Authenticating documents through a mobile or web application is now a common occurrence for setting up new accounts and complying with Know Your Customer (KYC) directives. This is extremely convenient for users compared to in-person identity checking, but it opens up the potential for fraud. Recent ID R&D research shows that over 90% of all document-based attacks on digital onboarding are presentation attacks, and that the vast majority of these fall into three types of attack:
The suite of IDLive Doc products are the first and only standalone suite of products that address these three types of attacks universally across all types of identity documents from around the globe. The suite works on driver’s licenses, passports, and national IDs regardless of the template or layout of the document.
Document liveness detection is software used to detect when an identity document used for digital onboarding is a presentation attack. Document presentation attacks are analogous to facial presentation attacks, where a printed image, mask, or selfie image displayed on a digital screen is used to spoof biometric authentication.
Examples of document presentation attacks are when a document presented during a digital onboarding is either partially or fully comprised of a reproduction or forgery, either physical or digital. Screen replays, printed copies, and portrait substitutions make up the vast majority of real-world document presentation attacks. A screen replay is when a document is reproduced by displaying it on a digital screen. A printed copy is a reproduction of a document printed from a digital image taken by a camera, copier, or scanner. A portrait substitution is when a fraudulent facial photo is overlaid onto the facial portrait of a genuine document.
While accurate and effective document liveness detection is essential, it also should ideally be easy to implement into legacy systems and easy for consumers to use. Customers should not be impeded by friction in the form of complex instructions, failed image captures, and false positives.
ID R&D’s IDLive Doc saved RealAML years of in-house development, helped acquire new customers, and immediately demonstrated its ability to stop fraud attacks. IDLive Doc integrated seamlessly into our existing KYC process without disrupting other core components.
Banks and other institutions increasingly allow customers to set up accounts remotely using a mobile onboarding app in a process called digital onboarding. The process for banks typically includes a Know Your Customer or eKYC function, where the identity of the applicant is verified and their risk as a customer is assessed. Doing so requires the presentation of an identity document, such as a passport, national ID, or driver’s license, as well as capture of a biometric “selfie”. It’s a valuable convenience to customers and generates more revenue for businesses, but creates an opportunity for fraud. Fraudsters source digital images of identity documents from illicit sources, and then manipulate them digitally. This is why it’s so critical to determine…is the document physically present? Or, is a fraudster presenting a physical or digital image of a document?
Presentation attacks are frequently not discovered until much later in the customer lifecycle when other red flags trigger an audit. IDLive Doc detects them at the time of the attack, creates more risks and costs for bad actors, and prevents fraud before it causes damage. Importantly, it does so without adding friction in the user experience for legitimate customers, and without tipping off fraudsters that the countermeasure is in place and how it might be defeated.
Minimize the number of attack vectors in the digital onboarding process with a layered approach to document verification that involves document authentication, document liveness, facial recognition, and ID R&D’s IDLive® Face passive facial liveness detection.
The document liveness check is performed in the background in milliseconds, with no incremental friction for the customer or warning for fraudsters.
IDLive Doc is easily added to any existing remote onboarding system to stop screen replay attacks of identity documents. Once the IDLive Doc Docker image is installed, all that is needed is one API call with a payload of the same image already captured for identity document verification. IDLive Doc provides the probability of document liveness and you choose how to respond if a screen replay attack is detected. You can be up and running in hours.