Glossary and references

AML

Anti-Money Laundering; laws, regulations and procedures intended to prevent criminals from disguising illegally obtained funds as legitimate income.

API

Application Programming Interface; a set of functions and procedures that access the features or data of an application, or other service.

authentication

While authentication and verification are often used interchangeably in casual speech, here authentication refers to two processes: use of credentials — such as a token, username and password, or key — to authenticate a user to services, and use of cryptographic methods to authenticate electronic documents.

credential holder

A user (individual, company, or guardian of an object) who owns the digital credentials held in their smartphone. The credential holder receives requests for verification of their Mobile ID digital credential periodically from others via the Mobile ID Verify App.

digital credential

The digitally rendered version of the user's identity document found in the Mobile ID App.

DMV

Department of Motor Vehicles or Division of Motor Vehicles; the names used in many states for the government office that issues and maintains driver’s licenses. Name for this office varies from state to state.

DPM

Deep Pattern Matching; comparing identity document images to a comprehensive identity document library with detailed information about the design of each type of identity document.

eIDAS

electronic IDentification, Authentication and trust Services; a European Union regulation on electronic identification and trust services for electronic transactions in the European Single Market.

encryption key

In cryptography, a random string of bits generated specifically to scramble (encrypt) and unscramble (decrypt) data.

ESF

Enhanced Security Features: Features added to an identity document that are difficult to reproduce but easy to inspect. In the United States, one differentiator IDEMIA has with regard to FRR is through the use and examination of ESF. Since ESF is a positive verification technique, it allows positive validation of approximately 60% to 70% of the driver’s licenses in circulation in the US. Validating these allows IDEMIA to bypass the normal optical authentication process, effectively reducing FRR by 50%.

evidence

A piece of information in the form of a document, facial image (portrait), or declaration that users provide to support their identity claims. Multiple evidences verified correctly contribute to a higher identity Level of Assurance.

evidence score

Measures the level of confidence a service has for a successful verification based on the different checks that have been performed.

evidence status

The overall result of the verification process of an evidence.

FAR

False Acceptance Rate; A measure of the frequency of a fraudulent or altered document mistakenly accepted as genuine. IDEMIA continuously works with law enforcement and forensic teams around the world to help assess system performance relative to false acceptance rates (FARs). In most recent tests using a desktop device, IDEMIA correctly identified more than 90% of fraudulent attempts (or an FAR of 10%). IDEMIA continually updates its libraries and test algorithms to identify new forms of fraud.

FRR

False Rejection Rate: A measure of the frequency of a legitimate document mistakenly identified as having some kind of anomaly that is considered suspicious. Typical causes are simple wear and tear or dirty documents. Generally speaking, documents issued in the US use a mature and consistent process. Some jurisdictions (Puerto Rico for instance) use less mature processes and therefore FRR may be a bit higher.

fuzzy match

A fuzzy match finds strings that are approximately similar but are not exactly the same.

GIPS

Global Identity Proofing Service; a service from IDEMIA that offers identity proofing to applications globally over the internet.

GIV

Remote identity proofing service to log into a government agency website to verify the user's identity.

ICAO

International Civil Aviation Organization; a UN specialized agency that works with the member states and industry groups to set standards, recommended practices, and policies in support of a safe, efficient, secure, economically sustainable, and environmentally responsible civil aviation sector.

ICAO document

A machine-readable travel document, such as a passport or visa, that was created in accordance with ICAO Doc 9303, Machine Readable Travel Documents.

ID

Identity Document; any document that may be used to prove a person's identity.

indicator

During verification of an evidence, the Identity Proofing platform performs several checks including:

Examining the expiration date of a document
Performing document classification
Comparing the consistency between the Machine Readable Zone (MRZ) and the Visual Inspection Zone (VIZ)
Comparing the consistency of the information against the issuer’s record in its database
Comparing user's photo ID portrait with submitted selfie

Note: This is not an exhaustive list as many other checks are performed. The indicators are the detailed results of all those unitary checks that contribute to the scoring of the evidence and are reserved to the relying service.

ISO

International Organization for Standardization; an independent, non-governmental, international organization that develops standards to ensure the quality, safety, and efficiency of products, services, and systems. From ISO: "Because 'International Organization for Standardization' would have different acronyms in different languages (IOS in English, OIN in French for Organisation internationale de normalisation), our founders decided to give it the short form ISO. ISO is derived from the Greek 'isos', meaning equal. Whatever the country, whatever the language, we are always ISO."

issuing agency

The location or an authorized branch of a location belonging to and operated by and for the issuing authority. Examples include: DMV offices or passport offices.

issuing authority

The company or agency issuing the digital version of the credential. Examples include: state DMV or government that issues passports.

KYC

Know Your Customer; requirements for financial institutions that require them to make an effort to verify the identity, suitability, and risks involved with maintaining a business relationship, procedures that fit within the broader scope of Anti-Money Laundering (AML) regulations.

Level Of Assurance (LoA)

Measures the confidence in the identity resulting from the verification process that has been performed on all evidence provided by the user.

Mobile ID credential

This is the cryptographically signed and verified attribute package sent back to the user's smartphone.

MRZ

Machine Readable Zone; an area in identity documents specifically designed for reading primarily by machines, such as barcodes, QR codes, or text using fonts optimized for optical character recognition.

multi-tenant cloud

A cloud computing architecture that allows customers to share computing resources in a public or private cloud. Each tenant’s data is isolated and not visible to other tenants.

NFC

Near Field Communication; a set of communication protocols between two electronic devices over a distance of 4 cm or less. In identity proofing, this also sometimes refers to the newest electronic passports where critical information resides in a chip embedded in the passport and readable via NFC.

NIST

National Institute of Standards and Technology; a physical sciences laboratory and a non-regulatory agency of the United States Department of Commerce.

OCR

Optical Character Recognition; the electronic or mechanical conversion of images of typed, handwritten, or printed text into machine-encoded text. This also sometimes refers to fonts optimized for optical character recognition.

OIDC

OpenID Connect; an open standard and decentralized authentication layer on top of the OAuth 2.0 protocol.

PAD

Presentation of Attack Detection; detecting attacks where a user presents to the camera a fake view, such as a photo or a mask, to deceive facial recognition.

PDF417

Portable Data File 417; a stacked linear barcode format used in a variety of applications including identification cards. The 417 signifies that each pattern in the code consists of 4 bars and spaces in a pattern that is 17 units (modules) long.

PII

Personally Identifiable Information; information that can be used by itself or with other data to identify a person.

QR code

Quick Response code; a two-dimensional version of the barcode capable of presenting substantial information compactly.

relying party

The party that is requesting attributes from a user. The relying party is also sometimes called a verifier.

relying service

The back end service that uses Identity Proofing platform. It has access to all API requests and output. A relying service application must use a Global Identity Proofing Service Relying Service (GIPS-RS) API key.

REST

Representation State Transfer; an architectural style for developing web services that follows principles such as a client–server architecture, statelessness, cacheability, use of a layered system, support for code on demand, and using a uniform interface.

SDK

Software Development Kit; a collection of software development tools in one installable package.

SoR

System of Record; an authoritative data store containing the most current information for a given data element or piece of information. In the context of identity proofing, it is typically the system used by the entity that issued the identity document, such as a driver’s license, including photograph of the document holder.

SSN

Social Security Number; the identifying number issued by the US agency that administers the social insurance program of retirement, disability, and survivor benefits.

verification

While verification and authentication are often used interchangeably in casual speech, here verification refers to the process of assuring the authenticity of documents and other identity evidence, as well as assuring that the current user corresponds to the claimed identity.

verifier

The verifier is the party who verifies the user’s (credential holder’s) credential found on their mobile phone. The verifier is also sometimes called a relying party.

VIZ

Visual Inspection Zone; an area in identity documents specifically designed for reading by persons visually inspecting the document.