ID Wallet FAQ
How can I be sure that Identyum will not read/use/resell/etc. my personal data?
Your identity data is yours only. It is stored in an encrypted format, encrypted by your PIN and further protected with your second factor (i.e. one-time SMS password). Since no one knows your PIN nor the second factor (SMS OTP), you have to provide your PIN and the second factor every time you want to allow someone to access your identity data (for Identyum to be able to decrypt and send the requested data). This in essence means that not even Identyum can access your personal data without your explicit consent. And besides – protecting your personal data and putting it back exclusively under your control is Identyum’s core mission and key feature.
How can I be sure that the person (that I've sent the identity verification link to) didn't fake his/her identity during the verification process?
To be able to verify his/her identity to you, the other person initially has to go through Identyum’s identity verification process. This process is very strict and it requires this person to show an authentic national identification document and confirm through a video his/her identity. Or, it can alternatively use his/her bank credentials or his/her national electronic ID scheme credentials. Either way, you will always get feedback from Identyum about the trustworthiness of the other person’s identity profile. Nevertheless, keep in mind that nothing in life can be 100% guaranteed – professional and well-funded criminals can in some cases even acquire “legitimate” (well-forged) national ID cards or passports, usually through networks of corrupted administrative workers. However, this is very, very rare and therefore highly unlikely in everyday life.
Does the person (that I've sent the identity verification link to) know that it’s me who requested identification? Does this person see my identity?
It is entirely up to you. Before you send the identity verification request to the other person, you can choose which (if any) of your identity details the other person will be able to see. More importantly, if you choose so, the other person will be able to see your identity details only after he/she successfully verified his/her identity – so you don’t have to worry about someone tricking you into giving away your identity details, without the other person doing it too. If you don’t want to share anything at all about you, that’s fine. Or maybe just your first name – that’s fine too. It really depends on a specific situation, however – do keep in mind that if you ask a legitimate person to verify his/her identity, without you wanting to share any data about your identity whatsoever, maybe the other person will refuse because of lack of trust.
How can I be sure that my data won’t be stolen by the other person that I’ve sent my identity data?
First and foremost (and if you choose so) – the other person will not be able to read any of your identity data unless he/she previously successfully confirms his/her identity to you. However, once you allow the other person to read your identity data, it is really in all honesty up to the other person what he/she will do with it. This is a fact that is simply beyond any possibility of control, with or without technology. It’s the same as in real life – once you tell someone your name, you cannot make him/her “forget” it. However, what you can do via Identyum is to ask him/her not to disseminate your identity data further, and you can even request him/her to delete all traces of your data on their IT systems.
How can I choose which personal data to share?
Every time someone wants to access your personal data (or you want to give access to some of your personal data), Identyum will provide you with a simple and intuitive interface which will allow you to choose exactly which data you are willing to share. For example, you can choose to share (or not to share) your first name, last name, address, nationality, age, date of birth, if you are 18+ etc. In any combination you choose. It is truly and only up to you.
The person that I've sent the PDF to has digitally signed it. Is this PDF legally binding? Is the digital signature valid in court?
As a minimum, to be able to digitally sign a PDF, the other person is required to use an advanced digital signature (which he/she gets through Identyum platform, once his/her identity is verified). In the EU, advanced digital signature is legally protected by eIDAS Directive and is valid throughout any EU court. Non-EU countries mostly have very similar national regulations.