Veriff: The Global Identity Infrastructure

Veriff is building the identity layer for the internet. A platform that matches a person to a government-issued ID using just a selfie, helping companies verify users instantly and prevent fraud at global scale. What began in Estonia has grown into one of the world’s leading identity verification systems, processing hundreds of millions of verifications and analyzing thousands of signals per user to stop fraud in real time. In this conversation with YC's Gustaf Alstromer, founder Kaarel Kotkas talks about going from a high school prototype to serving global fintech and marketplace companies, why identity is really an infrastructure problem, how Veriff decides who’s real, and why he sees a future where your digital passport might be issued not by governments — but by Veriff. Learn more about Veriff at https://www.veriff.com. Chapters: 00:00 – How Veriff Started in a High School Computer Lab 01:52 – Why Online Identity Is an Infrastructure Problem 04:58 – Matching IDs With a Selfie 07:10 – Fighting Fraud in Fintech & Marketplaces 10:53 – Scaling Verification to a Global Platform 15:44 – YC, Early Breakthroughs, and Hard Lessons 20:31 – Deepfakes, Signals, and the New Threat Landscape 26:33 – Building a Mission-Driven Team 32:48 – The Digital Passport Vision

Gustaf AlstromerhostKaarel Kotkasguest

Dec 8, 202539mWatch on YouTube ↗

WHAT IT’S REALLY ABOUT

Veriff’s journey building global identity verification amid fraud, deepfakes, scale

Veriff verifies that a real, consenting person matches a government ID by combining selfie/ID capture with many behavioral and device signals rather than simple photo checks.
Kotkas discovered identity verification was easy to game, didn’t scale, and hurt conversion, pushing him to treat online identity as shared infrastructure instead of a compliance-only SaaS feature.
Early traction came from banks and Uber’s Estonia driver onboarding, followed by major scale waves from crypto (airdrop-driven fraud) and COVID-era digitization of previously offline processes.
YC initially rejected Veriff due to solo-founder risk and a severely diluted cap table, prompting Kotkas to add a co-founder, restructure ownership, and take a personal loan to buy back equity.
The next phase is an arms race against AI-driven impersonation, where Veriff emphasizes layered defenses (device integrity, motion/behavior, injected-media detection) and a broader “trusted person” concept beyond government IDs.

IDEAS WORTH REMEMBERING

5 ideas

Treat online identity as core infrastructure, not a compliance afterthought.

Kotkas argues that KYC done only to satisfy regulation doesn’t stop fraud; as payments and onboarding become real-time, identity accuracy must move “upstream” to prevent loss before transactions happen.

Robust verification requires many signals, not a single biometric or photo.

Veriff’s shift from “three pictures” to “1,000+ data points” reflects a layered approach—video, user behavior, device sensors, and camera integrity checks—to reduce spoofing and false confidence.

Independence can be a strategic moat in trust infrastructure.

When large companies wanted to buy Veriff instead of contracting, Kotkas resisted because neutrality enables cross-industry cooperation against fraud and avoids becoming a captive, single-platform feature.

Fixable founder problems (cap table, team) can unlock step-change opportunities.

After YC cited solo-founder risk and a “messed up” cap table, Kotkas added a co-founder and restructured ownership fast—showing that early structural mistakes don’t have to be fatal if addressed decisively.

Fraud scales fastest where incentives spike (free money, easy onboarding, global reach).

The blockchain.com Stellar airdrop illustrates “fraud follows the money”: global promotions triggered unprecedented volume and attack intensity, forcing Veriff to scale staff and systems simultaneously.

WORDS WORTH SAVING

5 quotes

We enable any website and mobile application to match the person with a government-issued ID... and match it with a selfie... within a single flow.

— Kaarel Kotkas

Instead of three pictures, you need to have over 1,000 data points... like video from the beginning till the end.

— Kaarel Kotkas

Complying with regulations don't prevent fraud.

— Kaarel Kotkas

Nothing is broken. Everything can be fixed.

— Kaarel Kotkas

Fraud always follows the money.

— Kaarel Kotkas

Origin story: Wise/TransferWise and hacking weak verificationIdentity as infrastructure vs compliance checkboxID + selfie flow and real-time liveness/consentGlobal variation: government registries and identity maturityFraud waves: fintech, marketplaces, crypto airdropsScaling operations: automation plus manual review hiring surgeYC lessons: cap table repair, co-founder addition, independenceDeepfakes and layered anti-spoofing signalsFuture vision: portable trust and a “digital passport” layer

High quality AI-generated summary created from speaker-labeled transcript.

Get more out of YouTube videos.

High quality summaries for YouTube videos. Accurate transcripts to search & find moments. Powered by ChatGPT & Claude AI.