January 18, 2012

When a bad business model breaks up.

The daily deal business has it’s share of challenges.  One particular challenge is merchants providing products to the daily deal companies who themselves have shaky financials or questionable business models.  One huge blow up last year was Peanut Labs project WeeklyCinema.  WC tried to build a business model based on breakage (people not redeeming their coupons for full value or fast enough).  They lost the bet. Another group, Digital Doorstep, came along and tried the same thing with other gift cards (and Fandango).  It seems Digital Doorstep didn’t know how to do math either.  Tippr received this from them today as they filed for Bankruptcy. 

All,

It is with great regret we announce to you the closure of Digital Doorstep through Chapter 7 Bankruptcy.

Digital Doorstep has experienced fatal technology challenges to our redemption system causing severe late payment of over $3 Million in past due receivables by 23 Digital Doorstep Clients. Digital Doorstep's clients refusal to pay for services rendered has left Digital Doorstep in a position where it must formally send consumers seeking their product back to the Daily Deal site they purchased the product on.

For the next 45 days Digital Doorstep will continue to capture all consumer information when seeking redemption and forward consumer code request for your deals directly to you weekly from codes@digitaldoorstep.com

Launched in February of 2011, over 1 Million consumers have purchased Digital Doorstep "Experiences" ranging from Date Night to Girls Day Out and many more. Digital Doorstep has successfully serviced on the behalf of our daily deal clients over 600,000 consumers in the past 120 days. We pride ourselves in customer service and are shutting down redemptions to prevent further frustration by consumers.

We respectfully deny any attempts to "increase breakage" or to delay consumers in any manner whatsoever. Our redemption model has not changed from day one, it is simply a process of entering your code on our website and having the cards or codes emailed or postal mailed to you. Prior to our technology crash and late payment issues Digital Doorstep flawlessly serviced over 500,000 codes through our redemption process.

A company of our size simply cannot sustain $3 Million in unpaid accounts receivable.

Effective immediately Digital Doorstep will direct all consumers who have purchased a Digital Doorstep experience through your website  to seek an immediate refund or request direct delivery of their "experience" from your site.

Digital Doorstep has listed you as a potential creditor and you will have the opportunity in the next 45 days to ensure your claim is paid through our asset liquidation. The U.S. Bankruptcy court and a U.S. Bankruptcy trustee will be responsible for liquidating Digital Doorstep's over $3 Million in past due receivables, undelivered inventory of $2 Million in gift cards and digital codes,  and finally our database of over 700,000 active buyers to distribute funds to our clients who have paid in full and have open redemptions in our system.

For the forseeable future, Digital Doorstep will handle all client inquiries through our attorney Tom Polis and all consumer inquiries at info@digitaldoorstep.com

Thomas J. Polis, Esq. 
Polis & Associates, APLC
19800 MacArthur Blvd., Ste. 1000
Irvine, CA 92612

Formal bankruptcy filing information, including case number and details on the claim process will be forthcoming.

We sincerely thank you for the opportunity to have partnered together and will cooperate fully with the U.S. Trustee to ensure any and all financial impact to your company is handled through an expedited asset liquidation process.

Sincerely

Digital Doorstep Team

Posted by Martin at 8:33 AM | Comments (1) | TrackBack

January 19, 2011

Living Social Hacked (Update)

Ok, I am in the software business and all software has bugs. Some software has more bugs than others. Some software is just simply poorly designed. Especially in areas where the application at first blush is pretty simple and anyone can hack one together in a weekend. Sometimes these hacked together weekend projects take off and become wildly popular. That is when you suddenly realize the value of professional software engineers (or not).

One such overnight success story is the site Living Social (full disclosure I run a competing platform at Tippr.com). While the site has been a consumer success, they have had more than their fair share of technical challenges. Initially these technical challenges had to do with scaling to meet consumer demand ( a good problem to have). Now unfortunately there are serious security and commerce transaction holes being exposed. Unfortunately Living Social is not just a site with funny pictures of cats. It is a commerce site dealing with hundreds of millions of dollars of transactions on behalf of their merchants and customers. Bugs in commerce sites can lead to GIGANTIC losses for everyone involved. This is not just "whoops the site is down" stuff. This is REAL MONEY.

Here is the latest problem. Living Social doesn't do server side quantity validation (at least they didn't yesterday). Who cares you say? Well Amazon.com for one. Their latest offer of a $20 gift certificate for $10 has the explicit restriction of ONE per customer and no gifts. You see, Amazon actually only wants to discount their product for new customers or existing customers only on $20 of merchandise. If Amazon knew there was a way to buy say 100 vouchers and receive $2000 of Amazon merchandise for $1000, they would probably blow a gasket. Jeff you better sit down. Because Living Social only validates restrictions on order quantity in the client, and not the server, there is a simple inspect element command in many browsers that lets you change the "1" to any number you want. See the screen shot below.

LivingSocial code hack

I won't go into all the details of how to perform this hack in your own client and I am only posting this near the end of the Amazon offer because I don't wish this liability to be any worse than it already is. Unfortunately I have received notification of this vulnerability from multiple sources today. Based on the feedback I am getting on the extensive use of this hack on this particular offer, I hazard to guess that thousands of people have exploited it. From the magnitude of the exposure, I wouldn't be surprised if 50-75% of the total purchases of this deal were in violation of the one per person rule (meaning that amazon only got a hundred thousand or so unique customers not over a million).

Bugs are unfortunately a fact of life in software. But this particular vulnerability is not a bug. It is a DESIGN flaw. Programmers took a short cut by putting quantity validation in the client. They hacked the site together and are holding it together with bailing wire. I hope for the benefit of Living Social merchants and advertisers, they take some of their $175M and hire some top notch commerce architects. This didn't need to happen.

Don't let anyone tell you software is easy. Don't trust your business to software cobbled together as a hobby that just happened to take off. Don't underestimate the value of good software engineering. At scale, when you are selling real volume and doing serious business, the details matter.

UPDATE 10:58PM
Thank you to all of you who have written and sent further proof of this and other vulnerabilities in the Living Social system. Here are two screen shots I received anonymously which confirm the hack and show purchased vouchers hitting the credit card and in a user account.
My Account - LivingSocial with 100 amazon certs
My Deals - LivingSocial- 100 individual $20 vouchers in the account

In addition, I received two MORE ways to circumvent the limits by using the browser back button and a simple e-mail address hack (no I won't explain). A reader with the first hack purchased 7 vouchers and a guy with the second hack purchased 5 vouchers.

Business Insider has also made a note of this hack and contacted the company. The CEO claims that they "intentionally" designed their system this way (uhm, ok Tim) and that the server takes care of everything later at settlement. Well I am sure the server does that NOW that the vulnerability is public and I am glad for Amazon's sake that the site is working overtime to fix this problem. Tim further suggests that the problem is not wide spread and that client side hacks are not showing up in the number sold. The screen shots above tell a different story. I have an inbox full in screen shots like that. One person with 100 vouchers in their account. That is not a client side hack that was ignored by the server. 100 of the over million sold were certainly sold to one person. The number sold on the live site that ticks along as people purchase is certainly overstating the unique purchasers by some significant amount. Maybe I just have alot of hacker friends and my 50-75% overstatement is off. When LS runs their "server side reconciliation" and washes out all the gamers (as they claim they will), I wonder if they will issue the "adjusted" number sold. I suspect not, especially if it tarnishes in any way their "biggest day ever".

But this post is not about Living Social sales. It is about quality software development and doing right by your business partners in the deal business. If there were alot of gamers, Amazon just gave 50% off on over $25M worth of merchandise that they probably would have sold at full price to these same people anyway. Amazon are incredible at measuring the ROI on any promotion. If this one turns out to be a dud, I doubt they would admit it publicly, but they will know.

Daily deals done right on a quality software platform with appropriate controls can be the most effective customer acquisition tool an advertiser has. Done poorly they can degrade your brand and erode your value proposition. I hope this Amazon promotion ends up the former not the later.

Posted by Martin at 7:47 PM | Comments (2) | TrackBack

December 3, 2010

Why Grougle would be a huge mistake for Google

Ok, this is my personal blog, so I can say personal things. This is Martin Tobias speaking.  Ok, I am also the CEO of Tippr with a dog in the Groupon/Livingsocial group buying fight, but this post is showing up here because it is more about my thoughts as a technologist. 

I am a tech nerd.  I know the difference between a bit and a byte.  I know how to code (not well).  I am passionate about product and technology.  While with Microsoft in the early days (1989-1997), the place was full of similar tech nerds with bad hygiene and hyper focus.  In recent years, Google has become the place for the smartest tech nerds to go.  Google is fundamentally an engineering driven company like Microsoft was.  Back in the early days of online services I remember Microsoft trying to get into the content business with MSN (to compete with AOl) and hired a lot of creative hollywood type people.  The culture clash was crazy bad and I believe eventually that is what killed Microsoft as a content company. Engineers just don’t do content. 

Now onto Groupon/Google.  Groupon is run by a guy who’s last job was in a band.  One of their most prized assets is the editorial voice of a talking cat.  This is a consumer brand/entertainment company.  This is not an engineering driven organization.  The culture clash between Google and Groupon is going to be epic.  If it happens I will enjoy watching the destruction from the sidelines. 

As a Google fan and an ardent believer in the engineering driven culture (it is what we have at Tippr), I will be sad if the merger happens.  It would be a giant mis-step for Google and it will fail. 

Posted by Martin at 9:41 AM | Comments (2) | TrackBack

November 19, 2010

The Power of Deals in Context

I have been talking about the power of putting deals in context with content for a long time.  This is the future of daily deals, not another site full of coupons. 

Today, this was brought home in spades while reading a story on Business Insider about a Google/Groupon rumor.  Business Insider has a group commerce section which is Powered By Tippr.  What shows up in the middle of the story about Groupon/Google?  A Pipeline deal which is powered by Tippr.  Got to love it when it all comes together.

Tippr near Groupon story on BI

Posted by Martin at 9:47 AM | Comments (0) | TrackBack

November 17, 2010

The incredible flexibility of PoweredByTippr…

One of the great things about the PoweredByTippr platform is that the technology can enable group commerce for anyone with an audience.  This audience can be hyper local in one city, national with multiple local audiences, national with no geotargeting at all, or even not related to local business or deals at all.  This was brought home to me today when Dane Knecht, our VP of Development reminded me of seven current sites we power with VERY different audiences.

1.  Entercom Austin - national Radio brand http://myaustinperks.com

2.  Belo - national TV operator, http://yollar.com

3. Daily Texan - College newspaper/TV/Radiohttp://deals.dailytexanonline.com/

4. Business Insider - National business web site http://pipeline.businessinsider.com

5. 365Austin - Austin, TX facebook fan page,http://deals.dailytexanonline.com/

6.  225BestEats - Leading Baton Rouge media company,  http://225besteats.com/

7. Tippr.com - the #3 consumer destination for local deals, http://tippr.com


Posted by Martin at 1:41 PM | Comments (0) | TrackBack

Yipit nation, a good thing

Our friends over at Yipit have launched Yipit Nation.  A daily deal aggregator focusing on national deals.  Happy to see it. Especially since they are including many of the sites that are PoweredByTippr including BusinessInsider!

Posted by Martin at 1:11 PM | Comments (0) | TrackBack

November 12, 2010

Weekly Cinema BLOWS UP

How many $10 bills could you sell for $5.  Well bunches.  That is basically what http://weeklycinema.com was doing with discounted movie tickets.  At Tippr we promoted the offer for them and sold thousands.  Customers love discounted movie tickets.  We could have sold an infinite number of $10 bills for $5.  The real question always in the back of my mind How long can you sell $10 bills for $5?  Well we got the answer today from Weekly Cinema: 

Notice to be posted on www.weeklycinema.com

Thank you for visiting Weekly Cinema. The future of Weekly Cinema is under review. While this review is being performed, we are not able to process or redeem movie ticket coupons.  We are working with our deal site partners to achieve a refund for the unused movie tickets and promo codes in your Weekly Cinema account in an amount of up to the price paid for each of the unused movie ticket coupons.

A Hotline phone number to provide additional information about Weekly Cinema is being set up. Please provide your Weekly Cinema user ID in the box below if you would like us to email you when an update is available. Otherwise, check the site later today for further updates.
 
Bummer for all the Weekly Cinema customers.  I am one of them. I had not redeemed all my tickets yet and the site won’t let you anymore. so I am emailing weekly cinema for a refund, but I am afraid they are bankrupt.  Ouch.  As a deal site, Tippr will try to keep our customers happy, but we are out the money also.  This is not going to be fun for anyone.

Posted by Martin at 10:11 AM | Comments (2) | TrackBack

October 22, 2010

Groupon is bad for consumers

I am not making this stuff up.  Monopolies generally keep prices high and extort consumers.  While Groupon is not a monopoly, they are the big boys in daily deal and are able to use their weight to lock up merchants and control pricing.  Here is a specific example.

Tippr ran a deal for Weekly Cinema as they were getting into the market which offered customers 4 movie tickets for $20.  $5 per ticket.  See it here in seattle. After this became one of our most successful deals, Groupon took notice and called Weekly Cinema offering them an exclusive long term relationship.  Now of course the conspiracy gremlin in my head is telling me Groupon is doing that to kill Tippr and deny competition any meaningful revenue.  There is some of that I am sure, but lets look at what happened to consumers. 

Consumers lost out.  Groupon now has 6 tickets for $38 in NYC.  By my math that is $6.33 per ticket.  That is a bad deal.  Groupon costs consumers money an limits merchant’s ability to market their business. 

Posted by Martin at 9:00 AM | Comments (2) | TrackBack

August 4, 2010

The facts contradict Groupon’s spin machine

Ah to be a 24 year old CEO of a hot company again.  The mistakes I would not make…  Well the CEO’s job is to be optimistic and put a positive spin on things to the press, but it is quite embarrassing when you get caught red handed with your staff contradicting you.  Ok, now to the fun stuff, Groupon’s latest gaff.

Groupon has been in the news lately for forcing merchants into overselling their inventory and causing excessive strain on the merchant.  MSNBC had something on this just this week.  In that article, Mason says: “CEO and founder Andrew Mason of Groupon says the company explains the risk shops take when they sign on. It tells its 30,000 clients not to expect to turn a profit on the deals and suggests they limit the number of coupons they sell.”

While the head is spinning to the media, the body is doing something else. Below is an actual email to a merchant from a Groupon sales person.  (Yes Mr. Lawyer I have the entire email if you want proof of authenticity). 

 

Hi XXXX,

So the verdict is as follows, the city planner is uncomfortable with doing a main feature that isn't 50% off and has less that 1000 tickets to sell.  It sets a precedent for other businesses to be loose with the numbers and we would prefer not to allow that.

Hummm.  Sounds like the sales people are NOT letting merchants cap the vouchers they sell and are pressing them for steeper discounts than the merchant is comfortable with.   Wouldn’t want to set a precedent of doing deals that are actually good for a merchant now would we?  Unfortunately this heavy hand is becoming more the norm that I hear from merchants in the field. 

And yes again this week two merchants that we featured on Tippr were contacted by Groupon lawyers and threatened with law suits for running a promotion on Tippr after running on Groupon. Their lawyers are very aggressive enforcing the often overlooked exclusivity clause in the Groupon contract.  No Tippr doesn’t have an exclusivity.  That is bad for merchant. Why would we want to limit the ways our merchants can advertise?

I sincerely hope Groupon continues to annoy merchants like this.  It is good for Tippr.

Posted by Martin at 1:24 PM | Comments (0) | TrackBack

July 20, 2010

Yet another Groupon Fail

Ok, you have all been reading lately about how the big daily deal sites are hurting small merchants and doing more harm than good.  So far I have stayed out of this one.  But a friend sent me this picture from a restaurant in NYC and I just have to post it.

  IMG_0021[1]

Lets see…  Humm…  “Groupon Customers are just deal hounds scamming my business so I am going to put up a warning to them on my front door.”  That one has got to hurt. 

Posted by Martin at 8:39 PM | Comments (0) | TrackBack

June 9, 2010

Good intentions gone bad

I may be a helpless romantic and optimist, but I generally believe that most founders of start-ups are trying to do good and create great products.  Being an entrepreneur myself, I tend to believe hard work and innovation will win customer’s hearts and minds.  There are obviously some people in the business just to make a quick buck on a trend. Those I am not so charitable about.  Unfortunately it seems like we have a bad actor coming into the Group Commerce / Daily deal space in HomeRun.com.  When they started in San Francisco sourcing their own great deals and I sent a “Welcome to the party” note.  I love people passionate about the deal space, competition is good. 

But recently, things have taken an odd turn over there.  Suddenly HomeRun.com has dozens of cities overnight.  How did that happen?  Well what they did is write a scraper of other deal sites like Tippr, Grouon and Living Social. These deals are presented as “friends of HomeRun” even though no-one from HomeRun has ever contacted us over here at Tippr.  The deals are re-framed in the HR UI and presented with a “buynow” button.  Unfortunately the “buynow” button doesn’t buy the deal, it pops up a message to get you to subscribe to HomeRun.com’s proprietary email list.  When you do that, you are then sent over to Tippr.com where you are faced with another “buy now” button.  Putting aside all of the obvious poor user experience issues (and the lack of windownew), this kind of thing is just not in the spirit of on-line commerce.  This is bad acting.  HomeRun.com is using Tippr without permission to build their own in-house list.  They are not adding any value to the customer experience.  In fact I believe they are degrading the customer experience significantly. 

A funny twist on this unfortunate situation is that Tippr is the most aggregator friendly deal site out there. Today we announced the acquisition of FanForce and the extension of our deal platform to white labels powering lots of brands.  Other deal sites explicitly prohibit their deals from being aggregated.  We believe daily deals should be distributed everywhere. But not without attribution. Not without authorization.  Not in a poor customer experience.  If you see Tippr deals elsewhere on the web, please let us know. We want you to see Tippr deals in lots of places, but we want to be a part of it and ensure a great customer experience.

 

homerun seattle

Posted by Martin at 2:38 PM | Comments (2) | TrackBack

May 20, 2010

The heavy hand of Groupon

I have been in the technology business for a very long time.  There is always a darling of the moment.  One such darling is Groupon (disclosure my company Tippr is in competition with them).  I am always intrigued by how many of these darlings screw up their position and customer good will by being heavy handed in some clumsy way.  Facebook is getting the riot act recently over their heavy handed Privacy Policy changes.  Google has lost some luster over collection of the geocode of your home WIFI (and sucking some data) without your consent.  Groupon seems to still be in the honeymoon phase, but there are an increasing number of cracks starting. 

Most people saw that Groupon was sued in class action for violating consumer protection laws and quickly settled it with an offhand joke.  I don’t tend to think flaunting consumer protection laws is a joke. 

Three more came through our merchant calls at Tippr this week that the general public doesn’t know about yet.  I am just here to help.

First up: the “Groupon Platinum Partner program”.  Google it and you will find nothing.  It is not on their web site, not in any of their press.  Because it is a 24 month exclusive contract with a Merchant that locks out any other group buying or on-line promotion partner for the merchant.  The terms would make Microsoft lawyers proud.  Merchant signs up for 24 months to only offer daily deal promotions through Groupon.  Groupon pays a spiff in the back-end if the contract is upheld.  Now of course any two businesses can decide to have an exclusive relationship anytime they want.  But this contract goes beyond the pale in terms of penalties on merchants and the scope of exclusivity.  What if Groupon underperforms your expectations, would they sue? Are you allowed to cancel?  Good questions.  Locking in your merchants with lawsuits is very heavy handed. 

Next up: “I’m from Groupon and I am here to sue you”.  Groupon’s merchant contract used to say you can’t run a better deal within 60 days of running on Groupon.  Now that there is real competition (Tippr, etc.), it says you can’t run ANY deal within 60 days of Groupon.  Yesterday over at Tippr Boston, we featured a great local merchant.  They ran a Groupon 58 days ago.  2 days to go.  A lawyer from Groupon called and threatened to sue to recover all revenue paid to from Groupon during their last promotion.  Did I mention it was only two days?  Way to build merchant trust guys.  Tippr of course does not have the exclusive language, only the “better deal” language.  Tippr took down the offer as a service to our merchant, and are looking forward to featuring them again soon after Groupon’s lawyers cool off.  Made me smile a little that Big Boy Groupon cares about little guy Tippr.

Frequent readers already read my Groupon API rant.  Again, heavy handed “you must follow Groupon’s view of the world and can’t show my deals with anyone else’s” tactics.  Developers are significantly limited in what they can do with the data. They are also restricted from showing Groupon deals along side any other deals (like all the aggregators are doing).  That is basically putting yourself above the fray.  Fine, you are the big dog you can do that.  But don’t try to put on a happy friendly face and expect to get credit for being a good corporate citizen because you are not.

 

I appreciate Groupon’s trail blazing efforts to expand awareness about group buying.  Keep executing your don’t play nice with others or merchants strategy.  I think it is a winner.

Posted by Martin at 2:54 PM | Comments (3) | TrackBack

May 17, 2010

When is an API not an API?

Ok, I will say right up front that this is going to be somewhat of a rant.  As my Twitter followers know, when I see a product crippled in obviously selfish ways (#ipadfail), it hits a particularly sore note with me.  Over the weekend I found yet another such product.

Over @Tippr we are in the final stages of developing our API to allow third party developers to take our local deals and use them in their own applications.  At a technical level, an API (Application Programming Interface) is simply a structured way for programs to communicate with standard information calls to receive standard structured data.  Overlaying the technical details is the fundamental idea of openness and all the Web 2.0/3.0 “we are all in this together” love.  When you say “my application has an API”, most people will give you props for being part of the love.  When you tie lots of strings to that API, or cripple access to important parts of data, you have broken a core tenant of the implied API code.  You have broken trust.  Developers will figure this out.  I don’t understand why companies provide API’s if they then cripple through the TOU the use of the API/data so much that it makes the API useless. 

OK, now to the fun part, the guilty party (ack call the lawyers):  Groupon.  Check out some of the terms in their API Terms:

“You agree that you will not, and will not assist or enable others to:

  1. cache, record, pre-fetch, or otherwise store any portion of the Groupon Content, or attempt or provide a means to execute any “bulk download” operations;
  2. modify the Groupon Content, or use it to update or create your own database of business listing information;
  3. create or disclose metrics about, or perform any statistical analysis of, the API or Groupon Content;
  4. use the API on behalf of any third party;”

So what does this mean for a developer using the Groupon API?

1.  Their application can’t do any caching which could include Groupon data.  Caching is an important performance tool for every application I have ever developed.  Having to fetch Groupon data on every page load could cause serious performance problems. 

2.  You may not store any Groupon content in a database of “business listing information”.  Humm can’t store data I get from your API in a database, can’t cache it.  Now what can I do with it?

3.  You may not do any statistical analysis of the API or content retrieved therefrom.  So I can’t say create an application which aggregates daily sales from Groupon across my state and shows trends?  I can’t use New Relic to measure the response time of the API calls to Groupon’s servers.  I can’t even use Google analytics to track the API calls.  Back to the data, my application can’t do any statistical analysis of “Groupon Content” at all.  Like say showing sales trends, pricing trends, category trends, geotag bucketing, category analysis, pretty much any kind of analysis which might add value to the “content” delivered through the API.  So why is my application retrieving this data again?

4.  A software developer may not use the API for their client. That would be “using the API on behalf of a third party.” 

Well you say, there may be legitimate technical reasons for all the above legal gobblygook like Groupon wants you to always have the most up to date information and doesn’t want competitors scraping their site, and yes I can make a long list of excuses too.  But wait, there’s more.  Yes because Groupon is fundamentally all about building a consumer brand and protecting it, there is an additional little missive from their lawyers happily entitled “Groupon Branding Requirements”.  I will have to admit this is the first time I have seen this level of hubris from any company.  Just a few choice snippets. 

“If you’re only going to recreate the functionality of Groupon’s own web site or mobile apps, save yourself the trouble and just put up a link.”  Ah, now that’s how you motivate a developer community!

“Don’t aggregate our deals with other providers.”  Humm but my application is actually trying to provide consumer value.  A major way of doing that is compare/contrast and help navigate the various daily deal site data.  Oh, but Groupon doesn’t want that level of scrutiny of their deals. 

“Wherever you display our content, you must prominently display our logo.”  I don’t have problem with credit, but the logo’s come with minimum sizes that are quite large and have specific color schemes that may not work with my application. 

After reading all the documents and requirements around the Groupon API it is clear that they have take the “my data and brand is more important than your application” approach to their API.   That is fine.  Good luck with that.

Posted by Martin at 6:57 AM | Comments (2) | TrackBack