[scohesc]

I understand the massive investments into "rolling your own" system for ID verification, but I always feel sketched out when companies ask you to send your ID and your photo to "a third-party" - where the privacy terms of that relationship are so obtuse/vague it's not worth reading.

Is it really that hard on the privacy front to hire someone to keep watch and manually verify that someone is who they say they are? I assume the amount of people verifying will be massive at first, but after 2-3 months I could see the amount of people signing up (AND verifying their ID) would be in the thousands per week - easily handled by humans instead of "a third-party service"

[ollien]

I'd feel _more_ sketched out if a provider was handling it themselves. I don't know how much I want someone unqualified handling the storage of this themselves...

[macksd]

It's all down to the specific brand.

Outsourced to Ping? Ok. Outsourced to some identity SaaS I never heard of that just closed their series B? Pass.

But then obviously I'd expect Microsoft to own their own identity story, and if they ever didn't I would immediately suspect I wasn't actually even dealing with Microsoft.

[michaelt]

What seems really sketchy to me is the third party together with a lot of the language in the press release - Roblox does not store raw ID document nor the selfie data.