How much would it cost to entirely remove bots, authenticate all humans, and end crypto-scammers on Twitter?

Elon Musk has suggested changes to Twitter, namely reducing bots, authenticating all humans, and getting rid of crypto-scams.  

Here's how we would do it and what expected costs would look like.

‍

⇒ TLDR: $25m per year + up to $3m initial cost

⇒ Timing: ~6 months using off-the-shelf APIs

‍

⇒ Content:

→ Remove Bots

→ Authenticate Humans

→ End Crypto-Scammers

→Conclusion

→Business Accounts

→Twitter Conversations

→TwitCoin

Disclaimer: 

BlueCheck is an identity verification company with extensive experience in end-user verification and building verification products to weed out bots/spam accounts. BlueCheck does not currently work with Twitter, nor does BlueCheck actively utilize its Twitter account. Opinions belong to CEO Alex Zeig and do not represent the opinions of BlueCheck.

More about BlueCheck:

We provide service to hundreds of companies, spanning tens of millions of verifications. We are involved in multiple committees for various identity verification standards. We are engaged in both private and public sector solutions. Our team is a small handful of full-time experts and multiple handfuls of contractors. BlueCheck is not VC-funded.

We've either purchased, vetted, built, compared, and/or tried 90% of ID Verification features.

 Verification Tier #1 → Getting Rid of Bots

Ok - this is relatively easy and affordable via liveliness. The liveliness scan should be free to the end-user. It is a one-time action for all existing accounts and implemented in the account creation process for new accounts.

The liveliness scan "model" should be hosted by Twitter and cost less than a penny per scan. In addition, we can open-source most of the code and ensure that as soon as the end-user account validates their account as "alive", we delete the liveliness scan and all connected data. 

Data Flow:

1.  Liveliness scan captured via desktop or mobile.
2. Twitter-owned & hosted model reviews scan for "liveliness"; verifying the account is not a bot.
3. If negative, the account is locked until liveliness can be proven. 
4. Scan is deleted.  All that remains is the account attribute → verified // not verified.
5. Round-trip timing is under 5 seconds, with good connection.
6. Cost at scale is $0.01 per liveliness check.
7. Very possible to include Age Estimation in this check as well if desired.
8. Obvious, but don't pick a bad liveliness provider/model - good ones are highly competent at the price point listed. 😎

Data Privacy:

1. The scan is captured on device, then sent to Twitter infrastructure, then deleted.
2. Open-source the data flow, showing everything from data capture on device to how data is deleted. 
3. Allow a couple of well-respected 3rd party reviews of the entire liveliness code stack to ensure that no data is stored that doesn't need to be stored. 

Rough Costs:

• ~$3m one-time + $500k/year for ongoing costs
• 300m users x $0.01 per scan

Timing:

• Live for a test: ~4 weeks; dependent on everything that goes into making a beta-feature live for 300m "people".
• I would also immediately build a filter version that allows users only to show "non-bot" tweets, replies, etc.

Verification Tier #2 → Authenticate Humans & Eliminate Crypto-Scammers

Swell! We eliminated or at least significantly reduced the bot problem. Now we move on to ending cryptocurrency scams with tiered Paid Accounts.

Before we dive in, a quick note: It will be impossible to permanently end "scams" if Twitter is genuinely the town square of discussion. So, for example, if Elon Musk tweets a link to a crypto scam, is it still a scammy link or just another dumb post? 

However, there is much we can do to drive down the number of common scams found on Twitter:

⇒ "Basic" Paid Accounts: 100m Accounts Goal.

The goal here is to make this the default subscription type for most Twitter users. The price is $12/year, paid upfront. Include benefits of Twitter Blue + new features.

New Features:

1. Authenticate all humans, again: Required liveliness checks at random or based on account activity.
2. Estimated one liveliness check per 100 "activities," minimum 1x per month.
3. Embedded commenting on other sites: Allow 3rd party websites to enable comment sections via Twitter Conversations on their web pages or at the end of an article. 
   
4. Basic Paid Accounts and up, guaranteeing that comments on websites or articles are from humanoids and can be banned domain-wide if desired.
5. Up to 2 sub-handles per Basic Paid Account: Each sub-handle gets the verified checkmark on its username/handle.
6. Each handle requires its liveliness check on the creation.
7. Each handle may get periodic liveliness checks at random or based on account activity.
8. Can pay an extra $$ for more secure login options, e.g., biometric or specific 2FA.
9. Can pay an extra $$ for an ad-free experience per handle.

Payment Options of "Basic" Paid Accounts: 

1. Paid Accounts do not necessarily equal identity verified. 
2. There may be multiple payment options at varying levels of identity correlation.
3. Card payment is likely most frequent - will likely provide Twitter with a name. It doesn't mean it's represented outwards, but if you are a high-profile account that wants anonymity, this may not be the option for you.
4. Crypto payment is the next tier in preserving privacy and paying in multiple currencies; Twitter has account info + wallet address from payment.
5. Cash payment. Send envelope 1x per year with account handle. Twitter has account info + currency sent in the mail. Mimic Mullvad VPN here.

⇒ VIP Paid Account: 10,000 Accounts Goal.

Similar to the "Basic" Paid Account with the addition of a couple of new features:

1. Cost is $1,000 per month
2. The verification badge is different - showing "VIP" status.
3. Biometric login (1:1 matching) is the preferred login option, locked on a device a la FaceID.
4. Require biometric verification to change the password, reset email, and other account changes
5. Need to make it incredibly hard to have these accounts comprised.
6. Biometric login, when done correctly, will achieve this. It is different from liveliness detection.
7. Ability to designate up to 2 other accounts to manage / post for account
8. Each needs to have its biometric logins created and managed.
9. Full-fledged Identity Verification is required.
10. Require closeup photo ID + selfie holding ID holding to show possession
11. Facial rec algorithms, Twitter trained/hosted/stored, compares two images.
12. Deepfake & photoshop detection on both images
13. OCR data and verify in multiple 3rd party DBs
14. Review photo ID for accuracy against templates
15. Total turn-time here is 120 seconds or less.
16. Liveliness check runs again beforehand - with a 30-second timeout for collecting the above data.
17. Could run live-video review if necessary, turn time of 5 min or less
18. Look-alike Protection: Geofencing for Twitter profiles
19. Don't let any other profiles get too similar to VIP Paid Accounts.
20. Geofencing is a "fence" around the VIP Paid Account that flags other profiles that share too many characteristics with VIP Paid Account.
21. Doesn't compare tweets/replies, but profile page and media uploads
22. Active monitoring for new accounts that mimic or look similar to VIP Paid Account
23. Service that allows VIP Paid Accounts to submit "harmful" accounts for review
24. Monitor handle, PFP, and other types of changes → any too close to the "fence" get flagged for review.
25. The goal is to find the line between parody accounts and scammy accounts that mimic VIP Paid Accounts.  Likely a bit of tuning and time required to get right.

Rough Costs for Paid Accounts:

1. Liveliness costs of $1m/month for Basic & VIP accounts
2. 100m liveliness checks per month.
3. $0.01 per liveliness check.
4. May be possible to drive down cost per liveliness check.
5. The cost of Biometric Matching is again similar to the above, $0.01 per scan
6. Ballpark of 1m matches per month = $100k/month cost
7. The cost of full Identity Verification is $0.50 or less per verification
8. Negligible → Ballpark 50k verifications per year = $2k/month cost
9. The cost of Look-alike protection is unknown; probably two models + a scoring algorithm.
10. Image model for media, language model for activity, scoring algorithm for similarities
11. Ballpark $500k/month for engineering & model tuning
12. Team of 20, average salary all-in of $25k/month
13. Human review process for flagged accounts + live training of models above
14. Ballpark $50 per month, per VIP Paid Account = $500k/month cost
15. $5/hour human review for algorithm flagged accounts, 10hrs per month per VIP account

 ⇒ Total Costs = $25m per year + up to $3m initial cost

 Conclusion: Where does that leave us?

It's not perfect, but from someone who has spent many years building identity verification systems and fighting bots/spam, the above is a system that would work. It would also significantly impact user numbers, especially in the short term. Pricing, features, and other non-identity verification commentary are simply that: commentary.

But let's sum it all up and introduce one other prominent feature that Twitter could build.

Bots eliminated → done.

Note, however, that this doesn't solve the issue of keeping useful or desired bots on the platform. Ideally, we'd like to keep them as a paid add-on for "Basic" and up plans. Mark them as non-human accounts and perhaps charge a small, nominal fee.  

Authenticate all humans → done.

Liveliness checks should have solved this or vastly progressed us towards the goal. Give every account six months to log on and prove they are human. If they don't, demarcate them as non-human accounts and/or mark them as a non-active user.  

End crypto scams → somewhat done.

This one needs work, but progress is happening. First off, a stricter and more secure login process for VIP accounts and folks with significant "clout" would help immensely. In addition, they should have the option to lock down their account as securely as possible to ensure that it's ever only them or a trusted partner who posts in their name.  

Second, look-alike protection could help cut down look-alike accounts. I'm not aware that this exists currently, but I don't think it would be too challenging to develop. Yes, it will lead to non-VIP accounts being "flagged" as too similar and may give some users a headache. However, if built and implemented correctly, it should make it very difficult for scammers to create/modify accounts that mimic paid VIP accounts. We do this for photoshopped or fake photo ID documents in identity verification, using multiple microservices/checks. Not just image checksums, but "geo-fenced" to ensure the images aren't similar to previously flagged image deposits/remnants.

Business Accounts → done but not mentioned.

Although not addressed above, I could see two tiers with similar pricing to non-business paid accounts. First, utilize biometric login, identity verification, and authorized business representative verification. The cost for verification is $1-5/month per business account.

Similar to VIP non-business accounts, high-value business accounts should be nigh impossible to comprise due to enhanced login verification. Likewise, they should also be "geo-fenced" for content that works to prevent look-alike accounts. It's entirely plausible that "VIP Business" accounts would pay $10,000 per month for a special badge + extra features. "Regular Business" account would be $100/month or similar—no advertising without a paid business account.

Twitter Conversations → briefly mentioned.

When I was growing up, the comment section used to be the best part of any website or article, with various opinions, hot-takes, and author responses. Sure, it always had rude people and dumb content as well. But the comment section is what made the internet "human".

Twitter Conversations can bring that back. No bots or spam. Domain-wide ban on accounts that breach terms of service or are just plain rude. Build your town square for public debate on your site with Twitter Conversations. 

Go in-depth and require payment to comment. Require a subscription to comment. Only allow comments from folks with >100k followers. Only let comments once an account has tweeted 100 times. Only allow comments from accounts > 1-year-old. Don't show usernames or show usernames. Show replies, re-tweets, and media uploads or don't. It's up to you how to use the infrastructure of Twitter Conversations. Available for Paid accounts only.

TwitCoin→ not mentioned.

Not discussed above, but worth mentioning. Suppose we have verified accounts, verified businesses, and interactions via Twitter Conversations. In that case, all we are missing is a way to pass "enriched" data between users, accounts, businesses, etc.  

Noodle on this: Twitter could become the de-facto digital wallet for the internet.

Yelp reviews → Twitter.
Venmo → Twitter.
Substack → Twitter.
OnlyFans → Twitter.
Reddit → Twitter.
News Subscriptions → Twitter.

Additionally, it's a ridiculous name!  Mr. "Meme-lord" Musk loves a wacky sounding names.

Ok - that's it for today, folks. When implemented correctly, using verification can be a significant moat against competitors. It's not just a standard KYC check or basic CAPTCHA - each site needs its tools to achieve the verification goals and the audience.  

If you found this interesting and want to chat, don't hesitate to get in touch with us below or email me directly: alex@bluecheck.me

 Thanks for reading!

Schedule a call today with a BlueCheck specialist, or Click to learn more about our Age & ID Verification solutions. 

{{cta('007d8804-adf3-4d63-890c-9f783f8025e1','justifycenter')}}