Posted by Corey on August 02, 2016
Due to laws and regulations at both the state and federal levels, we here at Kidney Puncher want to be sure we adapt to the new market. In light of the deeming regulations, by August 8th, we must verify the age/identity of every customer who shops with us. We have searched for several solutions for doing this, and have partnered with BlueCheck to adhere with the new laws. Although BlueCheck may seem invasive and many have concerns about providing this information online, understand we have to do this because of laws enacted by the FDA. If you want to change this, please communicate your displeasure with your local elected representatives and visit CASAA.org to fight for your right to vape!
When going through the checkout process, right before you enter your payment details, a small box will pop up guiding you through the age verification process. Below is a list of steps. If you have any issues, please email firstname.lastname@example.org
1. Enter your First Name, Middle Initial, and Last Name
2. Enter your Date of Birth, then phone number (Cell Number that can receive SMS, if not enter your phone number, and email email@example.com for further assistance.)
3. Enter the last 4 digits of your SSN
4. Now if you are 27 or older, and the information you provided matches the databases BlueCheck references, you will be sent a code to your phone via SMS, enter the code. You will now be allowed to finish entering your payment details and complete your order.
4a. If you are under the age of 27 or the information you entered could not be verified, you will then be asked to upload some pictures, so that BlueCheck can confirm your age manually.
5. First upload a picture of your ID Card that is clearly readable.
6. Second, upload a picture of the same ID card next to your face, yes they are asking for a selfie with your ID.
7. You will then see a message letting you know that you will receive an email when you are verified.
Once you receive the email that you are verified, go through the checkout process again, Bluecheck will pop up one more time, enter in your information, you will be sent a code to your phone via SMS, enter the code. You will now be allowed to finish entering your payment details and complete your order.
Frequently Asked Questions
As we work through this hurdle together we are sure there will be many questions. Alex Zeig, CEO of BlueCheck, has taken the time to answer questions from the community before on Reddit, by conducting an AMA (ask me anything). We encourage you to read through it, if you have any questions or concerns. Below is a few of the more frequently asked questions, answered by Alex.
How quick is the turn around for sending the photo of the ID and yourself with it to getting the O.K. to continue with the purchase?
Immediate - the majority of BlueCheck verifications happen within 5 mins and that's the goal we are aiming to keep. (KP Note: On non-business days, it can take up to 24 hours)
Why do you require the last four of SSN when others do not?
This has been a question that has plagued BlueCheck for a while! The original goal of BlueCheck was a simple way to verify that the person you were interacting with online was who they said they were. So the question becomes: What is the easiest, most frictionless way, to verify an identity? I’ve looked at everything from photo recognition to social media mapping to voice verification/biometrics (Dragon API). Everything always came back with some sort of hitch – either there was hardware required, or it wasn’t a ~100% match on a person, ie: people can create multiple social media profiles, to do biometrics you need a phone or webcam. We always came back to SSN – however as the outcry noted, it’s a big ask! But it’s the easiest and fastest way to verify identity. The issue, on the other end of the spectrum, is that some people (fin-tech, etc) feel that SSN isn’t valuable enough anymore. That there have been too many breaches. So for now, we feel comfortable drawing our line in the sand at SSN (it’s only last 4 btw) and doing extra validation on those we can’t automatically verify.
What do you do with the information submitted after you verify their age? I know the last 4 digits aren't stored, but what about the rest of the info? Are you keeping it? For what purpose?
BlueCheck does keep the remaining info – because our software is designed to allow the user (you) to easily verify your identity on any site. So the next time you go through Kidney Puncher, you won’t be asked for that information again. The alternative to not keeping the information would be asking for it every time – which isn’t a great user experience. Additionally, I’d love to know if the other systems keep your information once it’s submitted – and if they sell the data. I have a hunch, but that would be interesting. Put it this way, I think their business model is radically different than ours.
Can we, as the consumer, cross out any information on our ID we don't want to give out such as our SSN if it's on there or DL number?
Yes - what BlueCheck needs to see is the full license (to show it's not clipped), picture, full name, DOB, and the license #.
Are the photos then deleted after the info is submitted? Are you logging addresses and drivers license numbers as well?
Photos are deleted and neither address nor license number are stored in the BlueCheck system.
So after the age is verified, can customers then request that you delete them from your system? If so, how would they go about that?