Any good payment gateway should be managing the risk of stolen credit cards, but it's likely that because Gittip works with small recurrent payments instead of big upfront payments, it doesn't trigger any red alerts.
To take this to the next step, this is also why I believe Paypal is one of the very few companies that has been able to scale online payments. I'd love to see anyone challenge their ability to balance customer service with fraud prevention at scale.
Gittip should work with a party that is already in the possession of the required knowledge or they'll be shutting down. This post raised their visibility as rookies considerably and you can expect the sharks to move in now that there is blood in the water.