As platforms race to prove users are human, they keep reaching for the same tool: more sensitive data. The next wave of accounts will not be human at all. Concordium offers a different answer for both: prove the person, without passing the person around.
On 8 July 2026, an updated privacy policy takes effect at one of the most safety-conscious names in artificial intelligence. Some Claude users may be asked to verify their age or identity. Not with a password. Depending on the method, the check can involve a government ID, a live selfie or video, and what the policy itself calls a facial geometry template: a numerical map of the face that Anthropic acknowledges may count as biometric data in some jurisdictions.
To be clear, Anthropic says verification data is not used to train its models, and that ID and selfie data are held by Persona rather than copied into Anthropic’s own systems. That does not remove the architectural issue. It narrows it.
Anthropic is not an outlier. OpenAI runs identity checks for some higher-capability access. Google has begun estimating users’ ages with machine learning across its products, falling back to a selfie, a credit card, or a government ID when its model is unsure. Governments are pushing the same checks toward the device, from Australia’s under-16 social media ban to the UK’s Online Safety Act.
The direction of travel is settled. What almost no one is questioning is the shape of the thing being built, and who it will have to scale to next.
The Data You Cannot Reissue
A password is a secret you can change. A face is not, and neither is a date of birth. When a verification flow requires a document image and a facial geometry template to confirm an account, it still creates a store of the exact data an attacker most wants, attached to a real person who can never swap it out afterwards.
A reputable processor can limit retention and delete after matching. But the model still requires the data to exist, to travel, and to be matched at least once. That is the honey-pot problem, and it is structural. It appears because the architecture asks the operator to hold the data in the first place.
The legal system already understands the weight of this. Illinois treats facial geometry as protected biometric data, with statutory damages per violation; Facebook settled one such claim for 650 million dollars in 2021. In Europe, biometric data sits in a special category under data protection law. Regulators do not attach that weight to email addresses. They attach it to the things you cannot take back.
Now Multiply It By Every Agent
The human version of this problem is already large. The version arriving next is larger, because the next wave of accounts will not be people.
AI Agents are beginning to make payments, sign for services, and place orders on behalf of people who are not watching every step. An agent reaches a merchant’s checkout. The merchant has to answer the same question a verification popup asks a human: who is accountable here? Is this agent authorised to spend? Who stands behind it if something goes wrong?
The industry’s instinct will be to answer the way it does for people: build a registry, collect more data, create another identity store, and make each vendor responsible for its own database. That may work inside one system. It does not work across an economy. Each new agent registry becomes another honey-pot, valid inside its own walls and opaque outside them. Each tells you something about the agent, but not enough about the verified human, account, or authority behind it.
An anchor alone is not enough. ERC-8004 gives agents a standard way to be discovered and referenced, but discovery is not accountability. Without a verified link to the human or entity that authorised it, an agent is just an address with a label.
Verify the Human, Inherit the Trust
Concordium starts from a different premise: not how to store identity data safely, but how to prove a fact about a person without every platform holding the data behind it.
It begins with identity. Before an account holds a token or sends a transaction, the person verifies who they are, once, with a trusted Identity Provider operating under an established regulatory framework. That identity then lives in two places: the person’s own wallet, and the Identity Provider’s secure database. The infrastucture stores none of it.
From there, the identity layer works through Zero-Knowledge Proofs. Prove you are over 18 without showing your date of birth. Prove you live in Europe without giving your address. Prove you are a real, verified human without surrendering your face to every service that asks. The proof travels. The data stays put.
The same architecture carries straight into agents. A verified human operates through a verified account. An AI Agent acting through that account inherits the relevant credential status without ever touching the personal data behind it.
The merchant receives proof that the actor is authorised and accountable, without receiving the human’s document, face, address, or identity file. The Concordium Agent Registry gives the agent an on-chain anchor; the Agent IDP issues credentials it can prove without exposing the data underneath. An agent stops being an address with a label and becomes an accountable actor in a system where the user’s identity stays protected.
This is privacy with accountability, not anonymity. The link between an account and a verified human exists. It is encrypted, split across independent parties, and reachable only through a court order under Swiss jurisdiction.
The Protocol Was Always Built for This
None of this was retrofitted. Concordium’s mandatory identity requirement was built into the protocol before AI Agents were a market category. It turns out to be exactly what agentic commerce now demands: Protocol-Level Tokens that only verified accounts can hold, and Verify & Pay, where a single proof confirms eligibility and authorises settlement in one step, with no document upload and no data handoff.
The rest of the industry is discovering that verified identity matters and reaching for the only tool it has: collect more data, hold it more carefully, hope the database holds. Concordium’s claim is narrower and more structural.
You do not have to hold the data at all. You can prove the fact and keep the face. Verified humans and verified agents should not need separate identity systems, separate trust models, and separate stores of sensitive data. They should operate on the same identity layer, with the same proof logic and the same privacy guarantees.
Verified Humans. Verified Agents. One Protocol.
So before the next verification popup appears, for a person or an agent, every platform racing to verify users should have to answer one question: after my face has been matched, where does it go, who can access it, and why did you need to keep it at all?
