Paddle.com Woes with Solutions

Paddle.com is a merchant of record handling subscription payments for you. They take care of taxes, card charge retries and currency conversions. At the end of the month they send you a reverse invoice.

Very convenient for a bootstrapper. Unfortunately not so convenient for a programmer. Or someone based in a country that doesn’t take kindly to that.

It’s Written in PHP

And it expects you to do things the PHP way. To verify a webhook you need the PHP-specific ksort() function that sorts a dictionary. Difficult to do in other languages, as shown by the fact that all implementations cook up their own phpserialize() function.

If you use Go save yourself a day of work and check out my implementation on GitHub.

The API Is Crappy

The company has been around since 2012 and the API is versioned at 2.0, but it’s still immature.

Lousy documentation

The custom checkout endpoint documentation does not tell you what types the different parameters are. This requires some trial and error, especially for parameters like recurring_prices which it turns out is a list of strings. Check out my implementation to save yourself some time, but keep in mind that I might not have gotten it right in all cases. As of 15.09.2019 this is no longer true, they documented the types.

Lousy design

Setting up webhooks for one time payments is even worse. It’s not obvious which webhook type will be sent (is it Fulfillment Webhook or Payment Succeeded?). By analyzing the received payload I learned it’s the former - a webhook type that’s missing the alert_name field needed to differentiate between payload types. Did they forget to include it? A significant road bump - but I’m clever! I’ll work around it and add a custom field with the missing data. Not so fast - custom fields get ignored by the Test Webhook dialog. What can I do here, other than specifying a different URL for this one particular webhook type?

PS. Remember that quantity is a string, not an int. And if your webhook handler returns a 400 don’t get mislead by the test dialog telling you it got a Page Not Found error.

Lousy consistency

Some API requests will go to vendors.paddle.com/api/2.0/, while others to checkout.paddle.com/api/2.0/. The former expects arrays to be in the HTTP Post format (e.g. ?arr=1&arr=2). The later expects arrays to be a string (e.g. ?arr=1,2).

Lousy practices

Oh, and did you add links to the documentation in your code’s comments, or a blog post such as this one? Tough luck, the Paddle team likes to change and break them from time to time.

The list goes on

Here is what one Paddle user had to say about their API:

Their APIs are poorly thought out and constantly have almost but not quite the right amount of info. There’s all kinds of weird edge cases you can run into. Eg you can change billing agreements in almost anyway you want once you have a card auth, unless they are in a trial period, then you can do nothing.

They May Block Your Account

“That sounds like a bad joke”

You can find a few horror stories about Paddle on the internet. One ex-customer writes on Product Hunt:

Go for Stipe or Paypal. Never trust Paddle.com

They suspended our account without any notice, just before reaching the payout limit. The reason they said is “Unsupported product”.

We’d Skype meeting with their team member and have clearly explained what we do and what we sell.

Poor support too. Rarely respond, even after days!

We lost all our customers and payments. Never trust paddle.com. I would say it’s a fraud company!

Can you verify your product before?

They have the right to choose who they do business with. The financial world is full of fraud and rigid rules. As a small company they prefer to play it safe.

Asking them if your product is acceptable before signing up seems like a good idea, right? A user on Indie Hackers says no:

In my experience using paddle for draftss.com, we tried moving to Paddle last month and received a confirmation from their support team that we can start using paddle for our services and start billing the customers instantaneously and there was no need of any further verification. Everything was proper and started billing our customers. We added the products successfully and sent it to few of our clients. After receiving paid subscribers, almost after 10-12 days later the subscriptions were cancelled stating that Design falls under Human services, which they do not allow on their platform. This comes after confirmation from the paddle support team even before signing up for Paddle. We’re glad that we didn’t move all our customers in a single go.

Are you safe if your product is on the safe list?

It turns out that no, even if you’re 100% sure you’re on the safe list they can still ban you. A maker on Indie Hackers writes:

This week though just before the paid launch, they’ve silently closed my account with no notice, and now (a few days later) they’ve sent a very short email saying my activity is ‘not suitable’, and they won’t be discussing or doing anything about this.

Update: they’ve sent me an email after hassling them a lot, and this was ‘due to a technical error’.

Great for now I guess, but holy shit you can’t just shut down people’s businesses with no notice, by accident. This is crazy.

Can I sleep safe at night?

I asked support to verify my product, which they did - they said it’s OK. I received a few payments so far, so the first wire transfer is safely behind me. But their list of acceptable business is eerily (and silently) evolving every time I check it.

Am I a “business opportunities” product? A “marketing service”? If I send my customer an SMS am I a “phone service”? If I link to user generated content, am I now an “age restricted product”? And in which jurisdiction? Is my service “unfair” as determined by one or more of the mysterious Card Networks? Am I infringing upon the terms and conditions of any third party? Who will judge that? If I write “read your customer’s minds” am I now a “digital service associated with clairvoyance”? If one of my products breaks the rules will all my subscriptions be cancelled?

I feel uncertain about whether or not they will block me and there doesn’t seem anything that I can do about it. I’m sure that these events are rare - surely they don’t want to reduce their source of revenue. Nevertheless a few people seem to have been wronged.

Why are they so strict?

Being a merchant of records is tough business. They take your product and resell it as their own. It’s like being Amazon for the SaaS space, except the merchant has control over how much and how often they charge. Giving the merchant too much power can be abused.

Imagine that someone creates a service that charges $1 per year. They could easily get a few hundered customers. Then one day they’d charge each $1000, withdraw the money and run away. The subscribers would issue chargebacks, and the company would be at a loss.

Here is what their main competitor is dealing with:

Paddle’s strictness seems to be working well for them:

It’s Designed for a Company with Just One Product

An indie hacker, their typical customer, will commonly have a company registered in the country they live in. And under that company they’ll have multiple money making products - you know, with different websites and on different servers.

You cannot have two accounts registered for the same legal entity. That is fine, as you can just create multiple subscriptions for each of your products. However, as it turns out, you cannot set different webhook URLs for them.

Annoying, especially given the circumstances under which the company was founded:

Christian founds Paddle from his bedroom in Corby, United Kingdom (the glamour!), he is 18, and this is his third business. As a software and app developer he encountered the frustrations of selling software globally and decided to do something about it.

Paddle Demultiplexer

Because I use Paddle for two different products I needed a solution, even if it was hacky.

After reaching out to support and hunting for an answer on the internet I believe that the best way to use Paddle for multiple products is to run a webhook demultiplexer. Luckily, with Go the job is easy, and with Google AppEngine you can run it for free.

I’ve open sourced my Paddle Demultiplexer project on GitHub.

They Don’t Want Help

In January 2019 I contacted Paddle and offered to write a Golang library for them. They kindly declined, stating that they’re working on it internally. Over year later it’s still not released…

Not Compatible With Startup Incubators or Cheap Accountants (In Poland)

Paddle is designed to be convenient. You don’t even have to send them an invoice, they generate one for you. That seems like a good idea, until the reality of the law hits you.

Because the invoice is generated by Paddle you have no control over it. The government recommends that invoices be numbered sequentially - if they are not then it’s considered highly suspicious and increases the chances of inspection. And an inspector’s job is to find something - they always do.

Because of that all startup incubators have refused to handle Paddle’s invoices for me. Discussing this with my friends I learned that it’s to be expected and cheap accountants will refuse to handle them as well.

Solution: get an expensive accountant and don’t use a startup incubator. Unfortunately that will cost you $400/month, as opposed to $60/month for an incubator.

Their Dashboards Are Random Number Generators

A monthly subscription service doesn’t care if it got two payments on the 12th and one on the 14th. All it cares about is MRR. Received a payment for one year in advance? That will mess up your chart even more.

The Good

I question their code quality and worry that one day everything will go down and never come back. But their support team really tries to make up for it. My experience with them so far has been outstanding.

You contact them by email. A real human talks to you, takes the time to understand your problem and perform manual steps, if necessary, to solve your problem. Big thank you to Paddle’s support team.

Summary

As one user on Facebook accurately put it:

We use Paddle. They seem to do fine at processing cards and paying out the money owed.

Everything else sucks.

There is a lesson to be learned here. If your tool solves a real need for real people they will use it, even if it’s crap. Polishing your stealth mode product and adding “just one more feature” changes nothing.

See also

Setting up your SaaS? Drop your email below and I'll send you more protips

From time to time I'll send you my thoughts on running a SaaS so you can reply and let me know what you think. I won't send you anything I wouldn't want to receive myself. Unsubscribe any time.