About a week ago I wrote “A Heretic’s Guide To Deplatforming” over on the easyDNS blog (my main business). It was in response to the widespread deplatforming of Gab.ai in the wake of the Pittsburgh shooting spree, in which the perpetrator posted on the social media platform before carrying out the brutal attack. The post rocketed to the first page of Hackernews (despite being flagged as inappropriate by some SJWs there) and was run on Zerohedge.
The TL,TR on that article:
While I still believe that every company has the right to kick anybody off their platform, it ultimately undermines their long term interests to do so in the manner they did to Gab.
The ramifications of the Gab deplatforming rattled me, especially the part where Stripe and Paypal both terminated their relationships with them, cutting off their financial lifeblood.
As business owners, we have to pay particular attention to that. The old argument “if you’re doing nothing wrong you have nothing to worry about” seems thin when we’re talking about being held to account, and penalized for simply being part of the internet plumbing for thousands or millions of downstream users. It’s part of a trend I identified as achieving critical mass this year I call “hyper-moralization” (towards the end of the year I plan on writing a report on the three big trends of 2018 I observed).
Stripe and Paypal are making judgement calls about their customers downstream users, and that is very problematic. As I observed in “A Heretic’s Guide”
“Does this mean that if Zerohedge, or Black Lives Matter, two of our clients from opposite ends of the political spectrum, post something, or even if one of their users posts something, that is beyond the pale, then we have to worry about having our finances cut off?
I know that as a managed DNS provider we have a near pathological aversion to single-points-of-failure, but it’s not a stretch to come to the conclusion for any business that it’s not an acceptable risk to have that possibility just looming there and to do nothing about it.
That means we will now be looking for backup payment processors. That means maybe after 20 years in business, maybe it’s time to just pull it all in-house. Will any other businesses do the same? Anybody doing the same calculus will arrive at the same conclusion.
The deplatforming exacerbated my paranoia from an experience we had with Stripe a few weeks earlier, when out of the blue I received the following email:
We wanted to get in touch with you about an important issue.
While your account is still able to create charges, we noticed that your Stripe account has been experiencing a high level of fraudulent charges. Because it generally takes about a month from the date of charge before a cardholder submits a dispute, you may not see this reflected in your chargeback rate for a while. To comply with credit card network rules, we can’t work with any business that has more than 1% of charges (by volume or count) disputed by customers on an ongoing basis. Without immediate action, we may have to stop accepting payments for your business.
Nods to Stripe for emailing us about the issue. It turned out to be the result of a single entity who had evaded our anti-fraud measures and setup multiple accounts and registered a number of domains and websites. This happens, and we catch it and move on. But in this case, the perpetrator skewed the math by registering everything for the maximum allowable period, making the transaction volume much much larger, enough to spike our fraud ratio meaningfully.
Now, I agree it was a problem and one that we had to solve, which we’ve done. But that was the first time it suddenly occurred to me that “Stripe is a single-point of failure for us”. One we are highly dependent on. My back-and-forth with the account rep was not confidence inspiring. Usually, I want to come away from that kind of a conversation with an understanding, along the lines of:
“We know who easyDNS is, we know you’ve been in business 20 years, and we know you’re above board. So if things get bad, we’ll work with you to figure it out”.
No, that isn’t what happened. I could extract no concessions that they’d do their utmost to work with us in the future, in fact almost the opposite. We were told in essence: “If you’re numbers hit this threshold you’re on thin ice. Doesn’t matter who you are”.
The never-ending battle against fraud is an arms race. If you’re fortunate and diligent then most of the time you’re winning, but you will always take some hits and there is always the next “trick” that will work for awhile. Now I find myself wondering if the next trick will get our Stripe account killed.
Then, when Stripe went and unilaterally terminated a large platform not because of fraud but because of a judgement call on their downstream users, that really got me seriously prioritizing getting a backup payment provider.
Yes, you can accept Bitcoin or other crypto-currencies. In fact easyDNS was the first ICANN registrar to accept Bitcoin, Ethereum and even Bitcoin Cash. But crypto still doesn’t have the widespread adoption that would sustain any mainstream business in the absence of a payment gateway boycott. Right now we do about 10% of our transaction volume in Paypal, and not even 1% in crypto. The rest is through Stripe and right now I don’t fully trust Stripe to not act arbitrarily.
So far I’ve found the following possibilities (via Quora) but I haven’t looked at any of these yet:
- Splash Payments
- Braintree Payments
- Ikajo International
There is also Mals-E Commerce solutions, which was one of the very first easyDNS customers ever, back in 1998.
The other option is to finally just get our own merchant account, and use Authorize.net or one of the other major banking gateways. We always avoided that because we didn’t want to store customer credit card data within our own network. But after 20 years in business, perhaps we’re ready.
(There’s also InitiativeQ which I’ve been hearing a lot about lately. It’s some ex-Paypal folks but it’s not ready to go yet. You can get an early invite here, which purports to provide you with Q’s which may, theoretically be valued at parity with the USD. I know my friends at LetsTalkBitcoin are skeptical of it, but one thing I surmise about technology adaptation, the most technically sound, decentralized model doesn’t always win. Sometimes the exact opposite of that happens.)