not.bot app
Enroll once with your passport and you’re a verified human everywhere not.bot™ is accepted. Prove you’re a real person, clear an age check without giving up your birthdate, and sign your own content so no one can fake it. You decide what each site and person learns about you, and the default is nothing.
Enrollment is open in the US today. Passport-free, in-person enrollment and more regions are coming this year. Anywhere else, you can use the app now to verify signatures.
What you get
You enroll a single time. After that, here is what a verified human can do.
Prove you’re a real person to any site that wants to keep bots out, without handing over your name. The site learns one thing: a real human is here. Come back later and it can recognize you, while learning nothing about who you are.
Show a site you’re over 13, over 18, or over any age it asks for, straight from your passport. No one learns your birthday in the process, not the site and not Julia Social.
Sign a photo, a document, or a post so the person seeing it knows it came from a real, verified human, and no one can pass off a fake as yours. Signing happens right in the app once you’ve enrolled.
Create as many aliases as you need, one for work, one for a forum, one you keep quiet. No one, including Julia Social, can connect them to each other or back to you. Each alias carries its own colorful LifeHash so you can recognize it at a glance.
Enrolling
Enrolling reads the chip in your passport to confirm it’s genuine. Here is exactly what happens, and where everything goes.
Hold your phone over the data page of your passport. The app reads the text at the bottom of the page to unlock the chip. That photo never leaves your phone, and it’s read for text, not your biometrics.
Hold your phone against the chip. The app reads your name, date of birth, gender, and nationality. It does not read the facial image on the chip. No biometric leaves your passport.
Your passport data goes to Signicat, an established identity-validation provider, which confirms the chip’s government signatures and that the passport is current, then deletes it within minutes. You become a verified human, with your own keys held on your phone.
The whole thing takes a couple of minutes. You need a current, NFC-enabled passport. No account is created anywhere. Where your data goes next, and why no readable copy of it survives, is the whole of the next section.
Your due diligence
The single most important thing to understand: Julia Social, the company behind not.bot, designed itself so it cannot see who you are or whether you use your identity. That is a fact about the software, not a pledge to behave. Everything below comes from it.
Here is the whole path, because this is the question that matters most. Your passport data leaves your phone once, during enrollment. It goes first to Signicat, an established identity-validation provider certified under ISO 27001 and eIDAS, which confirms the chip’s government signatures, holds the data for a few minutes at most, then deletes it.
From there it passes to an independent US escrow company that has completed a SOC 2 examination. The escrow company stores the encrypted record and does not hold the key to open it. Julia Social holds the key, on computers that never connect to a network, but by contract has no access to your encrypted data, and never sees your passport data. When enrollment finishes, no one holds a readable copy of your passport data.
The app never reads the facial image on your passport, and we never receive a scan of your face. The only biometric is the Face ID or fingerprint already on your phone, checked on your device. Your face and fingerprint never leave your phone.
The two things you do most, signing and verifying, never contact Julia Social. When you prove a fact to a website, that exchange runs only between your phone and the site. Julia Social does not see which sites you visit, what you sign, or whether you’re using your identity at all.
The system never reveals who you are. You do, only when and to whom you choose. By default a site learns only the exact thing asked for, a real person, over 18, and nothing more. A new alias starts with every personal detail switched off.
No token, no fee, no wallet, no seed phrase to lose. not.bot records identities on a blockchain because it’s a durable place to anchor them, but Julia Social covers the cost. You’ll never get a crypto bill. What’s stored is an identity record, not your name and birthdate.
Set up more than one device and you keep going on the others. Lose all of them and you recover with your passport and recovery password. Recovery takes about five days on purpose: a window to cancel a hijack, reversible even if it completes. A breach of Julia Social can’t expose your passport data, which we never hold in readable form.
There is no list to pull and no profile to match. Identifying one person takes a specific signature, valid US legal process, an independent escrow review, and days of computation, roughly nine to fourteen days, one record at a time. Doing it in bulk would mean breaching three separate systems at once.
The protections above are enforced by how the system is built. There is no account to delete, either: stop using the app and delete it, and your identity, keys, aliases, and history come off your device. If you want the proof behind any of this, the full architecture is open to read.
Eligibility
Today
Enrollment needs a current, NFC-enabled passport and a US app store. Anyone, anywhere can install the app and use it in scan-only mode to verify other people’s signatures, you just can’t create your own identity until enrollment reaches you.
This year
Passport-free, in-person enrollment, where a trusted partner like a bank, hospital, or employer confirms your ID face to face, no chip required. International enrollment is in progress.
Your signatures travel
A signature you create isn’t locked inside not.bot. Anyone can download the app and verify it, free, anywhere in the world, with no account. They point their phone at it, or paste a screenshot, and the app confirms it’s genuine and shows who signed it and what they said.
So when you sign something, the person you send it to can trust it on the spot, with nothing to sign up for. The signature survives a screenshot, a forward, or a re-upload, and still checks out.
Get the app
Free to enroll, private by design, nothing to set up. One scan with your passport and you’re real everywhere not.bot is accepted.
Sign content for a living? See not.bot Sign My Work.
