Tell HN: Stripe killed my music locker service, so I'm open sourcing it

I'm writing this to warn anyone who might have a similar service, including backup hosting services.

I run a small website at inter.tube. It lets you upload your music collection and stores it in Backblaze B2. It provides a simple web interface to listen to your collection, and support for the Subsonic API (allowing native apps to use it). Fundamentally it is not very different from something like Dropbox or Backblaze: it is a "dumb" backup that simply stores what you give it. It doesn't perform "matching" against other files, it doesn't allow you to access music you didn't explicitly upload, and it doesn't even deduplicate files between different users. It doesn't allow "sharing" of music either, download links are tied to a short access token for a specific user's login session. The only difference between other backup services is that we use the metadata tags in your uploads to organize things better. According to Capitol Records, Inc. v. MP3Tunes, LLC, this is absolutely OK in the eyes of the law (thank you to a fellow HN user for telling me about this court case). Note that we don't even perform deduplication, which was the main controversy in that case.

I have been using Stripe happily for a couple years now, but suddenly (less than 10 minutes after a subscription payment went through), Stripe decided that I violated their Restricted Business policy, in particular "Products and services that infringe intellectual property rights: Sales or distribution of music, movies, software, or any other licensed materials without appropriate authorization". I thought this was a misunderstanding so I clarified that we don't sell music, just storage space (see paragraph above), but they denied my appeal with a short template response.

This saddens me because my reasons for starting the site are the exact opposite of piracy! I was sick of artists getting paid virtually nothing for streaming service plays, so I decided to buy full albums directly from the artist as much as I could. inter.tube just allows you to keep your collection safe and easily accessible.

I'm posting this mostly to warn other Stripe users that essentially any backup service could "violate" these terms, so be careful about the marketing blurbs on your website. Probably any mention of "music" whatsoever is enough to get your account nuked. I really liked Stripe, always recommended it because of its nice API, but I won't be doing that anymore.

inter.tube will likely die. I'm going to refund my few paying users and disable account registration later, I guess.

As a bonus, I've open-sourced inter.tube. However, it is difficult to run because it relies on a bunch of random cloud services (Backblaze B2 + Cloudflare Workers + Lambda) and there's some hard-coded stuff in there, so it's probably not very useful beyond curiosity. If anyone would like to help me with the open sourcing, let me know, and I'll get back to you whenever I have time. Of course, feel free to fork it as well. I am also on GitHub sponsors if anyone would like to sponsor me to help make it easier to self-host (or at least self-deploy).

Source code: https://github.com/guregu/intertube

UPDATE 2: My Stripe account is back! Thank you so much! inter.tube will remain online, but open source from now on!

Update: I have reached out to the nice Stripe employee who volunteered their email, let's see what happens.

It's been pointed out a few times that my marketing says the site won't die, and me killing it would be very ironic. This is 100% true, and I have decided to leave the site up even if Stripe decides to ultimately close my account. Luckily, our infrastructure costs are very low (<$5 month currently).

I created this site when Google Play Music went down and lots of people were complaining about Google killing yet another product. I don't want to do the same thing to my users.

Finally, I would like to take this opportunity to plug a similar service that I am completely unrelated to. I saw its author post on HN and they seem like they are also a one-man-shop: https://asti.ga This service is different in that it lets you hook it up to your own cloud storage. I am only now realizing why this is such a brilliant idea.

Kelteseth · 3 years ago

So Hackernews is once again the only way to truly get proper stripe support?

xuki · 3 years ago

I'm just happy to be in an exclusive club that can request stripe support on demand.

paxys · 3 years ago

This is standard corporate strategy nowadays. Instead of staffing up expensive customer service departments they wait for posts to go viral on Twitter, Reddit, HN etc. and only handle those.

dimgl · 3 years ago

This is actually really concerning at this point.

Freedom2 · 3 years ago

While not ideal, it's cool and I think companies definitely keep an eye on HackerNews thanks to the moderation! Once I read more of Dang's moderation comments I realized how deeply he cares about HN. He takes time to explain his view point (which can also change over time), he answers emails, he develops new features to fight spam. I value that more than changing the website layout, dark-mode, font-size.

enraged_camel · 3 years ago

Always has been.

dangravell · 3 years ago

Thanks very much for mentioning Astiga. I am the 'author' you mention, but I only just saw this because I only consume HN via Hacker Daily, so I'm a day behind.

When I saw your headline though, I almost choked on my coffee. We use Stripe too, but as you mention we aren't a locker, we just connect to the user's pre-existing cloud storage (including self hosted if you have that Internet accessible). That said these kind of corporate decrees are often pretty unsubtle and we could easily get caught up in this. I've had enough "policy" nightmares with Paypal and Google to instill a sense of dread when these black box titans change their mind about something and expect you to dance to their tune.

> This service is different in that it lets you hook it up to your own cloud storage. I am only now realizing why this is such a brilliant idea.

I should mention it's not my idea originally - I purchased the service almost two years ago from this guy: https://koenvh.nl/en/ . Funny story really: https://community.asti.ga/discussion/378/astigas-new-owner

subhro · 3 years ago

One thing I would strongly recommend. GET OFF STRIPE. Talk to a proper bank like USBank or Chase. It is not hard to integrate with their payment processor. They WILL send you through proper underwriting and will have your back. At least they had and continues to have mine with a firearms business.

Let me be also very clear. When you are going through underwriting, you will feel at times that this was a colossally bad idea, but it pays off its trouble in gold.

xtracto · 3 years ago

Right, to anyone looking for alternatives, check out FISGlobal/Worldplay. They have a payment product that is "closer" to the card network, so it can be cheaper than Stripe.

rexreed · 3 years ago

What tech do you use to integrate it with your apps? Especially ones that seem to greatly prefer Stripe? Chase has been a solid bank for us but I'd like to not mix my payment processor and bank in case things go south. What are your rates? Do you have to pay monthly gateway fees or minimums? How long did the underwriting process take and what were the major headaches?

jytechdevops · 3 years ago

happy to hear it worked out and that other users have provided some great options other than going straight to OS(ing) it. best of luck on your future.

Dead Comment

grose · 3 years ago

nolok · 3 years ago

Instead of closing your service, may I recommend switching to payplug.com ? Started as a small smartup, now bought by a french main bank chain but has english documentation, very clean API, easy to get support, low fees. Easily handle refunds, payment link, payment page integrated or separate, 3D Secure, subscription/recurring payment, etc etc ...

Been using them for a few companies the past year and a half, and migrated more and more of my stuff over to them, it offers the simplicity and clarity of "stripe at the beginning" while already being backed and owned by a major bank (BPCE, 2nd biggest banking group in France). They don't have all the bells and whistles of current Stripe, but for most projets we don't need that anyway.

And there is no bullshit about random overnight account closure with no recourse.

xhkkffbf · 3 years ago

> "no bullsh*t about random overnight account closure..."

Is it possible to predict this in advance? Can't these companies just do it any old time they feel like it? There's always a first.

Or is there good regulation in France?

I would say it's mostly the attitude, it's just a very different way to view things and to have a relation with your payment processor ; where there is an issue my experience has been that they talk to you to find a solution together, which may be higher fees or some options and controls becoming mandatory for your account, rather than throwing you away to avoid being stained like Paypal is known for and Stripe is more and more moving toward (again, my opinion).

In terms of regulation though, short of explicit chargeback or disputed charges, they will never hold your money hostage.

Which is why I added that they're already backed and owned by a major bank, so it's not at risk of changing overnight after being acquired. For reference they exist since 2012 and have over 16k merchant account, including some big names in France (Veepee, Lastminute.com, ...) including some big names in business I feel like Stripe wouldn't touch (Dorcel store / adult toys and movies, Winamax and Pokerstar / online betting and poker, ...).

Thank you for the suggestion. I'll check it out.

mlok · 3 years ago

Would it be a good idea to have multiple payment methods ? So that if one goes down this way, the other still exists ?

"Not all eggs in the same basket" ?

pencablecoffee · 3 years ago

This is very relevant to my immediate needs. I just posted a question to Ask HN seeking advice on this topic and hadn’t heard of payplug. Do you have any experience with them as part of a multi-vendor marketplace product?

I don't but I doubt they would have any issue. You will need to deal yourself with the % owned to each and stuff like this, but beside that I don't see any issue arising

pier25 · 3 years ago

Does Payplug solve global VAT or at least EU VAT?

I can't seem to find any mention on their website about this.

No that's one thing they don't do that I do miss, for the value they just take an amount and charge that, how to cut it into product and taxes is yours to deal with.

ksec · 3 years ago

This is sad. May be it is too late now. But you should have come to HN aka official Stripe Support Forum and ask for support first before closing it down.

It's a shame that we have to complain on social media to get an actual human response to this kind of thing. If Stripe decides to reverse their decision, I'll leave it up, but it will remain open source.

tsuujin · 3 years ago

When I was starting up a small business, Stripe decided that it needed to “verify my activity” or some such nonsense and withheld all of my payments for several weeks. Meaning that I could not pay my team.

As far as I can tell, a client paid in a funky way that set off some automated system, and no real person was willing to work with me to get it resolved.

I will never trust Stripe with my business again.

varispeed · 3 years ago

It's a shame there is no regulation protecting small business from these practices. It shouldn't be legal for a big corporation to shut down someone's business on a whim.

ryanmcdonough · 3 years ago

"think Google Play Music, except we won't disappear. currently in early access."

You can't just give up at the first sign of a payment issue, otherwise you're no better than google ;)

You're right :). Let's say inter.tube is not dead after all. I'll leave it up and try and figure something out. I'm willing to eat the charges while we figure it out (it's also very cheap to run -- I prioritized cheapness in the design).

jacquesm · 3 years ago

If it helps you to keep it afloat I'm willing to offset some or all of your costs depending on how high those are.

freedomben · 3 years ago

Thank you for open sourcing it! That's a really neat thing to do. Further, thanks for open sourcing it as is and not doing the whole "it's not ready to open source" feet dragging thing.

And thanks for not closing it back up if you find another payment provider!

I would actually bet that open sourcing it is the best thing you could do for it if you end up wanting to grow the business, especially with how niche it is. There are people like me who wouldn't even consider using the service with it being closed, but it being open gets my attention. It would be absolutely bad ass if the official hosting solution could:

- Let me put in a backblaze token and bucket name

- Store all my uploads in the aforementioned bucket, in a format that I could switch back and forth between open source and hosted versions

I self host a ton of stuff but I'd gladly pay $10 to $15 a year for that service so I can easily switch to self-host in the future but don't have to manage yet-another-service. Given that the bulk of the expense would be backblaze and that would be paid for directly by me, that's almost entirely profit margin for you.

I can see really neat future ideas along this line too, like possibly even point a (to be created in the future) desktop app like Strawberry straight at the bucket and have it play/download my music!

danpalmer · 3 years ago

Did you have a Stripe account manager? If so, get them on the case – they know you and can advocate for the business and explain the product internally. At the very least they might be able to give you a much more detailed explanation of which precise features are causing issue and how you could resolve those things.

If not, why? Payments are a core part of any SaaS business, and it's important to have trust with important suppliers like that. Getting an account manager and proper business contract go a long way to preventing issues like this. It's somewhat unsurprising that Stripe don't have much trust for companies just signing up for the service as it's generally high risk for abuse.

I don't. My MRR is $5 currently, peaked at around $40. I'm far too small for Stripe to care about me. I was running this as a passion project. I'm not sure how to even get an account manager (does it just happen if you become big enough to matter?)

Some companies will proactively reach out, others need to be reached out to. It's possible this is too small, but then again many pre-revenue startups will get this sort of treatment so it's not just about money.

The thing to remember is that Stripe (or your cloud provider, or your email sending provider, or any other SaaS) get something out of that relationship – they get a sales channel, they can trust you more, they can lock you into their services, they can show you more of their value – these sorts of companies basically want these relationships. The fact you can sign up with a credit card and never talk to anyone is sort of just to appease devs that don't want to talk to anyone, it's not how they make money in the B2B market (it's a bit different for B2C or B2B-ish services like Squarespace).

This project sounds pretty neat, and I could see it appealing to the audiophile market. I know people who would be interested.

But, I'm sorry to say, it sounds like Stripe cancelling your service wasn't the biggest issue, but that the service never found its market. Looking at the site I couldn't tell what it was or who it was for, and it looked a bit dodgy. Copy like "we're not google. we won't kill the site" (said twice) makes it sound like a hobby rather than a company, and even if that's true, it's not going to go over well for marketing. Also, it's sadly somewhat ironic given that the service has indeed gone. I totally see the vibe you were going for, but I think that vibe is one that typically maxes out at a handful of friends using it.

At an MRR like that I wonder why you even bother with the payment service. It seems like a giant barrier to entry if it isn't making money anyway. Or do you use it to limit the influx?

faangsticle · 3 years ago

Its unsurprising that stripe doesn't trust their customers who sign up for them via their standard channels?

It's not that they don't trust them, it's that those accounts are the least possible trusted accounts that they have. They have the least information, the least relationship, the fewest checks have been done.

NoRelToEmber · 3 years ago

> This saddens me because my reasons for starting the site are the exact opposite of piracy! I was sick of artists getting paid virtually nothing for streaming service plays, so I decided to buy full albums directly from the artist as much as I could.

Ironically, by buying instead of pirating, you directly funded the legal and corporate environment that killed your service.

Right, so what is your alternative for paying musicians en masse for their music?

yawnxyz · 3 years ago

How do Backblaze and Cloudflare R2 get away with being storage and not violating these kinds of terms?

jabart · 3 years ago

As someone who worked in the payment gateway industry, they go through underwriting. They provide all necessary documentation, a person reviews it and periodically re-reviews that information. Another item to note is that the Sponsor Bank sets most of these rules. For a product that is making <$100/mo, the risk is too great and not worth answering a ton of questions every month by the sponsor bank and/or visa/mc each time the re-review comes up.

londons_explore · 3 years ago

This. It's a simple calculation of risk vs profit. Payment gateways are happy to put up with more risk, and put more effort into de-risking you as a client, if they are getting lots of profits from you.

Whereas if you have a turnover of $10k/year, and they're earning only 0.5% of that in fees, then it isn't worth them taking much risk or putting much effort in to earn $50.

It would be nice if people like stripe were more upfront about this. They could easily say "We have determined that your business might be high risk for us. If you pay us $1000 (which will be credited towards transaction fees), then we will work with you to mitigate these risks".

Appreciate the inside perspective.

Sander_Marechal · 3 years ago

By being well known, established brands. Sad but true

ryanSrich · 3 years ago

Silicon Valley and investor nepotism. The sad reality is that tech, no matter what size, is an elite club. Some get to play, some don’t.

SnorkelTan · 3 years ago

Responding to and complying with DMCA take downs and making efforts to ban repeat infringers probably. Also a large enough client that their head of sales/revenue would notice if they suddenly disappeared.

josephcsible · 3 years ago

You're implying that OP failed to do so, but you have no evidence of that.

iLoveOncall · 3 years ago

By offering storage solutions, not music storage solutions.

(not blaming OP, it's a cool project and a shame that people aren't being allowed to exercise their right to make a private copy)

alexdowad · 3 years ago

Well, maybe they don't use Stripe for payment processing?

pjc50 · 3 years ago

Not being advertised for or primarily used for copyright infringement.

jeroenhd · 3 years ago

In what way is uploading the music you bought to private cloud storage illegal?

Google Music asked me to upload songs and I did. Is Google really going to get sued to oblivion? I doubt it.

Did you miss this sentence, or are you disagreeing with it?

> According to Capitol Records, Inc. v. MP3Tunes, LLC, this is absolutely OK in the eyes of the law

joshmanders · 3 years ago

This is straight up victim blaming.