Banks and other institutions increasingly allow customers to set up accounts remotely using a mobile onboarding app in a process called digital onboarding. Also known as electronic Know Your Customer or eKYC, the process requires digital identity verification and typically includes the presentation of a identity document, such as a passport, national ID, or driver’s license, as well as capture of a “selfie”. It’s a great convenience to customers and generates more revenue for businesses, but creates an opportunity for fraud. Fraudsters can easily source digital images of identity documents from illicit sources, and then manipulate them digitally. This is why it’s so critical to determine…is the document physically present? Or, is a fraudster presenting an digital image of a document displayed on their mobile phone or computer monitor?
Identity document fraud using a digitally-displayed image is called a document screen replay attack. Screen replay attacks are accelerating, yet many onboarding systems cannot reliably detect them. Often the spoofed document is not discovered until much later in the customer lifecycle when other red flags trigger an audit. IDLive Doc detects a screen replay at the time of the attack, creates more risks and costs for bad actors, and prevents fraud before it causes damage. Importantly, it does so without adding friction in the user experience for legitimate customers, and without tipping off fraudsters that the countermeasure is in place and how it might be defeated.