Identity verification
Introduction
MobbScan allows to carry out the user onboarding process through different configurable steps, including the capture, scanning and validation of ID card data as well as the verification that the person performing the process is actually the owner of the document. This last stage is key to provide reliability to the transaction, which is why MobbScan incorporates robust biometric identity verification technologies as well as presentation attack detection engines based on deep learning frameworks.
Biometric identity verification
Biometric-based technologies allow the identification and verification of users through the analysis of one or several biological (face, voice, iris, fingerprint, vein pattern...) or behavioural (signature, interaction with mobile devices...) features. Using these patterns it is possible to determine the identity of a person with a very high degree of confidence, so biometric-based customer registration solutions are having a great reception in different sectors such as banking, online gaming, insurance or telecommunications among many others.
MobbScan allows to carry out one-shot identity verification by means of biometric facial analysis. Within the application flow, the user is asked to perform a small gesture (like moving the head from side to side or smiling) that is recorded in a video file. This stream is sent to the server where our deep-learning-based technologies process and return a response in terms of confidence about the transaction's genuineness. The integrator will be able to use that information to make a decision based on thresholds according to different security scenarios.
Following is a short summary of the points that are analyzed during the video processing:
Identity matching
All official ID cards that follow the ICAO standard contain a headshot of their owner. Thanks to this feature it is possible to verify the identity of the person carrying out the onboarding process by comparing the image of the document with another one taken during the registration process.
MobbScan analyzes the video taken from the user to extract the most suitable frame to perform the facial matching calculation, and then both images (selfie and document) pass through a system based on deep learning that evaluates their similarity. This system is especially optimized for the comparison of facial images of different origin, as well as to overcome the limitations that may be faced: difference in age and appearance between the document's headshot and the selfie, poor state of preservation of the ID card or bad lighting conditions among others.
The facial matching system returns a numerical value to its output that can be interpreted as confidence in identity correspondence. Through the establishment of decision thresholds the integrators will be able to determining results in binary terms about the validity of the process.
Presentation attack detection
According to the ISO/IEC 30107 standard, a presentation attack is defined as a deliberate and malicious attempt to interfere with the operation of a biometric system. The attacker can be classified into two categories:
- Impostor: person who tries to impersonate another
- Identity concealer: person who tries not to be discovered
Within the framework of a digital onboarding system, it is the first category that poses a potential threat of security, since in the process of computing facial correspondence, the user could will attempt to impersonate the owner of the identity document by showing paper masks or reproducing a still image or video of it. To avoid this kind of situations MobbScan includes inside the identity verification a presentation attack detection block. To carry out the operation, the user will be asked to perform a small movement that will be analyzed together with other environmental conditions to determine the validity of the process.
As in the case of facial block, the system returns numerical value interpretable in terms of confidence in the genuineness of the process (presence or absence of presentation attack).
To learn more about the integration of video identity verification service, please consult the associated page within the technical documentation.