X begins charging new users $1 a year in New Zealand, Philippines
bbc.co.uk[Dupe]
Lots more discussion yesterday: https://news.ycombinator.com/item?id=37922973
This has nothing to do with bots.
It's all about getting everyone to provide their credit card details for future revenue streams eg. micro-transactions.
And also to give them a competitive advantage in the ad space e.g. allowing companies to target you based on your real life identity.
Except the plan will never work for mobile users who sign up via the App Store or Google Play Store.
"According to his biographer, Walter Isaacson, Musk’s push to sign-up subscribers was very much intertwined with his quest to build an “everything app,” and Musk grew angry when he learned Apple doesn’t share credit card details of those who sign up with their iPhones." https://www.engadget.com/x-is-starting-to-charge-new-users-1...
Of course every iOS developer already knew this, including members of his own engineering staff, which just goes to show how insulated and out of touch with reality the guy is.
Just finished reading the bio so I can clarify this a bit. Despite what it sounds like out of context the take away was that he did know the App Store rules but he was under the (wrong) impression a company of that scale could speak with Apple and get the data anyway.
TBH this highlights even more how out of touch they are -- too used to living in a bubble where the rich can get what they want and bypass rules that apply to regular folk.
It’s not like there’s no precedent for this. Look at all the rules WeChat was able to ignore due to their size and influence. I assume Elon expected a similar treatment for Twitter.
WeChat is backed by the CCP, aka the government with a military and de facto legal control over Apples factories. If they don't comply with WeChats requests, the CCP can ban Apple from doing business in China, with force if they have to. Hence, Apple complies.
That's where the precedent comes from - WeChat (as well as basically all major Chinese companies) carry state backing to force their way. Musk has afaict no backing from any government, least of all the DoD (who hate his guts for the shit he's pulled with Starlink in Ukraine).
You're overreaching. Can the Chinese government force WeChat to provide data to the government? Yes. But WeChat is a private product built by a private company. In addition, WeChat has a ton of competitors inside China as well. These competitors can overtake WeChat. The government isn't preventing competitors from competing directly with WeChat.
WeChat is literally just Tencent. I'm staying at a hotel next to Tencent office right now in Shenzen. There aren't any military people working here. Just engineers.
Read my post within this chain for why I think WeChat has a lot of power when it comes to getting Apple to create features it needs.
WeChat is way more important to everyday life in China than the iPhone is. I'm writing to you from Shenzen right now.
You don't need an iPhone to survive in China. You absolutely need WeChat to survive. For example, you literally can't order food when dining inside a large number of restaurants without WeChat. The menu is in WeChat.
So whatever WeChat (Tencent) wants, Apple has to consider it. Otherwise, Chinese phone makers can and will provide more convenience.
Thanks for the clarification.
However, I don't think it's even legal for Apple to hand over credit card info to third parties. Not that Apple would anyway, because it would completely destroy customer trust in Apple.
I guess Musk does not talk to Zuck
Make life multi planetary? Nah.
Try to clone WeChat in the US but with more trolls? Now that’s important to the human future.
It would actually be completely fair to say that X now costs $1 per month to use. You'd have to drop the ads as well, which given their fall out with larger advertisers again would make sense. In some weird sense it would fit with my overall view of Musk, if the advertisers don't like what he's doing, he'll block their access to his platform.
Journalists, consultants and influencers could just expense the cost and get a tax deduction or have their employer pay. Given the value most people claim to get from X/Twitter I don't see why $12 - $20 isn't a reasonable cost.
I'm also not sure if a dollar per month would be enough to keep bots at bay, it's also a little unreasonable to simply outsource your vetting of users to the credit card companies and banks in this manor and I doubt that neither VISA nor MasterCard finds the idea amusing.
Indeed. X could raise the funds by using anonymous payment methods, but we all know it won't use those.
It might cut down on anonymous harassment/abuse if people can't create anonymous accounts and hide behind VPNs and throwaway email addresses.
But it's not going to make any difference to anything if it doesn't apply to existing accounts.
I'm embarrassed for Musk. He overpays for Twitter, mismanages it to a lower value, and is now panhandling for dollar bills to make himself whole.
I'm amazed that the 'rebranding' was started, seemingly with no plan, then just aborted, with x.com still just being a redirect to twitter.com, and everything still in 'Twitter blue'.
Nobody's going to call it X, and 'ex dot com' isn't a great name. He should probably just accept that mistakes were made and revert it.
I worry that this may paradoxically increase bots, because now the price of legitimacy is $1 per year. Bot farms and shills will do the math.
It’s not the $1, it’s the identity linked to the charge. So now they can be blocked as well as traced back to the funding account.
I once was in a charity sponsored therapy group and they had a $10 fee. I was annoyed as this was a pretty wealthy organization and the fee seemed discriminatory, or at least a hassle. I learned that it was just there to validate each participant.
So I think this is just a filter to help reduce bot spam.
If X or Twitter or whatever accept payments via Apple Pay or Google Pay then there is absolutely no way to track anything. It's those services simply dont provide any information back to ex-Twitter.
Also there is number of services like privacy.com that allow to hide real card details. And even if person is using real card then payment process have absolutely no way of knowing anything except those few last numbers of the card.
Bypassing credit card checks for botting as easy as any other protections.
When performing this kind of verification, you can easily (and usually do) block cards from services like privacy.com by looking at BIN codes. I also don’t think spammers can get large numbers of unique DPANs from Apple and Google Pay since that involves a cryptographic exchange between your device and Apple/Google with involvement from your issuing bank.
Also most payment processors provide some sort of key that lets you identify if two users entered the same credit card number, for example Stripe[1]. So you’re not limited to last four digits for checking if two cards are the same.
[1]: https://stripe.com/docs/api/cards/object#card_object-fingerp...
Yes you can block everything, but with every specific service blocked you limit your ability to accept new users. There also legitimate banks that let you have 5-10 virtual cards or generate unique card each time you pay.
Spammers do have large number of unique phones in their farms as well as budget to have undetectible rooting and hardware ID faking. And Google Pay / Apple Pay as well as majority of banks actually do nothing to prevent you from adding your cards to 10 different phones.
Of course it's all makes lives harder for everyone who want to get a new account, but nothing including literal ID / passport and face verification make is impossible to bypass.
You can get a ton of DPANS from Google Pay simply by logging in with a different Google account.
> payment process have absolutely no way of knowing anything except those few last numbers of the card
This is just plain wrong.
1. Payment processors know everything because they process the payment
2. Application developers don't know anything besides the last 4 is closer to reality because they're probably not PCI compliant to access the remaining information. BUT some processors such as Adyen will try to provide a unique identifier for each card (that has no further information except linking multiple purchases across vendors and channels).
Now with this unique identifier X still wouldn't know WHO you are but they could provide that information to advertisers that might know or at least use it to track you online and in person
> 1. Payment processors know everything because they process the payment
They know all the information you given, but in practice they can't even verify "name on the card" that you entered in most of countries. In some countries they can check your billing address ZIP code, but that's all about it.
And there absolutely no way for them to find out if you are unique user with one card or you just have 10 cards for the same credit account or created 10 supplimentary cards for all your family and the dog.
Apple and Google and Stripe do not allow the same card on multiple accounts.
Also, having a fraudulent Apple Pay account is pretty rare and requires an entire apple account. That can be shut down if shenanigans.
My original point is that having a credit card greatly reduces the anonymity of accounts and allows for greater ability to trace back to the user. Both for uniqueness (ie, does prepend front 500 twitter accounts?) and for legal reasons (eg, prepend just did a crime, let’s find out who prepend is).
This doesn’t mean people can’t get around it. It means most people can get around it.
Apple and Google absolutely have fraud capability and will cooperate with merchants and law enforcement.
I think for the therapy group there’s also an aspect of wanting people to have some skin in the game. If you give something away for free, plenty of people will take it. But as soon as you put a mild obstacle in the way, even if it’s a small payment, you’ll weed out the people who don’t really want to be there.
> It’s not the $1, it’s the identity linked to the charge. So now they can be blocked as well as traced back to the funding account.
Do people on HN actually think this will work? I'm genuinely curious. Knowing everything we know about the underground economy of sockpuppets, bots and carders - combined the (un)willingness of real people (especially in relatively poorer countries) to pop out their credit card during signup for a social media site - do folks really think this will produce a high-quality stream of new signups?
It's not even about the quality of signups.
It just will not solve the problem he's trying to solve. It will reduce low-effort and out-of-box tooling, but it'll also increase the value of successful networks, which will encourage better tooling and cover the mule costs.
Hope the bots don't discover stolen credit cards
Stolen credit cards generally cost enough per number that getting one Twitter bot out of each is not going to be economically viable. Not to mention the fact that if the $1 is charged back, Twitter will know about it.
The backlash is funny. USPS does the same thing for mail forwarding to verify identity and legitimacy. It’s not like this is some crazy money-making idea from Elon.
> It’s not like this is some crazy money-making idea from Elon.
It's going to give him real name, street address, and zip/postal code for these users; for a company that makes most of its money off ads, that's absolutely money-making.
I remember having to send a euro for a service (can't remember which, only that I was building my rack at the time, but it might have been for a car pooling service), but it was immediately reimbursed upon reception from the service provider.
People need their mail, because they can't things like social security checks without it. It's not clear that anyone really needs Twitter, except for influencers and bot-shops.
There’s a 0% chance that musk has any private interest in reducing bots. Bots was his excuse to try to get out of an obviously shitty deal that he made. That’s it.
It only works if you ban them in the first place!
Given the current policy around blue tick (which is full of crypto bot and onlyfan sex workers, without any reaction from Musk whatsoever) I doubt it will have any effect.
Also, World of Warcraft servers are full of bots, despite needing to pay to create and keep an account, so again it doesn't bode well.
Plenty of bots are paying the 5$ verified account
It's a non-issue
And of course a lot of them have the same X logo or Elon's picture, because His Xcellence probably fired the thinking heads dealing with spam
You need to follow up the payment barrier with identifying bots and the info (cc+contact) they used to verify their identity.
Oh, just identify the bots.
I’m surprised he hasn’t asked his fanboys to volunteer to moderate. Reddit has volunteer moderation.
And Reddit just got done crapping all over them, and they're still there working for free. I think X will be ok.
What do you mean he hasn't, I'd definitely classify community notes as a volunteer-based moderation.
However, the rate-limiting factor might not be the cost, but the availability of unique credit card details.
You can buy pre-paid Visa and Mastercard debit cards from many retailers.
Availability of cards isn't going to be an issue.
And payment processors can also identify these. And most of them you have to purchase with a minimum amount on ($10 or $20 afaik).
Virtual debit cards however are interesting. My bank lets me set up as many of those as I like and I don't even have to use my real name or billing address with them.
And yeah, there's also the stolen credit card / debit card market. I really can't see this adding that much pain for these bot handlers. It might make it a bit easier to identify the patterns at least.
I think this will just end up moving the problem further down the line and end up with twitter accounts being bought / sold.
It's trivial to prevent this category of card from being accepted. Many similar services already block pre-paid cards.
Google Adwords already does this, for example.
THere was a period where spammers would run up high charges on prepaid cards and (of course) not actually pay for the ads.
Can you automate that though? Having to buy an individual card per bot could be a pretty annoying secondary cost for a thing whose lifetime value is likely measured in the single digits of dollars.
You don't buy card numbers individually. You buy lists of them, of varying quantity, quality and price and you just cycle the numbers until you find ones that work.
Costs per card about $5 bucks, and will get cycled into a multi-merchant hit to extract the most value from each card. A $1 Twitter charge, $50 bucks in digital gift cards, a "maybe it will work" hit for hundreds in electronics, or clothes, etc.
If nothing else, Twitter just made itself a GREAT place to test stolen numbers, since a $1 charge isn't likely to raise any flags and get the card shut down.
That's not very scalable.
Bot farm owners are the only ones who dont care about either $1 a year or $5 a month because they are the only ones on platform who know their ROI very well.
Aren’t tiny payments like this a favorite for people testing if stolen credit cards are working?
They are, credit card thieves will happily spend more than $1 to verify a credit card. Not acting on such transactions if how you get an angry call from VISA.
I couldn't imagine that he's trying to kill Twitter even faster than he already was killing it.
I've seen so many bots with blue checkmarks that $1 per year doesn't seem to be that much of a deterrence for the more sophisticated bots.
They charge for "the ability to tweet, retweet, like posts and reply to posts."
It will be very interesting to see how this turns out.
Obviously, there is no value in the ability to publish your thoughts. You can do that for free on an ever growing number of platforms. But Musk seems to bet on a private attention economy. Where even private individuals are willing to pay for attention. Not only businesses.
Has this been tried before, or is this a first?
> Where even private individuals are willing to pay for attention
Twitter Blue is already this. When you get verified your replies and posts are boosted in others feeds. Just one of the reason the quality of the app has bottomed out but yes: I think there is an audience very willing to pay for that.
This is really just a way to get your CC authorised to make transactions. It’s a nothing cost, but it exponentially increases he likelihood of someone buying something through the platform, or upgrading to a new feature set.
IMO, this will fail.
I have no evidence to back this up, but I imagine a lot of people are like me and just keep the app on their phone or whatever for when the occasional person sends them something or they read a post on a forum that makes them need to actually browse Twitter.
I imagine a lot of people like me are not even going to remotely consider to pay a dollar to have that ability. It’s not nearly important enough or integral to our daily lives.
This does make me curious though. Could someone pay a dollar to have an account that dozens of people can access until it’s tapped each month or day or whatever the limit is? Basically create the Netflix account sharing problem for Musk. Or mirror the content out forcing a constant whack a mole?
I wonder, why they cannot just check your card, instead of charging $1?
It's not much and I'm ready to pay if it helps fighting bots.
But at the same time I noticed that before Elon took over Twitter, there were less bots (or it at least seemed so).
Will it help - that's the question
Hahahhaha there’s less bots now than before Elon took over.
Now instead of reply bots tho I get like bots.
I paradoxically only really started heavily using Twitter when it seemed to decay under Musk (because I wanted be along for the fun ride). But I can hardly imagine that there could have been more bots before than there are now. Almost all my tweets are immediately liked by some catfishing bot and there are crypto spam bots under every slightly popular tweet.
Same here. And good engagement dropped down significantly. When I had 10K followers, I can easily get 200-400-500 likes and they were more or less real because I also get a lot of impressions and replies.
Nowadays with 35K followers I get, say, 20 likes and ~3 of them are bots.
As someone who reported tons of stupidly obvious spam/crypto bots pre takeover I'm genuinely puzzled as to people reporting _increased_ bots as I can spot maybe one every now and then. Maybe it's because I'm a passive user, but to me it's solved.
Interesting. It could be that I never noticed before because I wasn't as active (and have gained a couple followers in the meantime, thus becoming a slightly more attractive target). In any case it's now bad enough to make me reconsider using the platform at all (that and the promoted replies and tweets by blue checkmarks). Related to your remark about reports: my last few spam reports got the reply that the tweets didn't violate the "sensitive content policy", even though I reported them as spam, not sensitive content. So something seems to be broken about the report system now too.
Your profile must have a target painted on it because that is not my experience at all.
There are definitely more bots in the replies to the people I follow (a dwindling number as they are all switching focus to bluesky, threads and their own email).
And many have the $8 checks so ... $1 a year is going to very little to the bot population.
Do you have a source on that?
Well..not so easy, is it?
https://finance.yahoo.com/news/elon-musk-text-messages-revea...
In another April 14 message, angel investor Jason Calacanis messaged Musk: “You could easily clean up bots and spam and make the service viable for many more users — removing bots and spam is a lot less complicated than what the Tesla self driving team is doing.”
Makes sense.
NZ (and Oz) is often used as a ‘isolated western market’ for testing product concepts. Coca Cola do this all the time for example.
Philippines is a fraud center. Sorry Filipinos I don’t like it either.
I think that's a good way to reduce bots but I also don't think Musk is an honest person.
What is the ratio of junk emails to junk carrier mail? The reason there is so much electronic spam and scams is because the cost to blast these out at scale is essentially $0.
Carrier mail is also traceable. Payment systems add traceability to something like X.
Unironically happy about this as I think it’ll help me finally kick my Twitter habit.
I hope they're prepared for the wave of fraudulent card transactions.
Id expect they are. And that will allow them to shut off more accounts.
The people making those charges don't care about the accounts; they're using the $1 charge to test that the stolen card details work before going and buying a $500 gift card somewhere else.
The victim eventually does a chargeback, which are expensive and risk your merchant account.
> they're using the $1 charge to test that the stolen card details work before going and buying a $500 gift card somewhere else
Why would they start using twitter for this rather than the current merchants they use?
Yeah they'll get even more money. Unlike small businesses or startups their payment processor not going to get rid of them for those refunds.
Can I get a list of the people who paid? I would like to sell them NFTs.
I don't believe this will work out well. Many bots will come, as long as they make a >$1/year profit, which I believe most of them do.
I think you need millions of bots and the marginal return on spammers may be thousands of a cent. So even $1/year may be too much for botnets.
Imagine a botnot and if each node cost the operator $1. The economics require near zero marginal costs to ddos or spam or whatever.
It seems to cost $10-20 to buy 1,000 followers [0] so I expect lots of those accounts get turned over frequently.
It will be interesting to see if this has any effect.
[0] https://www.socialchamp.io/blog/buy-instagram-followers/
There are a ton of blue check bots right now and that is more that $1/year.
It might eliminate some of the like bots and other noise, but might also make the blue check bot network cheaper to run.
It doesn’t need to eliminate all bots, just reduce the number.
And I think there are far fewer blue check bots to regular, free bots.
In my personal experience, the bot problem is actually worse than it used to be.
Ah yes, lets trust Elon Musk with your credit card info. What a joke.
People buy Tesla cars online.
It's been widely reported that many of the senior management at Tesla/SpaceX had to run interference to keep Musk away from day to day operations.
X/Twitter is Musk unchained.
Honestly, why make shit up?
…and using their Starlink on a subscription plan which their plan is linked to their card numbers. Oh No /s
Time to cancel because Musk made lots of techies cry over a bird site.
Tesla isnt the personal toy of Musk.
They should charge more. Realistically nobody who can’t pay $1/year is worth listening to.