Privacy Bill of Rights
ID.me has built rigorous security and privacy requirements into our technology from inception. We are an ethical steward of your personal information and are committed to supporting your rights:
- You are solely in control of your own data.
- You must provide consent before we will share any information.
- You can see all authorized apps and data elements shared in your My Account portal.
- You can revoke access to your data for any authorized app at any time.
- You may destroy your ID.me credential and associated data at any time.*
We provide a secure digital identity network that:
- Increases access rates to critical services in government and the private sector.
- Empowers individuals to control their own data to streamline access, eliminating the need to create multiple passwords and share credentials frequently.
- Voluntarily upholds leading privacy rights, such as those mandated by the California Consumer Privacy Act (CCPA).
- Is certified against the leading Federal standards including compliance with NIST 800-63-3 and FedRAMP Moderate ATO.
- Is interoperable with leading industry standards.
* Some data related to NIST 800-63-3 credentials will be retained after account deletion solely for fraud prevention and government auditing purposes.
Additional Information and Support
How does ID.me protect my information?
ID.me uses state-of-the-art technology and and access control procedures to safeguard your personal data.
How does ID.me use my information?
ID.me does not sell, lead, or trade biometric data to any third parties or derive any profit from the sale, lease or trade of biometric data.
What is biometric data?
During the verification process, you may be asked to take a selfie (a photo of your face) that will be compared to your documents. This is face matching, similar to how a smart phone uses FaceID to unlock.