No, quite the opposite. Yoti helps to protect you from identity fraud in two ways.
- How we share information
Think about a time when you've used your driving licence to prove your identity. Perhaps someone just wanted to confirm your age. But instead of showing just that information, you actually show them all the information on your driving license, including your name, address, signature and driving licence number.
At Yoti, we believe in only sharing the information that the other person or business actually needs to know, and nothing else. Data protection law calls this approach ‘data minimisation’. That's why we allow you to choose whether to share the information a third party is requesting, and why we allow websites and stores to, for example, just request the fact that you’re over a certain age.
- Data storage
Traditionally, companies would collect lots of customer information and put it in one place (often not encrypted). This made it vulnerable to cyber criminals – if they ‘hacked’ the database then they were able to access every customer’s data
Yoti’s system has been carefully designed so it doesn’t work like that. We use more than one layer of encryption when storing your data. As well as global encryption across the entire database, each item of an individual’s data is encrypted with its own unique encryption key, part of which is stored on that individual’s phone.
Think of it like a bank vault, with deposit boxes inside. Each shareable item of your data is locked in its own individual deposit box (each randomly placed around the vault, and can’t be located or opened without your key). In Yoti’s system, even if hackers broke into the vault, they still would not be able to open all the individual deposit boxes – they would need the keys from every user’s phone.
Carrying the analogy further, it’s worth pointing out that even we at Yoti don’t have the keys to any of the individual deposit boxes inside our vault, nor do we know the random locations of each user’s boxes: only you can find and unlock your own boxes, with the key on your own phone.
We're a security company at heart. If we weren't confident that we could keep your details safe, we wouldn’t release products.