I know that Altcoinstalk allows advertising mixers and that's the reason many accounts from Bitcointalk have migrated there to continue earning fees from such advertisement. I assume that's also what you are doing. If the coins have in the past been connected to mixers and coinjoins, that might be the reason your payments are being rejected. Unfortunately, too many services have bought into the whole 'taint' problem and some coins are worth more to them than others. You could easily test if that is true by making a payment using an UTXO that doesn't originate from something these gullible service providers would classify as tainted.
I was stupid and wanted to see if it was a temporary issue (fully knowing I might lose money), so that yesterday I attempted the same kind of order again for 20 GBP (pounds) and broadcast it, the payment got rejected again and this time, it confirmed too fast for me to reverse it.
This led me to contact Coingate directly for an explanation and what should come to the surprise of absolutely nobody, they stated the reason was due to AML / CTF compliance.
These guys really think I'm laundering money
Let's do a comprehensive blockchain analysis on my own wallet to see where my coins came from (because I suspect Coingate's AML checker is bullshit). This will be slightly harder as it just so happens that I didn't label any of the outgoing payments in the chain. I label my inflows and outflows nowadays in Electrum, but the older payments did not have this metadata, but I keep all my emails and receipts.
<mixers will appear many times in the following content, but all these references are strictly for documentation purposes only.>
Our first transaction of interest is ee2b5d3096143f23f4bd7b03a028b92ce3699b5247d178f86ba6a9c05c704a68 as this ultimately feeds into the Coingate address. We see many addresses funding it from what might look like a mixer, but don't worry, these are just my signature campaign money.
Corroborating this with signature campaign topics and my private messages, I see that the inputs come from the following sources, in order they appear in the UTXO set:
Input 1: Altcoinstalks - Thormixer signature campaign (bc1qp5cxplrwpttsszltyfv2hlqaysr7dphqg2a780)
Input 2: Altcoinstalks - Thormixer signature campaign (bc1qp5cxplrwpttsszltyfv2hlqaysr7dphqg2a780)
Input 3: Altcoinstalks - Thormixer signature campaign (bc1qp5cxplrwpttsszltyfv2hlqaysr7dphqg2a780)
Input 4: Altcoinstalks - Thormixer signature campaign (bc1qp5cxplrwpttsszltyfv2hlqaysr7dphqg2a780)
Input 5: Altcoinstalks - Thormixer signature campaign (bc1qp5cxplrwpttsszltyfv2hlqaysr7dphqg2a780)
Input 6: Altcoinstalks - Thormixer signature campaign (bc1qp5cxplrwpttsszltyfv2hlqaysr7dphqg2a780)
Input 7: Altcoinstalks - Thormixer signature campaign (bc1qp5cxplrwpttsszltyfv2hlqaysr7dphqg2a780)
Input 8: Altcoinstalks - Thormixer signature campaign (bc1qp5cxplrwpttsszltyfv2hlqaysr7dphqg2a780)
Input 9: Altcoinstalks - Thormixer signature campaign (bc1qp5cxplrwpttsszltyfv2hlqaysr7dphqg2a780)
Input 10: Altcoinstalks - Thormixer signature campaign (bc1qp5cxplrwpttsszltyfv2hlqaysr7dphqg2a780)
All payments received between August and October 2024.
bc1qp5cxplrwpttsszltyfv2hlqaysr7dphqg2a780 is only used for Altcoinstalks signature campaigns.
But any mixer such as Thormixer that is using the Jambler software gives you 0-25% AML coins, which are not supposed to be traceable since they're just selling you exchanges' and miners' coins (Here's proof that I have created several months ago), so either the alarm bells are in one of the outgoing transactions, or Coingate thinks every wallet aggregation is "money laundering". There's also a third possibility, that the campaign manager fumbled the coins before sending them to us, but I don't think icopress would do such a thing, so I'm discounting it.
Now there's something you guys need to know about modern AML checkers - they cannot identify clusters of wallets, if the wallet uses BIP44/BIP49/BIP84 derivation paths like Electrum and many others that don't simply reuse the same address - unlike, for example, Atomic Wallet, and most exchanges. This means they are not smart enough to know whether funds are going to another change address, or to a completely different wallet. That also means they only investigate the immediate ancestors of a transaction. If they were to try to check all of the outgoing address in the transaction tree branch, they would run out of memory. But we are getting side-tracked here.
So in other words, I'm going to inspect only the payments I have made in each transaction leading up to our Coingate transaction right here.
ee2b5d3096143f23f4bd7b03a028b92ce3699b5247d178f86ba6a9c05c704a68 - 2024-10-11 05:42: This is a payment made to Paywithus for a card refill. Change address bc1qkj3grw7g7vg6cprkr8qlxfug2qdwr4l8r49pqn.
3a27670295169c4382c5e0a052b046cbe8a182834d2b71c2ffaa6434e3448faa - 2024-10-16 05:47: Sent to my server supplier Hosting By Design for renewals. Change address bc1q70u5r5shcp9lende35r4tnz2dl0ar7uzlf4zjr. Processed by Coingate. Change address bc1q70u5r5shcp9lende35r4tnz2dl0ar7uzlf4zjr.
553b5571cd0fa53c81f37690590a876f1c92e7d582957af834dbebfd4fa0b4dc - 2024-12-18 06:31: This is an order to MyNymBox, for the server that was supposed to be running the Talksearch backend. I ended up never using it. Change address bc1qzda2jzgl8spv93f498esuydjud3rjht764lt60.
51e744ca11cb73213e2ec88abb29559efcaabac29bc9abe74ef82573e0f588ee - 2024-12-18 06:45: Later that day, I bought an iTunes $50 gift card from Coinsbee. Change address bc1q8gxnvt4xeg27nlnu89qss5dsf07u0n8dcz55ap.
179f561dd73717f9b6e8a90fafdc12fa5c2848ed3fc85a12c9d2891fe12d722b and f3fcf0a228dafe63bb45500db418d426c88bcdbf2790d92d3692fc4dc9bf9541: These are the ill-fated transactions I tried to send to Coingate a few days ago. One rejected and double-spent, the second one rejected and lost.
Conclusion - I strongly believe that Coingate is hiding the real policy behind rejecting my transaction. First by using "transaction expiration" as an excuse, and then claiming "AML compliance". My suspicions are further raised by the fact that they replied to my 1-star Trustpilot review a few minutes after sending me an email which I will show you below. Something shady has definitely happened at the company and I have reason to believe that this move is just to save face with regulators.
So apparently they had no problem with processing my earlier payments, much larger up in the transaction tree, but suddenly April rolls around and they suddenly decide "yeah, let's start rejecting people's payments for compliance reasons"?
I have a reason to believe that Coingate would have processed the order had I sent funds that were directly mixed from Thormixer (I explain why above). The fact that they rejected it after it goes through a few change address tells me everything I need to know about their AML checker - it's a piece of crap. I also checked these last two addresses with AMLbot and other checkers, most of them say "low risk", and the worst I get is "medium risk".
I know AML compliance alerts can't suddenly appear given this payment history, so I intend to challenge them with a follow up reply demanding previous payments were being processed, in that case. Not that I expect to win over internal company policies, but it will be interesting to see their hypocrisy on this subject.
All this is typical and to be expected from centralized services that handle lots of money, but it's mildly annoying only because my seedbox provider has a no-KYC policy, and they were actually surprised to hear that I was stopped for AML. Coingate also stated they would not continue processing the payment and that if I wanted a refund, I had to give them a live KYC of my ID, face and any sort of bill with an address on it.
Considering my provider doesn't even ask for a billing address, this is quite absurd for just 20 GBP, don't you think? Have a look at the email they sent me yourself (I bolded some parts):
Quote
Hello,
Thank you for contacting us.
We regret to inform you that the order has been suspended due to compliance-related concerns.
In accordance with international Anti-Money Laundering (AML), Counter-Terrorism Financing (CTF), and Sanctions Regulations, we are required to perform thorough due diligence on individuals involved in crypto-asset transfers processed through our systems, including payers who are not our primary clients.
To ensure full regulatory compliance and mitigate the associated risks of refunds, we need to confirm that refunds are only possible if individuals do not reside in, or payments are not originating from, countries subject to embargoes, international trade restrictions, or enhanced sanction regimes. This includes, but is not limited to, Iran, North Korea, Syria, Yemen, Afghanistan, Iraq, Palestine, Cuba, Belarus, and Russia.
To proceed with the refund process, please provide:
Proof of Residential Address
Submit a document issued within the last 3 months that verifies your current residential address. Acceptable examples include:
Utility bill (e.g., electricity, water, gas)
Bank statement
Government-issued document (e.g., tax letter)
Rental agreement or property ownership document
Complete live ID verification.
Complete the live ID verification using the following link: <redacted>
Make sure to use your email address during the verification process. Once you have completed these steps, please let us know.
Refund Address
Kindly provide the wallet address where the refund will be sent.
Important Notes
If you are unable to provide valid proof of residence outside the restricted jurisdictions, we will be unable to process your refund request.
Compliance with international Anti-Money Laundering (AML), Counter-Terrorism Financing (CTF), and sanctions laws is mandatory. These measures are essential to meet regulatory obligations.
We appreciate your prompt attention to this matter and your understanding of our compliance requirements.
Thank you for contacting us.
We regret to inform you that the order has been suspended due to compliance-related concerns.
In accordance with international Anti-Money Laundering (AML), Counter-Terrorism Financing (CTF), and Sanctions Regulations, we are required to perform thorough due diligence on individuals involved in crypto-asset transfers processed through our systems, including payers who are not our primary clients.
To ensure full regulatory compliance and mitigate the associated risks of refunds, we need to confirm that refunds are only possible if individuals do not reside in, or payments are not originating from, countries subject to embargoes, international trade restrictions, or enhanced sanction regimes. This includes, but is not limited to, Iran, North Korea, Syria, Yemen, Afghanistan, Iraq, Palestine, Cuba, Belarus, and Russia.
To proceed with the refund process, please provide:
Proof of Residential Address
Submit a document issued within the last 3 months that verifies your current residential address. Acceptable examples include:
Utility bill (e.g., electricity, water, gas)
Bank statement
Government-issued document (e.g., tax letter)
Rental agreement or property ownership document
Complete live ID verification.
Complete the live ID verification using the following link: <redacted>
Make sure to use your email address during the verification process. Once you have completed these steps, please let us know.
Refund Address
Kindly provide the wallet address where the refund will be sent.
Important Notes
If you are unable to provide valid proof of residence outside the restricted jurisdictions, we will be unable to process your refund request.
Compliance with international Anti-Money Laundering (AML), Counter-Terrorism Financing (CTF), and sanctions laws is mandatory. These measures are essential to meet regulatory obligations.
We appreciate your prompt attention to this matter and your understanding of our compliance requirements.
They openly admitted that they will not refund your money if you live in a country that the US doesn't like. Not that I have ever been to any of the above countries, but for those who do live there, this is a massive concern. (If you're reading this from Russia in particular - take notes!) And even if you don't live in any of those places, you should still be concerned because they will not process your payment in any case, which means you will be unable to pay for your stuff at many websites because Coingate is withholding the money from them and keeping it to themselves.
The effects are so bad if you're not prepared, it's like a normal person getting their bank account shut down.
Coingate has better things to worry about than whether 20 bucks is being laundered or sent to terrorists (who run a server rental service apparently?
)I guess this is another service that @paid2 should add into his excellent directory of "services that create taint nonsense out of thin air". I forgot the topic name, unfortunately. but I advise everybody to be extra careful when using the Coingate payment processor (which can be anywhere given that a lot of other websites use them).