[chatmasta]

Are you worried about a cease and desist from uber/lyft for building a "third party client" that interfaces with what is effectively a private API? There is plenty of precedent for them to send you a C&D for that, as many companies do with third party apps (e.g. Snapchat is very aggressive). Beyond that, won't it be a constant cat and mouse game of making sure your app integrates with uber/lyft?

It's very telling that you don't have an iOS app, likely because the security model prevents this kind of integration hack without jail breaking, or if you're lucky, some creative use of URL schemes.

I know you say you're "helping user churn" for uber/lyft, but those companies are certainly not obliged to agree with you and can send you a C&D at any time (I would bet on it). I can't see how you can build a viable long term business on a hack like this, where you are effectively an unauthorized third party app subject to the whims and possibly lawsuits of uber/lyft.

If you get a C&D from either Uber or Lyft, your product and business model no longer work, unless you're willing to go to court or blatantly ignore the C&D and the law by circumventing any technical measures introduced to stop third party apps.

No offense, but I'm honestly surprised YC funded a company with such a fragile basis of operation. Unless the plan is to go to court and fight any C&D, in which case I'm certainly rooting for you to set a nice precedent for third party apps.

Overall though, it's a great business idea and solid MVP. Good luck and boola boola.

[mrajcok]

We don't actually use their API.

It's much harder to do UI automation on iOS -- it is more locked down.

We have a pretty robust tool to keep our integration working with any app updates.

Thanks!

[chatmasta]

No, you may not be calling their API endpoints directly with HTTPS requests initiated from your own code. However, as I understand it, you're effectively pushing the buttons (or hooking the methods, idk android) within the Uber/lyft app, which causes their app to call the API endpoint. So you are certainly calling the API, just indirectly. Regardless, your app is definitely "automating usage" of the Uber/lyft app, and could therefore be in breach of their terms of service.

I'm not arguing that there are no workarounds or hacks or backup plans to whatever technical obstacles Uber/lyft may throw at you. In fact I'm quite familiar with them from the iOS side. However, as a high profile startup and US corporation (funded by YC), you can't blatantly ignore a C&D just because you disagree with it. And you definitely can't introduce new hacks or workarounds after receiving the C&D. Your only option would be to fight it in court.

(Also consider the play store / App Store can remove you at any time without any legal due process, and will likely do so when notified of noncompliance of a C&D)

Don't get me wrong, I think a court battle over this kind of client-side integration is sorely needed. But as an investor, I would be concerned my money would end up in a lawsuit before the app even gets traction. If you're planning on a lawsuit, you might actually win it.

Incidentally, if you're taking the attitude of circumvention, then you could "go all the way" by asking users to sideload (via 7 day developer certs) a custom version of the Uber/lyft apps that includes code to interface with your app. That's the approach I took to automating iOS apps in the past, but that was on jailbroken devices. Side loading presents a hard usability problem, but I bet you could convince users to plug their phone into their computer every 7 days.

[dustinls]

There would be nothing stopping someone from reverse engineering a private api using an android app and using those findings to write a third party app for iOS.