VOIP.ms sends ID documents over plaintext email (RE: Michael Bazzell Leaving Twilio for VoIP.ms)

Thought to share this here as well. Would be nice to get your perspectives on this.


Thanks for testing this. This was good to know information. It proves we shouldn’t trust or use recommendations, without scrutiny.
I read the MB’s article, was surprised that he recommended to go through with full KYC but I still took that as, Do as you wish kind of thing.

1 Like

I’m inclined to agree, but this is why we don’t have too much of an overlap in recommendations with Michael Bazzell I don’t think. I don’t have much against the guy personally, but our approaches to privacy/security seem to be pretty different.


Me neither, let me be clear on that. I learned tons of this man, especially in the beginning of own journey. Getting more into it I really learned I had to find my own ways of doing things as much of his advice is very US focussed and neither applicable nor appliable here.


Is twillio still viable?

( jmp chat don’t have my country’s numbers

But twillio does )

Any other alternatives you like to recommend / comes to your mind?

Twilio has been scrutinized a lot for it’s security issues like Why the Twilio Breach Cuts So Deep | WIRED. And given they make it hard for you to sign up as individual it might not be the best. But then again security and phone calls and sms isn’t a realistic offer.

To my knowledge MySudo also uses Twilio so in that sense if it still works for you it might also not be the worst.

One option could be Vonage formerly known as Nexmo. There is also a way to connect that to JMP soprani.ca (VonageSetup - Soprani.ca Wiki) and take advantage of the system via snikket and Cheogram. Personally I stopped using this, not because it didn’t work but also because of lack of the phone number type I needed. I still use JMP with Canadian numbers.

If you can share what country your in I might have other suggestions (feel free to dm me if you prefer). It gets specific per country and the options are pretty limited.

What he forgets to mention is that you are not only exposing your real name but also picture, and all other data available on the ID. This significantly increases the risk of a potential data leak and abuse in identity fraud amongst others.

Correct me if I am wrong @ph00lt0 but I am assuming MB mitigates this because he has a nomad ID. Other then his picture all his ID is going to be tied to is a PMB.

They require an ID with picture aka your face aka biometric data. Unless he has also replaced his face, which I find very extreme that is not a mitigation at any sort. Also, still with a nomad ID someone can do ID fraud on you, not sure how that mitigates anything other than that you have a second identity.

My assumption would be, MB is not using personal account, instead going for a business account, using a well established LLC to get an account approved.
Not sure if that require personal government ID, I don’t think it would.

very possible, however that’s not what his recommendation links to

Yeah, unfortunately that is the case.

I can’t DM you.

So twillio seems not an option, is telynx an option?

Never used telnyx myself.

I am confused. I just read his post and he says:

“However, I NEVER recommend sending a copy of your ID to any company, and encourage you to fight this if requested. I was never asked to provide any ID since they were able to verify me through my domain in my email.”

He doesnt say you should send ID. He just says you should use your real name to plant your flag.

Glad that I archived it. Seems he updated the post and recommendation.
Original: https://archive.is/1zhoU

The previous text did not say that you should but given this is what this company demands he is/was directing people into doing so.

1 Like

I think he was getting at providing your real name to avoid identity verification. He seems insistent on never sending a DL in. It sounds like you have an axe to grind.

Mwah I am glad he updated it. We all want good advice in the end. Nevertheless I do not understand this recommendation. Lot’s of chance this provider will suddenly force you to send documents over if you didn’t do at the start. I would always try to stay away of providers like this especially when other options exist.

1 Like

I am glad he is encouraging people to leave Twilio.

Why not just go with MySudo? Probably more expensive but so much more convenient and don’t have to deal with providing them with anything (ID, name etc) really…