Chad (disclaimer: I work for Balanced https://www.balancedpayments.com/ and we handle the payment processing for gittip. I mainly focus on fraud). It's wonderful you are doing this. It enable forms of donation other than via github. Not sure, what information you collect via twitter login, but I would watch out for:
1. Twitter account creation date
2. Number of followers/following
3. Location information (if available)
4. # of tweets
Esp. (1) and (2) would be very useful.
When I last analyzed the github accounts, almost all fraudsters had relatively recent github accounts and (unsurprisingly) zero/almost zero followers for their repos. As with most things related to fraud, these do not guarantee fraud protection, but serve as very strong signals.
Thanks npcomplete. With the current volume of growth I'm able to keep up with Gittip's fraud review dashboard pretty easily. As we scale let's start looking at more signals in an automated fashion.
1. Twitter account creation date 2. Number of followers/following 3. Location information (if available) 4. # of tweets
Esp. (1) and (2) would be very useful. When I last analyzed the github accounts, almost all fraudsters had relatively recent github accounts and (unsurprisingly) zero/almost zero followers for their repos. As with most things related to fraud, these do not guarantee fraud protection, but serve as very strong signals.