I've never been comfortable with this idea that people should use their real identity online. Sure they can if they choose to, but IMO it absolutely shouldn't be required or expected.
The idea that I would give a copy of my passport to a social media company just to sign up, and that the social media company has access to verify the validity of the passport with the issuing government, just feels very wrong to me.
I agree. That’s why onlyhumanhub doesn’t expect you to share your name. The passport verification is there to ensure you are a unique human, but the name of that human is not stored.
I’m perfectly happy talking to someone without knowing their real name. I just want to be more confident that they’re a unique human, and not just another sock puppet account run by some Russian agent (or evil corporation) trying to change people’s beliefs at scale.
But how do you actually trust them?
There's almost no time investment in building onlyhumanhub. It's only a few months old (based on the copyright), have effectively a text-only homepage, and account creation which I assume allows you to upload photos of your passport and link your existing social media profiles.
There are so many ways that could go wrong, from this being a phishing attack to this being a well intended project that happens to create a database linking passport IDs to all of a person's social media accounts.
The idea that they may eventually offer a social media platform that doesn't require public use of your real identity is all well and good, but they're still a honeypot for doxing.
Well, I built the site.
I agree that trust is a problem. I try to be as transparent as possible around how your passport data is used and what is stored in the database. Far more than what ordinary banks/trading apps say when they ask you for a passport.
Hah, well sorry for my confusion there! I didn't realize it was yours so that definitely clears up why you'd trust it.
While I have you here I am curious what's evolved in validating passports? Is it as simple as a unified API run by some service to validate, or an API per country?