1


Errrrrrrrrrrrrrrrrrrr, it's one thing for Stripe to be using trackers on the checkout page to check for suspicious fraudulent activity, but it's a WHOLE other matter to have those trackers as being the same google-analytics.com and stripe.js that is infested on many many other sites on the web. By filling in your billing info on the checkout page, Stripe and Google basically have the power to tie your Kagi purchase and your real identity to all the other websites you've visited with these trackers on them which is pretty much the majority of the web.

Sure, you can block them, spoof your browser fingerprints and hope for the best, but none of this screams privacy.

It doesn't help when Stripes privacy policy states they will do this with the trackers:

They at least provide non-verifiable reassurance of promising not to sell stripe.js data to 3rd party's by stating

but even then there's still the elephant in the room of Google finding it' crummy fingers into Kagi's billing page on Stripe.

I really really really hope that anonymous payments are given higher priority and in sooner time by the Kagi team as the whole billing side of Kagi is honestly just a complete disparity to everything else Kagi is doing great and stands for.

  • Vlad replied to this.

    NoGoogle Unfortunately we are not a payments company, we are a search company. We use Stripe as it is the easiest solution to handle payments. Users expect us to deliver the best search results and most are fine with us using Stripe. I understand this issue may bother some, but spending hundreds of hours to switch to a different payment provider is not something our small team can do right now, when users are expecting search features. Number of users using or ready to use crypto is very small. Will wait for other to chime in, in terms of prioritizing this (it is not clear what the alternate payment provide would we use, when all of them presuamebly do the same thing)? We'd really like to focus on being the search company.

        4 days later

        Vlad Can you clarify the OP point -- would google be able to link our payment to our Kagi browsing activity? Given the importance of privacy to the whole purpose of Kagi, I think this is important for users to understand the risk. Thank you.

        • Vlad replied to this.

            I have a problem with the bigger picture. You can barely buy anything on the web nowadays without potentially tying your IRL self to your general browsing. This isn't really a problem particular to Kagi, and I'm unsure that even if Kagi fully addressed this matter it would make any real difference for the privacy of most Kagi users, who unquestionably buy other things on the web using the same browser install they use for pretty much everything. As such, the only significant additional datapoint for these users might be that they are also paying users of Kagi. This isn't news to anyone watching your network traffic or who has access to your payment history. If the bulk of the problem really is in the sites you visit from linked search results, what can Kagi really do? As far as I can see, not much, and it's really on the user to try to enforce the partition of their buying habits from general browsing (using VPNs, Tor, different browsers, etc etc.) if they desire one.

              RobOK Not sure how to answer this. What browser do you use? If you use a privacy preserving browser like Orion then no, Google script will never run.

              Same goes if you use a good adblocker like uBlock Origin.

              Obviously this assumes that Google is doing this, and the Stripe has set it up in a way that it can - which they claim they don't.

                  No one is typing