# About Identity Proofing

Digital onboarding offers challenges that face to face onboarding does not. Companies need to remotely ensure who their customer is and detect potential risks for diminishing the chance of being used for illegal activities.

Signicat's own Identity Proofing solution, Assure, drastically simplifies the onboarding process in many industries like banking and finance. The Signicat Assure API (opens new window) integrates with multiple identification services to verify the identity of your customers. This can be both eIDV and eID services in combination (see the below use case example for more details). When choosing which identification services to use for identity assurance, you must consider multiple factors such as the required level of assurance, user experience, the nationality of end-users, etc. This is typically dictated by the geographic markets that the company operates in and is often subject to local regulatory requirements.

# Use case example: Onboarding a new customer

This page is useful if you need more basic information about the usage context for identity proofing.

Picture a potential customer, let’s call her Claire, who wants to open a new online bank account. The bank might want to take several different steps to ensure that it is indeed Claire who is opening this account. The following is just one of many possible workflows.

# End-user perspective

  1. Claire enters the bank’s online website and selects “Become a customer”.
  2. The bank asks Claire to provide some basic information about herself, such as her full name, date of birth and address.
  3. The bank asks Claire to identify herself with an ID method, e.g. the Dutch iDIN.
  4. The bank asks Claire to identify herself using her passport and take a selfie.
  5. The identity proofing is finished and Claire can continue as a new customer of the bank.

Process options click-to-zoom

# Bank's perspective

  1. A new user, Claire, wants to become a customer in the bank.

  2. The bank initially collects information from Claire in a form on the website, among the information her full name, date of birth and address.

  3. Based on the type of customer relationship, risk profile and regulatory requirements the bank decides on the necessary steps in the customer due diligence process.

  4. Now the bank calls Assure API to create a dossier, which is a container for all information needed to perform the identity proofing.

  5. The bank submits relevant information about Claire as user data to Claire’s dossier in the Assure API.

  6. Since Claire is a citizen of the Netherlands, the bank uses iDIN as eID scheme. This constitutes a strong identity proofing method in the Netherlands. The bank creates an iDIN process within Assure API, which stores the results of the iDIN transaction in Claire’s dossier.

  7. Because of local regulations, iDIN in itself is not sufficient to meet the requirements. The bank, therefore, asks Claire to use her passport to further prove her identity. The bank creates a process using one of the available eIDV services. The result of the method returns the information from the identity document and the result of the face match and liveness detection to Claire’s dossier.

  8. The bank now has sufficient information about Claire and now must perform corroboration on the captured data. The bank uses Assure APIs corroboration functionality, e.g. matching (opens new window) to compare the information stored in the user data with the data from the iDIN and eIDV processes. The bank parses the responses and based on internal business logic, the bank’s risk engine decides that it can continue the business process and make Claire a customer of the bank.

  9. The necessary identity information is used to establish an identity in the bank’s identity store and the relevant proof is extracted from the Assure API. The bank then sends a delete request to permanently delete all of Claire's PII data from Signicat's platform.

Last updated: 08/09/2023 10:49 UTC