DVS (Document Verification Service) is the Australian Government's official service for verifying identity documents. It's the same authoritative data source used by banks, fintechs, and major identity providers.

When will VeroID launch?

VeroID is targeting Q2 2026, approximately 4-6 months away. Early access customers will get sandbox access as soon as it's ready.

How much does VeroID cost?

VeroID charges a $500 one-time activation fee (normally $750) and $1.50 per verification. No monthly fees, no contracts, no volume commitments.

Is this the same data as greenID or Equifax?

Yes! VeroID connects to the same government DVS system that powers greenID, Equifax IDMatrix, and other enterprise providers. The difference is pricing and developer experience.

No, credits never expire. Buy what you need, use them when you need them. No pressure to hit volume commitments.

What documents can VeroID verify?

VeroID can verify Australian driver's licences (all states), passports, Medicare cards, visas, ImmiCards, birth certificates, and citizenship certificates.

Privacy Policy

Last updated: 27 January 2026

1. About This Policy

This Privacy Policy explains how One Shot Ventures Pty Ltd (ABN 50 690 149 609), trading as VeroID (“we”, “us”, “our”), collects, uses, discloses, and protects personal information.

VeroID is an Australian company subject to the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). We are committed to protecting the privacy of all individuals whose information we handle.

2. Our Service and Privacy Roles

VeroID provides business-to-business (B2B) identity verification services that enable our business customers to verify Australian identity documents against official government records.

We do not provide consumer-facing identity verification services directly to individuals.

Privacy Roles: VeroID acts as a service provider to its business customers in relation to identity verification data. Our business customers are the primary holders of that personal information and are responsible for managing privacy rights, consent, and compliance in relation to their use of verification services. VeroID processes identity verification data only in accordance with our customers' instructions and applicable legal and regulatory requirements.

3. Information We Collect

3.1 Business Customer Information

When you sign up as a VeroID customer, we collect:

Business name and ABN
Contact details (name, email, phone)
Billing information (processed by Stripe)
Account credentials

3.2 Identity Verification Data

When our business customers submit identity verification requests through our application programming interface (API)—a secure technical connection that allows their systems to send verification requests to us—we process:

Identity document details (e.g., document type, document number)
Personal details for matching (e.g., name, date of birth)
Verification results (match/no match)

Important: This data is collected and processed on behalf of our business customers. The individual whose identity is being verified must have provided their express consent to our business customer before any verification request is submitted.

VeroID does not use identity verification data for profiling, marketing, or unrelated secondary purposes. Identity information is processed strictly for the purpose of providing verification services.

What we do not store: We do not retain the personal details used in a verification check—such as name, date of birth, or document number—in our systems. Those details are transmitted to the official record holder solely to perform the check and are not stored in our database. We keep only verification metadata (for example, document type, match result, and timestamps) as required for audit and compliance purposes.

3.3 Transaction Records

We maintain records of:

Verification transaction IDs
Timestamps
Document types verified
Verification outcomes (pass/fail)
Business customer identifiers

3.4 How We Collect Information

We collect personal information in the following ways:

directly from our business customers when they create accounts, communicate with us, or use our services;
via requests submitted through our application programming interface (API) when business customers initiate identity verification requests; and
automatically through system logs, audit records, and security monitoring tools when our services are accessed or used.

4. How We Use Information

We use personal information to:

Process identity verification requests against official government records
Provide verification results to our business customers
Manage customer accounts and billing
Provide customer support
Comply with legal obligations and regulatory requirements
Maintain security and prevent fraud
Improve our services

No Automated Decision-Making: VeroID does not make automated decisions about individuals. Our services return identity verification results only (such as match or no match). Our business customers are solely responsible for how verification results are used in their decision-making processes.

5. Data Minimisation

We follow strict data minimisation practices:

No document storage: We do not store identity documents or document images
No unnecessary retention: Identity verification data is not retained beyond what is strictly necessary to complete the verification and provide results
Minimal result storage: We store only transaction metadata (IDs, timestamps, outcomes) required for audit and compliance purposes
No secondary use: Verification data is used only for the purpose of providing the verification service

6. Consent Requirements

Before any identity verification request is processed, the individual whose identity is being verified must have provided their prior express consent for:

The collection and use of their personal information for identity verification
The disclosure of their information to VeroID and official record holders
The processing of their information to provide verification results

Our business customers are contractually required to obtain this consent before submitting any verification requests.

Express Consent Statement: A sample consent statement that meets legislative requirements is: “I confirm that I am authorised to provide the personal details presented and I consent to my information being checked with the document issuer or official record holder via third-party systems for the purpose of confirming my identity.”

7. Disclosure of Information

We may disclose personal information to:

Official Record Holders: Identity verification data is transmitted to official government record holders (e.g., passport office, road authorities, births/deaths/marriages registries) to process verification requests
Our business customers: Verification results are provided to the business customer who submitted the request
Service providers: We use Stripe for payment processing and AWS for cloud infrastructure
As required by law: We may disclose information if required by law, court order, or government authority

We do not sell personal information or share it for marketing purposes.

8. Overseas Disclosure

VeroID does not disclose personal information outside Australia. All systems and data used to provide the VeroID services are hosted and maintained within Australia.

9. Data Security

We implement robust security measures including:

Encryption in transit (TLS 1.2+) for all data transmission
Encryption at rest for stored data
Secure cloud infrastructure hosted in Australia (AWS Sydney region)
Access controls and authentication for all systems
Comprehensive audit logging
Regular security assessments
Incident response procedures

All systems and data are maintained within Australia.

10. Notifiable Data Breaches

In the event of a data breach that is likely to result in serious harm to individuals, VeroID will take reasonable steps to contain and assess the breach and will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as required under the Notifiable Data Breaches scheme.

11. Data Retention

We retain information as follows:

Transaction records: Minimum 7 years (as required by applicable conditions)
Business customer information: Duration of the business relationship plus 7 years
Identity verification data: Not retained beyond what is necessary to complete the verification

12. Your Rights

Under the Privacy Act 1988 and Australian Privacy Principles, you have the right to:

Access personal information we hold about you
Request correction of inaccurate information
Make a complaint about our handling of your information

Note for individuals: If your identity was verified through VeroID by a business you interact with, please contact that business directly regarding your personal information. They are the primary holder of your information and responsible for managing your privacy rights in relation to their use of verification services.

13. Website Analytics and Cookies

Our website may use cookies and similar technologies to collect basic usage information such as IP address, browser type, and pages visited. This information is used to operate, maintain, and improve our website. You can disable cookies through your browser settings, however some website features may not function correctly.

14. Third-Party Service Providers

VeroID uses the following categories of third-party service providers to deliver identity verification services:

Cloud Infrastructure Provider (Amazon Web Services): Hosts our systems and processes verification requests. AWS infrastructure is located in the Sydney region within Australia.
Official Record Holders: Australian government agencies that maintain official identity records, including passport office, road authorities, births/deaths/marriages registries, Medicare, and immigration authorities.
Payment Processor (Stripe): Processes payments for business customers. Stripe does not have access to identity verification data.

All third-party service providers involved in identity verification are bound by contractual obligations to protect personal information and use it only for the purpose of providing verification services.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified to business customers via email. The current version will always be available on our website.

16. Privacy Contact

Our Privacy Contact is responsible for overseeing compliance with this Privacy Policy and the Privacy Act 1988 (Cth).

For privacy-related questions, access requests, or complaints, contact us at:

Email: privacy@veroid.com.au

One Shot Ventures Pty Ltd trading as VeroID
ABN: 50 690 149 609

17. Privacy Complaints

Privacy complaints may be made by contacting us using the details above. We will acknowledge receipt of a complaint within 5 business days and aim to resolve the complaint within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

Website: www.oaic.gov.au
Phone: 1300 363 992