The PVID Standard Aims to Reduce the Identity Theft Risk
Market regulators consider fighting identity theft one of their top priorities. So companies under regulation must offer a secure and trusted KYC process.
AML regulated companies (Anti-Money Laundering and Terrorism Financing) have to offer to their customers a sufficient level of security by using trusted service providers. The 5th AML Directive indicates that banks (as well as insurance and online gaming companies), should, as a new due digilence measure, use a PVID certified solution.
What is the PVID Standard??
The PVID standard defines the minimal requirements for a remote identity verification service equivalent to face-to-face: automatic and manual acquisition, verification of ID data, proof file constitution and identity verification verdict transmission.
How to achieve PVID Certification?
What are the technical and organizational requirements that providers must meet to become certified?
- Risks evaluation,
- Remote identity verification policy and practice,
- Data protection,
- Organization and governance of the service provider,
- Quality and level of service.
The ANSSI works in collaboration with the Ministry of the Interior to test the solutions’ capacities to resist various attacks (physical masks, deepfakes, fraudulent data injections, etc.).
A Secure Customer Onboarding thanks to PVID
PVID’s purpose? To certify remote services that guarantee face-to-face equivalent.
What PVID checks make up the customer journey?
The process is punctuated with two mandatory steps of remote identity verification:
- Automatic verification: the user takes a dynamic capture of his/her identity document (front and back). He/she then takes a biometric capture of his/her face. Finally, the service compares and cross-references the different data in real time.
- Hybrid verification: Fraud experts take over to complete the verification manually and ensure complete processing of the elements. Several procedures are carried out: checking the photo of the identity document and the signature, classification of the type of identity document, visual check, verification of the video authenticity, etc.
The level of assurance currently being certified for all providers is “substantial” (equivalent to physical face-to-face in terms of reliability). Eventually, ARIADNEXT wants to move to a “high” level of assurance (aimed at preventing any risk of identity theft or alteration).
How does PVID impact the customer journey?
The PVID framework standardizes procedures and establishes a minimum level of trust and security in remote ID verification services.
These requirements impact the customer journey with:
- A longer capture process: two captures are required, namely dynamic ID document capture and biometric capture.
- A less seamless journey, due to more stringent and standardized capture steps.
- A longer response time, due to manual check done by an operator after the automated verification.
How is ARIADNEXT offering a unique PVID experience?
Apart from the regulatory and security aspects, the challenge for ARIADNEXT is to support their clients by offering a simple and intuitive process via dynamic and biometric capture and avoid any journey dropout!
Users are guided through the ID verification process with clear messages: “center the document”, “bring the document closer”, “don’t move”, “be ready to film your face”, etc. The solution informs them simultaneously of the reason why they go through such steps: “We need to check that you are a real person”. Understanding the necessity of these steps, the user is reassured and is more involved, so the process runs more smoothly.
With the ARIADNEXT PVID service, users can capture their ID prior to dynamic capture.
This step offers 2 benefits:
1- the automatic classification of the ID using automated services, thus rejecting ineligible IDs during step one.
2- the personal data extraction from the ID chip – depending ID type and choice of device – thus avoiding video capture and its manual processing.
ARIADNEXT introduced artificial intelligence algorithms in its video capture to ensure, when necessary, that all expected visible security elements are captured. Indeed, this can prevent a KO verdict if visible security elements are missing, which would force the user to repeat the entire process.
Improve the final user experience
ARIADNEXT manual verification is carried out in Europe by its trained anti-fraud experts in its processing center based in Romania, and in compliance with RGPD requirements.
Even if processing time is longer in a PVID service, efforts are made to keep it reasonable. All analysis and capture tools developed by ARIADNEXT are optimized to deliver verdicts quickly and bring down the whole process to less than 6 minutes.
Providers who must comply with PVID requirements stand out in two ways: customer experience and processing time. With ARIADNEXT, users follow an intuitive path through the various stages of identity verification and get a response within 6 minutes maximum.