alt Hacker News> I was signing up for Hetzner years ago and it asked me to upload my passport to use their service.
I don't really understand what bothers you so much about providing a photo of a "passport" (if you are an European citizen they require a ID card) but credit card info didn't registered as a concern worth noting. Can you explain what is the difference?
Replies
When many sites are collecting these photos, it increases possibility of them leaking. Since these are also used for KYC process in crypto sites etc, this in turn increases risk of identity theft.
I'm a Hetzner user in the US, but I pay for it with PayPal and was never asked to give my passport or identity. Americans are very rarely asked for these documents online, and even then it's typically only for government or financial services. It's also drilled into us that this info can be used for identity theft, so it's only natural to be wary of any non-government entity asking for them.
FWIW, if Hetzner had asked for my passport when I signed up, I would not have given it either.
If there isn't a difference shouldn't my credit card be enough?
Credit card is a largely fixed risk of financial loss, with some legal safeguards for recovery, and the ability to get a replacement card with a different number. Passport carries an open long-term risk of impersonation and you can't just get a new passport because some company has a copy. Just the financial side of that risk can have much greater impact. Unless a company has a legal requirement to "know your customer", e.g. a financial institution, this is a red flag.