me a good reason why you would flag transactions of negligible amounts in this manner? Or is it possible that your standard protocol is to flag ALL transactions and freeze ALL customer assets and then demand unreasonable verification procedures be complied with in order to discourage and hopefully permanently separate your customers from their rightful property?
The ticket number is 475672.
"We cannot disclose the reason for the suspension; it can put all our users at great risk of hacking attempts."
No, you cannot disclose the reason because there isn't one. Not a valid one, anyway. So if you specified, it would be subject to scrutiny which it would of course fall apart under.
"Please get back to the support ticket and follow our reps' instructions to complete the procedure."
No. You have all of my information. I have correctly provided all passwords, passed 2fa checks, etc. You have a selfie of me holding my ID with a handwritten note with the date clearly visible. Explain to me why you would need anything further to grant a $4 withdrawal? You can't, because you wouldn't.
This has bern a public service announcement. Stay far, far away from Freewallet.
As a bonus, here is the graphic they provided that illustrate their additional demands. Hilarious.
NOTE: If FREEWALLET is currently holding your crypto hostage, skip to the end of this update for info on what you can possibly do to get it back (without submitting to their insulting ID verification requirements or hiring a lawyer)
First of all, selfie identification procedures are no longer compliant with current AML/KYC regulations. Video streaming identification is the standard, now. So, since your elaborate selfie identification requirements do not actually even satisfy any current AML/KYC compliance requirements, why do you still implement them? One reason might be because they discourage users from completing the process. Your requirements are asinine and frankly embarrassing, and no one with any self-respect is going to scoff at the idea of multiple selfies holding multiple documents. You even require the user to be holding their mobile phone in the selfie showing their logged-in account info. That one isn't even possible to comply with unless the user happens to have two phones or is willing to ask someone else (who has also has a phone) to assist them with it. None of this adds any real security, and all of it discourages users from completing the process, which is obviously your real objective.
I created my account in mid 2017. Since then, I have logged in only a handful of times, and always either from the US or Canada. I reset my password one time about two years ago, and prior to this withdrawal request I only ever made one other withdrawal request for an even smaller amount (that withdrawal was somehow miraculously approved without any additional verifications being imposed). I have had an authenticator 2FA enabled for years on the account. It is still enabled, I successfully provide the 2fa code every time I'm prompted to do so. The account has never been compromised, or associated with any kind of illegal activity (or any significant activity, for that matter). My email has been verified since the day I created the account. I have one current active session (and it is legitimate). And as I have stated before, the withdrawal I requested was for an amount equivalent to about $4 USD.
One thing that has been markedly absent from your evidenciary demands is any documentation regarding the source of the $4 in my account. But that is not surprising, considering the funds came from Minergate, a mining platform regarded by pretty much everyone in the industry to be a fraudulent outfit (or at best, an objectively incompetent one) that actually recently shut down, presumably under the crushing weight of the countless claims of fraud from its users and other companies that have engaged with them in any capacity. So, you already know the source of the funds. Maybe thats why the transaction was flagged? Because the funds came from one of the fraudulent other companies that your fraudulent company is affiliated with? I guess you got me there. Touche.
You are freezing funds from accounts with little value because you know the people who created those accounts won't have sufficient motivation to satisfy your carnival game-esque challenges (that are seemingly designed to discourage users and ultimately cause them to abandon the absurd ID verification procedure altogether and subsequently forfeit their crypto property.)
So, to summarize:
1) The identity verification procedures you demand from users that you claim are in place to comply with AML/KYC regulations are actually not even conpliant since they rely on selfie-based identity verification.
2) There are countless complaints from your customers (here and elsewhere online), way too many for them all to be the result of false positive fraud detection failures. There is even an entire website dedicates to documenting the fraudulent practices of your company. Many of the transactions you flag are for negligibe amounts, meaning they are low-risk transactions, which means the cost to authenticate them is not economically feasible. Unless of course they cause frustrated users to ultimstely surrender their crypto...in which case there would be great incentive to do so.
So, instead of repeating yourseld for a 3rd time, please address these two points. I will further sunmarize, in case there is any confusion:
1) Why are you implementing non-AML/KYC-compliant "selfie-based" ID verification procedures? If it doesn't serve to satisfy your lawful obligations in that regard, then what purpose does it actually serve?
2) Why are you flagging accounts for fraud that contain less than $5 worth of crypto?
The following and final section of this update is not for Freewallet but rather for the disgruntled and/or defrauded customers of Freewallet past, present, and future who may stumble upon this complaint...
HOW TO GET FREEWALLET TO RETURN THE CRYPTO PROPERTY THAT IS RIGHTFULLY YOURS
Freewallet's terms and conditions contain a clause that basically says if your account is terminated, they will return any funds in your account to you. There is a caveat, of course. Here is clause:
"6.9.
In the event of termination, Freewallet will return any crypto assets stored in your Freewallet Account and not owed to Freewallet, unless Freewallet believes you have committed fraud, negligence or other misconduct."
Obviously "other misconduct" is intentionally vague, but if you close your account and they refuse to return your funds for any reason, they will legally obligated to substantiate the claim of the alleged "fraud, negligence, or other misconduct."
As soon as Freewallet support returns to this complaint to, I assume, repeat themselves for a 3rd time (again without actually addressing the above concerns in any substanitive way), I will be requesting they close my account and return my four dollars.
"According to European AML directives and regulations, we always request a specific list of documents."
Where do the directives state that compliance is mandatory for transactions under 1,000 Euros (or in this case, transactions worth apprx $4)?
Freewallet has yet to respond to my question regarding AML Regulations. I have requested via email that they close my account, they responded with the same generic request for additional identity verification material. I responded with quoted sections of their T&C that essentially say that if an account is closed for any reason (including user request), then they will return any outstanding balance to the user as long as they don't suspect them of committing a crime. They have yet to respond to (or even acknowledge) this information.