Hi Ivan, This looks quite interesting. I do have one concern, though.
On the main tipjoy.com site, you have a prominent banner saying "click here to sign up in 5 seconds without giving us your password." ...which then leads to the OAuth sign-in. The Tipjoy API requires a twitter user/pass combo for authentication. If I am User A who already has created an account on Tipjoy using OAuth, and now I see another 3rd party application asking for my twitter user/pass to interact with Tipjoy, I am going to be very concerned that this other app is trying to scam me. I guess it just looks like a conflicting message to me. I know you said you are "hacking" something together for OAuth apps, so maybe this concern is unnecessary, but wanted to give you that feedback as a potential user of this system. As a developer, the API looks very interesting. I don't know how many people would actually want to tie their twitter account to actual money transactions, but I guess there's only one way to find out... Congrats on the API launch, -Chad On Wed, Apr 8, 2009 at 10:57 AM, Ivan Kirigin <[email protected]> wrote: > >>>the recipient has enough to cash out to a PayPal account ... before the >>>transaction is cancelled ... what happens? > > We audit every cash out, so this step isn't fully automated. It's hard > to "take the money and run" > > Also, we track transactions across the site. As you can imagine with > micropayments, any wholesale fraud would require lots of transactions > or amounts much larger than the median to make any real money. This > makes fraud detection easier. > > If anyone sees any transactions that are faulty, they can let us know. > We already actively block many IPs and domains because of link spam, > and expect to do the same for fraudsters too. > > Best, > Ivan > http://tipjoy.com > > > On Apr 8, 9:52 am, Dossy Shiobara <[email protected]> wrote: >> Great, now Nigerian royalty can use Twitter to get their millions of >> secret dollars out of their country, with the aid of Twitter users help! >> (lol) >> >> Or, the first rogue Twitter app. that tweets a Tipjoy payment message >> from the user who gives up their username/password to the rogue app. >> It'd be a Tipjoy mugging! >> >> At least Tipjoy lets you cancel transactions that aren't paid for yet. >> But, if you pre-charge your account, and the money is sent from the >> account, and the recipient has enough to cash out to a PayPal account >> ... before the transaction is cancelled ... what happens? >> >> Sounds so very dangerous. >> >> On 4/8/09 9:27 AM, Ivan wrote: >> >> > Hi Folks, >> >> > Tipjoy's Twitter Payments have been really successful for P2P and >> > charitable payments. Now we've released an API for Twitter >> > applications to do payments over Twitter: >> >http://tipjoy.com/api >> >> -- >> Dossy Shiobara | [email protected] |http://dossy.org/ >> Panoptic Computer Network |http://panoptic.com/ >> "He realized the fastest way to change is to laugh at your own >> folly -- then you can let go and quickly move on." (p. 70)
