Anthropic draws a hard line. Starting July 8 2026, access to Claude – whether on the Free, Pro or Max plan – will require identity verification. Users must upload a government‑issued photo ID (passport, driver’s license or national ID) and then capture a live selfie. This article explains how the verification flow works, what data is processed, and what practical implications this has for developers and end‑users.
Verification flow for Claude
Anthropic’s privacy policy, updated in June 2026, states that only original physical documents are accepted; digital copies or screenshots are rejected. The flow consists of steps:
- Document upload – The user selects a photo of their ID, which is run through an internal image‑analysis engine that checks for tampering.
- Live selfie – Next, the webcam captures a selfie. The system compares the face in the selfie with the photo on the ID using a facial‑matching algorithm. The match must exceed a predefined similarity threshold; otherwise verification fails.
- Final approval – After a successful match, a token is generated, marking the account as verified. This token, together with a minimal metadata payload (user ID, verification timestamp), is stored in Anthropic’s internal database.
The entire process is automated, with biometric data kept in memory only for the duration of verification. Once verification succeeds, the raw images are erased; only a representation of the facial geometry remains.
Data‑privacy and security considerations
Anthropic emphasizes that biometric data is not retained long‑term. Instead, facial‑geometry templates are stored in a pseudonymized form to prevent reuse.
A risk remains whenever sensitive data is centralized: a breach could expose immutable biometric traits. Anthropic mitigates this by conducting certain security measures. Developers embedding Claude should also avoid creating additional copies of image data.
Practical impact for users and developers
- Users – On first login they must have their ID ready and a working camera. The verification usually completes within a short time.
- Developers – When integrating Claude via the API, the verification token must be sent with each request. The token is valid for a certain period; after that a fresh verification is required. Server‑side token validation is recommended to prevent man‑in‑the‑middle attacks.
- Compliance – Organizations must ensure that processing biometric data complies with local regulations (e.g., GDPR Art. 9). Anthropic provides documentation of the technical and organizational measures used during verification.
Outlook
The mandatory identity check for Claude signals that major AI providers are moving toward stricter abuse‑prevention mechanisms. For the community it means anonymity will become less assumed, and solutions such as zero‑knowledge proofs for identity could see higher demand. Anyone using Claude today should incorporate the verification step into their onboarding flow to avoid service interruptions.
Sources
- Identitätsprüfung bei Claude: Ausweis und Gesicht nötig
- Anthropic führt als erster großer KI-Anbieter Pflicht-Identitätsprüfung ein
- KI-Chatbots sammeln immer mehr Nutzerdaten – Meta AI und ChatGPT an der Spitze - All About Security Das Online-Magazin zu Cybersecurity (Cybersicherheit). Ransomware, Phishing, IT-Sicherheit, Netzwerksicherheit, KI, Threats, DDoS, Identity & Access, Plattformsicherheit
- Claude Mythos, ChatGPT-5.5 und die Cybersicherheit
- Mit Claude Code Grenzen überschreiten und neue Wege gehen - All About Security Das Online-Magazin zu Cybersecurity (Cybersicherheit). Ransomware, Phishing, IT-Sicherheit, Netzwerksicherheit, KI, Threats, DDoS, Identity & Access, Plattformsicherheit
- Wie sicher sind Ihre Daten bei ChatGPT? Wie können Sie Ihre Daten schützen?