New Zealand has launched a trust framework for digital identity, a crucial step towards the country's digital transformation.
The importance of correct document handling for digital onboarding
Proper handling of documents is essential to ensure an efficient digital onboarding process and avoid threats and fraud.
W
orking with a qualified provider who carries out a solid, well-oriented document onboarding while also being mindful of the necessary protocols to protect sensitive information, will guarantee success.
The rise of technology and internet access has allowed a large number of procedures to be carried out virtually, such as opening bank accounts, applying for government aid, taking out insurance policies or accessing telemedicine services. This has led to the need to guarantee the same security in the verification of digital identity as in physical identity. However, this digital boom has also increased the risk of fraud, thus it is important to have effective solutions that can detect and prevent this type of activity. A key moment in the digital onboarding process is the management of identity documents, passports, driving licenses, pay checks or receipts. The document onboarding process must be prepared to extract data and reach conclusions from an infinite number of different documents, structured or not. These include:
- Identity documents, such as the ID card or passport, which provide basic information about the person, such as name, date of birth and place of residence.
- Invoices or bank statements that provide information about the customer’s address.
- Pay checks or income tax returns that justify the client’s income.
- Property contracts or deeds, useful to verify the ownership of a property.
Objective: detect fraud
Currently, a great deal of attention is focused on the development of advanced technologies to create deepfakes, however, most cases of digital fraud occur in the verification of ID documents. For this reason, it is important to require technology manufacturers to be very effective in detecting and preventing document forgery in all its forms. Biometric verification will not be successful without robust document verification.
The verification of identity documents largely depends on three key factors: the capture technology used, the characteristics of the capture device and the security level of the document presented.
- Capture technology: Native capture technology (iOS or Android) is generally considered to be more secure because it relies on more restrictive photography in terms of resolution, allows for precise focus control, etc.
- Devices: Qualities differ greatly from one to another. A laptop camera usually offers low resolutions, while smartphones are continuously incorporating more powerful cameras. It is also important to consider whether the mobile device has NFC (Near Field Communication) reading; a protocol that allows the data on the chip to be checked against the data printed on identity documents.
- Level of security: The DNI in Spain or the identity card in Uruguay are examples of documents with high levels of security. On the other end is Italy, which uses an “identity card” with no security measures and in paper format. Obviously, the more secure a document is, the more reliable its digital verification will be.
The most common attacks on identity document verification can be divided into three main categories:
- Invalid supports. Photocopies, scans or photographs, printed or digital, of authentic documents.
- Manipulation. Original documents whose data has been modified, either physically or digitally. Manipulated documents often do not have the correct data or adequate security measures, making them easily detectable by automated systems with artificial intelligence.
- Forgery. From an original document or by creating one from scratch. One of the most common fraud attempts is the impersonation of an original photo. Traditionally it occurs when a person has someone else’s identity document and tries to impersonate it. This can occur with old, invalid, or damaged documents. To do this, the imposter attempts to put their own photo on the authentic document and have the biometric process identify them as the original individual. However, a new method known as morphing is catching on among fraudsters. It relies on AI and involves the pixel-by-pixel distortion of an original image into an unreal, completely different one.
In order to detect these attacks, it’s important to apply specific security measures and analyze documents with artificial intelligence algorithms that can identify the existing security measures. Document manipulations may be obvious or require more effort, such as chemical modifications, but in any case, there are effective tools to detect them.
Artificial intelligence at the service of document onboarding
Machine learning and artificial intelligence solutions, integrated with document management tools, enable advanced management of large volumes of data and documents, and optimize procedures related to file organization or search.
Up-to-date and real-time technology
TrustCloud uses its own technology to manage different types of documentation in real time and within an environment shielded by the highest level of security. TrustCloud AICR is capable of analyzing all types of documents, both structured and unstructured. The solution automatically extracts the information, validates it, and compares it with your databases. It then assesses whether any elements are missing (e.g., a signature), whether necessary documentation has been omitted, or whether there is any doubt about the authenticity of the documentation.
Thanks to Artificial Intelligence and Machine Learning, TrustCloud AICR converts the extracted information into attributes with which to corroborate users’ identity credentials. From here, by applying the appropriate business rules, a very specific document profile is obtained that will define whether the customer has provided sufficient documentation to be able to access a certain product or service.
Document onboarding must rely on technology providers who greatly respect data confidentiality and have in-depth legislative knowledge. In addition, they must not lose sight of the different forms of fraud and know how to take advantage of the AI revolution.