Put another way "Hire for strength not lack of weakness."
Put yet another way, the strengths can yield asymmetric upside, while the weaknesses, if truly known and not deal-breakers, could have limited downsides, especially if it's a weakness like "doesn't have x years of experience"
thanks! so far the companies we’ve talked to are delaying full-blown reviews as long as possible because of the stage of company they’re in.
We certainly do work very closely with each company to work through their product and integrate as seamlessly as possible. whereas we don’t offer an official security review as of now, it is something we’re considering for the future. would love to chat, DMing you now!
thank you! We’re starting out of the gate with COPPA and will fast-follow with GDPR so we currently cover the United States (in English).
re: spoofing. this is a tough problem to solve and no existing solution guarantees this. we would be able to see suspicious behavior though like multiple verification attempts, time between submission and verification, etc.
Changing regulations is tough. We work with a privacy lawyer to keep us abreast of changing policy and have researchers maintain a database of applicable state, federal, and international laws as well as recent lawsuits.
Financial KYC is interesting for sure. Right now we’re focused on child privacy and very much believe there’s a lot of work to be done there still.
thanks! the laws do change across country lines. while we’re focused on the U.S. right now, we’re actively researching applicable laws in other jurisdictions.
Hey HN! We’re Daniel and Arjun, founders of StandardCode (http://www.standardcode.io/). We make it easy for companies to comply with child data privacy laws such as COPPA and GDPR by providing APIs for collecting parental consent and ID verification of minors.
COPPA regulation makes it difficult for companies to cater to children under 13 without building in safeguards to collect and manage parental consent and to block third-party sharing of data without transparency. As a result most companies just prohibit users under 13 from signing up for their services, either as a policy or by having an age gate that prevents an under-13 child from signing up.
However, with a record number of under-13 users on the internet due to the pandemic, behavior is permanently shifting and many companies now want to cater to all audiences. By providing APIs to manage the collection of consent, we allow companies to safely acquire underage users while minimizing friction in the sign-up flow.
Our customer-facing REST API presents a few high-level resources that are needed for collecting parental consent and ID verification for children. Customers typically make 1 API call to create a profile for a child, and then 2–3 more calls to collect parental consent or verify age and ID if necessary. Afterwards, we push data to a webhook endpoint to notify the customer when consent has been collected or an ID has been verified.
Our business model is based on usage — we charge a small fee per user for whom we need to collect parental consent or verify age and ID.
We'd love to hear from you, especially if you have experience with products catering to children!
congrats on the launch! this is a really neat implementation and i'm a big fan of honey as well. really slick.
quick note. may want to clean up the testimonials. all 3 are 5 stars, have 3.4k cred, and were posted 2 hrs ago. coincidence or not, comes across as a bit fake.
I was JUST talking about how I wish it was easier to collect customer insights and share them out more broadly in internal newsletters. Kudos. Nailed a serious serious pain point.
Put another way "Hire for strength not lack of weakness." Put yet another way, the strengths can yield asymmetric upside, while the weaknesses, if truly known and not deal-breakers, could have limited downsides, especially if it's a weakness like "doesn't have x years of experience"