Claude Now Wants Your ID — KYC Comes to AI

Anthropic has begun requiring government-issued ID and a live selfie for certain Claude capabilities on consumer tiers (Free, Pro, Max), processed by third-party vendor Persona. The API, Team, and Enterprise plans are exempt. The move establishes a precedent of identity verification as a condition for accessing advanced AI features.

AI https://www.devclubhouse.com/c/ai News Claude Now Wants Your ID — KYC Comes to AI Anthropic gates certain Claude capabilities behind government-ID checks via Persona; here's who it actually hits and why the precedent matters. Priya Nair https://www.devclubhouse.com/u/priya nair For most of the chatbot era, the only thing standing between you and a frontier model was an email address and a credit card. That era is ending. Anthropic https://www.anthropic.com has begun gating parts of Claude behind government-issued ID and a live selfie, processed by a third-party verification vendor. The mechanics are mundane — upload a passport, smile at your webcam, wait under five minutes — but the direction is not. This is Know-Your-Customer, the compliance ritual that fintech and crypto exchanges spent a decade building, arriving at the front door of a general-purpose AI assistant. The thesis here is narrow but worth stating plainly: the direct blast radius for working developers is small today, because the API and enterprise tiers are carved out. The precedent — identity as the price of admission to certain model capabilities — is the part to watch, because the stated rationale is that it expands as agents get more powerful. What Anthropic is actually requiring The verified facts come straight from Anthropic's support documentation https://support.claude.com/en/articles/14328960-identity-verification-on-claude . When a verification prompt fires, you need a physical , original, government-issued photo ID — passport, driver's license, state/provincial card, or national identity card — plus a device with a camera for a live selfie. No photocopies, scans, screenshots, mobile driver's licenses, student badges, or temporary paper IDs. The flow is meant to take under five minutes, with retries for the usual failure modes blurry photo, bad lighting, expired document . The vendor is Persona https://withpersona.com , an established identity-verification platform. The data-handling story, as Anthropic tells it, is deliberately reassuring: Anthropic is the data controller setting the rules, Persona is the processor executing them, and your ID and selfie are stored on Persona's systems — not copied into Anthropic's. Anthropic says verification data is not used to train models, not sold, and not shared except under valid legal process. The Register and The New Stack both corroborate the policy update and those carve-outs, so this isn't one outlet's spin. Separately, Anthropic reserves the right to ban accounts even after successful verification — for repeated Usage Policy violations, account creation from an unsupported location, Terms of Service violations, or under-18 usage. Verification confirms who you are; it doesn't buy you immunity. The carve-out that decides whether you care Here's the line that matters for anyone shipping on Claude: reporting across multiple outlets indicates the identity requirement targets the consumer tiers — Free, Pro, and Max — while Team, Enterprise, and API plans are exempt . If your integration calls Claude through the API, or your org is on an enterprise contract, the consumer ID gate is not pointed at you. Your obligations remain the contractual and Usage-Policy ones you already signed up for. That carve-out makes engineering sense. KYC is fundamentally about pinning a real human to risky activity. Enterprise customers are already identity-bound through contracts, billing entities, and SSO; the API is metered, keyed, and attributable to an account with a payment relationship. The anonymous-ish consumer signup is the soft target for abuse, so that's where the friction lands first. The practical read: Building on the API / Enterprise? No change to your request path today. Don't re-architect around a prompt your service accounts won't see. Living in Claude Pro/Max for day-to-day coding, agentic runs, or claude CLI sessions? You're the population that can hit a verification wall. Plan for the interruption the way you'd plan for an MFA re-auth: it will eventually catch a session at an inconvenient moment. Running consumer-tier accounts inside automation scraping a Pro seat into a pipeline, sharing logins ? That's precisely the pattern KYC is designed to break. Migrate to the API. The trigger problem The genuinely unsatisfying part — and the legitimate complaint — is that nobody outside Anthropic knows what fires a check. The support page lists only that verification may appear when "accessing certain capabilities," during "routine platform integrity checks," or for "safety and compliance measures." That's three synonyms for we'll tell you when . There's no published trigger list and no clearly stated consequence for refusing beyond the implied loss of access. For a human clicking through a chat UI, an occasional five-minute detour is an annoyance. For anyone treating a consumer seat as infrastructure, undefined triggers are the opposite of what you design around — they're nondeterministic auth failures with no retry-after header and no documented backoff. A long-running agent that suddenly needs a human to photograph a passport is not an agent you can leave unattended. The honest engineering posture is to assume any consumer-tier capability can become identity-gated without warning, and to keep production workloads on a tier where that can't happen. There's also a quieter signal in the related help articles Anthropic surfaces alongside this one — age assurance and real-time cyber safeguards. Read together, they describe a platform that increasingly conditions which capabilities you get on what it knows about you . Capability-gating by identity is a meaningfully different model from the flat "pay and play" access developers grew up with. KYC comes to AI — and the parts to be skeptical of Strip away the novelty and this is the AI industry importing a fintech playbook wholesale: an outside KYC vendor, a controller/processor split, biometric selfie-to-ID matching, watchlist-style compliance language. Several secondary reports add detail — an effective date, a separate privacy-preserving age-only vendor that returns just a pass/fail, and privacy-policy language naming "facial geometry templates" that may count as biometric data in some jurisdictions. Treat those specifics as probably accurate but single-sourced ; the load-bearing, corroborated claims are the ones on Anthropic's own page. What deserves real scrutiny regardless of source: published retention limits there aren't clear ones , the absence of a stated refusal consequence, and the inherent risk of concentrating millions of government IDs and face scans in one vendor's systems — a honeypot is a honeypot no matter how good the contract language. "We don't store it, our processor does" is a meaningful legal distinction and a much smaller comfort to the person whose passport just got uploaded. The defensible judgement: this is a real, structural shift, not hype — but it's a consumer-tier shift for now. Anthropic is the first major US lab to codify ID checks this explicitly in a consumer policy, and where one frontier lab plants a compliance flag, the others tend to follow, especially under the same regulatory weather. If you build on the API, file this under "watch the trend, don't change your code." If you depend on a Pro or Max seat for anything you can't afford to have interrupted by a passport photo, this is your nudge to graduate to a tier where your identity — and your uptime — are settled in a contract, not a webcam prompt. Sources & further reading - Identity verification on Claude https://support.claude.com/en/articles/14328960-identity-verification-on-claude — support.claude.com - Anthropic Announces Identity Verification for Claude Users Starting July 8 | KuCoin https://www.kucoin.com/news/flash/anthropic-announces-identity-verification-for-claude-users-starting-july-8 — kucoin.com - Anthropic lays down identity verification on Claude - The New Stack https://thenewstack.io/anthropic-claude-identity-verification/ — thenewstack.io - Claude Identity Verification Starts July 8: What Facial Data Anthropic Collects https://www.techtimes.com/articles/318778/20260621/claude-identity-verification-starts-july-8-what-facial-data-anthropic-collects.htm — techtimes.com - Claude Identity Verification: Why It Exists, What You Need, and How Data Is Handled https://knightli.com/en/2026/04/16/claude-identity-verification-guide/ — knightli.com Priya Nair https://www.devclubhouse.com/u/priya nair · AI & Developer Experience Writer Priya covers AI frameworks, developer productivity tooling, and the startup ecosystem across South and Southeast Asia, bringing a researcher's rigour and a practitioner's empathy to every story. She is deeply sceptical of benchmarks and asks hard questions so her readers don't have to. Discussion 0 No comments yet Be the first to weigh in.