Patrick Bass Area: Monetization (audit p10) · Surface: GET /account/verified, POST /account/verified/subscribe, GET/POST /account/verified/submit, GET/POST /account/verified/selfie, POST /account/verified/cancel (VerificationController) · Dimension: documentation · Severity: major
mobieusVerified is a paid ($5 per memory) identity-verification subscription where a member subscribes, confirms email, and uploads an ID/selfie to earn a verified badge. The flow has 8 user-facing endpoints including selfie capture and ID submission, yet there is no mobieusKnow article explaining what verification is, what the $5 buys, what data is collected for the selfie/ID step (a privacy-sensitive step that especially needs documentation), how to submit, or how to cancel. Violates Law 7.
Evidence
Code: platform/src/Controllers/VerificationController.php:10 index, :32 subscribe, :73 submitForm, :90 submit, :220 cancel, :247 confirmEmail, :308 selfieForm, :328 selfieUpload — a full paid verification flow with ID and selfie upload steps. Wiki: `curl https://support.mobieus.io/know/search?q=verified` and `?q=verification` both return `No results for "verified"` / `No results for "verification"`. Also "No results" for verify, mobieusVerified, "blue check". Direct slugs 404: `/know/verified`, `/know/mobieus-verified`, `/know/verification`. ('identity' search returns only 'Profile & Identity' and SCIM, neither covers paid verification.)Suggested fix. Add a /know/mobieus-verified article: what the verified badge is and costs, the email-confirm + selfie/ID submission steps, how the uploaded ID/selfie is used and retained (data-handling transparency), and how to cancel. Add to index and make searchable under 'verified', 'verification', 'identity'.
Filed by the automated tenant-app audit and adversarially evidence-verified. Status: verified. Open — not yet actioned.
Patrick Bass
@mobieus
