Identity fraud prevention

What is identity fraud?

Identity fraud is when a fraudster gains access to an end-user's account. There are multiple ways in which a fraudster can gain access, such as through stolen credentials or phishing techniques.

Use case

You want to prevent identity fraud and provide your end-users with a secure way to onboard to new devices, whilst still offering an excellent user experience.

Diagram showing onboarding fraud prevention

How it works

Meet Jane, one of your active end-users who has activated MobileID in your mobile app.

1. An attacker downloads your app.
2. Jane gets a phone call from the attacker who pretends to be an employee at your company. They inform Jane that someone has gained access to her account. The attacker tells Jane that she needs to authenticate with an eID before they can help her stop this attack.
3. The attacker starts onboarding in your app with Jane's personal details. This triggers an eID authentication for Jane.
4. Jane authenticates with her eID, thinking it is to allow the bank to block the attacker. In reality, she is actually approving an onboarding to your app on the attacker's device.
5. The attacker sets up MobileID credentials with a PIN and biometrics.
6. The attacker is asked to perform a Face authentication, to confirm that it is Jane sitting in front of the device.
7. The authentication fails.

Fraud prevented!

The attacker is blocked and cannot access Jane's account in your mobile app.

Why face authentication instead of Face ID?

In some use cases, native biometrics such as Face ID will not work, and so server-side biometrics such as face authentication can be leveraged instead.

You can read about the differences between Face ID and face authentication in our Face authentication feature documentation.

What it looks like

For the attacker

The following diagram illustrates what it could look like to prevent fraud during onboarding with MobileID, from the perspective of the attacker.

Diagram showing app flow for onboarding fraud prevention from attacker's perspective

For your end-users

The following diagram illustrates what it could look like to protect against fraud during onboarding with MobileID, from the perspective of your end-users.

Diagram showing app flow for onboarding fraud prevention from end-user's perspective

Implementation

To protect against attackers getting access to your end-user's accounts, you can use our face authentication.

Face authentication is a method that performs the face matching and liveness check on the server side. This allows you to perform face authentications across devices to verify that it's the correct end-user in front of the new device.

Get access

Feature coming soon

Our Face authentication feature is coming soon. To get early access, you can contact us by creating a support ticket in the Signicat Dashboard.

Learn more

Try it out

You can explore how MobileID works in our demo portal

API reference

Have a look at the API reference for how to use MobileID