If this is to deliver your ID for the purposes of KYC laws, then that’s somewhat sensible, I suppose.
If, however, this is targeted at the providers who are actually collecting IDs as part of their AML compliance strategy, then there’s a much simpler solution here: just become the ID equivalent of a Certificate Authority. Dedup Telegram accounts by using a unique constraint on accounts’ validated ID documents’ extracted creds; and then allow sites to use Telegram for Single Sign-On. Boom—instant surety that each of your users is a real person, and not fifty bots laundering one person’s money; and no need for anyone besides Telegram to actually see your ID (i.e. a much lower chance of identity theft.)
Plus, if enough sites require SSO through an ID-document verifying identity provider, then even sites that ha d no legal reason to require it can free-ride off the benefit in user-deduplication it provides. Imagine, for example, a Reddit or a 4chan where users are still pseudonymous or anonymous, but where banning a user truly works, permanently, with no routing around it (unless you have the criminal connections required to buy yourself a new real-world identity.)
Even governments are willing to use SSO if it's SSO using entities both they and their customers trust with their money, e.g. major banks. (At least, that's how it is here in Canada with https://securekeyconcierge.com.)
Given that Telegram is already a payment processor (i.e. something people trust with their money), it could serve a similar role, no?
If, however, this is targeted at the providers who are actually collecting IDs as part of their AML compliance strategy, then there’s a much simpler solution here: just become the ID equivalent of a Certificate Authority. Dedup Telegram accounts by using a unique constraint on accounts’ validated ID documents’ extracted creds; and then allow sites to use Telegram for Single Sign-On. Boom—instant surety that each of your users is a real person, and not fifty bots laundering one person’s money; and no need for anyone besides Telegram to actually see your ID (i.e. a much lower chance of identity theft.)
Plus, if enough sites require SSO through an ID-document verifying identity provider, then even sites that ha d no legal reason to require it can free-ride off the benefit in user-deduplication it provides. Imagine, for example, a Reddit or a 4chan where users are still pseudonymous or anonymous, but where banning a user truly works, permanently, with no routing around it (unless you have the criminal connections required to buy yourself a new real-world identity.)