Evaluation
Use of IDEMIA Identity Proofing platform is enhanced with an understanding of how it evaluates a user's identity. Essential elements to identity evaluation include:
- What can I submit as proof of identity (Supported evidences).
- How is evidence verified (Evidence verification process).
- How do I understand the results (Evidence verification result).
- How are portraits matched (Face matching).
- How confident can I be of the identity (Identity Level of Assurance).
Supported evidence
The Identity Proofing platform supports multiple pieces of evidence to determine the Level of Assurance (LoA) in the identity of the named individual. A detailed list of the supported evidence is available in the API Explorer section under the Configuration Reader section.
Evidence | Description |
|---|---|
| PASSPORT | Exclusively passports. |
| VISA | Exclusively visas. |
| IDENTITY_CARD | Exclusively national identity cards. |
| DRIVING_LICENSE | Government-issued license to drive, a driver's license. Also, in the US, state-issued, non-driving identification cards equivalent to a driver's license in assurance. |
| VOTER_CARD | Exclusively voter cards in participating countries. |
| TAX_CARD | Exclusively tax cards as used in India. |
| RESIDENT_CARD | Government-issued permission for residence in the country. According to each country: a resident card or permit, immigration card or document, work permit, or similar proof of residence. |
Evidence categories
The different types of evidence are grouped into categories. All evidence categories share common verification methods and scoring rules. There are currently five categories that contribute to the Level of Assurance (LoA):
Evidence Category | Description |
|---|---|
| ID_DOCUMENT | Physical photo ID documents with security features that are supported by document authentication capabilities. |
| DOCUMENT | Other types of documents supporting the identity (non secured ID) available only in select markets and regions. |
| USER_VERIFICATION | Pieces of evidence presented by the user belongs to the named individual. This is mostly performed through the user's picture (PORTRAIT) compared with a reference photo ID extracted from another evidence. |
| TRUSTED_ID_CLAIM | Credentials originating from a trusted third-party identity provider such as IDEMIA Mobile ID. |
| ID_CLAIM | User declaration that can be verified against an authoritative source, such as a Social Security number, phone number, credit card number, and bank account details. |
Many categories of evidence include an image of the identity holder. When the template for an evidence includes a facial image, IDEMIA Proofing platform extracts that image. That extracted image, called a PORTRAIT, can be used as additional evidence during the verification process.
Even if they are not identical, the scoring rules for the different evidence categories provide an equivalent contribution to the LoA when they have the same score. For example, a LEVEL2 PASSPORT is equivalent to a LEVEL2 ID_CLAIM or a LEVEL2 VOTER_CARD in terms of contribution to the identity LoA.
Evidence verification process
Once the evidence is submitted, IDEMIA's Identity Proofing platform performs several verifications to validate it. The result of the verification is determined by the evidence score.The following verifications method are supported:
- Document authentication methods: performs the following procedures to verify the authenticity of the document and to ensure that the document itself is valid.
- Document Capture: provides the user with a step-by-step interactive guide to complete the evidence capture process and video stream analysis using their mobile phone camera. This process results in a superior image quality capture used for optimal document validation and authentication.
- NFC Document Verification: enables a client application to verify an ICAO 9303 NFC-readable identity document. It is completed by reading the data directly from the NFC chip within the document and extracting information it contains about its owner.
- Issuer record verification: some pieces of evidence can be verified directly with its issuing source. The Identity Proofing platform compares data extracted from evidence submitted by the user against the issuing source’s System of Record (SoR) or a government agency database.
- Trusted Identity Claim Verification: Using the OpenID Connect authentication protocol of the IDEMIA Identity Proofing platform API, applications can submit trusted identity claims. The submitted trusted identity claims are used to upgrade the Level of Assurance (LoA) of the submitted identity.
- Biometric verification methods: perform various procedures to match a live facial presentation to a Portrait extracted from a verified identity document, thus ensuring that the holder of the document is the individual named on the identity document.
- Liveness detection: provides the confidence that the person authenticating is a live person and the owner of the digital credential based on a set of requirements for optimal liveness detection performance.
- User biometric verification: compares the PORTRAIT (candidate image) against the image from the identity document (reference portrait).
Evidence verification result
The evidence verification results include a status and a score:
- Status: provides the overall result of the verification process.
- Score: reflects the confidence in the success of the verification process.
Status
There are five possible values for the evidence status.
Status: definitive values
The definitive values for evidence status are:
Status | Definition |
|---|---|
| VERIFIED | Evidence is successfully verified. The score indicates the reliability of the verification. |
| NOT_VERIFIED | Evidence was processed, but not enough checks were performed to take a decision. Most of the time this is due to the poor quality of the input data or unsupported evidence. |
| INVALID | Evidence is considered invalid by the service. |
Status: transient values
Transient values for the evidence status while it is being processed are:
Status | Definition |
|---|---|
| PROCESSING | Evidence is currently being processed by the service. |
| ADJUDICATION | Evidence is currently being reviewed by a human expert. A longer response time is expected. |
Score
When VERIFIED, the score of an evidence can range from LEVEL1 to LEVEL4. This score depends on two factors:
- The strength of the evidence, which measures how much this evidence is intrinsically reliable in terms of issuing process and resilience to fraud attempts.
- The different verification methods that are performed on the evidence, and their reliability.
Level | Reliability |
|---|---|
| LEVEL0 | Invalid or not verified |
| LEVEL1 | low confidence |
| LEVEL2 | medium confidence |
| LEVEL3 | high confidence |
| LEVEL4 | very high confidence |
Note: As user's face evidence is compared to a reference portrait that may be extracted from an identity document or other authoritative source, the score of a face verification can only be as high as the score of the evidence it is compared to.
The service provider may encounter face verification results with a status VERIFIED and a score of LEVEL0. These results cannot be trusted because the face of the user matched the PORTRAIT on the evidence, but the identity document was not VERIFIED.
Evidence scoring rules
Document genuineness verification has 4 possible outcomes that are integrated in the ID_DOCUMENT scoring:
- Low document authentication
- High document authentication
- Inconclusive document authentication. In this outcome, this verification method does not contribute to the evidence score.
- Suspected fraud. In this outcome, the document is considered
INVALIDif not mitigated by other verification methods, and fraud indicators are raised to the service provider.
Physical photo identity document scoring rules
Scoring rules for physical identity documents that include an image of the owner’s face, such as PASSPORT or DRIVING_LICENSE, are:
Maximum Evidence Score | Verification Methods Passed | Evidence Verification Methods |
|---|---|---|
| LEVEL 1 | Evidence passed 1 of 2 verification method | - Evidence successfully processed and identity is extracted. resulting in a low document authentication. - Evidence partially matched against authoritative source resulting in a low issuer verification. |
| LEVEL 2 | Evidence passed 1 of 2 verification method | - Genuineness verification resulting in a high document authentication. - Validity verified against authoritative source. |
| LEVEL 3 | Evidence passed 2 of 4 verification methods | - Genuineness verification high document authentication. - Remote visual inspection by trained operator. - Validity verified against authoritative source such as the issuer of the document. - Cryptographic verifications. |
| LEVEL4 | Evidence passed all 4 verification methods | - Genuineness verification (High Document Authentication). - Remote visual inspection by trained operator (Adjudication). - Validity verified against authoritative source. - Cryptographic verification. |
Identity documents with no photo scoring rules
Scoring rules for identity documents without a facial image are:
Maximum Evidence Score | Evidence Verification Method |
|---|---|
| LEVEL 1 | Evidence type has been identified and the user's name appears on the document. |
| LEVEL 2 | Evidence is verified as valid against an authoritative source. |
ID_CLAIM scoring rules
ID_CLAIM scoring is based on identity and identification details provided by the user that can be verified against an authoritative source.
Identification details are most often identification numbers or other details that are not publicly available and that can be linked to the claimed identity. Examples of identification details include: Social Security number, phone number, credit card number, bank account details.
Note: The more identification details the user provides, the higher the resulting evidence score if the identification details can be verified.
Maximum Evidence Score | Evidence Verification Method |
|---|---|
| LEVEL 1 | Claimed identity even without identification details is present in at least one authoritative source. |
| LEVEL 2 | At least 1 of the claimed identification details is verified against an authoritative source. |
| LEVEL 3 | At least 2 of the claimed identification details are verified against authoritative sources. |
PORTRAIT scoring rules
Once a portrait has been submitted, results of the biometric matching are combined by the Identity Proofing platform to increase the score of the portrait evidence.
Portrait scoring statuses:
Status | Score | Description |
|---|---|---|
| NOT_VERIFIED | LEVEL0 | Portrait submission not verified. |
| INVALID | LEVEL0 | Portrait submission is invalid (biometric matching failed). |
| VERIFIED | Same score as the evidence reference | The score reached is described in the example below. |
Example evidence references and their scoring and level indications:
- Verified driver's license (US) with verified issuing source: If driver's license status is
VERIFIEDatLEVEL3, then the portrait status is alsoVERIFIEDatLEVEL3. - Verified passport only: Passport status is
VERIFIEDatLEVEL2then portrait status is alsoVERIFIEDatLEVEL2.
Maximum evidence scores
The following table summarizes by evidence type the maximum score an evidence can reach depending and the verification methods used.
Evidence Type |
Maximum Evidence Score |
Evidence Verification Methods |
|---|---|---|
| ID_DOCUMENT | Low level document authentication | LEVEL1 |
| Fuzzy match during issuer verification | LEVEL1 | |
| Doc authentication | LEVEL2 | |
| Issuer verification | LEVEL2 | |
| NFC | LEVEL3 | |
| Doc authentication and issuer verification | LEVEL3 | |
| Document authentication and adjudication | LEVEL3 | |
| Issuer verification and adjudication | LEVEL3 | |
| NFC and adjudication | LEVEL4 | |
| DOCUMENT | Document authentication | LEVEL1 |
| Issuer verification | LEVEL2 | |
| TRUSTED ID CLAIM | N/A | Depends on issuer |
| ID CLAIM | Authoritative source verification | Depends on verified identity details |
| PORTRAIT | Biometric verification against an evidence scoring LEVEL 1 | LEVEL1 |
Biometric verification against an evidence scoring LEVEL 2 | LEVEL2 | |
Biometric verification against an evidence scoring LEVEL 3 | LEVEL3 | |
Biometric verification against an evidence scoring LEVEL 4 | LEVEL4 |
Note: Evidence scoring operations can have a partial validation that lowers the evidence score.
Face matching
Face matching decision rules
IDEMIA's Identity Proofing platform ensures that the user is the named individual by performing a biometric comparison between the self-portrait and all the submitted evidences that contain a portrait, such as passport, identity document, and driver's license. The biometric match score is based on the configured tolerance threshold. If the results of the biometric match are above this threshold, the portraits are considered a match.
IDEMIA's Identity Proofing platform face matching process:
When multiple evidences are submitted, the Identity Proofing platform selects the reference portrait based on the following decision rules:
Evidence submitted | Decision rules |
|---|---|
| Multiple evidences | Selects the evidence with the highest verification score. |
| Multiple evidences with the same verification score | Selects the evidence with the highest biometric quality score. |
| Multiple evidences with the same biometric quality score | Selects the evidence with the highest matching score. |
| Same matching score | Selects the evidence received last. |
Configuring tolerance threshold
IDEMIA's Identity Proofing platform is configured with a tolerance threshold for biometric matching that determines the biometric comparison match. The biometric matching incurs a false acceptance rate (FAR) and a false rejection rate (FRR).
FAR and FRR defined:
False acceptance rate: is a measure of the frequency of a fraudulent or altered document mistakenly accepted as genuine. IDEMIA continuously works with law enforcement and forensic teams around the world to help assess system performance relative to false acceptance rates (FARs). In most recent tests using a desktop device, IDEMIA correctly identified more than 90% of fraudulent attempts (or an FAR of 10%). IDEMIA continually updates its libraries and test algorithms to identify new forms of fraud.
False rejection rate: a measure of the frequency of a legitimate document mistakenly identified as having some kind of anomaly that is considered suspicious. Typical causes are simple wear and tear or dirty documents. Generally speaking, documents issued in the US use a mature and consistent process. Some jurisdictions (Puerto Rico for instance) use less mature processes and therefore FRR may be a bit higher.
FAR and FRR trade-off:
Depending on use case constraints, the tolerance threshold between security and convinience determines the acceptable balance between FAR and FRR. The Identity Proofing platform ensure the necessary tradeoff between security and convenience remains as limited as possible.This tolerance threshold can be configured, but should take into account the following trade-off:
- Low FAR implies high FRR
- Low FRR implies high FAR
Identity Level of Assurance
In order to effectively prevent ever more sophisticated forms of fraud, the identity proofing service supports various methods of evidence validation. It verifies identity by aggregating pieces of evidence in an iterative and interactive approach with the user.
The combination of all verified evidence scores is called a profile. The profile enables a user to reach a certain identity Level of Assurance (LoA) ranging from 0 to 4. This LoA determines the degree of confidence in the identity verification process. It provides the service provider with the assurance that the user claiming these particular identity details is the named individual.
For each successive evidence validation within the same customer journey, the proofing service returns the verification’s status, updates the LoA of the applicant’s identity, and provides the list of available services that provide a higher LoA.
The LoA measures the scale of confidence that the service provider uses to measure the risk of being the target of a fraudster and to adjust the service granted to the user accordingly. The higher the LoA, the more reliable and secure is the identity.
LoA | Level |
|---|---|
| LoA 0 | Self-asserted without the assurance that the identity is accurate, corresponds to a user, or exists |
| LoA 1 | Reduces the risk of synthetic identities |
| LoA 2 | Reduces the risk of basic document forgery or fraud with another person's information |
| LoA 3 | Reduces the risk of more advanced document forgery |
| LoA 4 and higher | Reduces the risk of sophisticated fraud requiring substantial level of identity theft expertise |
The LoA reached by the identity depends on the evidence provided by the user and the different verification methods performed by the service.
The example below shows how a passport, a driver’s license, and a portrait provided by the user are verified with different methods and contribute to the identity LoA.
Identity proof file
Once the IDEMIA Identity Proofing platform processes the identity evidence submitted, the relying service can download a complete identity proof file including all the pieces of identity evidence submitted with a detailed description of each verification status.
This identity proof file is generated regardless of the status at the end of the verification process. It contains all the checks completed on the submitted pieces of evidence, and the result of the biometric match between the selfie and the portrait on the identity document. In addition, all images used, such as the document scan or selfie, are included. All this data is stored within several files that are electronically signed to guarantee its integrity and origin. This file of proof (an archive file) is sent to the relying service (following an API call) when closing the transaction.
IDEMIA recommends that service providers store this identity proof file for autonomous and unlimited auditing or troubleshooting purposes.
Note: The IDEMIA Identity Proofing platform retains Personal Identifiable Information (PII) provided by the user for 30 days by default for troubleshooting and service improvement purpose.