What is VeriMe?

VeriMe is a global digital identity and personhood verification service for researchers. VeriMe provides researchers a secure digital identity with fine-grained control over sharing and enables verified access without exposing personal data. VeriMe is a cooperative platform, which means it is governed by its researcher users who guide its operation and ensure researchers maintain control over their identity credentials.  

Who should use VeriMe?

• Researchers: to prove their identity and personhood and present a privacy-first verification in research workflows. We are preserving privacy and control by only releasing data that has explicitly been approved by the researcher for release and is masked in a yes-no question. 

• Organizations (funders, facilities, research institutions, publishers, archives, and many other research systems): to verify the presence of an identity verification using government issued IDs WITHOUT directly collecting or storing this information. 

How is VeriMe different from or better than other verification services?

VeriMe is a privacy-first identity verification service built for researchers.  Researchers control their account and sharing settings. Only those verifications they explicitly approve to share are shared, and then only as yes-no questions. And, researchers can become Members of VeriMe Cooperative and participate in organization governance.  Our goal is for VeriMe to be directly integrated into existing systems for access to research data, facilities, resources, and dissemination workflows.  In this way, VeriMe eliminates the need for research systems, universities, and governments to collect and store sensitive personal information (PII) while also providing assurance that systems are being accessed by identity-verified users.

How do researchers use VeriMe?

To use VeriMe, researchers will need to have access to the internet, a browser interface, and a cell phone.  

• Verifying that you are a confirmed digital actor: Self-identified researchers can create a basic VeriMe account for free. In this account, researchers can share that they have an active VeriMe account by verifying that they have confirmed their email address, have linked to external accounts (such as additional email addresses and/or their ORCID account), and have secured their account with multi-factor authentication (such as a fingerprint, faceID, or a texted code). 

• Verifying that your digital actions are being performed as you as a person. A growing number of digital actors are not people, for example bots. As a result, scholarship organizations are increasingly seeking ways to verify that the digital actors that they interact with represent people.  Researchers who opt to become VeriMe Members will be able to use the platform to confirm that their identity and personhood have been independently verified through official documents and a personhood check. VeriMe Members and also participate in governance of the VeriMe organization.  

• Making choices about what you share with others. Researchers can manage sharing settings including the ability to share their account status. Although the information collected to verify your account and personhood can be sensitive, the information that you choose to share never is. Instead, the VeriMe platform uses yes-no questions to share the verifications that you choose to release. These proofs are cryptographically verified calculations that can answer a question like “Am I interacting with a person?” without sharing the specifics of your ID or other information that you shared to verify your personhood.

What information does VeriMe collect?

VeriMe collects information for the purposes of account management and safe and secure operations of the service. We store only that information needed for business purposes (such as Help Desk and account duplicate management, audit and logging data to operate the service). We store user settings including sharing settings.

• Basic (free) account:  We collect name, email address, mobile number, and external account information (email, ORCID iD) provided by the account holder.  

• Member account: VeriMe uses a third-party service provider for identity and personhood verification.  This provider is SOC2, UKAS, and e-IDVT certified; GDPR Ready; and is compliant with Level 1 and Level 2 ISO 30107-3, ISO 27001 and 27018. 

What information does VeriMe share?

VeriMe shares only that information the account holder indicates in their sharing settings and defaults to ‘not shared’. VeriMe accounts are one person to one account and the existence of an account will be used to detect duplicate identities. Account holders are able to manage sharing settings as well as see what information is shared for each type of verification. VeriMe shares verification information as “zero-knowledge proofs”, so that a requesting party will see only that the verification is or is not completed, but no specific details or documents. The user account dashboard includes a log of each request and what information was requested. VeriMe will recommend effective dating of information as attestations may change over time.

How can researchers share their identity credentials with requesting parties?

Researchers with a VeriMe account can determine which of their identity verifications are shared in their account settings. To be visible to requesting parties, researchers will need to at a minimum link to their ORCID record and permit requesting parties to see account status (account exists with this ORCID iD: yes/no) Requesting parties will be able to query the VeriMe account database using ORCID iDs, or may integrate VeriMe services directly into their workflow or platform.  VeriMe will also make it possible for researchers to share their identity credentials in other transports such as Apple, Google, Web3, or other types of wallets. 

How do identity requesting parties use VeriMe?

Requesting parties – including funders, facilities, research institutions, publishers, archives, and many other research systems – can query the VeriMe account database using ORCID iDs to determine if a VeriMe account associated with that ORCID iD exists.  Depending on the account sharing settings, the requesting party may also be able to see what additional level of identity verifications the account holder has completed.  To run these queries, requesting parties will need to subscribe to VeriMe services, which includes an annual fee and an allocation of “vouchers” to provide researchers.  Subscribers may also purchase additional baskets of vouchers.

What technologies does VeriMe use?

In addition to third-party verification services, VeriMe has a cloud-first outlook for its technology stack and development practices. Where necessary, third-party services help VeriMe achieve Service Level Agreements for high availability, business continuity alongside integrity and velocity of operations, and delivery of functionality:

• Application Stack:  React, Vite, with Javascript for the front end 

• Backend Database: Postgres leveraging edge functions platform

• Web Front End: Cloudflare (DDOS, security protections and zero trust services)

• Various APIs including the ORCID public API, Wallet technologies, and the Stripe payments portal 

How is VeriMe funded?

VeriMe has four funding sources.  

• Founders are self-funding the cooperative to develop the initial launch product.  Founders have an agreement with the cooperative in recognition of this investment. 

• Investors may contribute funds to the initial development in the form of long-term low-interest loans. Investors do not gain equity shares in VeriMe.  Instead, we are seeking investors who are closely aligned with the VeriMe purpose and product offering and receive benefit from their investment largely in the form of needed functionality to support and transform their business operations without having to make a sustained staffing investment. VeriMe consolidates the work of identity verification so that the businesses that use our services can focus on their primary purpose. 

• Researchers fund the cooperative through their annual Membership fee.  These may be defrayed in part or whole through Subscriber vouchers.

• Subscribers fund the cooperative through annual Subscription fees and through optional service fees for baskets of vouchers.

Why does it matter that VeriMe is a cooperative?

Since research infrastructure derives value from researcher participation, VeriMe has developed a cooperative organizational and governance structure that recognizes and rewards researcher participation.  We also recognize the people who build VeriMe in this structure.  Researchers and staff may participate as VeriMe Members, and take part in our governance as well as patronage distributions.  Members are responsible for ensuring VeriMe remains aligned with our principles, reviewing our budget, and for assuring our living will provisions.  

How can I become a VeriMe Member?

Our bylaws and membership agreement are available on our website Purpose and Principles page for review.  We are taking membership inquiries starting in July 2025 and will be releasing membership functionality with our MVP later this year.

How can I trust VeriMe?

Trust is built over time.  VeriMe is operating in a space that requires sensitivity to personal preference along with very careful attention to protocol and privacy.  We are designing our systems to allow for researchers to easily manage their sharing settings while also limiting the data we collect and store, hashing the data we do collect, and forward-designing to minimize threats.  We will not launch until we have formalized our privacy policy and terms and conditions of use.  We are committed to open research infrastructure principles. And, as a cooperative, we have embedded protocols and accountability into how we do our work with our communities.  We are and will continue to strive each day to earn and maintain your trust.

When will VeriMe be available?

We are currently developing a platform prototype and are raising funds to support development of an MVP.  We are currently iterating versions of the concept with a goal to launch in September/October 2025. The launch will include the Researcher account including sharing settings, dashboard, membership and governance portal, and verification protocols; Subscriber portal including query interface and API; documentation, agreements, and privacy policy.

How does VeriMe handle privacy?

Account holders control their account sharing settings. VeriMe is using trusted third-party services for verification protocols.  In addition to our privacy policies and cooperative governance, we are embedding GDPR and other relevant privacy regulations into our operations, and will undergo annual privacy audits to ensure compliance.

Is VeriMe an open platform?

VeriMe is aligned with open research infrastructure policies.  Users can create an account for free. We have open documentation, open financials, and a transition plan that prevents an equity-based acquisition. To the extent possible for a platform that engages with privacy and security, we will be open sourcing our code. 

Who can use VeriMe?

Anyone who self-identifies as a researcher may use VeriMe services.  All of our account use cases are based on research workflows. 

How can VeriMe verifications be shared?

VeriMe verification results may only be shared through the VeriMe API. The API schema will be openly available.  API users will be required to register with VeriMe and complete a trust and subscription agreement. 

How does VeriMe interact with external systems?

VeriMe interacts with external systems via authenticated API calls.  Account holders can link to external accounts through API-mediated authenticated sign-on protocols.  Requesting parties must be active Subscribers and may access the VeriMe database services using VeriMe API services directly or via a query interface. 

Can I link my VeriMe account to other accounts?

Yes. Account holders may link their VeriMe account to multiple email accounts as well as to their ORCID record.  Account holders may also link to wallet accounts such as TruVera.

How does VeriMe interact with ORCID?

VeriMe and ORCID provide important and complementary functionality to researchers.  ORCID provides a platform where researchers can obtain a persistent identifier that can be used as they interact with research systems, and also store information about their contributions such as papers and datasets. ORCID does not prove identity, rather the ORCID record is an agglomeration of research activity with transparent trust markers that over time develops a reputational profile of an individual through their work. 

VeriMe is focused on identity proofing: is this person who they say they are?  The VeriMe identity verification result can augment the ORCID record by providing an additional Trust Marker to user records that link to a verified VeriMe account.  And the converse is also true: ORCID trust markers can augment VeriMe accounts by providing a “proof of researcher”.