I really hate this kind of "verification" :

- It save biometric data to somewhere on a cloud, with all you other datas... that could serve for the people that hack them

- The one (people, countries agents...) who really want to access the API (for good or bad reasons) will find a way to hack the system (fake video, fake id)...

So why are they still do that ?

It is as secure as a subway ticket.

Before checking our biometric data they should check their mind health and try to understand it doesn't work for the one they want to target.