[members-discuss] End user (natural person) ID check: sensitive documents stored to "idenfy.com" ?
- Previous message (by thread): [members-discuss] End user (natural person) ID check: sensitive documents stored to "idenfy.com" ?
- Next message (by thread): [members-discuss] RIPE NCC forum, Community Projects Fund suggestions
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Lennart Seitz
mail at lseitz.de
Fri Apr 26 10:33:33 CEST 2024
Hi, i was also quite shocked to see that such critical data is outsourced to 3rd party. Isn’t the Sponsoring-LIR supposed to check the identity of the End-user? Why is an additional check via a 3rd party necessary? Also interesting to notice on this topic: for other legal form (for example GmbH), a registration paper is authorization enough. This can be grabbed publicly (atleast in Germany) by everybody for a few bucks. Why is it required for End-users to upload sensitive documents while for other legal forms, public available information is enough? BR, Lennart Am 26.04.2024 um 09:15 schrieb Maxi: > Idenfy is used for an amount of time. Atleast one year. > > Idenfy themself state that they delete the data right after verification. > > See here https://www.idenfy.com/security/ > > However… that is all payed for by the LIRs. It would there for be nice > to integrate it in a way, that the LIRs could use the information for > their contract themself. As in we can get access to the result to > fulfill the standard agreement. > > It’s a waste of resources to require an identification from the LIR > just to then do another one. >> On 25. Apr 2024, at 17:19, Clement Cavadore via members-discuss >> <members-discuss at ripe.net> wrote: >> >> Dear all, >> >> I, as LIR, have received requests from RIPE NCC, as they are running a >> project to verify all the resource holders registered with them, to >> check the ID of some of our end users (natural persons). We have been >> provided links to a third party organization which (I think) runs ID >> check on behalf of RIPE NCC. >> >> The URL for those check is ivs.idenfy.com/<something>. >> >> The fact is that: >> - We do not have any information regarding how those sensitive >> documents are processed (and stored ?) >> - the URL is hosted bedhind an AWS URL, and this is not really an >> acceptable solution for RGPD. >> >> Could we please have more infos on this ? >> >> Thanks in advance >> >> Clément Cavadore >> >> _______________________________________________ >> members-discuss mailing list >> members-discuss at ripe.net >> https://lists.ripe.net/mailman/listinfo/members-discuss >> Unsubscribe: >> https://lists.ripe.net/mailman/options/members-discuss/maxi%40zeug.co > > _______________________________________________ > members-discuss mailing list > members-discuss at ripe.net > https://lists.ripe.net/mailman/listinfo/members-discuss > Unsubscribe: https://lists.ripe.net/mailman/options/members-discuss/mail%40lseitz.de
- Previous message (by thread): [members-discuss] End user (natural person) ID check: sensitive documents stored to "idenfy.com" ?
- Next message (by thread): [members-discuss] RIPE NCC forum, Community Projects Fund suggestions
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]