Identity verification
Your users will be asked to scan a photo ID document and take a selfie (optional) using the camera on their device.
The users ID can be analysed to make sure it’s genuine and the document photo is matched to the selfie.
This is a document scan for the purpose of an age verification only.
ID document checks may not complete by the time the user is returned. Please refer to the results page for proper handling, or consider enabling the synchronous_checks flag.
Good for:
- High assurance
- Global coverage
Yoti will extract the information from the ID document and calculate if you are meet the age requirement using the date of birth. If the image the user has provided is not clear we will ask the user to retry in session.
You can receive either:
- Age in years
- ‘OVER’ or ‘UNDER’ the age requirement
For extra security, you may also ask the user to take a selfie using the camera on their device. This is to make sure the ID document belongs to the same user and is how we stop fraudsters from impersonating users. Multiple images will be captured and the clearest image will be analysed using face matching technology. This will create a biometric template of the users face, which will be compared to the photo on the ID document.
We store any data captured, such as the ID document and selfie, in our UK data centre. Once the session has been completed, we delete all personal information. If the session is left incomplete then we will delete the data after 25 hours after session expiry, whichever is sooner. We do not use the data for any other purpose.
If you wish to enable the Identity verification service as an option to perform an age verification service. This solution may take longer to verify your users.
{ "type": "OVER", "doc_scan": { "allowed": true, "threshold": 18, "authenticity": "AUTO", "level": "PASSIVE", "preset_issuing_country": "GBR" }, "ttl": 900, "reference_id": "over_18_example", "callback": { "auto": true, "url": "https://www.yoti.com" }, "notification_url": "https://yourdomain.example/webhook", "cancel_url": "https://www.yoti.com", "synchronous_checks": true}| Parameter | Types | Description |
|---|---|---|
| allowed | true / false | Enable the verification method to be available for the user to use. |
| threshold | Integer e.g. 30 | Age threshold for under/over age limits. We recommend this to be the exact age of the threshold you want to cover. |
| authenticity | OFF / AUTO | Verification of the ID Document authenticity. |
| level | NONE / PASSIVE | The level of anti-spoofing for each age verification method. PASSIVE enables a passive liveness test and face match for IDV. |
| preset_issuing_country | Three letter country code e.g GBR | Determines the preset issuing country for the document selection. |
| synchronous_checks | true / false | If set to true, ensures that all methods have a result ready before the user is redirected to the callback URL. Authenticity must be set to 'AUTO'. Default is false, this primarily affects document checks and credit card checks as these are async. |
| disable_mobile_hand_off | true / false | Launching the document scan flow will encourage the user to continue on a mobile device (if browsing on desktop), this is to aid higher quality image captures. The handover is managed through a QR code. Set this flag to true to disable the QR handover. Set this flag to false to enable it. |
Authenticity explained
There are three types of authenticity options that can be performed on the document.
Off checks
Once the document is uploaded Yoti will attempt to extract the date of birth.
Auto checks
Once the document is uploaded Yoti will attempt to extract the date of birth and perform automated checks on the document:
| Sub check | Description |
|---|---|
| document_in_date | If a valid expiration date is present on the document. |
| fraud_list_check | Yoti will check a fraudulent document database for a match. |
| ocr_barcode_comparison | This check is performed if fields extracted using OCR from the VIZ (visual inspection zone) of the document and fields extracted from the barcode of a same document both have the mandatory fields populated with values. |
| doc_number_validation | When there is a driving licence where text extraction has been successful (auto or manual) Yoti will attempt to validate the document number. This check will only be returned for UK Driving licences and Canadian licences (Ontario, Newfoundland and Quebec). |
| physical_document_captured | This sub check is to verify that the original document was used, and that the presented document isn't shown on screen, or presented as a photocopy. This sub check will result in an overall Document Authenticity rejection if the document is submitted through the live camera and the sub-check is marked as fail. It will not cause a rejection if the capture method is upload. |
| mrz_validation | Validates that the MRZ of the document is in the expected format. |
| ocr_mrz_comparison | Comparison between the visual inspection zone of the document and the MRZ. This check would commonly be performed for Passports, but can be run on other documents that have an MRZ. |
| issuing_authority | This sub-check checks the document information against the Issuing Authorities records. Only triggers if the requested check is enabled, with a document that supports the check. |
| age_estimation_dob_comparison | This sub-check performs an Age estimation on the captured selfie, comparing it to the ID document date of birth. |
| yoti_fraud_list_check | Checks against Yoti's fraud watchlist for a match on the ID document. This sub-check will always be performed, is returned as PASS when no match is found, or FAIL when there is a match. For cases where a possible match is found, the session will be sent for additional manual checks to determine the final check outcome |
| document_recognition | Returns whether the Identity document matches a known template. Acts as a flag for multi side documents (such as ID cards or DLs) where templates may differ between the front and back, indicating a different document was used for each side |
| portrait_integrity | Automated check to inspect for document ID portrait tampering |
| chip_parse | If chip data is present |
| chip_sod_parse | If Security Object document is present |
| chip_data_integrity | Checks the data integrity on the chip |
| chip_digital_signature_verification | Verifies the digital signature and trust chain |
| chip_csca_trusted | Checks if the Country Signing Certification Authority (CSCA) Certificate is trusted |