How do I prove I am human?
The short answer: not with anything you used. CAPTCHA is broken, SMS OTP is broken, "selfie + ID" is breaking. Here are the five methods that still work, ranked.
This is the question every platform, employer, bank, and regulator now asks at scale. The right answer depends on what someone is actually trying to verify — and there is more than one thing.
What "proving you're human" actually means
Three distinct claims hide inside the same English phrase:
- Liveness — there is a real person on the other side of this connection right now (not a deepfake video).
- Uniqueness — this human exists exactly once in this system (not Sybil-cloned).
- Continuity — this human is the same one who took every prior action under this account.
Most "human verification" tools answer one of these and pretend they answered all three. That used to work. it stops working.
The five methods, ranked
| Method | Liveness | Uniqueness | Continuity | Privacy cost |
|---|---|---|---|---|
| Passkey + device biometric | Strong | Weak (per device) | Strong (per device) | Low |
| Worldcoin Orb (PoP) | Strong | Strong | Weak | Medium |
| Government eID + liveness | Strong | Strong | Medium | High |
| Verifiable credentials (W3C VC) | Depends | Depends | Strong | Low (selective) |
| HATI Layer 1 + Layer 3 (Manav) | Strong | Strong | Strong | Low |
The methods that still answer all three claims today are very few. Each has tradeoffs.
Method 1 — Passkey + device biometric
What works in nearly every consumer flow. Your phone unlocks with Face ID; the passkey signs an attestation to the relying party. Excellent liveness, excellent continuity for a given device, weak uniqueness across devices (anyone with your phone is "you"). Use this for everyday login. Don't trust it alone for high-stakes verification.
Method 2 — Worldcoin Orb / proof-of-personhood
The strongest uniqueness guarantee available outside government databases. The Orb's iris-scan binds you to one entry on the protocol, and zero-knowledge proofs let you prove "I am unique" without revealing biometric data. Excellent if you can reach an Orb. Limited geographic availability and a one-time event by design — uniqueness is verified once, continuity afterward depends on possession of the proof.
Method 3 — Government eID + liveness
India's Aadhaar, Europe's eIDAS 2.0 wallet, US REAL ID + liveness checks. Strong on uniqueness because the government's database is authoritative. The privacy cost is real: the verifier sees identity attributes you may not want to share, and government infrastructure has its own threat model.
Method 4 — Verifiable credentials
W3C Verifiable Credentials let an issuer (university, employer, government) sign a credential that you can present to anyone. Done well, you can prove "I am over 18" or "I led this project" without revealing your name or birthday. The catch: VC is a standard, not a product. Uneven adoption, developer-hostile UX, no consumer brand most people trust.
Method 5 — HATI Layer 1 + Layer 3 (Manav)
Manav stitches the strongest properties of methods 1–4 into a single protocol: passkey-grade liveness, biometric uniqueness via federated Layer 1 anchors (passkeys, Worldcoin, government eID), and continuous attestation through your verified work history. Selective disclosure is native, so you reveal the minimum required claim. The added benefit: every action your delegated agents take is also stamped, which means continuity isn't just login-shaped — it covers the work itself.
Methods that no longer work
- CAPTCHA. Modern multimodal models solve "are you human" CAPTCHAs above 95%. Use them for friction, not security.
- SMS OTP. Vulnerable to SIM swap, eSIM hijack, and call-forwarding attacks. Banks are quietly retiring it.
- Email verification alone. AI-generated personas hold AI-controlled inboxes. Email confirms a mailbox, not a human.
- "Selfie next to ID." Generation-5 deepfakes pass these checks at acceptance rates above the human reviewer's. The arms race is lost without liveness backed by hardware.
What to pick
For everyday consumer login: passkey + device biometric.
For one-time uniqueness verification (airdrops, waitlists, free tiers): Worldcoin Orb where available, government eID where it isn't.
For employment verification, credentialing, or anything that needs continuity across a career: HATI Layer 1 + Layer 3. The verifier doesn't need to trust your employer or your country — they verify your attestations directly.
For anything that satisfies the EU AI Act's Article 14 two-natural-person rule: HATI is the only stack that ships all four anchors today.
Common objections
The two objections we hear most: (1) this is just OAuth re-skinned, and (2) we'll wait for the standard. On the first: OAuth scoped delegations between services; this layer scopes delegations from a verified human to an agent — different actor, different audit-trail shape. On the second: the standard is being shaped by the relying parties who integrate first. Waiting is a position.
Frequently asked questions
Is the answer the same for an enterprise and an individual? The shape is the same — a signed delegation, a verifier, an audit log — but the magnitude caps and approval flows differ. Enterprises layer multi-signature for high-stakes actions; individuals usually run with a single device-bound key. Both end up with the same regulator-grade chain.
What if the agent acts before I notice? That is what magnitude caps and time-to-live exist for. A correctly scoped delegation will refuse the action at the relying party before the human's attention is required. Revocation under 200 ms catches the residual cases.
How does this compose with what we already run? It sits next to existing IAM (Okta, Auth0, Entra), not over it. Login is still the IdP's job. Manav signs the human's delegation to the agent, which the relying party verifies in addition to the IdP session. Two layers, one audit trail, no rip-and-replace.
Where to start
Start with what is hati for the broader category map. Then read manav vs worldcoin for the implementation pattern. The two together compress a week of reading into thirty minutes; everything else on the site is depth on a specific layer.
The right method depends on what you're proving. The wrong question is "which one is best?" The right question is "which three claims do I need answered?"