BlueCheck is a Delaware corporation with operations and staff based in Austin, TX. The company provides identity and age verification services through an internet based software application for online businesses.
Consumers are asked to provide information that enables the online business to verify the consumer’s identity and age. BlueCheck’s process utilizes proprietary and commercially available databases to verify consumer provided data,
and when required, the physical review of personal identification documents such as a driver’s license or passport.
The service is available nationwide with processes developed to meet the age requirements in the FDA guidelines, Tobacco Control Act, and other state specific legislation that regulates the online sale of tobacco, vapor, and other age restricted products.
Identity and age verification is required to meet the requirements in the FDA guidelines, Tobacco Control Act, and other state specific legislation that regulates the online sale of tobacco, vapor and other age restricted products.
The Tobacco Control Act gave the FDA authority to regulate cigarettes, cigarette tobacco, roll-your-own tobacco, and smokeless tobacco. The FDA’s Deeming Regulations, effective August 8, 2016, prohibit the sale of all tobacco products (including e-liquids and vaping accessories) to individuals under the age of 18 years. The regulations state that for every transaction containing “Tobacco Products” the vendor must verify the customer is over 18 years old and must check a photo ID for anyone under the age of 27.
There are additional state specific laws such as the California STAKE Act (Stop Tobacco Access to Kids), which prohibits the sale of all tobacco related products to anyone under the age of 21.
Yes, to comply with state and federal regulations, a verification is required for every purchase transaction. However, after the first verification with BlueCheck, consumers are recognized on all sites that use BlueCheck and they only need to provide their name and date of birth to complete subsequent verifications. This means consumers do not have to go through the initial verification process on another business’ site and vice versa.
Age verifications may be completed either through an automated or manual process.
Automated Verification: A consumer submits their name, address, date of birth, and the last four digits of their social security number. BlueCheck utilizes both proprietary and commercially available databases to verify consumer provided data to complete the verification.
Manual Verification: A consumer uploads a picture of a legally accepted photo ID and a separate picture of themselves holding the ID to confirm the consumer’s age and identity. Manual verifications are typically performed when:
• the consumer is under the age of 27, or
• they do not want to provide the last four digits of their social security number, or
• their identity and age could not be confirmed through an automated verification
Returning Verifications: Only the consumer’s name and date of birth is required. A confirmation code is sent to a cell phone or email provided for a second level authentication.
The most common reason a returning consumer has trouble verifying is that they enter a different version of their name, DOB, phone, or email. Please double check that the information entered is the same as entered on the initial
verification to ensure a match.
If the consumer recently changed their personal information (ie: name, phone, email), we may need them to complete a manual verification.
Including the last 4 four digits of the SSN enables a more accurate and secure form of identity verification. In addition to increasing the likelihood of an automated match, it greatly reduces the potential for identity fraud, which benefits both the consumer and merchant. The data is run through the verification process without being stored in any database, and the last four digits of a SSN are deleted immediately after the automated verification is completed.
After the first verification, returning consumers will enter their name and date of birth. A security code is sent to the cell phone or email provided for a second level authentication to limit the possibility of identity fraud.
There are three reasons why a consumer is asked to upload a picture of a legally accepted photo ID and a separate picture of themselves holding the ID to confirm the consumer’s age and identity. This type of verification may be
1) The information provided by the consumer cannot be confirmed through an automated verification. Providing a photo ID allows for an alternative method to complete the verification and order purchase.
2) The consumer does not want to provide the last four digits of their SSN to attempt an automated verification.
3) The consumer is under 27 (to comply with federal regulations regarding the online sales of tobacco and vapor products).
You can contact our consumer support group at firstname.lastname@example.org for assistance with the verificaiton process.
BlueCheck does not sell any consumer data or allow access to third parties for any other
purpose. Attempting to access data and/or using it for other purposes, such as mass marketing, spam mail, etc. is prohibited by the
After an automated verification, the last four digits of the SSN are immediately deleted and any remaining personal information is stored on an internal, secure server. Photos used for manual verifications are stored for up to 3 days online to enable customer support. Afterward, the photos are downloaded and stored on an offline drive to create a record of manual verifications for compliance audits.
BlueCheck uses Secure Socket Layer (SSL) technologies (including Digicert EV SSL Plus) to ensure data passed between web servers and browsers remain private. Restricted VPC encapsulation and an additional wildcard certificate
is also used to protect the data. All servers are encrypted using the 256-bit Advanced Encryption Standard (AES).
Photos are stored on an internal, IP-protected, encrypted server for 3 days. Afterward, the photos are moved to a separate, offline drive that can only be accessed through an internal, private network that is not connected to the internet.
1) Set up a BlueCheck Merchant Account.
2) Log into your client account.
3) Go to the “Installation” section for step-by-step instructions to install BlueCheck on your site/eCommerce platform.
4) Complete a test transaction to ensure the software is functioning properly on your site.
* For installation support, contact us at email@example.com.
The username for your Merchant Portal will be the email address you registered with.
Billing information can be edited and updated in the Merchant Portal. After logging in, go to the Billing section (on the left hand side of the page, under the Settings heading). Please note that you can only have one credit card on file at a time. If you want to change credit cards, you will have to delete your original card first.
Contact our Account Management team at firstname.lastname@example.org.