World (formerly Worldcoin) signed Tinder, Zoom, and Docusign as partners after regulators in Kenya, Brazil, Spain, Hong Kong, Indonesia, Philippines, and Thailand halted or banned its iris-scan operations.
Key Takeaways
Tools for Humanity’s Orb scans irises to issue a “proof of humanity” credential; the company claims 18 million verified users across 160 countries.
The corporate pivot targets deepfake and fraud reduction; new partners include Tinder, Zoom, Docusign, Okta, Vercel, Shopify, Coinbase, and AWS per the April 17 announcement.
Global bans followed evidence of paying users $50 in crypto for iris scans, collecting data beyond iris images (heartbeat, breathing), and operating without meaningful informed consent per a 2022 MIT Tech Review investigation.
U.S. expansion is enabled by fragmented state-level biometric laws and looser crypto regulation compared to GDPR, with 7,000 Orbs now deployed across six U.S. cities as of April 2025.
Brazil reaffirmed its ban with daily fines of 50,000 reais ($8,800); Germany required data deletion; Thailand, Philippines, and Indonesia ordered full operational halts through 2025.
Hacker News Comment Review
Technical skeptics argue the verification model is structurally broken: iris photos can be fabricated or cloned client-side, making the system invasive without being meaningfully fraud-resistant.
A recurring thread flags the conflict-of-interest framing: Altman’s AI tools worsened bot proliferation, and World ID is now positioned as the corporate solution, sold to the same platforms running AI-generated content.
Commenters with a regulatory lens note the absence of civil liability or criminal penalties for biometric data misuse as a precondition for any trust, pointing to Black Mirror-tier scenarios where leaked biometrics disqualify users from future services.
Notable Comments
@simonw: Traced the Tinder/Zoom/Docusign announcement to a World-hosted April 17 event; full logo slide also included Okta, Vercel, Shopify, Coinbase, and AWS.
@iknowstuff: “Iris photos can be fabricated client-side, including by AI” – argues the system needs offline IRL verification and must never phone home with service usage data.
