To verify your identity, ID.me has required highly sensitive personal data, including government-issued IDs, Social Security numbers, and biometric data (such as live video selfies). This level of data collection inherently raises risks: if their systems were compromised, attackers could gain long-term access to deeply personal information.
Controversy surrounds how ID.me matches faces. The company initially claimed to use only 1:1 facial recognition—that is, comparing a user’s selfie with their own ID. But critics later revealed that ID.me does perform 1:many matching, comparing submitted selfies against a large database of other faces. One-to-many facial recognition can be less accurate, more invasive, and more prone to bias.
Civil-rights groups have strongly objected, citing well-documented racial disparities in facial-recognition accuracy. Experts worry that ID.me disproportionately misidentifies people of color, which could systematically deny marginalized communities access to essential services.
There have been accusations that ID.me misled the public and its partners about its practices. For instance, the CEO once denied the use of one-to-many face matching—but later admitted it was used. This back-and-forth undermines trust in how the company handles biometric data and whether users were properly informed.
Some people feel forced into using it. For a while, certain government agencies made ID.me the only way to verify identity, leaving fewer accessible alternatives. That’s particularly concerning for individuals who lack reliable internet, a smartphone, or the technological literacy required to complete live video verification.
When users can’t pass automated verification, they may need a live video call with an ID.me agent. Reports suggest that delays, long queues, or technical glitches are common. Such a bottleneck can block access to essential services when it matters most.
Even when users request deletion, ID.me’s retention policies—or how rigorously they enforce deletions—have raised concerns. The accumulation and long-term storage of biometric data makes the system a high-value target for hackers or misuse.
Most alarming is that ID.me outsources the actual process of verifying identifies to Third Party Call Centers. Most of the verifications are being done by Alorica. This company has also been plagued by data breaches and in spite of claiming otherwise, does NOT perform background checks on their employees and is using convicted felons to process identity verifications for ID.me.
Stay up to date with the latest headlines, investigations, and public discussions surrounding ID.me. This section highlights news coverage, emerging controversies, expert analysis, and key developments that continue to shape the conversation about the company’s identity-verification practices.