Passports, drivers' licenses, and any other identifying documentation uploaded to rth is encrypted for the complete transfer layer, and for the complete storage layer. Prior to upload, kyc files are encrypted at the client level (using standard pgp), and ssl wrapped for transport. Once uploaded, the file is "de-ssld" at the server and the pgp encrypted data is stored on the server. When downloaded by rth kyc admin for verification, the server wraps the pgp file in ssl, and transports the file to the rth kyc admin, where the file is again "de-ssld", the pgp encypted data is saved only to a standalone external drive, and is immediately moved to an air-gapped computer running tails. There, the pgp files are stored on disk and decrypted only into ram for kyc verification. The decrypted files are never saved to physical disk, and are destroyed when the computer is powered down at the conclusion of every verification session. As an added precaution, files are deleted from the standalone external drive at the time of copying to the offline computer, and the drive is deep formatted and overwritten daily.