[steventhedev]

For a business setting, that's a red flag for KYC, but for a B2C app, that's a very legitimate concern. If I were in that position, I'd probably just insist on seeing some proof that I can tie to the payment method, because otherwise how do I know you're John Smith from 123 Residential St, or John "the crook" Smith from the bad side of town? Bank statement, photo ID, etc.

Remember that this process needs to be painful. You already screwed up by losing your 2FA. It sucks, but if it doesn't, then it defeats the point of having that 2FA in the first place.

[greenleafjacob]

Photo ID is not used for authenticating that the person lives at the address. That's why voting registration or driver's license requires proof of residency [1]:

> A few examples of acceptable documents to prove California residency are:

> Rental or lease agreement with the signature of the owner/landlord and the tenant/resident

> Deed or title to residential real property

> Mortgage bill

> Home utility bills (including cellular phone)

> Medical documents

> Employee documents

[1] https://www.dmv.ca.gov/portal/dmv/detail/pubs/newsrel/newsre...

[testplzignore]

I've never understood why these documents are meaningful in any way. The people at the DMV aren't qualified to judge whether these documents are forgeries, and certainly not in the ~5 seconds they spend looking at them. Anyone with a printer and Microsoft Paint can produce one of these in two minutes.

[JCharante]

When I was getting my state ID, I wasn't prepared to have proof of residency, so I ended up downloading a bank statement from my mobile banking app, and presented the corner with my address & name on it to the clerk. I also wouldn't put much trust into the address information on IDs.

[casual_slacker]

Another example is WA state DoL, which does not automatically reissue (nor require) a new license when you update your address.