News
Pornhub will use biometric data to verify uploaders as part of ongoing safety updates
Pornhub is set to make users uploading content verify their identities with biometric data, as part of new measures intended…
Adult Industry Tech, Compliance & Infrastructure
Yoti
Yoti makes digital identity verification technology, including age verification tools that adult platforms use to comply with regulations. The company's tech lets people prove their age without handing over government…
About Yoti
Yoti makes digital identity verification technology, including age verification tools that adult platforms use to comply with regulations. The company’s tech lets people prove their age without handing over government IDs to websites – you verify once with Yoti, then share that confirmation wherever needed. As states keep blocking adult sites over age verification requirements, platforms increasingly turn to services like Yoti to stay compliant without creating privacy nightmares.
The company also does identity verification for things completely unrelated to adult content – think age checks for buying restricted items online, proving you’re you when signing up for services, that sort of thing. But in the sextech world, it’s become go-to infrastructure as regulations tighten. When Pornhub rolled out stricter uploader verification, companies like Yoti became part of the solution for platforms trying to balance compliance, safety, and user privacy.
1 articles
2021–2021
Peak: 2021 (1)
Privacy deep-dive
In summary
Yoti is a privacy-focused identity and age verification provider with strong data minimization, explicit biometric consent, and exceptional transparency across per-product privacy notices. Most adult-content-specific privacy criteria are not applicable to its business model, but the documents reviewed lack a general Terms of Service covering disputes, liability, and termination.
- No data sales (GDPR, CCPA, BIPA confirmed)
- Immediate deletion of age estimation images
- Explicit biometric consent per GDPR
- Per-product privacy notices with update dates
- Concrete retention periods stated
Privacy Concerns
- Medium Cross-border transfer to sister company Yoti India for manual ID checks
- Medium Client-controlled retention extends biometric storage up to 3 years with no Yoti access
- Medium Fraud reports shared with Cifas retained 6 years and may affect access to services/employment
- Low Processor-only scenarios force users to contact third parties to exercise rights
- Low No general Terms of Service provided covering disputes, liability, or termination
Privacy Positives
- High Impact Never sells data, confirmed across GDPR/CCPA/BIPA
- High Impact Strong data minimization with immediate/algorithmic deletion
- High Impact Explicit biometric consent as special category data
- High Impact Exceptional transparency: change log, summary boxes, per-product notices
- Medium Impact Full GDPR rights with clear contact routes
Security Overview
75%
Security
Security Headers
HTTPS
Secure connection
Pass
HSTS
HTTP Strict Transport Security
Pass
CSP
Content Security Policy
Pass
X-Frame-Options
Clickjacking protection
Pass
X-Content-Type
MIME type sniffing protection
Pass
Referrer-Policy
Controls referrer information
Fail
Permissions-Policy
Browser feature controls
Fail
Mozilla Observatory Grade: B
Scanned: June 4, 2026
From Their Privacy Policy
Direct excerpts from Yoti's published privacy policy
Yoti's core privacy principles are that it is not our business model to sell, transfer or share outside the company any of the personal information used to set up your account or your user activity information.
This data is deleted immediately after the age estimation is done, and we do not store it.
We ask you to consent to us using your biometrics. This is because biometric data is sensitive or special category data under the GDPR and the lawful bases available for this data are very limited.