Site-private human verification

Make abuse harder to rotate
without becoming an identity database.

lemma.id gives your site a stable, site-private human ID for each verified person. You can recognize the same human across accounts or sessions, enforce one-person policies, and make bans stick, without receiving names, ID documents, selfies, dates of birth, or a reusable cross-site ID.

Add to Your Site See the Demo
Liveness-checked humans, not bots
Same human, stable on your site
No ID documents on your servers

Built for platforms where banned users come back — marketplaces, ticketing, gaming, social apps, free trials, and rewards programs.

Example

A scalper creates 500 accounts. Your bot system catches 200 and bans them. Tomorrow, the same operator returns with new emails, SIMs, and proxies. With lemma.id, your site recognizes the same verified person behind each account — so a banned operator can't slip back with a fresh email, and a legitimate user keeps the same human binding across sessions.

Why teams choose lemma.id

Enforcement without the data liability

Your site stores a human verdict and a site-private PPID — a stable per-person ID on your domain, not a KYC record. Verification runs at the IDV issuer; routine checks run locally in the browser.

lemma.id + your site Auth0 / Google SSO Direct KYC on your stack
Your servers store human + ~80-char PPID Email, name, shared sub ID images, name, DOB, reports
Cross-site linkability Different PPID per site Same user ID across apps You own the identity store
Return-visit checks Local — no lemma.id call Server token validation Vendor re-query or re-verify
Same person on your site Stable site-private PPID per human Lost when email or login changes Manual match across records
Ban survives rotation Person-root binding New email = new account Strong, but you run KYC

Full trust & data comparison →

How it works

Bind, detect, enforce

Know when the same verified human is on your platform — then enforce, limit to one account, or keep a trusted binding when your policy requires it.

1

Bind

Each account links to one verified person via a site-private PPID. The same human always presents the same ID on your platform — even after email, device, or password changes.

2

Detect

Your fraud and abuse tooling flags bad behavior — lemma.id doesn't replace detection.

3

Enforce

Block the person and require fresh IDV to return. Swapping email, SIM, or IP won't mint a clean account.

Before

Bot detected → account banned → attacker rotates email, SIM, or proxy → new account, free

With lemma.id

Bot detected → account tied to the same verified human → site-private ID blocked → must pass fresh IDV to return

See the full verification flow and data model →

Developer integration

Integrate with a signed presentation

Most users never see verification. Suspicious users do. Signed presentations let your backend verify the same site-private human ID without storing KYC data.

Recommended signup gate
<script src="https://lemma.id/sdk/ishuman-verifier.js"></script>
<script>
  const verifier = new IsHumanVerifier({ siteId: 'app.example.com' });
  const { ok, presentation } = await verifier.verifyForBackend({ autoProvision: true });
  if (!ok) throw new Error('not_verified');
  await fetch('/api/signup', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({ presentation }),
  });
</script>
View integration docs See the demo

Product boundaries

What lemma.id is not

Clear boundaries build trust. It's an enforcement layer — not a full fraud stack replacement.

Not bot detection

Your tools find suspicious behavior. lemma.id makes the consequence stick.

Not a global public identity

Each site gets its own stable ID for the same human — not one shared identifier across the whole web.

Not an identity store you run

Your servers hold a verdict and a PPID — not ID documents, names, or dates of birth.

What it is: a site-scoped human binding layer — recognize the same verified person on your platform, keep one person per account when you need to, and make bans stick when they don't. Read more about the approach →

Learn more

Each page goes deeper on one aspect — without repeating the full homepage story.

Trust & data model About the approach Integration docs Live demo Pricing For IDV providers Privacy policy

Give Your Bans Teeth

Give your site a stable human ID per person — for enforcement, one-account policies, or keeping the same verified user when you need to.

Add to Your Site Watch Demo

Bind • Detect • Enforce