“World IDs are issued on the Worldcoin protocol, which allows individuals to prove that they are human to any verifier (including web2 applications) while maintaining their privacy through zero-knowledge proofs.”
“The Orb uses multispectral sensors to verify humanness and uniqueness to issue an Orb-verified World ID, with all images being promptly deleted on-device per default” Whitepaper
I guess that the information is somehow encrypted. The whitepaper doesn’t really seem to explain how a website can verify that the “World ID” is owned by a real human. Does the blockchain prohibit an individual from creating multiple World IDs? The World App doesn’t seem to collect any official PII, except an E-Mail address and a phone number, which you can have multiple of.
If you can create multiple World IDs, which are anonymous (at least the whitepaper and the Google Play Store says so), then bots could also just use a World ID to “verify” that they are human. The whitepaper is really shallow and doesn’t explain some of the most important aspects of verification.
You get an “anonymous” ID, which is created by biometrics, which are “promptly” deleted after creation of the ID. By that logic it is impossible to stop individuals from creating multiple IDs, except everyone’s state-issued identity is recorded and saved on a central server, which is bad privacy-wise.