Feds Want Your ID Before You Spend a Digital Dollar — You Have 60 Days to Push Back

Imagine opening a new payment app — one that lets you send digital dollars instantly, anywhere, no bank required. You go to sign up. And before you can move a single cent, it asks for your name, your date of birth, your home address, and a photo of your government ID. You pause. Who exactly is keeping this?

That's not a hypothetical anymore. On June 18, 2026, five federal agencies — including the Federal Reserve and the Treasury Department's financial crimes unit — jointly proposed new rules that would require stablecoin issuers to verify who their customers are before those customers can use their products. PYMNTS.com reported the full scope of the proposal. This is a big deal — and not for the reasons most tech headlines will tell you.

The debate you'll see online will be "crypto vs. government" or "regulation vs. freedom." Ignore that. The real question is simpler and more personal: when digital money starts asking for your ID, where does that ID actually go?

First, Let's Talk About What a Stablecoin Actually Is

You may have heard the word "stablecoin" and assumed it was just another weird crypto thing. Here's the plain-English version: a stablecoin is a type of digital money designed to always be worth one dollar (or one euro, or one pound). It doesn't go up and down in value like Bitcoin. Think of it more like a digital gift card that's always worth exactly $1.00 — except you can send it to anyone, instantly, anywhere in the world, without going through a bank.

Companies like PayPal have already launched stablecoin products. Big banks are exploring them. These aren't fringe-internet curiosities anymore. They're trying to become how you pay for things — rent, groceries, freelance work, international transfers.

And that growth is exactly why regulators got involved. This article is part of a series — start with One Stolen Badge Shouldnt Unlock Your Whole Office Heres Wha.

What the New Rules Would Actually Require

Under the proposed rules — which stem from the GENIUS Act, a law signed in 2025 that brought stablecoin companies under federal financial oversight for the first time — stablecoin issuers would have to collect specific information from every customer before that customer can open an account. We're talking your full legal name, date of birth, physical home address, and a government ID number (think: driver's license, passport, Social Security number).

Sound familiar? It should. That's the exact same information your bank collects when you open a checking account. The whole point of the proposal is to bring digital-dollar companies into the same system banks use — including the part where they're legally required to know who you are.

According to CoinDesk, the requirements are directly modeled on bank-style identification standards — the same infrastructure that traditional financial institutions have used for decades to comply with anti-money laundering laws.

The proposed rule has a 60-day public comment period. That means ordinary people can submit their thoughts directly to the government. More on that in a moment — because this is one of the rare times when your opinion actually has a formal place to land.

Why This Is Good News and a Real Risk at the Same Time

Let's be honest about both sides here.

The case for identity checks on digital money is solid. Without knowing who holds an account, it's almost impossible to catch money laundering (criminals hiding illegal money by running it through legitimate-looking transactions) or to stop payments that fund criminal organizations. Banks have been doing this for years, and it works. Bringing stablecoin companies into that same system isn't outrageous — it's arguably overdue.

But here's the thing regulators are dancing around: identity checks only reduce fraud if the people holding your data don't lose it. Previously in this series: Your Digital Id Looks Safe The 3 Things That Actually Prove .

"The GENIUS Act regulatory framework does not do enough so far to address the risks of illicit finance conducted through secondary market transactions." — Federal Reserve Governor Michael Barr, as reported by KuCoin

Even one of the proposal's supporters — Federal Reserve Governor Michael Barr — acknowledged that the new rules have gaps. His concern is about transactions that happen after a stablecoin moves between users, where no identity check currently exists. That's a real problem. But it also tells you that even the people writing the rules aren't fully confident they cover all the risks.

Meanwhile, the Identity Theft Resource Center has consistently flagged that identity verification on payment apps creates genuine consumer risk — not because checking ID is wrong, but because every place that stores your ID documents becomes a target. Breaches expose exactly this kind of data. And unlike your credit card number, you can't get a new passport number when yours leaks.

The Question Nobody Is Really Asking

According to American Banker, the proposed rules do include some flexibility — companies can take a risk-based approach, meaning they don't necessarily need to treat every $5 transaction the same way they'd treat a $50,000 wire transfer. That's sensible design. But flexibility also means inconsistency. One stablecoin app might ask for a selfie and a passport scan. Another might just need your name and a ZIP code. The consumer has no way to know ahead of time what level of scrutiny — or what level of data storage — they're signing up for.

That's the gap that deserves more attention than it's getting. The rule tells companies they must verify identity. It doesn't tell consumers exactly what those companies are required to do with that identity data afterward — how long they can keep it, whether they can share it, or what their obligation is if it leaks.

Banks have answers to those questions. Decades of regulation, insurance backstops, and hard-learned breach lessons have built a framework — imperfect, yes, but real. Most stablecoin companies are years, sometimes just months, old. That asymmetry matters when you're deciding whether to hand over a photo of your driver's license.

If you've ever wondered whether a digital profile or payment account is really attached to the person it claims to be, that's exactly the problem these rules are designed to solve — and it's a real problem worth solving. The honest answer is that identity verification, done right, makes digital money safer for everyone. The harder question is who gets to define "done right," and what accountability exists when something goes wrong. One practical thing you can do right now: before you sign up for any payment app that asks for your government ID, search the company's name plus "data breach" and "privacy policy." Check when they last updated their security practices. A fintech that can't answer basic questions about how long they keep your documents probably shouldn't be holding them. Up next: Why Passkey Adoption Is Stalling Recovery Problem.

So What Would Actually Make You Trust This?

Here's where we want to hear from you — genuinely. The 60-day comment period on this proposed rule means regular people can submit feedback directly to the government agencies writing it. You don't need a lawyer. You don't need a lobbyist. You just need an opinion and an email address.

Our question for you: if digital-dollar payment apps are about to require your government ID, what would actually make you trust the process? Clear rules on how long they can keep your data? A requirement that they delete your documents after verification instead of storing them indefinitely? Independent security audits that consumers can actually read? No face scans at all — just document numbers?

Tell us in the comments. And if you're the kind of person who's skeptical of handing a two-year-old startup the same documents you'd normally only show to your bank — that instinct isn't paranoia. It's exactly the right question to be asking right now, while the rules are still being written.

Because the history of digital payments is basically a list of companies that promised to keep your data safe, right up until they didn't. The fact that regulators are finally stepping in is progress. Whether this particular rule will be enough — that's still very much an open question, and August 21st is when the public gets to say so officially.

The GENIUS Act made stablecoin companies financial institutions. It didn't automatically make them good custodians of your most sensitive documents. Those are two very different things — and right now, only one of them is required by law.