[solardev]

The way I've seen this done is usually to outsource it to some third party like https://network.id.me/platform/identity-verification/ that does the verification by proxy, handles all the compliance and privacy stuff, and then tells the website operator "this user is verified as a _______".

I don't think your documents get shared with the website directly, just your verification status, but I'm not 100% sure about that.

And I think the verification process mixes and matches ID checks, employment records, credit records, text messages, etc., kinda like how a bank asks you "Which of these streets, if any, did you ever live on?". There are different questions for different kinds of verifications.

[verdverm]

The very first part of the post reads

> Without relying on any document issues from government

This does not seem to fit their criteria for a solution

[solardev]

I mentioned it in just in case it makes a difference that someone else handles the verification. Like PCI (for credit card processing), outsourcing it removes a lot of the cost and risk of doing it yourself and processing/storing all that sensitive PII.

At the end of the day, I don't think there's any non-governmental, non-biometric, non-financial way to really cross-check physical and online identities. It's gotta be tied into the real world somehow, and outsourcing it makes a lot more doable...

But yeah, if they don't want the user to have to provide documents at all, I think they're just SOL.

[verdverm]

even with the systems you describe, there is no perfect system

there are governments out there that will happily make/accept fake identities to beat these systems

it's a tradeoff and we don't know the details of OP's project, but I suspect they are worrying about free tier abusers (as this is the most typical reason this question is asked on HN)