IDV experts ponder death and resurrection of document verification

Is document verification dead? The question hangs over a debate hosted by Peak IDV CEO, Steve Craig. Five industry experts are assembled to duke it out (verbally) over the vital signs of ID document verification. As the event begins, a theme emerges early: “document verification” may be a mature market, but it is not an interchangeable commodity. Strong differences exist between providers and their approaches, and the question of friction is not limited to user experience.

Dead or dying: Inverid, Veratad doom traditional IDV methods

Kicking off the debate, Wil Janssen, chief revenue officer for Inverid, offers a mournful confirmation to the guiding inquiry. “Yes, traditional document verification that thinks you can ‘see’ remotely” is dead,” he says. “If you think you can beat AI with AI, you’re wrong. The battle with AI is lost.” Fraudsters, he says, are simply better at collaborating than competing IDV firms. Video verification is also off the table, being already too easy to spoof.

Janssen is here to rep for NFC chips, which he believes provide the “right way” to keep so-called doc-v alive. Inverid’s approach to ID document verification employs biometrics through partnerships with other firms – it recently announced a collaboration with face biometrics and liveness detection firm iProov on the pre-registration app launched by Frontex to meet the requirements of Europe’s incoming Entry/Exit System (EES). But, says Janssen, “chipped passports that contain an individual’s digital identity are a sure bet. Deepfakes do not have chips inside of them. Use the chip to verify.”

Tom Canforatta, VP of product at Veratad, offers a rebuttal that isn’t much more optimistic: no, document verification is not dead – but it’s dying. “It’s still in huge demand,” Canforatta says “It’s the only totally global, ubiquitously accepted form of verification. If you need to verify the world, it’s the only viable option for you to deploy for a streamlined business process that can be standardized across all of your countries and markets.”

And yet, he says, the charges leveled against it are true: it’s ineffective, it does not catch fraud, it’s cumbersome, it’s a bad user experience, it needs to be layered with other solutions. “Document verification is not dead. It is on its way out as the preferred methodology for business in the world. And it’s going to be displaced at some point in the next 5-10 years, most likely by reusable IDs.”

Alive for now: AuthenticID, Socure, Trinsic say IDV needs layered security assist

Blair Cohen, president at AuthenticID, offers his retort with a pinch of incredulity. “Plastic is not going anywhere,” he says. “If you think you’re going to take that right of the consumer away from them, you’re out of your mind. You’re also out of your mind if you think you can’t, with a fair amount of robustness, look at a picture of an identity document and separate the good documents from the fake documents.” Cohen says that, with technology enabling 12-year-olds to whip up a fake identity document within minutes, protection against old fashioned document fraud is more important than ever.

Deepanker Saxena, head of document verification products at Socure, agrees that document verification is alive – but it can only stay that way with help, as models trained on biometric data get more sophisticated. “Fraud isn’t stopping,” he says. “The bad actors are constantly adapting, and it’s important that we are also adapting. Documents-and-selfies by itself is not the solution. It’s not enough. There’s a very dire need to have a multi-layered approach.”

For Riley Hughes, CEO of Trinsic, the question is a bit daft: “tens of millions of people a day photograph a plastic ID card or rub their chip-enabled passport on the back of their phone to try and verify themselves online,” he says (tossing a stray barb at the sort of chipped passport verification Inverid offers). Hughes says doc-v is still crucial as fraud escalates, “but the kind of doc-v that will get us out of this mess is not the kind that worked for the last decade. In an age of AI, companies need to accept digital ID documents as well as physical ID documents for ID verification.”

For Hughes, the solution is mobile driver’s licenses (mDL), which he sees as being as close to a silver bullet for identity document verification as currently exists.

Maturity, diversity, fragmentation: different words for the same thing?

As the event progresses, the speakers get pricklier in defending their preferred document verification methods. Each is convinced of the value and uniqueness of their offering. But they are united in facing an inconvenient truth: many see them as interchangeable, or at least have demonstrated a willingness to swap in one for another. Craig drops a question about whether or not document verification is now a commodity – which is to say, whether the process has substantial fungibility.

Everyone on the panel agrees that doc-v is not a commodity; there are too many different approaches and technologies. Blair insists that “there’s a bigger separation between providers now than ever before.” He notes variations in fraud detection capabilities, and in resilience against injection attacks, deepfakes and GenAI.

Saxena gestures toward a deeper communications problem in the digital ID sector: “a lot of the providers look the same.” Surely, a customer can only sift through so many ID puns and random vowels. What makes a firm stand out now is innovation: “How good are you against injection attacks? How good a user experience can you provide while making sure you have layered defense to stop a bad actor?”

Hughes picks up Saxena’s thread and tugs at it to unravel a bit of industry delusion: while methods for document verification are not interchangeable, “not only does it look like people do the same thing, but certainly this perception comes from everyone saying the same thing. The marketing is very similar.” Meanwhile, he says, what may appear as diversity is actually fragmentation.

For Janssen, the main issue is a lack of standards bodies to provide a baseline reference for the effectiveness of document verification methods. While biometrics have NIST, ISO/IEC and other standards bodies, “on the document side, there’s nothing.” Because of that, “it’s a very hard task for a customer to know who to choose for what case and the right level of security.”

And, as Canforatta notes, if results aren’t as advertised, customers may be quick to jump to the next provider promising the world.

F-word haunts user experience for document verification

Which is to say, there is work to do. The tech is robust and available, and has produced some remarkable advances; Saxender conjures the bygone image of a stack of paper documents waiting weeks to be verified and notes the huge gains in efficiency from digital IDV. And Cohen notes how remote digital identity document verification saved the economy during COVID lockdowns.

But there is confusion around who’s who in the IDV market, and how they all differ. And, says Cohen, there remain challenges on the user experience front, namely in what he refers to as “the F-word – friction.” Meanwhile, deepfake fraud leveraging algorithmic machine learning and generative AI continues to storm the fraud prevention barricades.

Regardless, it can be said that reports of the death of document verification are greatly exaggerated. Some have already buried it – but should expect it to rise from the grave in a brand new suit, finding new ways to fight fraud.

Article Topics

AuthenticID  |  document verification  |  identity verification  |  Inverid  |  Peak IDV  |  Socure  |  Trinsic  |  Veratad