Yoti September 6, 2023

How we build Digital IDs with privacy and security at their core

profile picture Rachael Trotman 6 min read
An illustration of a padlock with the Yoti logo sitting at the centre. Alongside this are three smaller icons showing that the app is free (represented by a pound sign that has been crossed out, cannot be hacked (represented by a pickaxe that has been crossed out) or seen by any third parties (represented by an eye that has been crossed out).

We’re committed to making the digital world safer for everyone. Yoti was created as we wanted to give every person a secure way of proving their age or identity. It’s quite literally why we exist. So it only made sense that we’ve built our Digital ID apps with privacy and security at their core.

We’re building technology that makes it easier and safer for you to go about your business, but that doesn’t mean we have to know your business. Just as the right to an identity is a fundamental human right, so is the right to privacy. And we’ll never forget that.

 

We keep your data secure

Compared to showing physical documents every time you need to prove your identity, our Digital ID apps give you a safer, more private way to prove who you are. The apps have been carefully designed to put you in control of your personal data, protecting your privacy at all times.

The technology behind our Digital ID apps means that it is impossible for anyone other than you to control your data.

 

How do we do this?

Well, we’ve taken a radical new approach to protecting personal information. We store each individual piece of your data separately instead of storing it as a single record in one big database.

Each piece of data is encrypted, made unreadable and then stored individually. Think of each piece of data being locked in its own safe, which only you can unlock. You literally hold the key – your own private one called an encryption key that gives you, and you alone, access to your information. The only place that this encrypted key is stored is within your phone. The key to your data is in your hands, and your hands only.

We can’t and never will identify you when you use your Digital ID to share personal information with a business or another person. We can’t see the specific information you’ve shared, and we can’t track you once you’ve downloaded the app. We put you in charge of your data and you always have to consent to share your information – because that’s how it should be.

 

We’re a hacker’s nightmare

If hackers broke in, they still wouldn’t be able to open all the individual safes, because they’d need the encryption keys from every user’s phone. To do this, they’d need to physically have every user’s phone.

Our database is protected by high-level security and the hottest of firewalls. We also follow the highest standards of security. We’re certified to meet SOC 2 Type II and ISO/IEC 27001, the global gold standard for information security management.

 

We’re not in the business of selling data

We can’t sell your information to third parties for marketing or any other purpose. Because of how the technology is built, it’s literally impossible for us to do it. We can’t send you emails or texts as we can’t access your personal information.

Instead, we give you the power to control what information to share, who to share it with and when to share it. You’ll then get a receipt to confirm what you’ve shared and who you’ve shared it with. At no point during this do we get access to your personal data, nor do we want to.

 

We make it safer for you to prove who you are

A Digital ID is actually more private and secure than showing a physical identity document. Every time you show an ID you reveal so much personal information about yourself – your date of birth, full name, passport number, photo and so on. Our apps allow you to share specific information, such as your age or that you’re ‘over 18’. It’s an easier, safer, and more private way to prove your age or identity.

You’re also protected if you lose your phone or if it ends up in the wrong hands. Your Digital ID is protected by multi-factor authentication. It’s linked to your phone, protected by a PIN that only you should know, and linked to your personal biometrics for added security. Hopefully, you’ve also got a lock screen on your phone with a strong code or biometrics.

This means you’re actually more protected against the risks of identity theft compared to if someone were to find your passport or driving licence – as they would have all of your personal details in their hands.

 

Privacy: it’s what we do

Privacy and security are at the heart of everything we do at Yoti. From the way we build our products, our security certifications and audits, our unique approach to data storage and our ethical principles – we are committed to upholding the highest security standards throughout every part of our business.

Our seven principles guide our everyday decisions and ensure that we always strive to do the right thing. They have a strong focus on how we enable privacy and anonymity, how we keep sensitive data secure, and how we’re transparent and held accountable.

To ensure that we’re always held accountable we’re advised by our Guardian Council, an independent ethics board made up of experts in human rights, data privacy and last mile tech. They help us to navigate the complex world of identity. They bring their expertise to the table, help us to stay consistent with our mission, and ensure that your data stays safe.

We hope this gives you some insight into why our Digital ID apps are as privacy-preserving and secure as possible. If you’ve got any more questions that we’ve not answered, you can get in touch with us here.

Keep reading

A decorative image of various people interacting with their devices and identity documents. The text on the image reads "Predictions: 2025".
Articles January 9, 2025

What’s in store for 2025

As we get our heads back into work after the festive break, our team has shared a look at what’s coming up in 2025.    A significant year for online safety 2025 will be a year of action. It will be a significant year for online safety, with a number of regulations coming into effect. And they have already started. In Florida, a law came into effect on 1st January requiring social media platforms implement age checks to prevent children under 14 from creating accounts. Additionally, children aged between 14-15 years old must get parental consent to create an

#yoti
Rachael Trotman Rachael Trotman
7 min read
An image of a woman wearing a Santa hat and smiling at her phone.
Articles December 19, 2024

Stop identity thieves from stealing your Christmas

The festive period is a time for giving, celebrating and spending quality time with loved ones. Unfortunately, it’s also prime season for fraudsters looking to take advantage of unsuspecting shoppers. Instances of identity fraud skyrocket around Christmas, with someone in the UK scammed every 12 seconds. To help you stay one step ahead, here’s some practical steps you can take to protect yourself from identity theft.   Keep your devices secure In the UK, more than 4 in 5 of us do our shopping online. But as more of us shop from the comfort of our sofas, we still

#yoti
Amba Karsondas Amba Karsondas
8 min read
An image of Robin with accompanying text that reads "Thoughts from our CEO, Robin Tombs, December 2024".
Articles December 18, 2024

Thoughts from our CEO

In this blog series, our CEO Robin Tombs will be sharing his experience, whilst focusing on major themes, news and issues in the world of identity verification and age assurance. This month, Robin chats about using digital ID for buying alcohol, the safetytech that can prevent intimate image abuse, and privacy-preserving age checks.    Using digital ID to prove age when buying alcohol in pubs, restaurants and shops Ever since launching the Yoti ID app back in November 2016, users have told us they want to prove their age on their phone to buy alcohol at hundreds of thousands

#yoti
Rachael Trotman Rachael Trotman
7 min read