From the text on there, you can see it's probably not that insecure. Au10tix is the company actually doing the identity verification and they're an Israel-based company that seems to be pretty legit. I bet X only stores the data in-memory while they send it over to the appropriate APIs or something like that.
Not that I trust them anyway with who's in charge over there.
The text says that you give X permission to store the image of your id for 30 days. If you trust them to delete it after that, then I don’t know how to help you.
Even if they do delete them, there will be millions of id images stored at any time.