Is anyone else finding it interesting to see how a bootstrapped startup is implementing tighter security standards and accepts slower growth as a consequence while the startup du hour, fueled by massive amounts of other people's money, is pursuing growth at all cost and with little regard for the consumer? Reminds me a little of the YouTube founders who wanted to grow and be acquired as fast as possible and willingly accepted pirated content.
I think this has nothing to do with Roomorama taking advantage of the situation for their own profit. If anything, these guys have every right to be pissed off that a careless competitor is tarnishing the whole industry.
I wish I could upvote that comment multiple times.
That's true in general. Bootstrapped startups, as a whole, are generally built to be long-standing real businesses, and they treat the business as such. You don't sink tons of your own money into an effort if you dont truly believe in the profitability of the business (profitability of the business, not potential valuation or perceived growth). Neither myself nor any of my friends who are bootstrapping their own firms pursue growth in favor of customer support, security or aggressive valuation.
They have every right to promote their differentiation. Speaking as someone who lives in a great part of Manhattan and is often out of town, I've never used AirBnb because I don't trust their verification. I will definitely look for a competitor that does more thorough screening, even if the volume and rental price is lower. It's worth it to me.
Any of Airbnb's competitors are going to use this to their advantage. Rightfully so too... I didn't even know about Roomorama until this story.
The biggest part of the story though was thrown in at the end:
The harrowing story of the Airbnb user EJ prompted Ms. En Teo to reach out to her competitors in order to set a precedent for sharing information about sketchy users, so if she gets a report about misbehavior she can send an alert to get him or her banned from other sites. Incidents like this hurt the entire market as well as individual users, she said.
Some kind of data sharing would be a great thing for this industry as they are all vulnerable to the same problems (theft, etc...).
Careful with that type of data sharing. It can fail the game theory test. Lets say I'm a selfishly amoral actor in the room rental industry, and I want to lock up the market for myself. I can silence all my competition by releasing blacklist information on a number of current users, then those users will be banned by other sites and forced to continue using my site.
Banks do this today with their info sharing through ChexSystems. I've seen banks that will report their current account holders for the most trivial violations. The result being that the account holder can't open an account anywhere else.
They have to be careful, though, as this kind of thing can be considered libel or slander if not 100% true, and collusion even if it is true. Having an industry-wide blacklist will almost definitely run afoul of the law.
I call this the "problem of trust" and it is something I'm trying to solve. In order to be able to send out alerts, we need some sort of decentralized broadcast system. I am developing a P2P broadcast system called Proofnet which is based on proof-of-work to prioritize messages and minimize spam. I have describe it on the Bitcoin Forum here:
One of the applications of Proofnet is a decentralized web-of-trust where you can send out a scammer alert by giving someone a trust rating of 0 and broadcast that message with very high proof-of-work. See some more info on those efforts here:
Honest question: how is Airbnb or any of their competitors different than vacation rentals?
You rent a house for a week when the owners aren't using it. Often the key's in a combo box or they mail it to you. The only real protection is a security deposit which you pay upfront. The concept has been around for ages.
Vacation rentals (through Homeaway et al.) are typically set up just for that reason, and thus have combo boxes, carry some insurance, involve a cleaning fee.
AirBnb democratized the process by allowing anyone to rent out any portion of their property, contributing to supply and more competitive pricing, but with this set up you get into weird situations where owner's valuables and jewelry end up in the next room.
The business isn't different, however if you have a vacation rental, as the owner, you don't "live" there so you don't have your valuables, the couch you inherited from a favorite aunt, the nice new tv etc etc.
Airbnb and others have you sharing your primary residence, which puts it at risk if you are not also there. (and perhaps even if you are).
In a vacation rental house, other people will spend far more time in your place then you will and you plan accordingly. You might have a locked closet with your own stuff, but it probably consists of towels, toiletries and clothes - not electronics, birth certificates, financial documents, and highly-personal information.
Expect to see a lot more of this. AirBnb are vulnerable right now, and in a very competitive marketplace. They really need to step up their efforts to contain the issue, or competitors are going to walk all over them.
I for one expect AirBnB to come out winners after the dust settles. I don't see their competitors' names on the cover of FT, and the way human memory works, people will soon forget the negative reason why they originally heard of AirBnB.
This of course supposes that the AirBnB guys handle the rest of this right.
There's no real security in the process described. If they stole a wallet with a credit card, they also have the ID. I'd categorize it as actually harmful because it gives more of an illusion of security.
Couchsurfing apparently has someone capable of logical thinking on staff. The round trip of verifying an address adds real security.
Meh. I'm sure when this is all over, AirBnb will have put some measures in place to add additional security (from a pr perspective at least). Really, nothing short of legitimate insurance is going to make using a service like this "safe" (id's are easy enough to steal/fake) and I'm sure that the people likely to use something like this (who were already ignoring the common sense dangers involved) are not going to be deterred by ej's story (she claims on her blog to have been the type of person to leap first and wait for a net to appear).
In the end, many people who were never going to use AirBnB to begin with will feel more certain in their (probably wise) decision, and many new people who will be open to the idea will now have heard of it for the first time.
I've been asked for an ID for both vacation rentals (through VRBO) and from most places overseas through AirBnB. Each time it was when there were some valuable items inside.
In fact, every time I've gotten a place through AirBnB, the owner met me in person. Of course, I always rent higher priced places (I look for places nicer than a hotel for the same price).
I'm surprised that scanning IDs is much of a deterrent. If would-be thieves are going to the trouble of booking rooms on AirBNB and the like, they are obviously more than casual criminals, and probably fairly technically adept ones at that. Taking the next logical step to Photoshop the image doesn't seem like much of an obstacle for someone so motivated.
Indeed, if Nigerian 419 scammers have already picked up photoshopping IDs [1], you can imagine what a low barrier this will be. The real question is if you can verify the ID electronically from the image, and the answer will generally be no.
Some friends of mine started http://Tripping.com, which isn't about room rentals, it's about meeting strangers while traveling globally.
But, even since the beginning, their focus has been on security. I suspect that this is the advantage of having a female CEO / Founder. She grokked that as a potential problem from the very beginning.
Jen O'Neil, is one of the most fantastic young CEO's I know. The whole team is simply amazing.
As others have alluded to, it's trivial to photoshop an ID with different info and photo. You could use a stolen credit card and a modified ID to make a reservation.
That said, I'm more concerned with "email a scanned photo ID". Are they seriously having users send scanned IDs through email? Email is completely insecure and should NEVER be used for sensitive information such as an ID. IDs should be treated in the same manner as credit cards. Would you ever ask a customer to email you scans of their credit card? You'd lose your merchant account faster than you can say law suit.
When the major media picks up this whole rent-a-room-to-a-stranger-fiasco the bad guys will be AirBNB and the good guys will be the roomorama (and other competitors that capitalize on it)
No, when mass media picks it up, the hotel industry will be made to look like knights in shining armor... the hotel lobby is big and powerful and media is corrupt.
AirBnB's fiasco is not a long-term benefit for their direct competitors either.
Unfortunately as good as the intent is, a malicious user with devious intentions can simply forge an ID or use one of the many IDs they've already stolen from their unsuspecting AirBNB hosts.
I believe the best solution for fraud is to require the user to take a webcam shot of yourself while holding the ID next to your head. I had to do that once to verify my identity.
Roomorama doesn't scale. You could try to crowdsource some of the vetting responsibilities, or appoint community members to "check IDs", but then you get into uncomfortable privacy issues.
In a country with widespread use of fake ids, this doesn't mean a lot. Once you're past 21, what do you do with the IDs? Keep them for younger friends or throw them away?
Another sign that AirBnb could care less about its customers.
When first AirBnb heard about this, they could've
a.) Choose to protect her and other users from future incidents
b.) Hide and hope it goes away
If they choose a, 5 weeks ago, they would've already either changed the business process, or blogged about it to their community to warn them of danger (heck, the perp hasn't been caught/IDed yet).
But because nothing was done, the fact that they kept outputting PR responses, and offered no tangible amount/receipt/proof that they helped her, tells me that AirBnb is all about the $1 billion valuation. Nothing more.
This whole air bnb story is blown out of proportions.
Yea, when you open up your house for people you don't know, it can happen that you will get it trashed (honestly I am surprised this is the first time that it happened).
[+] [-] cdp|14 years ago|reply
I think this has nothing to do with Roomorama taking advantage of the situation for their own profit. If anything, these guys have every right to be pissed off that a careless competitor is tarnishing the whole industry.
[+] [-] veyron|14 years ago|reply
That's true in general. Bootstrapped startups, as a whole, are generally built to be long-standing real businesses, and they treat the business as such. You don't sink tons of your own money into an effort if you dont truly believe in the profitability of the business (profitability of the business, not potential valuation or perceived growth). Neither myself nor any of my friends who are bootstrapping their own firms pursue growth in favor of customer support, security or aggressive valuation.
[+] [-] SemanticFog|14 years ago|reply
[+] [-] mbreese|14 years ago|reply
The biggest part of the story though was thrown in at the end:
The harrowing story of the Airbnb user EJ prompted Ms. En Teo to reach out to her competitors in order to set a precedent for sharing information about sketchy users, so if she gets a report about misbehavior she can send an alert to get him or her banned from other sites. Incidents like this hurt the entire market as well as individual users, she said.
Some kind of data sharing would be a great thing for this industry as they are all vulnerable to the same problems (theft, etc...).
[+] [-] johngalt|14 years ago|reply
Banks do this today with their info sharing through ChexSystems. I've seen banks that will report their current account holders for the most trivial violations. The result being that the account holder can't open an account anywhere else.
[+] [-] wccrawford|14 years ago|reply
[+] [-] Astrohacker|14 years ago|reply
https://forum.bitcoin.org/index.php?topic=31038.0
One of the applications of Proofnet is a decentralized web-of-trust where you can send out a scammer alert by giving someone a trust rating of 0 and broadcast that message with very high proof-of-work. See some more info on those efforts here:
https://forum.bitcoin.org/index.php?topic=31198.0
[+] [-] AndyJPartridge|14 years ago|reply
But in this case, and probably any that follow it, it's extremely unlikely they used/will use their own details or credit cards.
[+] [-] Pointsly|14 years ago|reply
[+] [-] dadkins|14 years ago|reply
You rent a house for a week when the owners aren't using it. Often the key's in a combo box or they mail it to you. The only real protection is a security deposit which you pay upfront. The concept has been around for ages.
[+] [-] prostoalex|14 years ago|reply
AirBnb democratized the process by allowing anyone to rent out any portion of their property, contributing to supply and more competitive pricing, but with this set up you get into weird situations where owner's valuables and jewelry end up in the next room.
[+] [-] ChuckMcM|14 years ago|reply
Airbnb and others have you sharing your primary residence, which puts it at risk if you are not also there. (and perhaps even if you are).
[+] [-] blantonl|14 years ago|reply
[+] [-] run4yourlives|14 years ago|reply
The business idea is proven, AirBnB is just leveraging technology to stake out a significant market share.
Nothing wrong with this at all.
[+] [-] untog|14 years ago|reply
[+] [-] nanijoe|14 years ago|reply
This of course supposes that the AirBnB guys handle the rest of this right.
[+] [-] kevinpet|14 years ago|reply
Couchsurfing apparently has someone capable of logical thinking on staff. The round trip of verifying an address adds real security.
[+] [-] sprovoost|14 years ago|reply
[+] [-] indiefan|14 years ago|reply
In the end, many people who were never going to use AirBnB to begin with will feel more certain in their (probably wise) decision, and many new people who will be open to the idea will now have heard of it for the first time.
[+] [-] joelhooks|14 years ago|reply
Nobody has /ever/ asked me for ID. "Key is in the lockbox, here is the code! Have fun!" is the typical greeting.
[+] [-] Aloisius|14 years ago|reply
In fact, every time I've gotten a place through AirBnB, the owner met me in person. Of course, I always rent higher priced places (I look for places nicer than a hotel for the same price).
[+] [-] cubix|14 years ago|reply
[+] [-] pak|14 years ago|reply
[1] http://www.419eater.com/html/hall_of_shame4.htm
[+] [-] iamelgringo|14 years ago|reply
But, even since the beginning, their focus has been on security. I suspect that this is the advantage of having a female CEO / Founder. She grokked that as a potential problem from the very beginning.
Jen O'Neil, is one of the most fantastic young CEO's I know. The whole team is simply amazing.
[+] [-] driverdan|14 years ago|reply
That said, I'm more concerned with "email a scanned photo ID". Are they seriously having users send scanned IDs through email? Email is completely insecure and should NEVER be used for sensitive information such as an ID. IDs should be treated in the same manner as credit cards. Would you ever ask a customer to email you scans of their credit card? You'd lose your merchant account faster than you can say law suit.
[+] [-] almightygod|14 years ago|reply
[+] [-] r00fus|14 years ago|reply
AirBnB's fiasco is not a long-term benefit for their direct competitors either.
[+] [-] nextparadigms|14 years ago|reply
[+] [-] almightygod|14 years ago|reply
[+] [-] melvinmt|14 years ago|reply
[+] [-] ilamont|14 years ago|reply
[+] [-] tobylane|14 years ago|reply
[+] [-] d0ne|14 years ago|reply
[+] [-] chailatte|14 years ago|reply
When first AirBnb heard about this, they could've
a.) Choose to protect her and other users from future incidents
b.) Hide and hope it goes away
If they choose a, 5 weeks ago, they would've already either changed the business process, or blogged about it to their community to warn them of danger (heck, the perp hasn't been caught/IDed yet).
But because nothing was done, the fact that they kept outputting PR responses, and offered no tangible amount/receipt/proof that they helped her, tells me that AirBnb is all about the $1 billion valuation. Nothing more.
[+] [-] warpdude|14 years ago|reply
[+] [-] sentinel|14 years ago|reply
[deleted]
[+] [-] va_coder|14 years ago|reply
[+] [-] sentinel|14 years ago|reply
Yea, when you open up your house for people you don't know, it can happen that you will get it trashed (honestly I am surprised this is the first time that it happened).