[PeterWhittaker]

I agree with you whole-heartedly, absolutely whole-heartedly - my concern is with pushing too far, too fast, out-pacing one's knowledge or capabilities, and making things worse.

My two greatest concerns reflect this: Without sufficient forethought, planning, and implementation, 1) your servers will be compromised and that anonymized data stolen and misused, and 2) users will have a false sense of security, especially the naive who have no reason to doubt the bold claims.

Think of the recent attacks on CurrentC systems after participating retailers disabled NFC to prevent use of Apple Pay: That brought them a lot of attention and that attention revealed that they were not ready for prime time, they simply did not grasp the enormity of the threat environment in which they hope to operate.

If you have the DevOps experience for defense-in-depth and PDRR, excellent! Hats off to you for attacking an interesting problem in an interesting manner.