I see your concerns, however, we are probably talking about different things. In my case, I was looking for a simple and easily manageable way to restrict the access tof my GPTs to selected authorized users, not for the reason of charging fees but because the GPT services should not be available to random people. My approach works flawlessly and is perfect for my purpose because it doesn’t require using anything outside of the scope of the GPT. I have attached a screenshot of the conversation attempts without providing a valid subscription ID. So far, my approach works flawlessly and according to my conversation with ChatGPT 
it seems to be a novel approach. Also I don’t store any personal information or anything which could be linked to such in the GPT knowledge base, hence there are no issues with regulations whatsoever. While intended for small number of users (in my case) the method could be used even for a very large number of users (>10k), however then I agree with you that it would be better to use a dedicated 3rd party solution.
