co-written with UnitBuilds, who built most of this out loud in the comments of my last piece.
I recently wrote about the $30. someone in cambodia or kenya, paid under $30 to complete a biometric verification step on behalf of a stranger, so a developer somewhere could access an ai model that's geo-blocked where they live.
I framed it as exploitation. it is. but I stopped at the harvesting.
UnitBuilds didn't stop there. over a series of comments, he walked through what happens after the $30 — and it's worse than anything I'd written.
the part the verification step doesn't tell you
when you complete a biometric check — face the camera, look left, look right — you're not just proving you're human. legally, you're authorizing.
not authorizing this one transaction. authorizing the account. anything done with it, by anyone, from that point forward, is yours. that's not a loophole. that's the definition of authentication.
as UnitBuilds put it:
"they can contest in court, but they won't win, by law they can't win, because the very definition of the authentication is that you, as yourself, fully authorize yourself and anyone else by proxy, to use your account to do with, for whatever purposes, assuming full responsibility for it."
the person who took the $30 didn't sign up to be liable for whatever happens next. but the law doesn't have a category for "deceived into authorizing." it has a category for "authorized." and once you're in that category, you're not fighting the bill. you're fighting jailtime.
what "fighting jailtime" actually looks like
UnitBuilds laid out the scenarios plainly:
a bad actor uses the harvested identity to rack up charges, commit fraud, or worse. the account holder — the person who took the $30 — has no idea any of this happened. months later, maybe years later, they get a job offer overseas. they travel. at the border, there's a warrant. for a crime committed using their face, on the other side of the planet, by someone they've never met.
or the company affected sues. the debt is structured for someone earning a developer's salary in a wealthy country. the person actually liable is earning $100 a month.
"imagine that, an entire month's pay gone, on a single ai subscription they never even knew existed, from a bank account they never made. and they don't have the finances to actually fight it in court."
that's UnitBuilds describing namibia specifically — people working full contracts, 8 to 5, for $100 a month. not informal work. not gig work. contracted employment. wiped out by a bill that was never theirs, with no path to contest it, because contesting it costs more than the bill itself.
the version where you don't even get the $30
the scenario above assumes someone got paid. UnitBuilds described a worse one: phishing.
a fake overseas job offer. "all you have to do is submit your id and do the facial verification, and send the code that's sms'd to you." it looks exactly like a routine hiring process. and then:
"that's the last you ever hear of them."
no payment. no awareness that you were ever part of a supply chain. just a verification step that felt normal, and a liability that surfaces however long it takes for someone to misuse it.
this isn't new, it's just wearing new clothes
UnitBuilds has watched this pattern before ai existed. bank impersonation calls — spoofed numbers, confident voices, "confirm your account details" — targeting pensioners who grew up trusting that a call from the bank was actually the bank.
"life-savings gone from pensioners, who have no means of earning it back or fighting the bank for it. some had to choose between food on the table and paying their wifi, losing access to communication with everyone they know, for the sake of not going hungry, because someone scammed them out of 50 years worth of hard work."
whatsapp cloning works the same way — impersonate a relative, get the verification code, clone the account, spread it to the entire contact list, harvest more identities, repeat.
the throughline, in his words:
"it's a system built on accountability, not morality, and the legal system is there to defend the dollar not the person."
in namibia, you go to prison longer for poaching a cow than for murder.
the part that has nothing to do with biometrics
then UnitBuilds introduced something I hadn't considered at all: hardware identity theft.
two forms. the first is shadow proxy networks — malware that quietly routes traffic through your residential gateway, so someone else's activity travels under your ip, your network, your name.
the second is newer and stranger. you buy a windows 11 laptop. secure boot signs the hardware to your microsoft account the moment you log in. from that point, you're the authorized owner of that device — and liable for whatever it does — until you go through the process of manually removing it from your account's device list. format it, sell it, give it away: none of that breaks the link. the new owner is using hardware that's still, in microsoft's records, yours.
"a small little detail they don't tell you when they say it's 'for your data security.'"
the mechanism is identical to the biometric one. ownership and liability bound to an identity that doesn't update when the physical reality changes. the gap between who actually controls something and who's legally responsible for it is where all of this lives — bodies, devices, accounts, doesn't matter. the structure repeats.
the sentence underneath all of it
a developer going by self-correcting systems read the original piece and named the pattern precisely:
"a control that can't see its own downstream doesn't stop the harm, it relocates it."
that's what every layer of this is. kyc doesn't stop fraud — it relocates the verification burden onto someone with no stake in the outcome. secure boot doesn't stop hardware theft — it relocates ownership liability onto whoever's account it happened to be signed into. every fix moves the cost. none of them eliminate it. they just choose, by design or by accident, who absorbs it.
the people who absorb it are consistently the people least equipped to refuse, least equipped to understand what they're agreeing to, and least equipped to fight it once it lands.
UnitBuilds runs Halo Cybersecurity adjacent work and built NMCP, a rust-based mcp implementation. everything quoted here, he gave permission to use directly — his words, not mine, paraphrased into something smaller than what he actually said.
most of what's true in this piece, he wrote first, out loud, in a comment thread.
AI helped me research, structure, and edit this piece. The arguments, the examples, and the opinions are mine and UnitBuilds'. So is whatever's wrong with them.
Top comments (5)
the line that a control which can't see its downstream relocates the harm is the whole thing, and i'd put a finer point on the mechanism: this is authentication being silently promoted to authorization. the biometric check only ever proves one thing, that a specific person was present for one moment. the system then treats that as standing permission for everything the account does forever. a bounded proof underwriting an unbounded liability window. that gap is where the harm lives, and it always rolls downhill to whoever is cheapest to enroll.
and it isn't a biometrics problem, so a stronger or wider check doesn't fix it. the fix is scoping the authority the proof grants. bind the verification to a specific bounded action or window, not to the account and every future action attached to it. "this face passed once" should never compile to "this holder authorized all of it, indefinitely." most of these systems collapse identity, presence, and authority into one event because it's convenient at signup, and the person who pays for that collapse is never the one who designed it.
from where i sit, $30 for a quick verification is a completely real offer to a lot of people, and none of them are reading the liability surface they just underwrote. the asymmetry isn't an edge case the design missed, it's load-bearing.
Vinicius, "a bounded proof underwriting an unbounded liability window" is the sentence that should be in the piece. That's the mechanism stated precisely not a flaw in the verification, a flaw in what the verification is allowed to authorize. the check proves presence at one moment. the system compiles that into standing permission for everything, indefinitely. the gap between those two things is where every harm in this thread lives.
The fix you're describing — bind the proof to a specific action or window, never to the account and all future actions is the right architecture. the problem is that collapsing identity, presence and authority into one signup event is convenient for the platform and catastrophic for the person. convenience always wins at design time because the person paying the catastrophic cost isn't in the room when the decision gets made.
that line goes in the follow-up piece verbatim...
agreed. and the reason it keeps happening is the grant isn't even a thing you can point at in most of these systems. presence and authority ride the same token, so "scope it" becomes a discipline you have to remember every release, and discipline loses to convenience every time.
the version that holds is making the grant its own object: it carries the action it's good for and the window it dies in as first-class fields, issued at the moment of use, not at signup. then "this face passed once" can't be represented as "this holder authorized all of it", because no token says that. you're not scoping the authority by being careful, you're making the unscoped version unrepresentable.
if you want the follow-up's spine in one line: the goal isn't to scope authority carefully, it's to make unscoped authority impossible to express.
Horrible, and frightening - we might call it "digital slavery" ...
And this:
"kyc doesn't stop fraud"
But of course not, that's been obvious from day 1 - KYC is only for "legally cover your ass" purposes, it does nothing to deter criminals - just tons of bureaucracy to harrass the little man, while the millionaires, the billionaires and the professional crooks know how trivially easy it is to evade it ...
The tricks get more nasty and sophisticated, the goals (extorting $$$ from the innocent) stay the same!
leob, "legally cover your ass while doing nothing to deter criminals" is the honest version of what KYC is. the burden lands on the person cheapest to burden. that's not a side effect . it's the design.