URGENT: Excessive Billing with OpenAI's GPT-4 and Vision APIs - Community Assistance Needed!

Dear OpenAI Community,

I hope this message finds you well. I am writing to share a concerning issue that I have encountered with the usage of OpenAI’s GPT-4 API and Vision API, and I would appreciate any insights or assistance from fellow community members.

Despite having a relatively low number of users on my application, I have been facing significant billing discrepancies with both the GPT-4 API and the Vision API. The invoices I receive do not accurately reflect the actual usage of these APIs, resulting in overbilling that is seriously impacting the financial viability of my project.

I reached out to OpenAI’s customer support over a month ago to address these billing issues, but unfortunately, I have not received any response from them thus far. In an attempt to resolve the matter, I even resorted to creating another OpenAI account to see if the issue could be alleviated, but to no avail.

This situation not only poses financial challenges for my business but also undermines my trust in OpenAI’s services. I am reaching out to the community to inquire if others have experienced similar billing discrepancies with the GPT-4 API and Vision API, and if so, how they have addressed or mitigated these issues.

Furthermore, I would like to express my frustration with the lack of responsiveness from OpenAI’s customer support team. Despite multiple attempts to seek assistance, I have not received any meaningful communication or resolution from them.

I urge OpenAI to take immediate action to rectify these billing discrepancies and improve their customer support services to ensure timely and effective assistance to all users facing issues.

Thank you for your attention to this matter, and I look forward to hearing from fellow community members and OpenAI regarding potential solutions or insights into this problem.

Best regards,
AIProject GPT Team

3 Likes

First off, you should be completely sure that your API key is being handled securely.

What is making you believe that the billing is excessive? Are you tracking the tokens sent and received through the API? GPT-4 Vision can add up very quickly in cost if you’re making lots of requests.

Thank you for your response and concerns.

Regarding the excessive billing, my suspicion arises from the simultaneous surge in API Vision requests. I’ve observed instances where 500 API Vision requests occur within a single minute, which significantly inflates the billing. While I understand that GPT-4 Vision requests can accrue costs rapidly, the sudden spike seems disproportionate to the actual usage of the application.

To address your point about API key security, I’ve taken measures to ensure its protection. However, I would appreciate any guidance or best practices you could offer to further enhance the security of the API key.

Thank you for your assistance.

Hello, is your API being stored in your application or on a server which the application then sends requests to.

3 Likes

Hello,

My API is stored directly in the real-time database on Firebase. The application then sends requests from this database to access the API. This means that API keys are not stored locally within the application itself, but rather in the Firebase database, providing an additional layer of security.

Thank you.

Thanks! Is your service free or not? Could you provide more details about your service?

So your app sends a message to your cloud database, your cloud database calls the OpenAI API, gets the result, then forwards the result to your app?

2 Likes

Thank you for reaching out! Our service operates on a freemium model. Users can enjoy our platform for free, with the ability to ask up to 10 questions at no cost. Beyond that, we offer premium subscription plans tailored to meet varying needs and usage levels.

Our premium plans unlock a host of additional features and benefits, including unlimited access to our platform, priority customer support, advanced analytics, and more. We strive to provide a flexible and scalable service that caters to the diverse needs of our users.

If you’re interested in learning more about our premium offerings or have any specific questions about our service, feel free to let me know, and I’d be happy to provide further details.

Best regards,

Thank you for your feedback, could you explain to me how to get this kind of information?

Essentially what @anon22939549 is getting at is that if your API key is exposed on the client-side (such as being in your index.html file) then your key is accessible to anyone who bothers to look.

If you set up a backend (e.g. your server or cloud database) and have the API key secretly stored (usually as an environment variable) you should be fairly protected.

If you aren’t doing it like this, your wallet is in danger!

1 Like

Hello, thank you for your feedback, could you explain to me how to check this? because I am a novice.
Thank you so much

Honestly I think this is the perfect type of thing to learn with ChatGPT on (gpt-4 of course).

If you walk it through the concerns it can explain the terminology to you and why certain methods are important. Obviously be careful about hallucinations, but it’s incredibly good at helping understand this stuff.

That’s how I’ve learned :grin:

This is the thing that I’m very afraid of when dabbling with API keys that are stored… online! If anyone can have access to your API keys directly or indirectly through some sniffing, your API billing can bloat and you can fall into debt due to OpenAI API as they don’t care about excessive billing! If you deny this “service” payment, you will be banned forever and you won’t be able to use the service anymore.

Don’t expose your API key. It’s as simple as that.

Protect your endpoints as well. Even hosting the API key but then having such a simple request like

{
  "query": "How much wood can a woodchuck chuck?",
 }

that directly return the GPT response can be taken advantage of. Even if you are using some sort of security like JWT.

Do not let any developer say “Oh, we will host it on the client for now just to get the MVP going”.

You are given keys to a treasure chest. Do everything you can to protect it.

OpenAI does A LOT more than other companies to protect you.

2 Likes

I had the same problem and customer service was absolutely horrible. They didn’t address the issues, they kept asking me for more information, and they took forever just to tell me I wasn’t being overbilled when I am certain I was, simply because I was getting charged like $16 for using the API less than an hour for 12 consecutive days.

My API keys were encrypted and I was the only person using them, the game was not packaged, I don’t see how anyone else could have gained access.