# Onboarding fraud prevention
# What is onboarding Fraud?
A common threat in today's digital world is fraud during the onboarding process. In this type of fraud, attackers attempt to gain access to your end-user's accounts by tricking them into giving away their onboarding credentials. This is often referred to as phishing.
# Use case
You want to prevent onboarding fraud and provide your end-users with a secure way to onboard to new devices, whilst still offering an excellent user experience.
# How it works
Meet Jane, one of your active end-users who has activated MobileID in your mobile app.
- An attacker downloads your app.
- Jane gets a phone call from the attacker who pretends to be an employee at your company. They inform Jane that someone has gained access to her account. The attacker tells Jane that she needs to authenticate with an eID before they can help her stop this attack.
- The attacker starts onboarding in your app with Jane's personal details. This triggers an eID authentication for Jane.
- Jane authenticates with her eID, thinking it is to allow the bank to block the attacker. In reality, she is actually approving an onboarding to your app on the attacker's device.
- The attacker sets up MobileID credentials with a PIN code and biometrics.
- The attacker is asked to perform a Face Authentication, to confirm that it is Jane sitting in front of the device.
- The authentication fails.
The attacker is blocked and cannot access Jane's account in your mobile app.
Why Face Authentication instead of Face ID?
In some use cases, native biometrics such as Face ID will not work, and so server-side biometrics such as Face Authentication can be leveraged instead.
You can read about the differences between Face ID and Face Authentication in our feature documentation.
# What it looks like
# For the attacker
The following diagram illustrates what it could look like to prevent fraud during onboarding with MobileID, from the perspective of the attacker.
# For your end-users
The following diagram illustrates what it could look like to protect against fraud during onboarding with MobileID, from the perspective of your end-users.
To protect against attackers getting access to your end-user's accounts, you can use our Face Authentication.
Face Authentication is a method that performs the face matching and liveness check on the server side. This allows you to perform Face Authentications across devices to verify that it's the correct end-user in front of the new device.
# Get access
Feature coming soon