back to article Sage accused of strong-arming customers into subscriptions

Accounting software vendor Sage is under fire from some customers over sweeping changes to its software licence model that they say is forcing them to repay for wares they already own or lose access to them. Like many vendors, Sage is attempting to execute a shift from perpetual to subscription licensing. However, its methods …

  1. Dwarf Silver badge

    Strong arming doesn't work

    When will vendors realise that attempting to strong-arm a customer into their vision (usually aligned to larger profits) will not work.

    Customers choose what works for them and if your product no longer meets the need, then they will move on.

    Doing this with only two months notice is extra nasty. Even if customers are forced to move to their cloud offering because of the aggressive time limitation, then you can bet that they will look in their own time at what the longer term replacement product without a Sage badge will be.

    1. Doctor Syntax Silver badge

      Re: Strong arming doesn't work

      Never give a customer reason to review the marketplace.

    2. alain williams Silver badge

      Re: Strong arming doesn't work

      Doing this with only two months notice is extra nasty.

      And at a time of year when people are going to be away on Summer holidays - so, in practice, less time available.

    3. tony72

      Re: Strong arming doesn't work

      I bet it does work though. The hassle of switching to a completely different product, retraining staff etc versus the easy path of sticking with what you've already got for a "small monthly fee", I suspect a large majority of customers will just suck it up, with a bit of grumbling.

      1. Alan Brown Silver badge

        Re: Strong arming doesn't work

        For a while

      2. MPFJ

        Re: Strong arming doesn't work

        Not for us ... we've had enough.

        We run two small business and paid for a perpetual 2 company license a couple of years ago.

        Now Sage are wanting £150 pcm for the same.

        We're switching to Quickbooks Online for £30 pcm.

        Yes, QBO has its quicks ... but so does Sage.

        So I might as well save £1400 per year.

        1. MJI Silver badge

          Re: Strong arming doesn't work

          Problem with QB is to import data costs more than the software.

          There is no standard interface unlike all the different Sage, TAS, Sovereign, Pegasuses, Xeros and the like.

          1. MatthewSt

            Re: Strong arming doesn't work

            There are products out there that will take care of the migration for you, and depending on where you're going from and to some of the paths are subsidised

            (disclaimer: gainfully employed by one of the aforementioned providers)

      3. Filippo Silver badge

        Re: Strong arming doesn't work

        If the customer was otherwise happy with Sage, yes.

        If the customer already was grumbling, and already was putting up with something because of the hassle of switching... well, this is a pretty heavy straw. It's fairly likely to break the camel's back.

        A big part of my job is building bespoke interfaces to my customers' accounting software, so I get exposed to all kinds of situations. Trust me: very few companies are really happy with their accounting software.

        Vendors are already leveraging company inertia to justify poor support, crappy customizations, bad performance, and so on and so forth. In many cases, that lever is already pulled very nearly all the way down.

      4. The Real SteveP

        Re: Strong arming doesn't work

        I moved from Line 50 lifetime license to Xero, when Sage wanted me to move to their Cloud but couldn't move my data - they said it was impossible to move historical data to their platform.

        Xero made it possible - and very easy. They offered me a free online data-conversion from a Sage backup, and it worked flawlessly.

        And it turns out Xero is a much more integrated affair, much less clunky to use, with integrated payroll and expenses, and cheaper than the Sage Cloud offering. Xero = win win. Sage = lose lose.

    4. Rahbut

      Re: Strong arming doesn't work

      I guess Sage is "sticky" so this is a calculated risk - but there are plenty of competitors... Guess it's all about that annually recurring revenue... But the fact they've not moved to TLS 1.2 a lot quicker is quite perplexing given POODLE attack was discovered back in 2014!

  2. cookieMonster
    Stop

    Welcome to the cloud

    Now bend over

    1. elsergiovolador Silver badge

      Re: Welcome to the cloud

      Let us bend you over, now take a deep breath...

  3. AMBxx Silver badge
    Unhappy

    Next, they'll lobby government

    They've already made it difficult to stay on old software by introducing Making Tax Digital. They'll just lobby for some other change so that none of us can stay on our old software. We use an old version of QuickBooks. Have to use bridging software (uploaded spreadsheets) for VAT returns since HMRC turned off the old (easier) upload direct from QB.

    Next up is quarterly reporting for corporation tax. Not sure if that will support bridging software or if we're finally going to have to go cloud. I may just retire as it's all getting to be a pain in the rear.

    1. Mishak Silver badge

      VAT returns

      I don't get why they are deliberately retiring the web interface they had for VAT returns, which was more than adequate for small businesses. Luckily, there is currently "free" bridging software that can be used, but that's a more complicated process than simply using the web form.

      I don't get how it can be seen to be "reasonable" to expect a small business to pony up for the privilege to pay tax!

    2. Warm Braw Silver badge

      Re: Next, they'll lobby government

      We use an old version of QuickBooks

      Don't lose the activation code. I moved my (purchased) copy to a new machine some years back and they'd already shut off the online activation service for old versions and were unable to provide an activation code by any other means. Fortunately, I eventually found where I'd written it down.

      A slight improvement on the Sage situation, mind you.

      1. AMBxx Silver badge

        Re: Next, they'll lobby government

        It's on a Virtual Machine, so shouldn't be a problem (I hope).

  4. Pascal Monett Silver badge

    I don't get it

    This is a technical change. Shutting down TLS 1.0 and 1.1 is a good thing, but why does that imply a change in license ?

    It has nothing to do with the license, it is just a technical change that the vendor should provide for the security of its clients.

    This is disgusting.

    1. Hawkeye Pierce

      Re: I don't get it

      These versions of Sage perform an online licence check every few days. That code doesn't (currently) support TLS 1.2 and Sage are shutting down their licence check server which supports TLS 1.0/1.1. Hence Sage won't keep running because it's got nothing to talk to to confirm the licence validity.

      Whilst no-one should expect support indefinitely for a "perpetual" licence, equally no-one should expect a vendor to be able to "remotely" kill-off such a perpetual licence. It's one thing for software to not work on a new O/S, but all other things being equal, you'd expect that software to keep working on the same environment.

      I can appreciate that Sage might not want to patch the software to support TLS 1.2 - that can be tricky. But patching the code to disable the licence check completely (or to ignore any failed attempt to validate the licence) should be pretty trivial to do. Sure you run the risk of the software now being pirated, but we're talking about accounting software here...

      1. anothercynic Silver badge
        Thumb Down

        Re: I don't get it

        Unless Sage wrote their own implementation of TLS 1.0 and 1.1 (which I *very much* doubt), adding TLS 1.2 support to the licence server should not be a difficult change to make. I call bullshit on their asses.

  5. elsergiovolador Silver badge

    Illegal

    This practice should be illegal.

    Two years ago I had to buy perpetual license of a certain software and paid about £2k. Few months later they were taken over by another company which decided to push for subscription model. First they sent emails about "upgrade subscription offer" with a heavy discount. The upgraded version literally just had slightly changed UI and no new functionality. Then weeks later license server was working intermittently, so sometimes the software just wouldn't work, because it couldn't verify the license.

    They "fixed it" but some functionality became unavailable. When I asked them when are they going to actually fix the server, they said they are planning to phase it out and asked if I considered their great upgrade offer.

    Well, I told them to go themselves.

    I moved on different software now, but if there was no alternative, that would be a tough one.

  6. VoiceOfTruth

    Ha ha ha

    We saw what Adobe did, we saw how much more money subscriptions brought in. We are the "me too" movement.

    @elsergiovolador, that is what Adobe did with its licence servers: https://www.youtube.com/watch?v=DEP_7_gx6M8.

    These companies hate customers and just want their money.

    1. jake Silver badge

      Re: Ha ha ha

      "We saw what Adobe did"

      Yep. And now the only adobe on this property is in the walls of the guest house, and in the outdoor oven.

  7. MJI Silver badge

    That explains it|

    More Xero account links required

  8. pLu

    stunnel

    The customers can probably work around the TLS problem with stunnel but it's not really about TLS anyway.

    1. McAron

      Re: stunnel

      Yeah, or mitmproxy (runs nicely in Docker), or even Fiddler (use Fiddler Classic, the newer one sucks)

  9. An_Old_Dog Silver badge
    Pirate

    SaaS

    "We're rich! We're bloody, filthy rich! We're gonna leech those suckers like lampreys! I wanna strip down and roll around naked in those luscious piles of money!! Oh! Was the mic on?"

    (Icon for corporate operations)

    1. David 132 Silver badge
      Happy

      Re: SaaS

      Reminds me of Bernard and Manny drunkenly discussing their impending fortune:

      "Manny, we are going to be ve...very rich."

      "How rich, Bernard?"

      "Oooh... uncontrolib... incontinently rich."

      "Success will bring problems! I don't want to wake up in rehab with Shergar!"

      ..and it just gets sillier from there.

  10. Justin Pasher

    Nice try

    At first I was thinking Sage had a little bit of a point. When you build software, you build it to the specs available at the time. You can't plan for future unknown obsolescence. A perpetual license doesn't mean perpetual updates.

    I remember at a former job, a web site was built for a customer around 2002. They took credit cards, and they were not encrypted in the database. They later came back around 2015 demanding (on some level) that we "fix" the code to be PCI compliant, for free. It was originally a one time purchase to build a web site at a time where PCI compliance wasn't even a thing.

    BUT... Then I saw Sage's response to reasonable questions about the software. This is obviously an excuse to get people to move to a subscription. They act like their hands are tied, but they're only in the situation because they planned extremely poorly. I guarantee they are running an off-the-shell SSL/TLS library for the application, and if that application doesn't support TLS 1.2, that library is severely outdated. However, the article states other non-license functionality uses 1.2, so that can't be true.

    Although they (probably) don't need to follow PCI recommendations on the desktop side, PCI 3.1 (2015) said stop using TLS 1.0. For software released in 2018 to only support 1.0 and 1.1 is just extremely poor design. IEFT first recommended you stop using 1.0 and 1.1 in June 2018 (RFC 8996). That was early enough in the release cycle for them to provide an eventual patch to the software to support 1.2, so their excuse doesn't hold water. A 2020 software release has no excuse.

    1. katrinab Silver badge

      Re: Nice try

      Sage Pay is a completely different product to Sage Accounts, so PCI compliance is not relevant.

    2. anothercynic Silver badge
      Mushroom

      Re: Nice try

      Bingo. Absolute bullseye there. I also very much doubt that Sage wrote their own implementations of TLS 1.0 and TLS 1.1... they took a library from somewhere that does it. Now if they were to tell us that they can't be arsed paying for another licence (for TLS 1.2, if it's a commercial library), or can't be arsed doing development work at all to ensure TLS 1.2 only is used, then say so. Don't hide behind some pathetic excuse of 'oh, but TLS 1.2 is all new and stuff...'

      1. MJ71

        Re: Nice try

        According to the article TLS1.2 is already in some of the versions impacted by this issue, Sage just didnt use it for the license process.

        1. anothercynic Silver badge
          Mushroom

          Re: Nice try

          I know, which leads me (and many others on here) to point out that the whole TLS 1.2 excuse is a red herring.

  11. Anonymous Coward
    Anonymous Coward

    Or they could just remove the license checking entirely? If customers buy a perpetual license to a product, and you can no longer afford to run the license server to verify it, you simply remove such a requirement/check. Or get sued to fuck.

    1. Filippo Silver badge

      "Get sued to fuck" sounds about right. It would be very interesting to see a court's opinion on shutting down the license server to stop a perpetually-licensed product from working.

  12. Sandgrounder

    Not Fit for Purpose

    I would suspect that selling accounts software without TLS 1.2 for the last few years could leave Sage open to claims that their product was defective and not fit for purpose.

    For their corporate lies department to then attempt to force perpetual license holders to purchase a new product as the only "fix" for their defective software could be tantemount to blackmail.

    If I were a customer, I would be seeking legal advice to seek immediate redress.

    1. MJ71

      Re: Not Fit for Purpose

      It seems to be worse than being entirely "without TLS1.2". Some of the software now at risk had TLS1.2 built in, it just isnt being used for the licensing aspect that they want to now turn off!

  13. Anonymous Coward
    Anonymous Coward

    Typical

    We are seeing more and more of this, unfortunately, and it hits SMBs the most. Microsoft, for instance, just about abandoned SMBs at the start of the pandemic. Fortunately I have been able to avoid the subscription "scam" to date. Latest, was thurrott.com. Wants people to join ClubTwit for $84/yr to see his 15 minute weekly podcast. That's twice the $42/yr sub for the whole thurrott site. Club Twit only gives you minimum benefits, and was only started because of a drop in adverts. I know people have to earn a living but it's getting to be a rip-off in the present economic climate. And this is only a small example.

  14. Anonymous Coward
    Anonymous Coward

    The BS level is impressive

    The IETF indeed formalized RFC8996 in 2021 - at the end of a two year draft process. And Sage, for a company looking so eager to follow the IETF's BCP, forgets to say the same document reminds the reader that TLSv1.2 has been recommended since *2008*.

    https://datatracker.ietf.org/doc/html/rfc8996

  15. Anonymous Coward
    Anonymous Coward

    Moving to the cloud...

    This one perhaps: https://www.theregister.com/2022/07/19/google_oracle_cloud/?utm_source=daily&utm_medium=newsletter&utm_content=top-article

    As regards perpetual lifetime licences, I had one that ran for less than 6 months before they wanted me to pay for a new version (Wondershare PDF elements) because my license was for version 7, version 8 was a completely new product - but hey 60% discount or I could stick with V7 until it reached end of life.... 2 years later version 9 has appeared but I can get it for 75% discount...

  16. JulieM

    Proposal

    There's a simple solution. Require the Source Code of *all* software to be made available to all users, along with the rights to study and adapt it, even if they can't distribute as many copies as they like to all and sundry.

    This way, if a piece of software is built against an outdated library, it just needs to be recompiled.

    Not having the Source Code never stopped users from making casual copies; but if everyone were forced to show it, it would be a cast-iron guarantee against plagiarism (for the benefit of authors) and insecure programming techniques (for the benefit of users).

    1. EnviableOne Silver badge

      Re: Proposal

      Never going to happen, Open source only goes so far, until someone forces you to pay for secret sauce

  17. NnNnnnN

    Anyone know if this affects other editions of Sage? I know that some editions of Instant Accounting are sometimes referred to as Sage 50 internal to the program.

  18. MJ71

    Comments on Sage’s statement

    The article refers to a Sage representative saying “We are contacting all impacted customers with options available to them, under no circumstances is anyone obliged to move to our fully cloud solution Sage Accounting”

    Indeed, no one is obliged to move to the *fully* cloud solution (Sage one?) that’s a different product.

    The on premises subscription replacement for Sage 50 Accounts is now confusingly known as Sage 50cloud Accounts (it has some cloudy functionality but still installs directly on your on premises PC/server). This is the version that would be the natural replacement for businesses who are about to have their software turned off.

    You are not obliged to upgrade (which means paying for subscription), but if you want to have easy access to your historic data built up in your perpetually licensed software, and you want that access to be through the front end you are familiar with, without resorting to ODBC to extract it into a spreadsheet or rely on reports that some say will work past the cut off, then you either need to join the subscription method or need to migrate to another system. If you migrate then you also need to find a way of exporting all that historic data that satisfies your needs as a business and ticks those HMRC boxes for historic data retention. That is highly disruptive and could be very costly especially if you have other processes interacting with the Sage application that would also need to be replaced or updated. The situation is not helped by Sage failing to give an exact time impacted versions will stop working. Their notice currently says that the old versions (some of which are not very old) will stop working *By* September 30th 2022, so could be tomorrow, could be in a few weeks... not like you have anything urgent that you use the software for is it.. oh you do? Oh...

    There has been talk here of Sage being too tight to bother incorporating TLS1.2 into the product earlier. The situation is even sillier that that. TLS1.2 is reported as actually being present and active in some of the versions being turned off, Sage just didn’t use it for the license verification process. Oversight or tactical?

    How easily could Sage solve this problem and honour the spirit of those perpetual licenses they sold directly or via resellers as recently as 2019? possibly 2020? It would seem very easily. There is a v27 of the non-subscription version of Sage 50 Accounts that is more recent and not therefore impacted by the TLS version issue. Sage could therefore enable their current non-subscription customers to continue to get the benefit of the licenses they bought buy offering them a free upgrade to that version.

  19. terry 1
    Stop

    YMMV

    When I got the pop up warning I was annoyed, this was around a month ago? I have perpetual and also on v25. Having read a little deeper into the issue, Sage themselves said that a PC that was never connected to the internet when installed will not be affected. So after a full backup of sage and the VM, I uninstalled and cleared every trace of sage off the system. Disabled the nic and reinstalled. sure enough the licensing part doesn't get installed, however, should you turn on the nic and open sage it then runs off and you're back to the beginning.

    repeated the above with the addition of windows firewall blocking outbound connections from sage.exe, sbddesktop.exe and sg50svc_v25.exe and so far it's been fine, even when I put the clock forward years it will run as if there's no internet

    The VAT MTD was a pain, but it's just a few extra steps to export to a CSV and 100PcVatFreeBridge sees it and sends it off. No issues. Hopefully the CT one will be similar as quite frankly I will be damned if I have to spend money per month for doing my accounts for the paltry income I get these days.

  20. JulieM

    It's a political choice, and it only needs the will in the right places.

    Remember, I'm not talking about enforcing full-on Open Source; just ensuring user access to Source Code, so that they can exercise in practice their rights to study software they have bought and paid for and adapt it to their needs. I'm not saying they should be allowed to share that software with all and sundry, as though they can't already do that without Source Code access.

    Because once decompilation technology gets there (and facial recognition is based on the exact same underlying mathematics), all users will effectively have access to Source Code anyway, whether the vendors like it or not; and the rampant plagiarism that must be going on in the industry will be suddenly exposed. At least it would be possible to grant some sort of amnesty where those who have the most to hide could have time to start hiding it before anyone finds out the hard way. They ought to be able to afford it, with all the money they saved ripping off someone else's work .....

    Also, it'll give them a chance to tidy up the schoolkid errors their code must be full of, like the ones that infested early Mozilla and OpenOffice.org releases. (OOo would not even build on a system with anything other than 32-bit data words and 32-bit addresses, and had to be almost completely rewritten.)

  21. This post has been deleted by its author

  22. Noseve

    Would blocking the program internet access work?

    Would blocking the program internet access work?

    I have been using my program (Sage 50 Instant Accounting) for three years. The only three online activities for which I have ever used it were:

    VAT submissions (no longer valid, as not MTD-compliant);

    Emailing invoices (only for the first week or so, until I realised that my non-standard font was being lost in transmission. I have since saved all invoices as PDFs and manually attached them to messages outside of Sage);

    Checking for program updates (obviously no longer an issue).

    So, if the program could be encouraged to continue to function offline, that would be fine for me.

    Does anybody know definitively how frequently the program checks for internet access? Are there any registry settings that could be adjusted to stop this behaviour at source? If I use firewall settings to deny it outbound and inbound access, does anybody have any idea as to how long before such a holiday period might expire?

    I'm hoping that there are people out there who have been using the program on standalone systems isolated from either internet or intranets - did you have to jump through any hoops in order to have it run, long-term?

    I appreciate that tinkering with registry settings will contravene EULA terms, but I cannot imagine that anybody reading this will have difficulty in understanding that I am prepared to live with the shame of doing so. Sage themselves clearly feel no such obligation, living by their own changeable rules as they do.

    I'd appreciate any advice, or just thoughts. Thanks.

    UPDATE - in the two days that I have so far been waiting for the above post to be passed by the moderators, I have blocked every Sage-related executable from accessing the internet, both inbound and outbound. The program still runs; I can load my data file across my intranet; calculate VAT; print invoices as PDF; backup the program, to a remote folder. Seemingly, all the things I need it to do. Time will tell whether this is a long-term solution, but switching accounts packages is not a trivial matter for me so I shall wait and see how this behaves after Sage Rip-off Day. I shall be adding .PIFs and other files with dodgy potential to the firewall rules as well.

  23. PBett

    SAGE ACCOUNTS

    I've used SAGE for 20+ years now and this is not the first time I've found myself in this situation. They are charlatans at best, unscrupulous and a thoroughly nasty company. When a similar thing happened a few years ago over the MTD issue I was forced to purchase a whole new set of software costing in excess of £1,000, to now find that they are are about to switch it off, FOR NO GOOD REASON, in order to force clients onto a subscription platform. I really think this is reprehensible and believe the CMA should get involved. It's extortion and borderline fraud.

    Is there nobody out there can see a potential loop hole to either force SAGE to repay all the money taken or force them to provide a simple patch to current users? Even if this was at a small one off premium?

    If that' not possible I do believe this time I will walk with my feet.

  24. RC-worcs

    Perpetual Licence terms and conditions do not appear to allow this.

    From Oct2021 terms and conditions the licence terms definitions stated on Page 1 are:

    “Licence Period” – the length of time for which you may use the

    Software from and including the Effective Date and, in the case

    of perpetual licence periods, we mean 15 calendar years;

    So it appears 15 years for perpetual licences.

    I have raised a complaint sith SAGE here in the UK. I suggest everyone does the same, regardless of whether you intend to upgrade anyway and state that you are being coerced in to the upgrade. Don't take this lying down. Make you feelings know, the only official way is to raise a complaint. NOTHING ELSE IS OFFICIAL.

    hopefully someone will listen.

    I hope all accountant firms and small business federations do the same.

  25. Cedar

    Sage Perpetual Licence

    I have had a Sage licence since 2002. I had Sage support at first but the support I received was very poor. I have recently had several discussions with Sage Complaints Team who I must say were very efficient. I have also written to their legal department the letter was sent recorded delivery but I have not had a response. I explained that they were in breach of contract. When I purchased the licence I was give a license number from a manual. there were no terms and conditions I had to agree to. I have used the software for 20 years and now to continue to use the software for the next 20 yeqr's will cost me over £100.000. I would be interested to hear if anyone will be taking legal action for breach of contract (Technically there is no breach until after 30th September 2022)

    Cedar

  26. MJ71

    It does not surprise me that you have had no response from them, they are either very confident of their position or have just made a decision that for the small number of businesses who will actually find time to make a claim against them, the risk of losing and having to pay out is a small price to pay if they succeed in bullying the majority into a subscription.

    Their initial response to enquiries from customers with impacted versions is to quote them on moving to a subscription. If you don’t roll over then the next steps are free initial periods sometimes combined with offers of refunding the perpetual license you already have. Clearly you wont be needing that any more, you have your shiny new subscription version, the cost of which one assumes will rise at least by inflation every year, for as long as you need to use it.

    If you make clear that you do not feel inclined to part with more money and would prefer to continue to use the perpetual license that you already paid for, and thought being described “perpetual” would work for as long as you had a compatible OS to run it on, they lose interest. Its all about sales… moving people to subscription and making Sage shareholders happy.

    TheRegister might not appreciate me cross referencing other forums but it would be worth posting your question about legal action to the discussion here where there are lots of other Sage customers who are not very happy.

    https://www.accountingweb.co.uk/any-answers/sage-50-cloud-wont-work-unless-you-update

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022