I’ve been working on Verified ID since we first conceived of the idea almost a year ago. We launched this product last month, but I wanted to dig into more of the technical reasoning behind the decisions we made. I read this blog post on hacker news last night, and I’ve also seen other comments online, and I wanted to address some of them.
First, the rest of the team and I want to apologize for any difficulties people have faced so far in using Verified ID. It’s a work-in-progress that we’re continuing to develop. We built Verified ID to try to create more trust in the Airbnb community, but not at the expense of a good user experience. There have been some bugs, and mistakes we’ve made, and we’re working hard to fix them.
We’re faced with some unique challenges at Airbnb. In addition to dealing with the usual risk problems like fraudsters and spammers, we want to help create a community where users feel confident sharing a living space with somebody they’ve never met. It is a deeply personal experience where you are often sleeping in someone else’s bed. Trust means more for Airbnb than the typical web company, and this is the main driver for Verified ID.
Because of its importance to us, we wanted to approach trust and verification in a new way. One reason we ask for both an offline and online verification is that it makes circumvention much more difficult. Offline verification is something that identifies you in the real world: a government issued ID, last four of your SSN/national ID number or some personal information akin to a credit check. Online verification is something that identifies you online, such as a Facebook or LinkedIn account. It is highly unlikely that someone will both hack a person’s Facebook account and steal their ID, because they are two very different vectors of attack.
When we started working on this product a year ago, we knew it would be a huge challenge. We’ve come a long way, but we still have a long way to go. We believe that reducing anonymity will ultimately create better Airbnb experiences. But we also acknowledge that the product is not finished — it needs improvement. I’m going to focus on online verification, since that’s where most of the recent concern has been. There are several problems here that we would like to acknowledge:
Some people who had been positively reviewed did not have their positive reviews count as online verification. This was a bug and is now fixed.
Some long-time users with many reviews were asked for verification, but we should give these long time users additional time to complete the process. These users are being allowed to bypass the Verified ID requirement for the time being.
Besides reviews, Facebook and LinkedIn are the only online verification methods available to many users. Currently, there are very few good online verification methods we can use. Without giving too much away, we use a scoring system with Facebook accounts to determine their legitimacy by looking at things like your account activity to see if it looks like a fake account. Similarly with LinkedIn. Verifying email alone, for example, doesn’t give us that kind of verification. We are continuing to develop more online verification options, and as they improve we’ll be ramping up the rest of our community. For example, we’ve already integrated with Xing in certain European countries.
Video profiles are currently a temporary, stopgap solution because of our lack of coverage for online verification options. It gives our agents the ability to compare the person in the video with the photo on their government issued ID, for example. For those who don’t want a public video on their profile, we’re going to deploy a feature to make these video profiles private to only our agents, for verification purposes only.
We have corner cases that don’t fit into our framework. Every single user should have a great experience on Airbnb, and this means we have to pay attention to all the corner cases, in every country. We’re working hard to find alternative solutions, and figure out ways to verify exceptional cases when we have to.
So, to everyone affected by this, I’d like to apologize for the bugs outlined above. Things could have been explained better, and we’ll do a better job explaining why we ask for certain information going forward. There’s nothing nefarious going on here, we’re just a team of engineers trying to make the site better. These are the kinds of details that are hard to put in a public press release, but for those of you that do care about them, I hope this explanation helps.