Posted by William Charles on July 9, 2017
Misc

Published on July 9th, 2017 | by William Charles

52

Issues With Drop – A Warning

Yesterday we posted about drop app (this is a card linked loyalty program). Some readers didn’t think we were being fair in our post and should have also outlined the issues users are currently facing (something that Miles Per Day also pointed out). I thought about updating that post, but most readers don’t reread posts so figured that a new post should be in order. At the moment Drop seems to be facing lots of problems, such as:

  • Untracked/undertracked purchases
  • No replies from support
  • Redemption not being issued (or an error message when you try to redeem points)

Those are all significant problems and issues and Drop needs to address and remedy them immediately. I suspect they were simply not ready for the volume and type of transactions that a lot of users were/are making. It’s also worth pointing out that we received $1 per user that signs up to Drop (as disclosed in our post), I asked them if they would instead give our readers a bigger sign up bonus (something we always try to ask and push for) and they declined.



52
Leave a Reply

avatar
 

  Subscribe  
newest oldest most voted
Notify of
Patrick
Patrick

DoC, thanks for always being transparent and doing what’s best for your readers. Much appreciated.

IOException
IOException

:thumbs up:

Bungy
Bungy

Hey DoC, I respect your blog and the info you give to readers for free, but something is really really off with drop.

My account is frozen with 75,000 points since the 3rd , I got no email and no response from the company. In addition, this is an overseas (Canada) startup that has ALL of my bank info. I’m changing my passwords soon if this isn’t resolved. I honestly can’t recommend this program right now.

Mimi
Mimi

if I were you, I’d change PWs now instead of waiting for a resolution. It wasn’t a good idea to give them access to bank accounts in the first place but hindsight is always 20/20.

I didn’t jump on this bandwagon for that reason, I felt it wouldn’t last and I’m glad I trusted my gut feel.

Alex
Alex

I would be more worried with debit card/ checking info, since while with that they could transfer funds out, but if someone can access my credit card account, it’s not like they could actually use my credit card. Although I understand there some damage to be done especially if they impersonate me but usually that requires some kind of additional authentication like 3 digits on the back or last 4 of SS

cm

Canada is overseas? LOL that!

Seriously, it’s just a startup, like any other. Their country of origin has little to do with their success or failure on the grand scheme of things. Also, as per their FAQ, they don’t have your password — transaction sourcing is outsourced to the same vendor that Mint.com uses. I see no reason to not believe such claim.

Tim W.
Tim W.

For anyone trying to put volume on it, Drop should be seen only as a speculative play at this point. It seems like anyone with $500+ purchases is getting locked down. Maybe they’ll pay out eventually, but I wouldn’t bet on it. There’s no way that we are profitable for them. It is frustrating; I personally changed some small amount of my spending (about $1,000 at Walgreens) because of their app.

I have had Drop for about two weeks now, and while the first $3,000 in purchases tracked, my first $15 redemption has clearly been intercepted before being emailed and has been held in limbo for going on a week now, and I’m missing $2,200 in recent purchases from Whole Foods. Surprisingly, referrals and that snake game are still working and giving points, but no purchases are. I don’t think it matters, since the reward won’t be sent regardless.

For those concerned with their login information though, I believe that to be overblown rhetoric. We’re all upset that they’re not paying out, but let’s not act like that means that they’re going to steal all of our information. They use a reputable third party company that specializes in this sort of thing. Drop itself doesn’t have access to the data. You could question the third party itself, but they seem to be doing alright for themselves and don’t have much incentive to be fraudulent. This is the same company that handles Robinhood investing and Mint’s data.

NoonRadar
NoonRadar

It’s one thing to give your credit card number to an app (that’s the typical apps offering this kind of rewards) that promises much higher rewards than the competition, it’s another thing to trust such a startup app with your banks’ login & pass.

Some of us expressed concerned abt the security & intentions of this generous-sounding startup app from the get-go https://www.doctorofcredit.com/drop-app-earn-rebates-top-merchants-linking-credit-card-2-amazon-1-5-uberlyft-1-walmarttarget-many/#comment-425618

Many though seemed to be of the mindset of oh well, will sign up now and worry about all of that later. Let this be a reminder for future offers with huge security wholes/models & risks and/or too good to be true offers.

NoonRadar
NoonRadar

*security holes not wholes lol

NinjaX
NinjaX

exactly. this has much wider implications than just cyber security which nobody really paid attn to anyway.

their rejection E-Mail specifically called out MSers and now their engineers are programing new algos. cmon guys. did you really think this was gonna be successful? we all gave the warning awhile back that nobody should be adopting this program early. just sit and watch first. i dont the like cyber security risk and i dont like how they call out MSing and “Churning”. Meaning this game is way over exposed as is. Remember Alaska blaming travel hackers? Remember ShopKick = DropKick to the face? Well Drop is no different.

Good luck everyone.

NoonRadar
NoonRadar

Thing is, the people behind this app knew from the start they were being promoted by blogs catering to MSers and churners, they even thanked them for the promotion, like here thanking MaximizingMoney: twitter.com/EarnWithDrop/status/877959939305725952

My guess in regards to curbing churners is what some of us suspected from the beginning (same reason why they wanted login info, not just cards’ numbers); they got a bunch of people’s data and after that they decided to pull a Northpointe, that is introducing clauses to deny people the rewards if they saw fit.

Jim
Jim

I mean, I’ve done no MS on the cards involved and I’ve redeemed points for one $5 GC. And on my attempt to redeem for a second $5 card, it gives an error. They’ve clearly stopped paying out at this point.

Tim
Tim

Thanks for this update DOC. Your responsiveness to your readers (in addition to all the other useful info) is part of what makes you guys the best in the biz.

I’m glad they’re communicating with you and I’m keeping my fingers crossed that they pay out for purchases that we’ve already made.

I don’t expect that they’ll allow MSers to continue without implementing caps/lowering payouts/or possibly just closing up shop.

I’m not too terribly worried about it because I would’ve done the MS either way; instead of doing my $6k at CVS, I went to Walgreen’s instead. If they payout, it would be a great bonus. If they don’t, I’ll get over itpretty quickly. It’d just be nice for them to communicate one way or another.

MSer
MSer

Seems like Drop stopped paying July 1. I have several hundred thousand points in limbo – they unilaterally deleted all my pending points after July 1 (without notice) and replied “for my security” they were freezing my account (conveniently failing to reply as to why my pending points vanished). No word from them since. Scumbags.

Ben
Ben

Well I just signed up and there is no option to choose Amazon as on of my 5 stores anyone notice this?

ihg newbie
ihg newbie

why would anyone give up their bank log in information for some compensation to a stranger whether it be a loyalty program or a third party?
so they say your information is safe and secure. how do you know that they are telling you the truth? i don’t know about you but i would never take a chance with my bank info.

CM

+1. I don’t understand why would anyone use either this one or Mint.com. Who knows that their vendor is going to do with your info.

On the other hand, apart from transactions themselves, quite a bunch of CC info is already semi-public info, e.g., address, balance and CL, so, perhaps we’re being overactive?

ihg newbie
ihg newbie

i am talking about your bank log in information. if i am not mistaken, drop requires you to provide them with your bank log in info. that’s just crazy.

CM

Yes; read their FAQ, the login info gets outsourced to the same vendor that Mint.com uses, too.

It’s quite amazing how people just volunteer such info! Isn’t it also against the ToS of most online banking? Usually, you aren’t allowed to reveal passwords to anyone.

M
M

Folks who have made this blunder should empty out those accounts, report them compromised to the bank, and closed. Changing login credentials now is pointless. All personal info was harvested the millisecond they gave out the account access. It’s probably in Ukraine by now.

Phill
Phill

I can’t disagree with these statements but I think it’s a bit overzealous to make such accusations in regards to a shake down on someone’s bank account from Drop. I see no harm in the login factor and I believe no one else should as well. If you do well simply change your passwords and move on. It’s not like wire/ACH’s can’t be tracked if one fears of monetary loss (excluding what was rightfully earned from the actual program).

MontyFC
MontyFC

A lot of companies involve 3rd parties to handle sensitive data as they may not have the resources and knowledge to build all the safeguards against potential breaches.

For example, my employer uses a 3rd party for credit card processing. Only last 4 digits, expiration date and a mapping key is stored in our database and the 3rd party has the real information. This 3rd party is a subsidiary of a big bank and their bread & butter is protecting credit card data.

I haven’t looked at Drop, but they may be doing something similar to reduce their liability. They may just be storing a mapping key while rest of the information is being stored w/ the 3rd party (which as others have pointed out is the same one Mint.com uses). If one uses password managers like Last Pass, then its same story – they also store passwords for you.

Having said that, the most secured way is to have OAuth capability where you can give these financial aggregators just your username and a token; and they can fetch data from the bank using that information. This requires banks and other financial institutions to build this capability and not everyone is interested in spending that money. The only exception is Capital One 360 which generates an access code. As this would be an API call, implementing 2FA may not be possible.

Everyone’s risk appetite is different and it all comes down how a company’s security has been implemented. Like I said, I haven’t used drop, but I do use Last Pass and Yodlee and they do have my passwords stored. The former was vetted by my employer’s security team before giving us the green signal, while the latter is accessed through Fidelity 401k.

Charles
Charles

https://blog.earnwithdrop.com/dear-millennials-drop-your-debt-like-yesterday-543c834c77f0

Looks like a similar business model to Mint. Advertising financial services. Drop App website looks really good – decent size team. Will be interesting to see what happens. I suspect they didn’t take into account MS. Perhaps they should limit the rewards to an annual amount.

IOException
IOException

I reread stuff all the time, but not usually on purpose (unless I bookmarked it cuz it is something I wanted to do, but didn’t have the time to delve into).

I’m also pretty stupid. 😛

Tim W
Tim W

I sent in a support email asking when the reward redemption error would be cleared up. They responded with..

Hey there,

We’re working on this bug right now and we believe it should be resolved next week.

Thank you for your patience during this time,

Drop Team

Toby
Toby

they emailed me yesterday and said “Hey there,

Your rewards are being processed, it is taking longer than usual! Please be patient with us.

Drop Team”

I’ve been waiting about 2 weeks for stuff, my points have stopped accruing, and i’m unable to redeem anything at this point. They also emailed me earlier this week and said “Hey there,

Our rewards provider is having a technical issue which is causing these delays. We expect the rewards to go out within the next week or two.

Sorry for the inconvenience,

Drop Team”

That’s definitely not true as I spoke to Giftbit. So something shady is definitely going on and Drop doesn’t have the sense to send out a communication email with an explanation. I referred probably 30 users to the service and they don’t have the decency to give me a real support response. Quite disappointing

Dan T
Dan T

I can’t blame them for wanting to hide what is going on behind the scenes, but I think the vague truth would have been better (i.e we had to temporarily suspend rewards due to some problems we are addressing and will restore as soon as possible). Social media is a dangerous weapon when a company is caught in a lie.

Nick
Nick

I got 2 $10 Amazon gift cards a couple minutes ago that I requested July 8th. My pending whole foods transactions are triple what they should be so I’ll see what happens on that. I didn’t link bank accounts, just my amex cards I was already using at whole foods for the extra MR point. I’m going to give them a little more time and see what happens.

Ymx
Ymx

I noticed that if you have multiple amex logins connected (say, a spouses login) it will count the purchases twice if the same card appears in. Org the master account and an AU account. I immediately deleted the AU login so that it wouldn’t be flagged. Anyone else notice this?

borntobehermit
borntobehermit

I have already reached 10,000+ points and I don’t see any rewards in my app. Is it normal?
I posted a screenshot:
http://imgur.com/a/wrROA

Chuck

I think they debited some people’s points due to manufactured spend usage.

borntobehermit
borntobehermit

Chuck, there was a bug in their code. I talked with their customer support and they got it fixed in 1-2 days. So it all worked out for me.

Chuck

Glad to hear

Charles
Charles

I signed up a week ago or so before the warning came out.

Transaction are being tracked. Bonus points are posting. I haven’t tried to cash out yet.

The app is actually quite nice and user friendly. Also, got my first ad in there – so I suspect that is the business model. Something similar to Mint or Credit Karma.

JJ
JJ

When I opened drop today, it said I had no linked cards and was thus not earning points. I had previously linked 6+ accounts.

Back to Top ↑