Verify identity: 4-point checklist to check on any document

As more financial services become digitized, it is essential that financial institutions offer customers fast, reliable, mobile and online access to products and services. It often means rethinking the customer journey, particularly the stage at which the customer and the financial institution first establish a relationship – onboarding and account creation.

Opening an account requires mutual trust between a client and a financial institution (FI). Customers must rely on the FI to keep their personal data secure and private. In return the FI must verify that the client is who they say they are. Building digital trust requires digital identity verification capabilities.

In this article we provide a detailed guide to one of the most robust digital identity verification solutions for building digital trust – automatic identity document verification powered by artificial intelligence (AI).

Systems to digitally verify a person’s identity

The most commonly used digital identity verification methods include:

• Facialbiometric verification: compare a selfie with an image on a validated identity document (e.g. an image on a driver’s license).
• Identity document verification: uses artificial intelligence and advanced algorithms to verify that an identity document is legitimate, using an image of that document taken by the customer with his or her cell phone.
• Verification via one-time access code (OTP): a one-time access code is sent to the applicant during the account opening/application process.
• Knowledge-based authentication (KBA): the customer is asked to answer a series of questions based on his or her personal information, for example, in relation to credit bureau information.

To provide a fast, online customer experience while building trust, the best combination of these digital identity verification methods is identity document verification and facial recognition. These technologies make it possible to digitally verify the identity of almost all potential customers using a government-issued identity document, such as a driver’s license, passport or ID card.

What is identity verification in documents, automated with artificial intelligence?

Imagine a scenario in which a customer requests to open a new checking account using a bank’s mobile app. The bank has integrated automated ID verification into the mobile account opening process to reliably determine the identity of the applicant.

There are two main components of the function: document capture and document analysis.

Document capture

• The customer initiates the account opening process and is prompted to capture images of their ID document using their cell phone camera (two images for driver’s licenses and ID cards and one image for passports).
• Document verification technology performs image quality checks on photographs to ensure that they are of sufficient quality for verification.

Document analysis

• Captured images of the identity document are sent for verification.
• The images are analyzed using artificial intelligence, data sets (e.g. name, expiration date) are extracted and the identity document is verified.
• The account opening solution receives the response/result, performs a series of data checks and decides whether or not to allow the applicant to proceed.
• The account opening solution sends a notification to the applicant to inform him/her of the decision.

The time this process takes depends on the level of document analysis configured as part of the process. Determining the level of analysis involves balancing considerations of customer experience and risk.

There are four levels of document analysis security, each of which increases security.

Download and save this practical PDF guide on the 4 levels of document verification.

4 levels of security to be checked to verify identity documents

Text analysis

Examines the visual inspection zone (VIZ) and machine readable zone (MRZ) for source, correct use of sources, logic and positioning.

Description of the analysis:

• VIZ/MRZ data comparison: compares that are related to each other (MRZ cannot reproduce accents and special characters).
• Consistency and use of sources: are sources detected as expected?
• MRZ source type: is the source correct?
• MRZ checksum: is this the expected value?
• Signature with known font: is a font being used instead of an actual signature?

Customer experience:

• Very good: low friction for the customer.

2. Analysis of replicable patterns and characteristics:

Analyzes pattern recognition, metatext and chip detection.
Description of the analysis:

• Analysis description: Human face detection: is it a real face instead of an image?
• Portrait color, positioning and integration: is everything as expected?
• Visible security functions: position and appearance of the NFC chip (field communication)
  and printing technique.

Customer experience:

• Good: high resolution images are required.

3. Analysis of patterns and characteristics that are difficult to replicate

Analyzes microprinting, kinegram, OVI and special inks.
Description of the analysis:

• Microprint analysis.
• Kinegram security hologram analysis.
• OVI (optically variable ink)® analysis: OVI has a two-color variation, immediately evident when viewed from different angles. As a high-security product, OVI is instantly recognizable and its color change cannot be photocopied or reproduced.
• UV: appearance with ultraviolet light.
• Optically Variable Device (OVD) analysis: OVD is an iridescent or non-iridescent security feature that displays different information, such as movement or color changes, depending on viewing and/or lighting conditions. OVDs cannot be photocopied or scanned, nor can they be accurately replicated or reproduced.

Customer experience:

• Medium friction: special printers and materials are required. Flash control is generally required, and in some cases specialized hardware may be needed.

4. NFC chip reading

Complete image and data extraction, and secured with a digital certificate.
Description of the analysis:

• It provides a very high level of security, as the chip contains the image (better quality for a better face matching experience) and the person’s personal data, so any physical manipulation of the document can be detected.
• Unequivocal confirmation of the authenticity of identity documents with chip.
• No manual data entry or OCR (Optical Character Recognition) errors.
• The digital signature is used in the chip.

Customer experience:

• High friction: access to the chip reader is needed, which requires a native application or specialized hardware. NFC offers a better user experience if the user already has the application. The experience is worse if you are forced to download an application.

What is the best level of analysis to verify the identity of the documents in each case?

When it comes to identity document analysis, there is often a trade-off between ease of use and security. For most online account openings, the customer journey must be secure, but also easy for the applicant. Adding friction to the customer journey can lead to applicant abandonment. Recent reports have suggested that abandonment due to friction during account opening can be as high as 55% for some products. Therefore, financial institutions must balance the user experience with the risk associated with the product to find the balance between good user experience and risk management.

ISO 29115 assurance level standards can also help financial institutions define the desired level of assurance for the customer journey. Standards may vary from region to region. In the U.S. the financial services industry is based on NIST standards. In the EU, the standards are defined by the eIDAS regulation. When evaluating the types of identity verification methods to implement for your specific use case, be sure to assess the level of risk you are willing to assume within your institution. A good way to do this is to conduct a risk assessment of transactions or services that require identity verification. Once this is complete, you can select the appropriate level of assurance and identity verification methods that strike the right balance between security and customer experience.

Conclusion: What does automated identity verification provide?

Automated identity document verification offers financial institutions a way to more efficiently verify the identity of new and existing customers. When integrated into a digital account opening process, this digital identity verification method allows anyone to open a bank account remotely. Financial institutions looking to implement automated identity document verification in their account opening process must determine the level of document analysis to balance ease of use with security requirements.

Automated ID document verification can also be combined with facial matching as part of digital identity verification during mobile account opening. Facial recognition, which is 99.7% accurate and increasing every year, according to NIST, is a particularly useful biometric modality for digital account opening, as it helps combat sophisticated application fraud attacks. In addition, the user experience, through a selfie, is very intuitive and recommendable.

Content extracted from OneSpan.