persona-logo
Published April 09, 2026
Last updated April 14, 2026

Introducing Relay: Verify who you are while keeping your online activity private

With Relay, users can confirm eligibility without linking it to what they’re trying to access. Learn more about our privacy-preserving approach to verification.
Justin Sayarath
Justin Sayarath
7 min
Sample Relay flow

Ask anyone what they think when a website requests a driver's license, Social Security number, or email address, and you'll hear the same reaction:

"Why do they need that?"

It’s a fair question. Not a day goes by without news of another data breach or scam. Many people have either experienced fraud firsthand or know someone who has. While they're more aware of the need to protect their data, they don't feel equipped to actually do it. 

The result is a growing sense of uncertainty: people hand over their data in countless transactions, often with little visibility into where it goes or how it's used.

On the flip side, businesses navigate a very different reality. Organizations are under intense pressure to prevent fraud, combat abuse, and meet evolving regulatory requirements. To do that effectively, they need data. 

Given that the internet is an everyday part of life, accessing it should come with stronger, built-in privacy. We believe a more privacy-centric approach to exchanging data is overdue.

The problem: who users are and what they do online are often linked

Most online verification checks that organizations actually need are fairly narrow. Rather than establishing a complete picture of who someone is, organizations typically just need to answer questions like:

  • Is the user over 18? 

  • Is this a real person? 

  • Is this user eligible to use my service?

In the early days of the internet, collecting more data was often the most reliable way to answer these questions, fight fraud, and comply with regulations. (It still is for the most challenging use cases.) 

But the systems that arose to answer those questions were made for a different era. They were designed to collect and store more identity data than is actually needed today — while tying the data directly to user activity. Put another way: the system that verifies who you are can also see what site you’re on and what actions you’re trying to take.

As verification becomes a routine part of being online, the question of how it’s done matters even more. For many spaces, like online communities, marketplaces, games, and social platforms, the questions to answer are simpler. But when you apply a heavyweight process to a lightweight question, you end up with more data, risk, and user visibility than necessary. 

That’s why we’re introducing Relay, a new way to confirm who people are without gathering their application context. 

Relay: a privacy-preserving way to establish identity assurance

We designed Relay around a simple idea: identity should be separate from user activity and application context to meet the privacy needs of people online.

At most organizations, the identity verification process involves three steps: collecting identity data, submitting it to a verification provider, and receiving detailed verification results in return. While this process is necessary for certain use cases, it gives both the verification provider and the organization more data than is needed for other use cases. 

We built Relay to be different. Instead of collecting identity data and passing it between systems, Relay verifies specific claims (e.g., “I am over 18,”) and returns a result (e.g., the user is over 18).

These are not one-off decisions. In Relay, they’re represented as claim types that organizations configure up front when integrating. Each claim type defines what needs to be confirmed and the level of assurance required, with pre-defined verification methods informed by regulatory standards and/or best practices.

At the same time, we recognize that there are workflows where full identity verification remains essential. Financial onboarding, regulated services, and fraud investigations require deeper verification and richer datasets because the stakes are higher.

Relay is designed for the space in between: situations where an organization needs to confirm something specific, but collecting the user’s full identity would be disproportionate to the question being asked. 

Both types of verification will continue to exist. What’s changing is the expectation that every identity question, regardless of complexity, should default to the same heavyweight process.

How Relay works

With Relay, users can complete verification without linking it to what they’re trying to do online. Here’s how it works:

  1. Checkbox. The verification flow starts with a simple checkbox-style component called the Relay widget. It’s a lightweight interface that initiates a privacy-preserving flow.

  2. Verification. Persona dynamically generates an experience that collects only what’s needed to answer the organization’s question and verify the user’s claim. Persona handles collection and verification without seeing which website the user is on or what they're doing. What counts as “minimum” depends on context. Confirming that a person is over 18 in the UK, for example, involves jurisdiction-specific methods aligned with the Online Safety Act and Ofcom guidance, not a one-size-fits-all document check.

  3. Claim result. Once the verification is complete, Relay produces a single result that your organization can use to allow the user to proceed. Your organization receives the answer it needs but does not receive the underlying identity data. In fact, detailed verification data cannot be linked to the organization retrieving the result, even by Persona, and in certain use cases may be deleted. 

The result gives you what you need to enforce policy and age assurance requirements without participating in the verification itself or directly handling identity data.

How Relay enforces privacy with double-blind verification

Relay decouples identity verification from application context.

We enforce this by separating steps that are typically combined: verifying users in one context and returning results in another. As a result, no single system, Persona or the organization using Relay, has access to both a user's identity and what they’re doing.

For some claim types, Relay uses Privacy Pass (an open standard developed by the IETF) to further enforce this separation. In these cases, the organization first obtains a cryptographic token, which can later be redeemed after a user completes verification. Because these steps occur in separate contexts, the verification flow never sees the relying organization or the user’s web activity. The organization only receives the claim result, not the underlying identity data.

For some lightweight claim types like confirming human presence, Relay achieves this without issuing a token. Verification and result delivery still occur across separate contexts, ensuring that user identity and application context remain decoupled. These checks are designed to be simple to adopt and widely deployable while offering the same strong privacy guarantees as other claim types.

Fundamentally, privacy should never depend on providers saying “trust us.” Instead, the system itself should enforce it by design.

Building a new model for assurance

More and more online experiences now require organizations to confirm something specific about a user. To name just a couple of examples:

  • Whether a real person is present. As AI systems advance, one of the internet’s most basic questions is getting harder to answer: is there actually a human on the other side of this interaction? To answer that, your organization doesn’t need to know who that person is in most cases. You just need a credible signal that they’re real.

  • Whether the person meets certain age thresholds. New age verification regulations are popping up around the world, each with its own requirements. No matter the region, the end goal remains the same: confirm that the person who wants to access your content or services meets specific age thresholds using methods aligned with regulatory guidance.

As regulators continue to raise the bar on internet safety and data minimization, the use cases that require assurance will only expand. At the same time, you should be able to prove what’s needed without exposing what you’re doing. 

Relay is our response to that: a bet that the next era of verification will be built differently. An era that doesn’t necessarily involve more identity verification, but verification that’s better matched to the question being asked.

Relay is now available in beta. If you're building a business that needs to detect human presence, confirm age, or evaluate eligibility without collecting full identity data, we'd love to work with you. Explore our solution to learn more and request access. We’re excited to build something new with you.

The information provided is not intended to constitute legal advice; all information provided is for general informational purposes only and may not constitute the most up-to-date information. Any links to other third-party websites are only for the convenience of the reader.
Justin Sayarath
Justin Sayarath
Justin is a product manager at Persona focused on building fast, trustworthy, consumer-centric experiences. Outside of work, he’s usually spending time with his dog Joey, tending to his plants, or exploring new neighborhoods in search of the best pastry.
Continue reading