NOTICE: I've tagged this post as NSFW just as a heads up, but there won't be any actual "nsfw" related stuff (like pictures, graphic text, etc...)

The "Industry"

I don't really publicize it, but as a software developer contractor, I get many different clients, and one of my clients is in the Adult Entertainment industry. Simply put, I build porn sites for them. (There, I said it).

I get a lot of questions like "Do you get to meet all the stars?", or "Do you just watch porn all day?", and so many more. Really though, I spent the first year on the job upgrading all the rails apps to 4.2 (from 3.x or 4.0), and then the next few years working on accounting software for affiliate tracking... Also, I work from home, so it's basically a normal job.... except for the fact that this industry is broken.

Now, when I say broken, let's think about porn sites. I know y'all be watching them, there's no shame in it. What's the first thing you think about when you think about porn sites? Sketchy? Maybe full of viruses, and ads? Malware, spyware, email spam for male enhancement pills? The fact is, this industry leads the technology market. It has to stay on the cutting edge of technology to find more ways to generate revenue. But the industry got a bad rep because people found out it was really easy to make a LOT of money with these sites. Ad revenue is ridiculous. Since people are going to look regardless, why not throw a few extra ads on there, maybe some popups? What if you just paid for subscriptions instead similar to hulu or netflix? First thing people say is "with so much free content, why pay for it? Who even pays for it?". Well, that mentality is why all those ads exist. These businesses have to make money to pay for hosting costs, and so much more, like legal fees for example.

The sites I work on don't really fall in to these same categories because my sites are actual pay sites with proprietary content. No need for the random pop-ups, or background pop-under windows because our members just straight up pay for all the content. But paying for the content is BROKEN.

How billing works

Let me give you a scenario with a guy we will call "Joe".

Joe's wife looks at the bank statement and sees a charge to "crazywildnekkidpeeps.ninja" (I hope that's not a real thing). She asks Joe what this charge is. He says in a furious tone "I have no idea! maybe our bank info was stolen, we better contact the bank." He calls the bank up right then and there and demands a new account number, and have that charge reversed. It's a fake charge. Well, the bank looks back through his account history over the last year and sees no other charges to this thing. It's out of the normal spending habits, so it must be fake. The bank reverses the charge, then sends the dispute back to the crazy wild... you get it. This chargeback actually goes to a biller company that gets dinged by Visa or Mastercard.

When you run a business, you can only have a certain threshold of chargebacks. This goes for ANY industry. You have to keep this percentage SUPER low.

Well, the crazy wild co looks through their member history, and they see an account for "joelikescrazynekkidninjas". They know for sure he signed up one night, but proving it is just not worth all the hassle. This scenario happened enough times that the banks got fed up with it.

Because of this, banks wrote their software to basically auto-detect some of these things, and just block it. It's a proactive way to stop fraud charges. So now we get Jim who is all about signing up, and his card gets declined. He's a legit customer with money, but the bank won't let him make the charge, unless he calls up their support. And, I'm sorry, but there ain't NO person that's gonna call a 1-800 bank customer support line at 11pm at night to sit on hold and have a porn charge go through for what may be 30seconds? A minute at best? of viewing time...

Cascade Billing

Enter cascade billing. A thing that really, no other industry has to program. This is a concept where a customer's card gets declined, and we assume that was a mistake. So what do we do? Well, we forward the customer to a DIFFERENT biller company to have them try again. That's right, a different company. On a normal app, you might use something like Stripe to handle your billing. It's super easy to setup, the fees are cheap, and the support is amazing. One problem for us is their TOS prohibits adult entertainment related charges. They literally say that we can't use their service. Why? Well, because they would have to take the hit for those chargebacks. If they didn't, they would have to raise their fees. Speaking of fees... Stripe charges 2.9% + .30 cents per transaction. Some of the billers in the porn industry charge up to 30% per transaction. Yup, 30% (not cents; percent) PER CHARGE. So if we charge someone $1.00 for a 1 day trial, the biller gets 30 cents off the top.

You might be asking yourself, what is one biller gonna do that another didn't? Well, some shady stuff is what they're gonna do. The first biller in the cascade will ask for your credit card. It gets declined, so we send to another biller that will ask for an e-check or wire transfer number, then if that still doesn't work, we can send them to a biller that sort of does an e-currency exchange type deal. The customer buys "bitcoin" (not actually bitcoin), and the bank says "oh, that's crypto currency, not porn, so we'll allow it", then the biller gets the money, and takes their fee, then sends the rest to us.

I haven't even got to the worst parts yet... If you're cringing already, then hold on, seriously..

It gets worse

For compliance sake, some of these billers require that the payments be done on their sites. This means we have to redirect the user completely off our servers over to these biller servers with some code for the product (subscription) that they are buying. We log in to their admin interface and create these products on their sites (they don't offer APIs), and then take the codes, and store those in our database. A very common problem is that we have a price set, then the biller shows a different price because someone forgot to log in to each of these billers (like 4 or 5 of them?) and update the prices there too. One biller had a bug in their software where we sent them the price in USD, they converted it to YEN, then sent us the amount that was paid was $YEN (not ¥YEN). Our system then saw we had a member sign up for $1,100 USD. We did a 50/50 split with the affiliate, and when it should have been like $10 sending the affiliate $5, we sent them almost $600. We noticed that it wasn't just 1 biller that had issues with currency conversion, but a few of them do. Again, we don't have a choice. We have to use these people because companies that are nice to use (like stripe) don't allow for us to use them.

Here's where it really gets good. When a customer has a support issue, they don't come to us. They go to the biller. The biller is who charged them, so the biller handles support. Sometimes a member might have trouble logging in to their account. The biller will then need to contact us to relay that there's an issue. We fix the issue, then let the biller know the issue is fixed so they can let the customer know. This turn around time is tough when you have a 1 day trial. The customer completely misses their trial and feels like maybe this was a scam.

It's very common in this industry, as a developer, to do things that are against your normal programming teachings. Things that in any other context you'd be taught to never do. The reason is because of all these work arounds dealing with so many different moving parts. Especially when these moving parts are all super outdated and really expensive pieces of software that you've been tightly coupled with.

A common piece of software, that almost all sites in the industry uses, has a unified solution for these sites to track affiliate sales, handle the postback data from the billers, manage multi-tenant sites, and member subscriptions plus do all the reporting. You pay a hefty fee to this company for the license to use their software (all written in PHP), and then you're ready to go. We don't use PHP though, we had written everything in rails, and we had to integrate with it. Here's how that went:

Even though it's written in PHP, they used zend to "compile" and obfuscate the codebase. It was almost impossible to fix a bug or make a change. It didn't support SSL at all. It used reserved characters for URL encodings which break most (including rails) URI parsers. This left us with weird bugs Inconsistent database schema. It took heavy use of php serialization to store numerous bits of data in a single column, and in some cases required 4+ table join just to get a single bit of data. Upgrade was really expensive, and required a huge server update to support the version of PHP, and a few other things. The admin section generated reports in to a single image of bar graphs, and these images were broken (showed the broken image icon). So viewing reports was very difficult At some point, it didn't follow pemdas, and since some of the reports were broken (see 6), no one notices affiliates being over/under paid out for several years. That's a lot of cash down the drain.

Fighting the Law

A big chunk of money that these companies have to spend are on lawyers and law suits. As a general consumer of this content, this may never occur to you. I'm sure you've been on one of the major tube sites and come across a video or two that have water marks on them in one of the corners.

Well, this content was created by someone. Someone owns the rights to it, and it's most likely NOT that tube site. This is common enough that some sites have to go after other sites for "stealing" their content. 99% of the time it's just a user that saw a video on one site, downloaded it, then uploaded to another. That means that when a site allows users to upload content, they have to be VERY diligent about what was uploaded. Even more so because some people are sick and upload some very illegal content. So as a company in this industry, you have be ready to pay for some lawyers to help fight the actions of stupid people using your site.

So after a $13,000 hosting and CDN bill, $20,000 in attorney fees, $50,000 in affiliate payouts, and $50,000 in developer/employee costs, and the coup de grace 30% fee on every transaction, it's easy to see why these sites either charge a lot, or have a ton of ads.

Recap

We deal with multiple outdated and broken bits of software We get charged unreal amounts by 3rd parties because we're limited in who we can use due to TOS for most companies Customers can't be trusted Billers can't be trusted Changing laws affect how and what content can be created which shrinks market availability and makes the limited market more competitive and difficult Server hack attempts are multiple times hourly. Law suits for content being "stolen" or take down notices

If anyone wants to make a killing, seriously, build a proper billing system for this industry. I wish I could get in to more of the technical details of why these things are bad, but trust me, it's worse than what I've described.