We Value Your Privacy

DPDPA 2023 Compliant

Match It Up uses cookies and similar technologies to ensure smooth functioning of the platform, personalise your experience, and analyse usage patterns. You can choose to accept all cookies, reject non-essential ones, or customise your preferences. For more details, please visit our Cookies Policy.

Privacy PolicyTerms of ServiceData Fiduciary: Match It Up™
matchitup
PrivacyCredibilityTrust

We Verify Professionals Without Asking for Your Passwords

Every platform wants to verify you. Most of them ask for far more access than verification actually requires. Here is why we chose a different path.

K
Kunal Khanna
Founder, Match It Up™
February 20267 min read

TL;DR

  • We verify your professional identity without OAuth, logins, or access to any private data.
  • Most platforms ask for far more than verification actually requires - and that erodes trust before it builds it.
  • Three distinct things to verify: identity (email), credibility (public profile), behaviour (earned over time).
  • 'Web-Validated' means your public presence matches what you told us - nothing more and nothing less.
  • Unverified is neutral, not negative. Trust builds through what you do on the platform, not credentials elsewhere.

There is a moment almost every professional has experienced when signing up for a new professional networking platform in India. You are filling in your profile. You have entered your name, your company, your role. Everything is going smoothly. And then the platform asks you to connect your LinkedIn account. Or verify with Google. Or link your email.

And suddenly the signup flow that felt simple is asking for permissions that feel like a lot - access to your contacts, your messages, your calendar, your professional history. Sometimes you grant it, because you want to use the platform. Sometimes you abandon the signup entirely, because the ask feels disproportionate to what you are getting in return.

Either way, something has shifted. The platform that was trying to earn your trust just asked for something that made you trust it less.

We thought about this problem for a long time before we decided how Match It Up™ would handle professional verification in India. And we arrived at a principle that now shapes the entire credibility layer of the platform: "We should only ask for what we actually need. And we should be able to explain exactly why we need it."

The Problem With Asking for Too Much

When a platform asks for OAuth access to your LinkedIn or Google account, it is asking for something significant. OAuth - the authentication protocol behind "Connect with LinkedIn" or "Sign in with Google" buttons - grants the platform permission to read data from your account on an ongoing basis.

Depending on the permissions requested, that can include your contact list, your message history, your email inbox, and your activity feed. That access is often justified in terms of making your experience better. "We need this to personalise your feed." "We need this to suggest relevant connections." "We need this to verify your identity."

Sometimes those justifications are genuine. Often, the data being collected goes well beyond what the stated purpose requires. And once a platform has OAuth access to your account, that access persists until you explicitly revoke it - which most people never do, because most people do not know it exists.

In India, where professional data privacy is still under-discussed and under-regulated compared to many markets, this dynamic is particularly consequential. Data shared in one context - a professional networking platform you trusted - can end up used in ways you did not anticipate and cannot easily undo.

The hidden cost of OAuth

When you grant a platform OAuth access to your LinkedIn account, you are not just sharing your public profile. You may be sharing your private messages, your contact list, your connection graph, and your browsing behaviour within LinkedIn - all of it, continuously, until you manually revoke access from LinkedIn's settings page.

We did not want to build a platform that creates this dynamic. Not because we think professional verification is unimportant - it is one of the most important things we do - but because we think there is a way to verify professionals that does not require them to hand over their digital keys.

What We Actually Need to Verify

Before deciding how to verify, we had to be precise about what we were actually trying to establish. There is a meaningful difference between these three questions:

  • Is this person who they say they are? (Identity verification)
  • Is this person's claimed professional background consistent with public evidence? (Credibility verification)
  • Is this person reliable in their professional interactions? (Behavioural verification)

Most platforms conflate these three and try to solve them all with OAuth. We treat them separately - because they require different approaches, and only one of them actually needs deep account access.

Identity verification - confirming you are a real person with a real email address - requires almost nothing. An email confirmation link. Basic fraud signals on the signup flow. That is it.

Credibility verification - confirming your claimed professional background is consistent with public evidence - requires reading your public profile, not accessing your private data. If your LinkedIn profile is public and says you are the CTO of a company that exists, that is checkable without any OAuth at all.

Behavioural verification - establishing that you follow through, respond to messages, and maintain your professional relationships - cannot be bought with an OAuth token. It is built over time, through actual behaviour on the platform. No amount of account access shortcuts that process.

"Credibility is checkable from what you choose to make public. It does not require access to what you keep private."

How Match It Up™ Verifies You

The Match It Up™ credibility system works in three stages, in order of what we can learn without asking for anything beyond what you choose to share publicly.

StageWhat We Do
1. You share what you chooseYou provide your name, company, role, and optionally your LinkedIn URL, Instagram handle, or personal website. All optional. No login. No OAuth. Just a URL or handle you are comfortable sharing publicly.
2. We read what is publicOur verification system reads the public pages you have pointed us at. Your public LinkedIn profile. Your public website. We check whether the professional identity described there is consistent with what you have told us. No private data. No message history. No contact lists.
3. We build your credibility over timeBeyond what public profiles confirm, your credibility on Match It Up™ is built through your behaviour. Do you respond to messages? Do you follow through on introductions? Do you maintain your professional relationships?

What "Web-Validated" Actually Means

When Match It Up™ shows a profile badge that says Web-Validated or Professional Presence Confirmed, it means something specific. We want to be transparent about exactly what it means - and what it does not.

What Web-Validated means

The professional identity this person has described on Match It Up™ is consistent with their publicly available web presence. Their LinkedIn profile, website, or other public sources confirm that someone with this name appears to work in this role at this company. We have cross-referenced what they told us against independent public sources and found no contradictions.

What it does not mean

Web-Validated is not employment verification. It is not a background check. It does not confirm that the person has the skills they claim, that their past performance was strong, or that they will be reliable in their interactions with you. It confirms that their claimed identity is consistent with publicly available information. Nothing more, nothing less.

We deliberately do not use the phrase AI-Verified or Algorithmically Certified. These terms imply standards of verification that no automated system can honestly claim.

Why This Model Is Better for the Network

There is a selfish reason to verify people without collecting excessive data: it is better for Match It Up™ as a business. Platforms that build their verification on OAuth access create a fragile dependency on the policies of other platforms. If LinkedIn changes its API terms - as it has done, repeatedly - the platform's verification system breaks.

Verification based on reading public professional profiles has none of these dependencies. It is robust to API policy changes. It does not create data liabilities beyond what users explicitly share. And it aligns naturally with India's Digital Personal Data Protection Act (DPDPA) - shaping how platforms must handle professional data in India.

But the less selfish reason matters more to us. A platform that asks only for what it needs, is transparent about what it checks, and honest about the limits of what it can confirm - that platform earns a different kind of trust from its users.

Your passwords are yours. Your public presence is the only credential we need. Professional verification in India should confirm what is already knowable - not extract what was never yours to give. We built Match It Up™'s professional credibility system on that principle, and we intend to keep it that way.

Ready to build a network that actually works?

Join business professionals like you on matchitup.in

Join Free on matchitup.in

Also read

Why We Will Never Show You Your Trust Score

LinkedIn Tells You Who. Match It Up™ Tells You Why.

Why Your Professional Network Is Quietly Dying

Networking in Mumbai·Bangalore·Delhi NCR·Referral Networking Guide·All Articles