Advertising has always been a way to make otherwise losing propositions profitable, and as long as there are companies marketing products there will be advertising. It would be wasteful not to tap in to those dollars.

As Patio11 elsewhere already pointed out adsense is a form of micropayments, and micropayments are the 'pay-as-you-go' of subscriptions.

The only problem with that is that adsense is not transparent and it doesn't allow you to set your own price. In fact, you don't even know how much your inventory is really worth.

So if your site does not have a very tight coupling between the users and the sites, one that you expect to last for many months or years advertising is actually a very good solution, but adsense in particular may not be the best you can do.

Another problem with adsense is the fact that clickfraud benefits both google and the fraudsters, so for advertisers it is very difficult to track whether they're spending their money correctly or not.

I wished someone would start to give google some serious competition in this space.

Or you could, you know, be the guy paying for the AdWords. I sell a product to consumers over the Internet. Stop the presses, I know. I have many competitors who do free versions essentially the same product, monetized by ads. My ads, since if Google polled the entire world saying "Hey who of you would pay cash money to speak to an elementary school English teacher currently making Reading Rainbow bingo cards?" I'd be up in the front row shouting "OOH OOH PICK ME!"

Since I know what Google charges me and I can estimate what Google keeps, I can ballpark estimate the CPMs for their sites. Its in the $2 a month range. The effective CPM for my site is more than twenty times higher than that.

Ads also have a pernicious effect on your product design. A core skill for B2C products is optimizing them so that the user gets through the workflow successfully. We optimize for success, because successful users pay us money. If you have CPC ads on your site, you have to optimize for failure: the ad has to be more enticing than your application/content or you don't get paid.

Granted, there are some audiences who don't pay money for anything (why hello, students) and some applications whose users will not pay money for them (why hello, URL shorteners/social networkers/anything starting with the letters Tw), but you don't have to make these. There is literally infinite need for solutions to problems, even in B2C (C stands for consumer, i.e., one who buys products), that you could deliver profitably. And then spend a portion of those profits tossing nickels to sites without business sense so you can steal their users and charge them dollars.

I've been saying that for years, nobody believes it.

But it is definitely true, if you're a destination site and your clickthrough is lousy then you are in a good spot to do subscriptions. It means your product is better than that ads.

   If you have CPC ads on your site, you have to optimize
   for failure: the ad has to be more enticing than your 
  application/content or you don't get paid

I'm having trouble getting my head around it.

Also, the idea that a service's success hinges on a user's ability to remember a password is preposterous. Seems as if it could be somewhat of an obstacle when a service is first launched (Dave's early Paypal), but come on. Passwords have become commonplace, and for the most part--especially when money's involved--people don't seem to forget them. They may have when e-commerce was in its absolute infancy, but with the rise of ebay, Paypal, online banking services the password has garnered undeniable legitimacy among the majority of people. I have no data to back this up, but this isn't too outrageous a claim. Right?

Maybe I'm looking at this from the wrong angle.

nope, sorry you're wrong & yes you have no data to back this up. even with "100's of millions of account", it's likely PayPal has never been used by a large % of internet users -- perhaps even a majority -- and it's certainly not used frequently (ie, >1x / month) by more than tens of millions of users. even without me being there for 5 years i'm pretty sure any recent eBay quarterly stmt will back me up on that (note: accts != users != frequent users).

trust me: "the forgotten password problem" is STILL a huge issue for PayPal today, as it is with almost every large site... even one as frequent as PayPal (or Amazon).

if you think i'm mistaken, i suggest you talk to any major tech blog site that has switched to using Facebook Connect or Twitter oAuth for comment authentication, and the subsequent increase in comment activity.

it's not too much of an extrapolation to draw a similar conclusion around 3rd-party auth integrated with payments (which is what PayPal has been doing for 10 years).

Here's his solution to password friction: "Make a brain-dead simple, frequent-use product. If users login a lot, then they don't forget their password." He then lists the following examples that solve this better than PayPal: Social Networks, Email, IM, Games, Music, Entertainment.

I can't recall the last time I needed to use my password to login to Facebook, Skype, gmail, etc. The cookies are set to let me in. If I were a low-tech user, the password friction problem still exists as it always has. Amazon has me logged in; I can add books to my wish list without retyping my password. But to make a purchase, I have to type my password. The password friction problem does not go away.

It looks like purchase notifications via SMS is already in play, not so sure if anybody has tried purchase authorizations yet.

nope, wrong again. ARPUs for PayPal users are probably only around $5-25 per year (excluding the minority of fanatic eBay regulars), and you can easily eat up all of that cost or more in telephone customer support.

US-based customer services reps cannot complete a phone call for less than $7 fully loaded. You really, realllllly do not want to have a CS infrastructure taking multiple calls to resolve Mrs. Smith's inability to successfully use her computer when Mrs. Smith is probably going to be worth less than a buck fifty to you and will likely need more handholding next time, too.

A more likely case than relying on "maybe users will remember their passwords better" is that Facebook could capture a larger part of transactions (say 30% as App Store does) which enables them to better cover support and fraud.

Don't throw ARPUs at me. Either they are profitable or they are not.

I can certainly understand the argument that users of other sign-on systems "may" remember their passwords better than PayPal, but what evidence do you have of this? What extra margin of increased password remembrance makes for a more profitable model?

it was deemed to be "cheaper" to just not deal with a minority % of password recovery cases (that might also occasionally be fraud) than to provide high-cost customer support for low-value average users.

think about it: if you can cut a minority % of your customer base that causes a large % of the cost (or simply just more than they are worth) then you can make more money.

this wasn't such a big mistake in itself, except that PayPal probably didn't consider the network effect of negative brand damage due to not providing very good customer service for such a large # -- though still minority -- of users.

i'm saying this: 1) telephone support is expensive, and doesn't offset low-value ARPU 2)

If I have someone using my site all the time, it's easy to sell him something new.

However, the problem with a one-time payment is that the vendor loses incentive to continue supporting the buyer after the transaction. The primary way to generate additional revenues from that customer is, as you say "sell new innovations and features".

This adding of new features can increase complexity which eventually impacts the ease of use and increases the learning curve. These two side effects can have a negative impact on new user signups.

I'm optimistic of the web app user model after having developed desktop software for the past 10 years. Each version has to "work just like the previous, but better". You can only do that for so many versions :)

Isn't this somewhere in between of subscription and one-time payment? Users still get the sense of 'ownership' and based on a product, businesses can get payments almost as if it was a subscription service.

Though I absolutely understand that this model can't fit all, but I find it to be a good option to consider.

Should we assume that you talked to 6 billion people, or would you like to qualify your blanket statement?

From talks I've had with people, people prefer to pay a one-time fee than a subscription.

$50 isn't a a lot of money to many people so your product could still considered an impulse buy.

If you look at a product that runs $25/mo, a user would look at $625 one-time fee. I'd imagine the one-time purchases would be much lower.

The one-time fee strategy is a way of pulling people in cheaply and then upselling them. You will not a $25 a month product $650 one time, you make it $99 one time payment, and you optimise your funnel to upsell them within the first 4 months.

A $25 a month product will have a LOT of cancellations compared to a $5 a month product.

If you are selling a product that is a one-time fee and you are happy with the model, then fine, let's agree to disagree. If you are building something and want to make subscriptions or have some interest in my statement being wrong, then you are approaching business with the wrong attitude.

In the absence of any information to the contrary, I like to work with the little info I have.

  1) Password retrieval/reset by email
  2) Password retrieval/reset by secret questions

1) financial sites have more secure / higher-friction password recovery techniques than non-financial sites

2) more inside-baseball point that i didn't get into -- PayPal security questions weren't in the acct signup flow, they were in the after-txn flow of email confirmation. HOWEVER, since many people either a) intentionally or accidentally didn't provide the right email, or b) even if they entered the right email, they didn't go thru email confirm, then

result: MANY MANY people -- i estimated at least 10%, possibly up to 25-50% -- never entered their security reminder Q's. this subsequently resulted in limited ability to recover password info without having to FAX IN driver's license or other paper info, which most users screamed about.

in short: it's a long story, but password recovery for financial sites is much harder than non-financial sites, and for PayPal is even harder still than other normal financial sites due to the way we had implemented mandatory acct creation workflow and security reminder Q'n workflow.

needless to say, this was a fucked-up situation that resulted in a lot of customer service hassle... which i got to experience first-hand on many occasions.

(sorry for the long-winder explanation, but you asked, so... but it's not your fault. even many people who worked there didn't understand this very well. it used to frustrate the hell out of me)

If you can't make your product a frequent-use product, use somebody else's sign-on system (Google, Facebook Connect...).

Maybe reading Williams Zinsser should be the new black ...

but between sleepless redeye blogging and my usual retardedness, "i didn't have time to write a short letter"

my apologies, and thanks for hanging in there if you got to the end. my condolences if you didn't

I'll just leave this here: http://lab.arc90.com/experiments/readability/

"This has been a complete ramble and i don't have time to edit this shit, so i'm leaving it as it is."

After a couple years of being down on MSFT, I've gotta say that xbox360 is a pretty brilliant product. Xbox live Gold can be purchased as a 5.99/month subscription, or 45/year one time payment. (like itunes cards, you'll find these in places like target and walmart).

in fact, most likely a common model would be: 1) free for most users 2) low-cost txn for first paid use 3) convert initial txn users into frequent use / regular subscription later, but continue txnl model as well.

perhaps in mid-rant I failed to explain this clearly; possibly due to lack of sleep, or the cocaine-heroin speedball I shot up before getting on the redeye to NYC.

then again, maybe you guys just need to read that little part where I say "AND" between subscriptions & transactions, not just draw your conclusion from the headline... but I digress.

b) even if they don't type their passwords in "much", they certainly do so relatively much more frequently.

whether or not my post was a rant, this is a fairly simple point based on simple frequency of use.

Why not openid?

a) care about managing their online identity

b) remember a valid URI

What do you think the odds are?