Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
25% Recurring Discount on NVMe VPS
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

GINERNET will now enforce KYC to all customers, offering a 5€ incentive.

zGatozGato Member

GINERNET has totally removed the option to manage your server through the old panel, and you're now forced to use their new one.

But the catch here is that you can't use their new panel without going through KYC. You have until the 13th of July, or you'll lose access to manage your server.

This applies to all customers, regardless if you're a new or old customer.

If you don't go through KYC you will lose access to the manager, and you'll not be able to manage your VPS. This includes losing access to reinstalling, VNC, firewall settings, etc. Maybe even to support but I haven't confirmed.

If you decide to go through KYC, you'll get a nice €5 added to your account balance, in exchange for your precious biometric data!
This bonus balance is added to the new panel, which you can't use to renew your legacy VPS.

Quoting a few responses I got from support, complaining about the incoherence of this.

Identity verification: This has nothing to do with your specific account
or any issue; it’s a new feature of the updated dashboard that
we’re requesting for all accounts for security purposes. It’s a one-time process,
conducted by Didit (a European provider that complies with the GDPR; we do not store
images or biometric data). In addition to strengthening your account, it enables
password recovery using your face (in case you ever lose your
password), and we’ll credit you with a bonus balance once you complete it (you’ll find it
in the Dashboard, in the bonuses section). If the deadline passes,
no services are affected: your VPS servers continue to operate normally;
only access to the control panel is restricted until you complete the
verification.

They seem to have lightened a bit their verification requirements, and you'll only be required to show your face to "prove you're not a bot".

Regarding the verification process itself: we truly appreciate your feedback, and
we want to let you know that we’ve updated the procedure. We no longer ask for
your ID card or any other form of identification: we wanted to make it more
streamlined, striking a balance between privacy and functionality.
The standard verification process consists solely of a selfie that takes just a
few seconds (to verify that you’re a real person, not a bot), without any documentation whatsoever.
What is certain—and we won't tell you otherwise—is that your ability to manage your account through the new Manager will be limited if you don't complete the verification by the deadline. This is an anti-fraud measure that we apply to all accounts equally, with no exceptions.

You can't verify physically in their offices either:

Regarding in-person verification at our offices: this is not possible; we’re sorry. The only verification method is the one available on the dashboard itself (the selfie taken in a few seconds via Didit), and the credit will only be applied once you complete the process that way. There is no alternative in-person or manual process.

GINERNET can choose to store data from 30 days for up to 10 years. They have not disclosed anywhere for how long.

As for your question about what “reasonably necessary” means: for verifications on our platform, Didit retains data for a maximum of 10 years—the period allowed under European fraud prevention regulations—and automatically deletes it afterward. You can find all the details here: https://manager.ginernet.com/docs/general/verificacion-de-identidad

(these are all translations from Spanish to English, so they might not be as accurate)

By default, your submitted data will be used to train their AI model:
https://didit.me/terms/privacy-policy/#11-anonymized-model-training-and-fraud-detection-your-opt-out

Avoid at all costs.

@jmginer shame on you.

«1

Comments

  • plumbergplumberg Veteran, Megathread Squad

    Yes

    Give up your personal information.

    Ill give you €5

    Win win 🏆

  • DecicusDecicus Member

    If you decide to go through KYC, you'll get a nice €5 added to your account balance

    say less

  • brueggusbrueggus Member, IPv6 Advocate
    edited 11:00AM

    @zGato said: But the catch here is that you can't use their new panel without going through KYC.

    Yea, that won't happen for me.

  • WilliamWilliam Member

    @zGato said: GINERNET can choose to store data from 30 days for up to 10 years. They have not disclosed anywhere for how long.

    GINERNET has no data, they use Didit which also does banks and other verifications. ALl GInernet gets with the selfie only setting it either Pass or Fail; even with the ID settings GInernet provides THEM your data to match the ID and again only gets Pass/Fail.

    I dont like this process but dont have any running services with them. I will ask them to delete my account (they have to, and then store the invoices years somewhere else, not my problem).

    Thanked by 1zGato
  • zGatozGato Member

    @brueggus said:

    @zGato said: But the catch here is that you can't use their new panel without going through KYC.

    Yea, that won't happen for me.

    What's your plan?

  • forestforest Member

    @William said: GINERNET has no data, they use Didit which also does banks and other verifications. ALl GInernet gets with the selfie only setting it either Pass or Fail; even with the ID settings GInernet provides THEM your data to match the ID and again only gets Pass/Fail.

    Are you sure? Because people said the same about Stripe, but Stripe happily gives the provider photos of your government ID. Either way, it doesn't matter. We shouldn't be giving anyone that information.

  • WilliamWilliam Member
    edited 11:10AM

    @forest said: Are you sure? Because people said the same about Stripe, but Stripe happily gives the provider photos of your government ID. Either way, it doesn't matter. We shouldn't be giving anyone that information.

    Stripe is not governed by EU laws. The fines are massive and they will close your company, regardless of size.

    If the other side is authorised to handle the IDs OR LEGALLY NEEDS a copy (banks, even neobanks) im sure you can get it from this ID providers but nearly everyone rater implements their own system after all the certification and shit to handle the personal data.

  • forestforest Member
    edited 11:10AM

    @zGato said: In addition to strengthening your account, it enables
    password recovery using your face (in case you ever lose your
    password),

    So they think it's more secure for your password to be written all over your face, literally?

    If any provider gives someone access to my account because they saw my face (which, unlike passwords, is literally visible to anyone the moment I walk outside), there will be hell to pay.

    Thanked by 2zGato tentor
  • bbn12bbn12 Member

    run away as fast as you can.

    Thanked by 1zGato
  • zGatozGato Member

    @forest said:

    @zGato said: In addition to strengthening your account, it enables
    password recovery using your face (in case you ever lose your
    password),

    So they think it's more secure for your password to be written all over your face, literally?

    2FA, 2FA recovery codes, passkeys, recovery email, etc. are just not enough!

  • WilliamWilliam Member

    @forest said: So they think it's more secure for your password to be written all over your face, literally?

    Many services offer this now, unless its an app on a phone with real LIDAR and a depth grid (like iPhones faceid) you can easily trick them, even the video ones.

  • forestforest Member

    @plumberg said:
    Yes

    Give up your personal information.

    Ill give you €5

    Win win 🏆

    Thanked by 3zGato tentor plumberg
  • jsgjsg Member, Resident Benchmarker

    FUCK YOU ginernet!

    Blacklisted.

  • @zGato said: for verifications on our platform, Didit retains data for a maximum of 10 years

    @plumberg said: Give up your personal information.

    Ill give you €5

    They could have offered at least $7, it's LET after all!

  • ArirangArirang Member

    I regretted cancelling my Ginernet idler last year, but now it turns out that was actually a good decision.

  • forestforest Member
    edited 11:19AM

    @zGato said: The standard verification process consists solely of a selfie that takes just a
    few seconds (to verify that you’re a real person, not a bot)

    That's such an obvious bullshit lie. If that was really the case, how about I just click a few photos of buses instead?

  • @forest said: how about I just click a few photos of buses instead

    I get lot's of bridges and bikes lately :lol:

  • MaDoMoMaDoMo Member

    @zGato said: 2FA, 2FA recovery codes, passkeys, recovery email, etc. are just not enough!

    Time to go out from that crazy hoster!!! ⛔ No KYC! ⛔

    Thanked by 1zGato
  • edited 11:27AM

    I always like it when people act as if handing out very personal data that could likely be used for very nefarious purposes if ending up in the wrong hands was somehow trivial just because there's some company involved that claims to follow whatever standard. In the end said company will be some startup designed to cash in on an emerging market that outsources everything it humanly possible can (or simply gets sold somewhere down the line...) and just falls back on it's limited liability if things are going south. Not that any kind of liability will get you your data back anyways.

    I mean there's exactly zero chance i'd ever put up with something like that even if the companies responsible are certified saints. It's just a massively bad idea to hand out such data for no real reason (no, some host demanding they get it doesn't qualify as good reason and neither does "reCoVEr YOuR pASsWorD"...).

    I pretty much doubt there'll be any kind of reaction though. The whole process is pretty much indefensible. I'm kinda curious how running services will work for people refusing to take the offer but in the end they'll probably just accept that there'll be a bunch of cancelations. It's actually kinda clever. In the end whole thing is not only KYC but pretty much also (outside of pure desperation) a naivety test. People voluntarily subjecting themself to that kind of process are highly likely going to just take whatever other stuff gets thrown at them too - read: are highly valuable customers.

    Thanked by 2zGato jsg
  • brueggusbrueggus Member, IPv6 Advocate

    @zGato said:

    @brueggus said:

    @zGato said: But the catch here is that you can't use their new panel without going through KYC.

    Yea, that won't happen for me.

    What's your plan?

    I've recently decided to downsize my pile of idlers resolvers and ditch any services/providers that waste my time. This is a strong candidate, although I've had a high opinion of them until now.

    Thanked by 1zGato
  • WilliamWilliam Member

    @totally_not_banned said: It's actually kinda clever. In the end whole thing is not only KYC but pretty much also (outside of pure desperation) a naivety test.

    This is not a Fallout vault expirement, what do they gain from psychological data, give it to the university of Barcelona or what?

  • edited 11:44AM

    @William said:

    @totally_not_banned said: It's actually kinda clever. In the end whole thing is not only KYC but pretty much also (outside of pure desperation) a naivety test.

    This is not a Fallout vault expirement, what do they gain from psychological data, give it to the university of Barcelona or what?

    The second part that you decided to cut (mostly only gullible customers remaining)? ;)

    Edit: It's kind of like with the 419 scam letters. A normal person looks at those and just goes "Well, wow, that's stupid. Who do they think is going to fall for this shit?" and act like it's somehow inability on the scammers side when it's really a very clever feature: They don't want replies from people able to think straight anyways and presenting crazy story lines reliably weeds them out pretty reliably.

  • WilliamWilliam Member

    Its a nice idea but i think too elaborate for them. especially after rolling back to not request IDs.

    15 years ago we emailed IDs around everywhere for KYC, this is at least somewhat better.

    In the US they would likely instead ask to add a Credit (not Debit) card to your ac count to verify age (eh mostly) and some sort identity.

  • rm_rm_ IPv6 Advocate, Veteran

    @Arirang said: I regretted cancelling my Ginernet idler last year, but now it turns out that was actually a good decision.

    You should only regret that you canceled it earlier, so you can't cancel it right now to protest this move. :)

    Requiring selfie is right in the digital gulag territory, not something I would do for any hosting. Banks, crypto exchanges, payment services may get away with this, but not a mere VPS provider.

  • @William said:
    Its a nice idea but i think too elaborate for them. especially after rolling back to not request IDs.

    Yeah, it's not like i'm being like %105 serious here. At the very least i wouldn't claim there to be some actual intend in that direction. It's just a nice side effect. If they even realize it exists is another question.

    15 years ago we emailed IDs around everywhere for KYC, this is at least somewhat better.

    Personally i'd rather mail an ID. It'll just be redacted to hell and look like a piece of modern watermark art. It's nothing i'd do for some random host anyways so a bit of extra work isn't really going to hurt me.

    In the US they would likely instead ask to add a Credit (not Debit) card to your ac count to verify age (eh mostly) and some sort identity.

    Yeah, in the end i'd rather use that. A CC isn't eternal and can just be revoked any given second. A face pretty much is (crazy expensive surgery aside).

  • x0x0xx0x0x Member

    Hard pass. My face is none of their business. They're a hosting provider, not aestheticians.

  • LeviLevi Member

    Buying personal info for 5$, not even 7. Banks offer 20-50$ per new acc.

  • zedzed Member

    if ginernet is giving you store credit to get you to link your biometrics via duddits or whatever, what is ginernet getting for it?

    gosh, makes a guy wonder.

  • VoidVoid Member

    They can fuck off. My nude selfies are not worth $5 but it’s about the principle.

  • rpqurpqu Member

    Not this shit again @forest @jsg

    https://docs.didit.me/sessions-api/retrieve-session#response-id-verifications-one-of-0-items-portrait-image

    id_verifications.portrait_image
    string<uri>
    
    URL of the portrait image
    ​
    id_verifications.front_image
    string<uri>
    
    URL of the front document image
    ​
    id_verifications.front_video
    string<uri>
    
    URL of the front document video
    ​
    id_verifications.back_image
    string<uri>
    
    URL of the back document image
    ​
    id_verifications.back_video
    string<uri>
    
    URL of the back document video
    ​
    id_verifications.full_front_image
    string<uri>
    
    URL of the full front document image
    ​
    id_verifications.full_back_image
    string<uri>
    
    URL of the full back document image
    ​
    id_verifications.front_image_camera_front
    string<uri>
    
    URL of the front document image captured from the front-facing camera
    ​
    id_verifications.back_image_camera_front
    string<uri>
    
    URL of the back document image captured from the front-facing camera
    
    Thanked by 1JohnFilch123
Sign In or Register to comment.