What we see. What we don't. Side-by-side.
The product is identity that pays you. The privacy posture is what makes the product distinct from Sign in with Google. Here is the comparison your privacy reviewer can falsify, not a marketing matrix.
| property | sign in with google | sign in with apple | me.ochk.io |
|---|---|---|---|
sees which sites you sign into each integrating site verifies its own envelopes against its own scoped OC verifier instance. me.ochk.io's servers do not participate in the verification path. | yes — every one | limited — apple-mediated | no — sites verify locally |
cross-site behavior graph the only correlation across sites is your own /me/earn log, which only you and the relevant integrating site can read. | yes | partial | no |
third-party advertising tied to identity | yes | no | no |
PII required at signup | name, recovery, often phone | apple id (name, email) | email or phone — your choice |
KYC stored at provider | yes | yes | never — KYC is at third-party verifiers |
graduation to self-sovereign | — | — | first-class — sweep to your own wallet |
works without the provider being online | no | no | yes — envelopes verify offline against Bitcoin headers |
every byte that crosses an edge.
the entire data graph — laid out so you can audit it. nothing in this list is not in the diagram; nothing in this list happens that's not in the diagram.
| from | to | what |
|---|---|---|
| you | integrating site | an OC envelope with your scoped identity, the action you authorized, and your signature. |
| integrating site | me.ochk.io | the event's billing record (what was authorized, by whom, for what fee). this is what the site pays for; this is what flows back to you as cashback. |
| me.ochk.io | you | a credit to your federation-custodied wallet, with full provenance on /me/earn — site, action, fee, your share, envelope id, verify link. |
| me.ochk.io | public | an OpenTimestamps-anchored event root, published to Nostr relays. cryptographic, not personal — the user identity is a public Bitcoin address. |
what we ask cookies for
Two cookies. oc_session — the Ed25519-signed session JWT issued by ochk.io. HttpOnly, Secure, SameSite=Lax, Domain=.ochk.io. Used to verify you across me.ochk.io and the rest of the family. oc_theme — your dark/light preference, JS-readable, not auth-bearing. No tracking cookies, no advertising IDs, no third-party pixels.
Page analytics use Plausible, which is cookie-free and stores no PII. We see aggregate page views, not individual user journeys.
delete your identity
On /me/settings → advanced → delete, you can permanently revoke your OC identity. Your federation-custodied balance must be swept first (the graduate flow). Anchored events on Bitcoin headers and Nostr-published envelopes are immutable by design — these we cannot delete; they are public records of fee flows. We never delete the chain; we delete the operational records about you.