
Show HN: Student Status, Automatic Student Verification in Seconds - twazzle
https://studentstat.us
======
ev1
Why are you using an unrelated quote to make it look like your site has some
form of affiliation or recommendation by Wired?

How well does this handle rampant fraud? In the past, whenever we've done any
form of educational freebie or discount, there are floods of signups (often
IN, BD, LK, ID as most prevalent) that are blatantly fraudulent but with
hijacked/stolen .edu emails, occasionally faked course listings with one
course. There are a number of badly-written vulnerable webapps, often 2-year
unis in the states that seem to allow applicants to get an autogenerated .edu
email even before admission or any form of verification.

I see the word AI. What AI, and how?

~~~
twazzle
That's a good point, I was debating on whether or not to put that there, but I
believe it's under fair use policy for journalism. It's a quote and not a
statement of endorsement, but I get why it could seem confusing. The purpose
of it was to convey the goal of my service, which is to have companies use
students as a core part of their mission, which in turn benefits them in the
long run as they convert students to real customers when they get into
industry. Thanks for the feedback though, I'll have to think it through more.

For fraud, of course if someone is willing to spend the time to crack the
system, they probably will. The point is not to stop the one off attacker,
because the implications are just you give a discount to an incorrect person
(which you can limit by limiting the deal - for ex. 1 year discount).

AI because it's using OCR and some proprietary checks on the second step. It
is more intelligent than it looks.

~~~
ev1
It's not one-off, they usually try to get thousands of accounts and then sell
them for $1-2 as the usual thing. This is absolutely something that needs to
be stopped.

~~~
twazzle
that's a terrific point. i do believe the 2-step check with the document is
enough to prevent abuse. i will absolutely consult with a security expert on
this when i'm able.

if you are you able to email me at thomas@dormdev.com more of your concerns i
would really appreciate it. in any case, thanks.

