Enforcement for bot abuse & ban evasion

Make bans cost more
than a new email.

lemma.id gives your site a stable, site-private ID for each verified human — so you can tell when the same person is on your platform, keep one person per account when your policy requires it, and make bans stick when they rotate email or proxy. Your servers never store ID documents, legal names, or dates of birth.

Add to Your Site See the Demo
Liveness-checked humans, not bots
Same human, stable on your site
No ID documents on your servers

Built for platforms where banned users come back — marketplaces, ticketing, gaming, social apps, free trials, and rewards programs.

Example

A scalper creates 500 accounts. Your bot system catches 200 and bans them. Tomorrow, the same operator returns with new emails, SIMs, and proxies. With lemma.id, your site recognizes the same verified person behind each account — so a banned operator can't slip back with a fresh email, and a legitimate user keeps the same human binding across sessions.

Why teams choose lemma.id

Enforcement without the data liability

Your site stores a human verdict and a site-private PPID — a stable per-person ID on your domain, not a KYC record. Verification runs at the IDV issuer; routine checks run locally in the browser.

lemma.id + your site Auth0 / Google SSO Direct KYC on your stack
Your servers store human + ~80-char PPID Email, name, shared sub ID images, name, DOB, reports
Cross-site linkability Different PPID per site Same user ID across apps You own the identity store
Return-visit checks Local — no lemma.id call Server token validation Vendor re-query or re-verify
Same person on your site Stable site-private PPID per human Lost when email or login changes Manual match across records
Ban survives rotation Person-root binding New email = new account Strong, but you run KYC

Full trust & data comparison →

How it works

Bind, detect, enforce

Know when the same verified human is on your platform — then enforce, limit to one account, or keep a trusted binding when your policy requires it.

1

Bind

Each account links to one verified person via a site-private PPID. The same human always presents the same ID on your platform — even after email, device, or password changes.

2

Detect

Your fraud and abuse tooling flags bad behavior — lemma.id doesn't replace detection.

3

Enforce

Block the person and require fresh IDV to return. Swapping email, SIM, or IP won't mint a clean account.

Before

Bot detected → account banned → attacker rotates email, SIM, or proxy → new account, free

With lemma.id

Bot detected → account tied to verified-person root → site-private PPID blocked → must pass fresh IDV to return

See the full verification flow and data model →

Developer integration

Integrate in two lines

Most users never see verification. Suspicious users do. Local signed proofs keep routine checks fast and private.

Integrate in two lines
<script src="https://lemma.id/sdk/ishuman-verifier.js"></script>
<script>new IsHumanVerifier({ siteId: 'your-site-id' }).verify();</script>
View integration docs See the demo

Product boundaries

What lemma.id is not

Clear boundaries build trust. It's an enforcement layer — not a full fraud stack replacement.

Not bot detection

Your tools find suspicious behavior. lemma.id makes the consequence stick.

Not a global public identity

Each site gets its own stable ID for the same human — not one shared identifier across the whole web.

Not an identity store you run

Your servers hold a verdict and a PPID — not ID documents, names, or dates of birth.

What it is: a site-scoped human binding layer — recognize the same verified person on your platform, keep one person per account when you need to, and make bans stick when they don't. Read more about the approach →

Learn more

Each page goes deeper on one aspect — without repeating the full homepage story.

Trust & data model About the approach Integration docs Live demo Pricing For IDV providers Privacy policy

Give Your Bans Teeth

Give your site a stable human ID per person — for enforcement, one-account policies, or keeping the same verified user when you need to.

Add to Your Site Watch Demo

Bind • Detect • Enforce