[volandovengo]

Privacy.com is a great service. I use them all the time to generate 1 time use card numbers for sites & then cancel the card so they cannot mysteriously charge me. I've been with them for years & their CEO is a wonderful & smart person.

When you're allowing strangers to perform financial transactions - you're taking on risk that the money that is sent needs to actually be funded. They need to conform to KYC laws like all fintech providers - so yes, they will require knowing a little bit about you to operate in the United States like all financial institutions.

[dynm]

But they apparently require government photo ID that gets sent off into the cloud? You can most certainly get a regular credit card without that, so it doesn't seem analogous. They also intentionally hide this requirement so that you don't find out about it until after you've signed up, which is a pretty devious dark pattern.

[hirundo]

That part is fine. The part that isn't is where they require you to give your personal information to a third party who has very weak controls on how they share it. Your endorsement makes me interested in trying the service, but I have the same "nope" reaction to the non-privacy as the author of this post.

[vorpalhex]

KYC does not require the use of sketchy 3rd parties who leak data like a sieve.

[fillskills]

What makes you think OnFido is sketchy? It’s a pretty popular platform for ID verification.

3rd party verification has become a standard in the fintech/insuretech industries since its very hard and risky to do KYC on your own. Also personally I don’t trust having all the random companies I transact with maintain my KYC info. At least in theory, the experts at ID verification have strong enough incentives, motivation and expertise to keep my data safe, reducing the attack surface area.

Not affiliated with either party.

[lcnPylGDnU4H9OF]

FWIW, they are at least willing to put this in their privacy policy:

> Whenever legally possible, we seek to protect the information we share by imposing contractual privacy and security safeguards on the recipient of the information. This is particularly important in cases where the recipient is located in a country that has different or lesser privacy laws than those of the country where the information was originally collected. In some cases, however, it’s not possible for us to do so — for example, when we have a legal obligation to disclose information to a government authority and that government authority isn’t willing to enter into such contractual safeguards.

[drdaeman]

Check the article. It has quotes from their ToS that can be roughly summarized as "we'll sell all your data to whoever pays and you have no control over this".

[Kiro]

No, that's not what they are saying at all. The quote on the blog is misleading and leaves out important pieces. Here's the full thing:

"As part of a business transfer. Onfido may disclose your personal information to an actual or potential buyer, investor or partner (and its agents and advisers) in relation to any actual or proposed divestiture, merger, acquisition, joint venture, bankruptcy, dissolution, reorganization, or any other similar transaction or proceeding"

[jcz_nz]

That’s absolutely not what that TOS says. Your strength of conviction does not make it so.

[Kiro]

Nothing sketchy about Onfido. You're hating on them all over this thread based on nothing but one sentence from their privacy policy, quoted on a random blog. A sentence that's not even saying what you think it's saying.

Here's the full paragraph:

"As part of a business transfer. Onfido may disclose your personal information to an actual or potential buyer, investor or partner (and its agents and advisers) in relation to any actual or proposed divestiture, merger, acquisition, joint venture, bankruptcy, dissolution, reorganization, or any other similar transaction or proceeding"