verification – Automated way to verify user identity


There are a variety of ways to verify a person on a site, and almost none of them are foolproof.
For example, the Zoosk method can be circumvented because a user could simply submit someone else’s photos for approval.

So the real question is, what level of verification is suitable the specific needs of your site? Here are some design questions to as yourself:

  1. Am I willing to pay the cost of higher verification? More verification means more burden for users (submitting evidence, photographs, additional information, captchas, etc). Studies have proven this will turn off users and cause abandonment / no signups. So the more you verify, the more users you may annoy / abandon the site.

  2. Do I need to prevent spam accounts, or verify the identify of a person?. There is a big difference. To prevent spam accounts, it’s often enough just to verify that a user is human. You don’t need to verify their identity. For example, a captcha is an automatic attempt to verify that a user is human. It doesn’t verify the identity of the user. The Zoosk approach also verifies that the user is human, rather than that person’s specific identity.

With that in mind, here are various approaches to verifying human vs identity. The choice for your site will depend on how you decide to weigh the tradeoffs in #1 vs #2 above.

Ways to verify that a user is human

  • Use captcha or recpatcha
  • Ask for a mobile phone number and send an SMS code to the phone.
  • Ask for a credit card number.
  • Ask the user to pay a small fee for an account (i.e. provide economic dissuasion for fake accounts)

Ways to verify user’s identity

  • Piggyback off a social site’s verification system (e.g. require user to log in through Facebook and/or LinkedIn)
  • Ask user for their social security number (this can be automated)
  • Ask for a copy of their driver’s license, passport or a recent utilities bill that shows their name (this will be labor intensive)
  • Ask for a notarized copy of their passport or birth certificate, or a public notary identity form.

Obviously all these approaches involved different levels of automation and also vastly different levels of inconvenience to the user. Only you can decide what the ideal tradeoff between inconvenience and accuracy is for your site.

I would not try to “reinvent the wheel” here. Sites like Facebook, LinkedIn, and dating sites have spent a lot of time thinking about verification and spam, so study them carefully to understand why they made the choices they did. Unless your site has unusually high need for verification, I suspect that an existing approach will be suitable for you….but only you can answer that question.