When a peer-to-peer payment goes wrong — a seller never ships, the item shows up broken, the account got phished, or the buyer just refuses to refund — the recovery path depends almost entirely on which app moved the money and how it was funded. PayPal and Venmo run formal Purchase Protection programs with a 180-day claim window for qualifying transactions. Cash App has a narrower set of dispute rights anchored mostly to its card and merchant-checkout features. Zelle states plainly that it offers no purchase protection at all. Apple Pay and Google Pay are wallets that pass payments through to an underlying card or bank account — protection lives with the funding source, not the wallet. Underneath all of this sits a federal-law floor: the Fair Credit Billing Act for credit-funded transactions and Regulation E (under the Electronic Fund Transfer Act) for debit and bank-funded transfers. This is the 2026 guide to what each app actually guarantees, what federal law guarantees on top of it, and the exact deadlines that decide whether you get your money back.
Table of Contents
- TL;DR: The 2026 Comparison at a Glance
- Why Buyer Protection Has Two Layers
- Federal Layer 1: FCBA Chargebacks for Credit-Funded Payments
- Federal Layer 2: Regulation E for Debit and Bank-Funded Payments
- PayPal Purchase Protection (180 Days)
- Venmo Purchase Protection Program (180 Days, Qualifying Payments Only)
- Cash App: Limited Protection, Merchant Side Only
- Zelle: Explicitly No Purchase Protection
- Apple Pay and Google Pay: Wallets, Not Protectors
- Side-by-Side Protection Matrix
- The Decision Tree: Which Right Applies to Your Dispute
- How Your Funding Source Changes Everything
- Step-by-Step: Filing a Buyer Dispute in Each App
- The 60-Day Notice Rule You Almost Always Underestimate
- Authorized-Push-Payment Scams: The Gap Federal Law Doesn't Quite Close
- Stacking Protections for Maximum Recovery
- How Purchy Tracks Payment-App Deadlines
- Frequently Asked Questions
- Bottom Line
TL;DR: The 2026 Comparison at a Glance
| App | Built-in buyer protection | Filing window | What's covered |
|---|---|---|---|
| PayPal | Yes — Purchase Protection | 180 days from transaction | Item Not Received (INR) and Significantly Not as Described (SNAD) for eligible purchases |
| Venmo | Yes — Venmo Purchase Protection Program | 180 days from purchase | INR and SNAD on "Qualifying Payments" only — payments to business profiles or marked for goods and services |
| Cash App | Limited — no branded buyer-protection program; merchant-checkout (Cash App Pay) and Cash App Card transactions follow card-network dispute rules | 60 days from the statement showing the error (Reg E / Cash App's stated window) | Unauthorized transactions, billing errors, and Cash App Pay merchant disputes; person-to-person payments are not eligible for purchase protection |
| Zelle | No purchase-protection program | Reg E 60-day window applies to unauthorized transfers only | Unauthorized transfers via the network are covered under Reg E; authorized transfers — including ones induced by a scam — generally are not |
| Apple Pay / Google Pay | No own program — wallet only | Inherits the deadline of the underlying card/bank account (typically 60 days under FCBA or Reg E) | Whatever the underlying card or account protects: FCBA chargebacks for credit-funded, Reg E for debit-funded |
Each app's user agreement controls and can change without notice. The deadlines and program names above were drawn from each provider's published 2026 User Agreement; verify the current version before relying on any specific number.
Why Buyer Protection Has Two Layers
The single most important concept in this space is that buyer protection is never just one thing. Every payment-app transaction runs through two parallel rule sets at the same time, and the strongest recovery usually comes from invoking both.
The first layer is the private program the app itself runs — PayPal Purchase Protection, the Venmo Purchase Protection Program, the dispute pathways inside Cash App, and so on. These are contractual rights you have because you accepted the app's User Agreement when you signed up. They are usually faster to invoke and broader in what they cover (often including "Significantly Not as Described" claims that federal law does not directly address). They can also be unilaterally tightened, narrowed, or excluded — the app's terms control, and the terms can change.
The second layer is the federal-law floor: the Fair Credit Billing Act (FCBA) for any payment ultimately funded by a credit card, and Regulation E (under the Electronic Fund Transfer Act) for any payment ultimately funded by a debit card or bank account. These rights are statutory. The app cannot contract them away. They are usually narrower in what they cover (focused on "errors" and "unauthorized transfers" rather than "I'm unhappy with what I got") but they are bullet-proof in what they do cover, and they apply even when an app's program denies the claim.
The practical implication for you: when something goes wrong, the right move is rarely "file a dispute in the app and wait." It is "file a dispute in the app, and — if the app declines or stalls — file a chargeback or Reg E error claim through your funding source, citing the federal-law floor." Both layers run in parallel. You are not double-dipping; you are using two separate legal frameworks that exist for exactly this reason.
Federal Layer 1: FCBA Chargebacks for Credit-Funded Payments
The Fair Credit Billing Act is codified at 15 U.S.C. § 1666. It is the statutory basis for what most people loosely call a "credit-card chargeback." When you fund a payment-app transaction with a credit card — whether you swiped at a Cash App Pay checkout, paid a PayPal merchant with your Chase Visa, or used your Apple Pay default credit card — the underlying transaction is a credit-card purchase, and the FCBA's billing-error machinery applies.
Section 1666 lays out a 60-day notice rule. The verbatim trigger:
"If a creditor, within sixty days after having transmitted to an obligor a statement of the obligor's account in connection with an extension of consumer credit, receives at the address disclosed under section 1637(b)(10) of this title a written notice … from the obligor in which the obligor— (1) sets forth or otherwise enables the creditor to identify the name and account number (if any) of the obligor, (2) indicates the obligor's belief that the statement contains a billing error and the amount of such billing error, and (3) sets forth the reasons for the obligor's belief … that the statement contains a billing error, the creditor shall …" (15 U.S.C. § 1666(a))
The list of things that qualify as a "billing error" includes — verbatim from § 1666(b)(3) — "A reflection on a statement of goods or services not accepted by the obligor or his designee or not delivered to the obligor or his designee in accordance with the agreement made at the time of a transaction." That single subsection is the statutory basis for the "merchandise not received" chargeback reason code your card issuer uses, and it applies regardless of whether the transaction was processed through PayPal, Venmo, Cash App Pay, or directly to the merchant.
Once you give written notice within the 60-day window, the creditor must, within 30 days, acknowledge — and within two complete billing cycles (capped at 90 days), either correct the error or send a written explanation of why it believes the bill is correct. During the investigation, the disputed amount is not collectable, no finance charges may accrue on it, and the creditor cannot report it as delinquent.
The strict 60-day notice deadline runs from the first statement showing the disputed charge — not from the transaction date itself. For monthly statement cycles, that gives you somewhere between 60 and roughly 90 days from the transaction, depending on where in the cycle the charge landed. Our deep dive on how to dispute a credit card charge under the FCBA walks through the full procedural mechanics.
Federal Layer 2: Regulation E for Debit and Bank-Funded Payments
When a payment-app transaction is funded by a debit card or directly out of a bank account, the relevant federal statute is the Electronic Fund Transfer Act, with Regulation E (12 C.F.R. Part 1005) supplying the operational detail. The core consumer-protection section is 15 U.S.C. § 1693f. Its scope is narrower than the FCBA's billing-error definition: it covers "errors" in electronic fund transfers, and § 1693f(f) enumerates what counts as an error, including (1) an unauthorized electronic fund transfer; (2) an incorrect electronic fund transfer; (3) the omission from a periodic statement of an EFT that should have been included; (4) a computational error by the financial institution; (5) receipt of an incorrect amount from an electronic terminal; and (6) the consumer's request for additional information or clarification.
The notice window mirrors the FCBA's: 60 days from transmission of the periodic statement documenting the alleged error. The institution then has 10 business days to investigate — or, if it provisionally re-credits the account, 45 days to conclude. Verbatim from § 1693f(c):
"If a financial institution receives notice of an error in the manner and within the time period specified in subsection (a), it may, in lieu of the requirements of subsections (a) and (b), within ten business days after receiving such notice provisionally recredit the consumer's account for the amount alleged to be in error … pending the conclusion of its investigation and its determination of whether an error has occurred. Such investigation shall be concluded not later than forty-five days after receipt of notice of the error. During the pendency of the investigation, the consumer shall have full use of the funds provisionally recredited."
And § 1693f(e) provides treble damages where the institution did not provisionally re-credit and (A) did not make a good-faith investigation or (B) "knowingly and willfully concluded that the consumer's account was not in error when such conclusion could not reasonably have been drawn from the evidence available." That treble-damages provision is the lever that makes Reg E claims taken seriously when written demand letters come in.
The crucial limitation: Reg E covers unauthorized transfers and certain enumerated errors. It does not cover "I authorized the transfer, but the seller scammed me." A payment you intentionally sent — even one a fraudster talked you into sending — is generally an authorized transfer for Reg E purposes, and recovery has to come from elsewhere. We unpack that distinction below in the authorized-push-payment scams section. Our companion piece on debit vs. credit card disputes compares the two regimes side by side.
PayPal Purchase Protection (180 Days)
PayPal's Purchase Protection program is the oldest and most generous of the payment-app buyer-side programs. It is a contractual program PayPal runs on top of (not in place of) the underlying federal-law layer. The program is described in PayPal's User Agreement in the Purchase Protection section.
The two covered claim types are the same two that recur across the entire payment-app space:
- Item Not Received (INR). You paid for a tangible good, and you never got it.
- Significantly Not as Described (SNAD). You got an item, but it is materially different from what was described — wrong model, missing major parts, counterfeit, damaged in a way that was not disclosed.
Eligibility is meaningful: the payment generally has to be for an eligible physical good (some intangible categories are excluded), it has to be a single payment for the full purchase, the seller has to be flagged as eligible at the time of the claim, and the dispute has to be opened within 180 days of the original payment. That 180-day window is roughly triple the FCBA's notice window, which is one of the main reasons PayPal's program is so often the right first stop for a goods-related dispute.
The standard PayPal claim flow is: open a dispute in the Resolution Center, try to resolve directly with the seller for the typical 20-day informal-resolution window, then escalate to a claim if no resolution is reached, then await PayPal's decision, with an appeal path if it goes against you. Refunds, when issued, return to the original funding source — so if you paid with a credit card, the credit posts back to that card; if you paid from PayPal balance, the credit posts back to your PayPal balance.
PayPal's program does not cover everything. The most consequential carve-outs are personal payments labeled as "friends and family" (the analog of unmarked Venmo payments), most digital and intangible product categories, motor vehicles and real estate, and any transaction where the seller delivered substantially what was promised even if you have changed your mind. Buyer's remorse is not an SNAD claim.
Venmo Purchase Protection Program (180 Days, Qualifying Payments Only)
Venmo and PayPal are sibling products under the same corporate roof, and Venmo's User Agreement contains a Purchase Protection Program that mirrors PayPal's in structure with one critical limitation: the program applies only to Qualifying Payments. The User Agreement spells out the qualification explicitly:
"IMPORTANT: THIS PROGRAM DOES NOT APPLY TO PAYMENTS TO PERSONAL ACCOUNTS THAT ARE NOT IDENTIFIED AS FOR GOODS AND SERVICES OR PAYMENTS TO TEEN ACCOUNTS. ONLY QUALIFYING PAYMENTS, AS DESCRIBED [in the agreement], ARE ELIGIBLE."
A "Qualifying Payment" is, in plain terms, a payment to a Venmo business profile, or a payment to a personal account that is explicitly marked as being for goods and services at the time it is sent. The "purchase protected" tag has to be on the payment. An untagged Venmo payment between two personal accounts — what most people think of as the standard Venmo use case — is not eligible, regardless of what was actually being purchased.
For eligible Qualifying Payments, the program covers the same two claim types (INR and SNAD) as PayPal's. The User Agreement's verbatim instructions for opening a buyer claim:
"Step 1: Open a dispute within 180 days of the date the purchase was made using our support channels (by calling an agent at (855) 812-4430, sending us a message through the contact form, or chatting in the app)."
That 180-day window matches PayPal's. The buyer-eligibility criteria are: a Venmo account in good standing, a prior attempt to resolve with the seller, timely response to Venmo's requests for information, and no recovery already received from another source. Venmo Tap to Pay transactions are not eligible because, per the agreement, they "have not been made from a Venmo account and are not 'Qualifying Payments.'"
The takeaway for buyers: the protection toggle is largely in your hands at the moment of payment. If you tap "Goods and services" when sending a Venmo payment, you pay a small fee but lock in the program. If you send the same payment as an unmarked personal payment, you save the fee and lose the entire Purchase Protection Program for that transaction. For purchases of any meaningful size from anyone other than a person you trust personally, the toggle decision pays for itself many times over.
Cash App: Limited Protection, Merchant Side Only
Cash App's Terms of Service (Effective February 7, 2024; Last Updated April 27, 2026 as of this writing) do not establish a branded "buyer protection program" analogous to PayPal or Venmo. The dispute and error-resolution framework instead tracks federal Reg E for unauthorized transactions and card-network dispute procedures for transactions made with the Cash App Card or through Cash App Pay at participating merchants.
The Cash App ToS's notice rule for billing errors matches Reg E's 60-day window:
"You agree to provide notice to us within 60 Days of receiving the Statement reflecting the problem. If you fail to do so, you agree that our review and resolution of your inquiry is solely in our discretion."
For purchases made through Cash App Pay — the "pay with Cash App" checkout button at participating online merchants — disputes flow through the card-network dispute process tied to the funding source. If you paid through Cash App Pay with a credit card backing your Cash App Balance, you have FCBA rights at that card. If your Cash App Pay payment was funded from your Cash App Balance, the dispute is processed under Cash App's stated procedures (which include the 60-day notice window above).
What Cash App does not do is provide a Purchase Protection program for ordinary peer-to-peer payments. A standard Cash App $Cashtag-to-$Cashtag payment for a marketplace purchase that goes wrong is not protected by any Cash App buyer-protection program. Recovery for that scenario has to come from either the federal-law floor (only if there is a genuine "unauthorized transaction" or "error" within the meaning of § 1693f) or from the underlying funding source's own rules.
Zelle: Explicitly No Purchase Protection
Zelle is the most stark case in the comparison, and the one buyers most often misunderstand. Zelle is a network operated by Early Warning Services, owned by a consortium of large U.S. banks, that moves money directly between bank accounts. There is no Zelle wallet holding funds, no Zelle merchant-checkout product analogous to PayPal Checkout or Cash App Pay, and — by design — no Zelle buyer-protection program.
Zelle's own consumer-facing materials are explicit on this point. The company markets the network with the consistent guidance that users should "only send money to people you trust" because Zelle payments "move directly from your bank account to theirs" and, in most cases, "cannot be canceled" once sent and accepted by an enrolled recipient. Goods-and-services purchases through Zelle have no analog of PayPal Purchase Protection or the Venmo Purchase Protection Program.
What Zelle does have, indirectly, is Regulation E coverage for unauthorized transfers. Because Zelle moves money out of a consumer's bank account, an unauthorized Zelle transfer (a fraudster took over your account and sent themselves money) is an "unauthorized electronic fund transfer" within § 1693f(f)(1) and your bank has Reg E error-resolution obligations. The 60-day notice rule applies, the 10-business-day / 45-day investigation timeline applies, and the bank is obligated to recredit if it finds the transfer was unauthorized.
The hard case is the authorized-but-fraudulent payment — the wave of "I thought I was paying my Zelle contact, but it was actually a scammer impersonating my bank" cases that drove the high-profile Consumer Financial Protection Bureau scrutiny in 2024 and 2025. Federal law's coverage of these scenarios is contested and bank-by-bank in practice. The safe operating rule for a buyer in 2026 is: do not use Zelle for any commercial transaction with a stranger. The protections that exist for credit cards or for PayPal/Venmo's purchase programs simply do not apply.
Apple Pay and Google Pay: Wallets, Not Protectors
Apple Pay and Google Pay (and Samsung Pay, and the analogous "wallet" features increasingly built into bank apps) sit one layer above the payment rail. They are tokenization tools that pass a payment through to an underlying funding source — a credit card, a debit card, or, increasingly, a stored bank-account connection. They do not have their own buyer-protection programs.
The protection that applies to an Apple Pay transaction is whatever protection the underlying card or account provides. Pay with Apple Pay backed by a Chase Sapphire Visa, and your dispute is an FCBA chargeback against Chase. Pay with Apple Pay backed by a debit card, and your dispute is a Reg E error claim against the debit-card issuer. Apple itself is not a party to the dispute — the wallet's job is to deliver the payment token, not to underwrite the underlying purchase. The same logic applies to Google Pay and to most modern bank-app "pay" buttons.
This is generally good news for buyers: the underlying federal protections are real and well-tested. It just means that the deadline that applies to your Apple Pay dispute is the deadline of the underlying card — typically 60 days from the first statement showing the charge — not any deadline set by Apple. Our deep-dive on the best credit cards for purchase protection covers the card-side protections in detail.
Side-by-Side Protection Matrix
| Feature | PayPal | Venmo | Cash App | Zelle | Apple/Google Pay |
|---|---|---|---|---|---|
| Branded purchase-protection program | Yes | Yes (Qualifying Payments only) | No | No | No (wallet only) |
| Window to open a claim | 180 days from payment | 180 days from payment | 60 days from statement (Reg E / ToS) | 60 days from statement (Reg E) | 60 days from statement (underlying card) |
| Item Not Received (INR) | Covered | Covered (Qualifying Payments) | Via card-network dispute or FCBA/Reg E | Not covered as a purchase claim | Via underlying card |
| Significantly Not as Described (SNAD) | Covered | Covered (Qualifying Payments) | Limited; not a branded claim type | Not covered | Via underlying card (often as merchandise dispute) |
| Unauthorized transaction (Reg E) | Covered | Covered | Covered | Covered | Covered via underlying account |
| Authorized payment to a scammer | Often denied as "friends & family" if not tagged | Not covered if not a Qualifying Payment | Generally not covered | Generally not covered (this is the well-known Zelle gap) | Generally not covered; underlying card may offer chargeback if credit-funded and the merchant is a third party |
| Refund path | Back to original funding source | Back to original funding source / Venmo balance | Back to Cash App balance or funding source | Back to bank account (when granted) | Back to underlying funding source |
The Decision Tree: Which Right Applies to Your Dispute
Most disputes resolve faster when you take 60 seconds to identify exactly which legal right is the strongest fit, instead of cycling through every channel. The decision tree below collapses the most common cases:
- Was the payment unauthorized? (Someone took over your account or used your card without your permission.) → Reg E if debit/bank-funded; FCBA's unauthorized-use provisions (§ 1643) if credit-card-funded. Notice the bank within 60 days of the statement showing the unauthorized charge — earlier is better, since timing affects your liability cap.
- Did you authorize the payment but the item never arrived? → If on PayPal/Venmo (and it was a Qualifying Payment for Venmo), open a Purchase Protection claim within 180 days. If the funding source was a credit card, you also have an FCBA chargeback right under § 1666(b)(3) within 60 days of the statement.
- Did you authorize the payment, the item arrived, but it's materially different from what was described? → Same as above. Purchase Protection (PayPal/Venmo Qualifying Payments) plus FCBA chargeback for "goods or services not accepted by the obligor … in accordance with the agreement made at the time of a transaction."
- Did you authorize the payment and the seller turned out to be a scammer? → The hardest case. Apps' purchase-protection programs generally do not cover authorized payments to a scammer. The strongest practical recovery path is a credit-card chargeback if the payment was credit-funded; bank reversal if the receiving institution still holds the funds (sometimes possible if you call your bank fast); and a police report plus IC3 / state AG complaint to support either.
- Did Zelle move the money? → Reg E for unauthorized transfers. For an authorized-but-scammed Zelle transfer, escalate hard within your bank, file a CFPB complaint, and check whether your bank is part of any voluntary reimbursement program for verified scam losses (many large banks have adopted one).
How Your Funding Source Changes Everything
If there is one operational lesson to take from this entire article, it is this: the funding source is the dispute right. When you set up a payment app, the default funding source you select silently determines how powerful your protections are.
| Funding source | Federal-law layer | Stack with |
|---|---|---|
| Credit card | FCBA (15 U.S.C. § 1666). Strongest. Billing-error notice within 60 days of statement; up to 90 days to investigate; no payment owed during dispute. | Card-network chargeback rights (Visa/Mastercard/Amex/Discover dispute reason codes), plus app-level Purchase Protection where applicable. |
| Debit card | Reg E (15 U.S.C. § 1693f). Notice within 60 days of statement; 10 business days (or 45 with provisional credit) to investigate. | Card-network chargeback rights (debit branded networks generally honor the major dispute reason codes), plus app-level program. |
| Bank account (ACH/direct) | Reg E. Same timelines. Often the only federal-law layer (no card-network chargeback). | App-level program is the main supplement; recovery is harder if both fail. |
| App balance (PayPal, Venmo, Cash App) | No direct federal-law layer at the moment of payment — the app's program is the primary protection. | Limited. If the balance was originally loaded from a credit card and the dispute can be traced back to that load, the FCBA might attach to the underlying load. |
The practical implication: for any meaningful payment-app transaction with a stranger, fund the payment from a credit card if your app allows it. You preserve both layers — the app's Purchase Protection program and the FCBA — and you give yourself dramatically wider recovery options than if you funded from balance or a bank account.
Step-by-Step: Filing a Buyer Dispute in Each App
The administrative procedure varies more than the underlying rights. The fastest filing path for each app:
PayPal. Sign in, open the Resolution Center, click "Report a Problem," select the transaction, choose Item Not Received or Significantly Not as Described, attach evidence (order confirmation, communications with the seller, photos of the item if SNAD), and submit. The dispute opens; PayPal sets a 20-day informal-resolution window with the seller; if you cannot resolve, escalate to a claim within that window. Decisions on claims typically come within 30 days; appeal rights apply if the decision goes against you.
Venmo. Per the User Agreement, "Open a dispute within 180 days of the date the purchase was made using our support channels (by calling an agent at (855) 812-4430, sending us a message through the contact form, or chatting in the app)." Provide the Qualifying Payment transaction ID, the basis for the claim (INR or SNAD), and supporting documentation. Venmo runs an internal review and decides eligibility.
Cash App. Tap the activity tab, select the transaction, tap "..." → "Need Help & Cash App Support" → "Dispute this transaction." Cash App's ToS requires you to "provide notice … within 60 Days of receiving the Statement reflecting the problem." For Cash App Card disputes specifically, the card-network dispute process applies and the bank that issues the Cash App Card (Sutton Bank or Lincoln Savings Bank, depending on cardholder) is the regulated entity.
Zelle. Disputes go through your bank, not through Zelle directly. Call your bank's fraud line, file a written dispute citing the unauthorized-transfer provisions of Reg E (15 U.S.C. § 1693f), and request provisional credit pending investigation. If the bank denies, file a CFPB complaint at consumerfinance.gov. If criminal fraud was involved, also file with IC3 (the FBI's Internet Crime Complaint Center) and your state attorney general.
Apple Pay / Google Pay. Open the wallet app, tap the transaction, and either use the "Report an Issue" / "Dispute Charge" link (which routes to the underlying card issuer) or contact the underlying issuer directly. The FCBA's written-notice formality benefits from being preserved — a written dispute letter mailed to the address disclosed on your statement under § 1637(b)(10) is the gold-standard FCBA notice, even if you also opened the dispute online.
The 60-Day Notice Rule You Almost Always Underestimate
The single most missed deadline in payment-app disputes is the 60-day federal-law notice window. Both the FCBA and Reg E set it. Both measure it from the date of the periodic statement reflecting the disputed item — not from the transaction date itself.
That distinction usually buys you a few extra weeks, but it cuts the other way in a common scenario: a charge that posts on the last day of one statement cycle starts the 60-day clock on the date of that statement. If you only notice the problem after the next month's statement, you may already be 30+ days into the window before you start investigating. App-level programs (PayPal/Venmo's 180-day window) are forgiving here; federal law is not.
Three operational tips:
- Send written notice in addition to any online dispute. The FCBA and Reg E both contemplate notice in a specific form. An online dispute may or may not satisfy the statute depending on the issuer's procedures; a mailed letter to the address on your statement always does.
- Keep proof of mailing date. Certified mail with return receipt is the cleanest way to memorialize the 60-day clock. Costs ~$5. Often the difference between a clean recovery and a contested one.
- If a problem is borderline-already-late, send the notice anyway. Issuers regularly accept disputes inside the 60-day window without auditing the dates; treating a borderline claim as "too late" forfeits a right you might have had.
Every payment, every deadline, in one place.
Purchy reads your purchase emails — including PayPal, Venmo, Cash App, and card statements — and surfaces the dispute deadlines that actually matter, so a 60-day federal window never quietly closes on a recoverable payment.
Try Purchy free →Authorized-Push-Payment Scams: The Gap Federal Law Doesn't Quite Close
The hardest category of payment-app loss is the "authorized push payment" scam — you intentionally sent the money, but you sent it to a fraudster who deceived you about who they were or what they were selling. Common variants: the "your bank's fraud department" call that talks you into Zelle-ing money to a "safe account," the marketplace listing that demands Zelle to "hold the item," the romance-scam transfer, the impersonation of a utility company.
Federal law's recovery layer for these scenarios is limited because the transfer is, on its face, authorized. Reg E's error-resolution machinery applies to unauthorized transfers (§ 1693f(f)(1)) and certain other enumerated errors, not to an authorized transfer the consumer regrets sending. The FCBA helps only if the payment was credit-funded, in which case the "goods or services not accepted by the obligor … in accordance with the agreement made at the time of a transaction" provision in § 1666(b)(3) may give you a chargeback right against the credit-card issuer even where the payment-app program denies.
Banks have, under regulatory and political pressure, adopted internal reimbursement programs for verified scam losses on networks like Zelle in many cases. These are voluntary and bank-by-bank, not federal-law mandates. The CFPB has stated publicly that it considers many Zelle-scam scenarios to fall within Reg E's "error" definition under a broader reading; the question is contested and has been the subject of significant enforcement and litigation activity from 2023 through 2025.
Best practice in 2026 is to assume that the federal-law layer will not save you on an authorized-push-payment scam and to treat the funding-source decision as the recovery decision. Credit-card funding through a wallet (Apple Pay/Google Pay) gives you FCBA chargeback rights even when no app-level program applies. Bank-account-direct funding through Zelle leaves you with the narrowest options.
Stacking Protections for Maximum Recovery
When something goes wrong with a meaningful-dollar payment, the recovery playbook is to run multiple tracks in parallel — not sequentially. Each layer has its own clock; waiting on one is usually waiting on all of them.
- Document everything within 24 hours. Screenshot the transaction details, the seller's listing, your communications, and any evidence of non-delivery or misrepresentation. Evidence quality drops fast as time passes and listings get pulled.
- Open the in-app dispute immediately. PayPal Resolution Center, Venmo dispute, Cash App dispute, or — for Zelle / Apple Pay / Google Pay — the underlying bank or card issuer's dispute channel. Start the app's clock.
- If the payment was credit-funded, mail an FCBA notice letter within 30 days. Address it to the billing-inquiries address on your statement. Cite § 1666(b)(3) for non-delivery or non-conforming goods, § 1643 for unauthorized use. Send certified.
- If the payment was debit/bank-funded and unauthorized, file a Reg E error claim in writing within 30 days. Request provisional credit per § 1693f(c).
- File a CFPB complaint if the bank or app denies. The CFPB complaint process routes the issue to the institution with a formal response deadline and creates a public record.
- File a police report and IC3 complaint for criminal fraud. These do not directly produce reimbursement but support both the chargeback and any later civil action, and are often required by bank reimbursement programs.
- State AG complaint as the last escalation. Particularly effective against repeat-violator merchants and banks; state AGs frequently coordinate enforcement and have brought significant payment-app-related cases.
The sequencing matters because the app-level programs and the federal-law layers run on independent clocks. A 180-day Venmo Purchase Protection window does not extend the 60-day FCBA notice clock on your underlying credit card; nothing extends the 60-day Reg E clock on your bank account. Run both clocks at the same time and you preserve every option.
How Purchy Tracks Payment-App Deadlines
The reason these protections fail in practice is rarely that they are too narrow. It is that the deadlines that govern them are invisible. The 60-day FCBA / Reg E window starts at a statement date. The 180-day PayPal / Venmo window starts at a transaction date. The 20-day informal-resolution window inside PayPal runs from the day you opened the dispute. None of these dates show up anywhere in your email inbox as a flagged deadline.
Purchy reads your purchase-confirmation emails as they arrive — from PayPal, Venmo, Cash App, Apple Pay receipts, card statements, and the merchants themselves — and surfaces the deadlines that actually govern each transaction. The federal 60-day window. The 180-day app-program window. The carrier acceptance scan for shipping-side disputes. The credit-card statement close date for FCBA notice timing. You see them in one list with the dates that matter, so you act inside the window instead of after it.
Related deep dives:
- How to dispute a credit card charge in 2026 (FCBA step-by-step)
- Debit vs. credit card disputes: your 2026 rights compared
- The FTC 30-Day Shipping Rule and your automatic refund right
- The FTC Cooling-Off Rule and the real 3-day right to cancel
- Best credit cards for purchase protection in 2026
- How long does a refund take in 2026?
- Buy now, pay later: returns and refund mechanics in 2026
- How to get your money back after the return window has closed
Frequently Asked Questions
Does PayPal really give you 180 days to dispute a purchase?
Yes, for transactions eligible for PayPal Purchase Protection. The 180-day window runs from the date of the original payment, not from the date you discovered the problem. Some categories (intangibles, motor vehicles, real estate) are carved out of the program, so verify your specific transaction in PayPal's User Agreement before relying on the window.
Is the Venmo Purchase Protection Program automatic for every payment?
No. The Venmo User Agreement is explicit that "THIS PROGRAM DOES NOT APPLY TO PAYMENTS TO PERSONAL ACCOUNTS THAT ARE NOT IDENTIFIED AS FOR GOODS AND SERVICES." Only "Qualifying Payments" — payments to business profiles or payments to personal accounts tagged as for goods and services at the time they are sent — are eligible. Tap the toggle when you pay.
Does Zelle have any buyer protection?
Zelle does not offer a purchase-protection program. The only federal protection is Regulation E's coverage of unauthorized transfers (15 U.S.C. § 1693f). A payment you authorized but later regret — including one you authorized because a scammer deceived you about who you were paying — generally is not recoverable under Reg E's "error" definition, and Zelle itself has no separate program to fall back on.
If I paid through Apple Pay, who do I dispute with?
You dispute with the underlying card issuer or bank — not Apple. Apple Pay is a wallet that passes the payment to the funding source you selected. Open your wallet, find the transaction, and follow the "Report an Issue" link, which routes to the underlying issuer. For an FCBA dispute, also mail a written notice to the billing-inquiries address on your card statement within 60 days.
Can I get my money back from a Cash App payment to a stranger that scammed me?
The recovery path depends on the funding source. If your Cash App payment was funded from a credit card backing your Cash App Balance, you may have an FCBA chargeback right against that credit card. If it was funded from your Cash App Balance or a debit card or bank account, your federal-law layer is narrower — Reg E typically covers only unauthorized transfers, not authorized payments to a scammer. The Cash App ToS does not establish a branded buyer-protection program for ordinary peer-to-peer payments.
Does the 60-day FCBA clock run from the transaction date or the statement date?
The statement date. Section 1666(a) starts the 60-day clock when "a creditor … transmit[s] to an obligor a statement of the obligor's account." A charge that posts the day after a statement closes gives you roughly 60 days plus a billing cycle to notice and act; a charge that posts at the end of a billing cycle starts the clock almost immediately on the next statement.
What happens to my dispute during the investigation?
Under the FCBA, the disputed amount is not collectable, no finance charges may accrue on it, and the creditor cannot report it as delinquent. Under Reg E, if the institution provisionally re-credits within 10 business days (an option, not a requirement, unless certain conditions trigger it), you have full use of the funds during the 45-day investigation window per § 1693f(c).
Can I file a dispute with both my card issuer and PayPal at the same time?
You can open both, but you cannot collect twice. PayPal's User Agreement makes ineligibility for the Purchase Protection program conditional on (among other things) not having already received recovery from another source for the same purchase. If your card issuer reverses the charge, PayPal's program will not pay you again. Running them in parallel and accepting whichever resolves first is a legitimate strategy.
What is the difference between Item Not Received and Significantly Not as Described?
INR is the simplest claim: you paid for an item and never received it. SNAD covers items you did receive that materially differ from the seller's description — wrong model, missing major parts, counterfeit, damaged in a way that was not disclosed. Both PayPal and Venmo recognize the two claim types separately because the evidentiary burden is different (delivery records for INR; photos and condition documentation for SNAD).
Does Reg E cover Zelle scams now?
The legal answer is contested. The CFPB has taken the position that many Zelle scams fall within the broader "error" reading of § 1693f, and several major banks have voluntarily adopted reimbursement programs for verified scam losses on Zelle. The strict-textual reading of "unauthorized electronic fund transfer" excludes payments the consumer initiated, even ones induced by deception. The safe operating rule: do not use Zelle for any commercial transaction with someone you do not know personally, and if you are a victim, file a CFPB complaint promptly to put your bank on notice.
If I send a Venmo payment as "Goods and Services," do I pay a fee?
The sender does not pay; the recipient (the seller) is charged a per-transaction Goods and Services fee, currently 1.9% plus $0.10 per transaction as of Venmo's 2026 pricing. That fee is what funds the Purchase Protection Program eligibility. The trade-off for the seller is real coverage for the buyer.
Can I dispute a payment-app transaction with my bank if the app denied my claim?
If the payment was funded from a credit card, yes — FCBA rights run against the card issuer independent of any app-level denial, within the 60-day notice window. If the payment was funded from a debit card or bank account, Reg E rights run against your bank within the same 60-day window. The app's denial is not a bar to either federal-law claim; it is one piece of evidence the bank or issuer will weigh during their own investigation.
Does any of this apply if I'm the seller, not the buyer?
Most of this article addresses the buyer side. Sellers have their own seller-protection programs under PayPal and Venmo's User Agreements with different (often shorter) eligibility windows and stricter documentation requirements — especially proof of shipment to the buyer's confirmed address and proof of delivery. If you sell through any of these apps, the corresponding seller-protection section of the User Agreement is worth reading in full.
Bottom Line
Payment-app buyer protection in 2026 looks like one feature from the marketing copy and like five very different regimes from the User Agreement. PayPal and Venmo run real 180-day Purchase Protection programs but only for the right kind of transaction. Cash App leaves you with the federal-law floor and the card-network dispute process. Zelle leaves you with neither for authorized payments and only Reg E coverage of unauthorized transfers. Apple Pay and Google Pay borrow whatever the underlying card or account provides — which, if the underlying card is a credit card, is the strongest individual protection in the entire stack.
The single decision that does the most work for you is the funding-source decision. A credit card backing your payment app gives you both the app's program and the FCBA's 60-day chargeback right. A debit card or bank account gives you the app's program and Reg E's narrower error-resolution layer. An app balance gives you only the app's program. For meaningful purchases from people you do not know, fund through a credit card and tag the payment for goods and services where the app supports it. You preserve every right the law gives you, and you avoid the avoidable mistakes that turn a 60-day window into a 65-day regret.
Don't let a dispute window close on you.
Purchy tracks every payment-app deadline — the 60-day federal windows, the 180-day app-level programs, the carrier acceptance scans — automatically, from the purchase receipts already in your inbox.
Try Purchy free →This article is informational, not legal advice. Federal-law provisions cited (15 U.S.C. §§ 1666 and 1693f) were verified verbatim against the Legal Information Institute at Cornell Law School on May 16, 2026. App-specific program details were drawn from each provider's published 2026 User Agreement (Venmo at venmo.com/legal/us-user-agreement; Cash App ToS Effective February 7, 2024, Last Updated April 27, 2026 at cash.app/legal/en-us/tos; PayPal User Agreement at paypal.com/legalhub/useragreement-full). Each provider may amend its terms without notice; verify the current version of the applicable User Agreement before relying on any specific deadline, eligibility carve-out, or claim window. For a Zelle-specific dispute or a contested authorized-push-payment scam loss, consult an attorney admitted in your state and file a complaint at consumerfinance.gov.