Solving for privacy:
Our approach to keeping information safe
We believe that privacy is a fundamental human right—one that should not have to be sacrificed in order to use vital financial or identity services.
This belief has guided the development of every part of Worldcoin. It’s why we do not, and never will, sell anyone’s personal data, including biometric data. It’s also why we ensure all data is securely encrypted and give people full control over the deletion of their account information and images.
But our commitment to privacy doesn’t stop there. Below are additional steps we’ve taken to protect personal information, along with important context and work that lies ahead. You can read our full privacy statement here.
The uniqueness challenge: Proving personhood
Understanding privacy protections at Worldcoin starts with context.
Our aim is to enable universal access to the global economy. To help do this, we’re working to distribute a new digital token freely to billions of people, including those without a passport or legal identification. But how can we ensure each person only claims their allotted share once? Put another way, how can a unique individual prove that they’re doing something for the first time?
To solve this problem, we first developed a privacy-preserving iris imaging device called the Orb. The Orb verifies an individual’s personhood using iris biometrics, which are unique and extremely difficult to falsify. We then created World ID, a platform that allows people who have verified their unique personhood to anonymously share this proof online.
The anonymity challenge: Protecting privacy
The solution to the challenge of proving unique personhood led us to another critically important question: how can we use biometric technology in a way that resolutely protects privacy?
Our answer to this question is complex in its execution but simple to understand in principle: at Worldcoin, people fully control their own data, and privacy is paramount. This means that:
- Images collected by the Orb are promptly deleted unless explicitly requested by the person signing up
- By default, the only personal data that leaves the Orb is a message containing a numerical representation of the most important features of the image, the iris code, to validate uniqueness
- World ID is designed to be completely disconnected from a person’s biometric data, including their iris code
- World ID uses zero knowledge proofs (ZKP) that allow people to share specific information, such as proof of unique personhood, without disclosing any additional personal data
- World ID currently uses an open source protocol known as Semaphore to ensure that verifications are pseudonymous and cannot be tracked to a person’s identity
Additional privacy work ahead
The solutions we’ve implemented today are thorough, and we’re committed to continually pushing state of the art privacy protections moving forward. We will continue open sourcing both the Worldcoin protocol and the Orb to increase transparency, decentralization and resilience.
Just as strong as our commitment to privacy is our commitment to clear communication and transparency. We will continue to update you as new privacy tools and protocols are released, sharing both detailed information for those who are interested as well as high-level summaries that explain key developments in a way that’s easy to understand.
To stay up to date on privacy developments, subscribe to the Worldcoin newsletter at the bottom of this page.
This content is provided for informational purposes only and should not be relied on as legal, business, investment, or tax advice. The content speaks only as of the date indicated. Any projections, estimates, forecasts, targets and/or opinions expressed in these materials are subject to change without notice. Certain information contained in here may have been obtained from third-party sources. While taken from sources believed to be reliable, Worldcoin has not independently verified such information and makes no representations as to its accuracy.