The government-issued photo ID verification space is a crowded field. There are many different firms tackling the problems of identity verification in different ways, and it can be very challenging to know how these companies differ. If you are attempting to select an identity verification vendor, how do you know which direction to go? How do you know which solution is the best for you?
There are many dimensions that are important to consider when evaluating different identity verification vendors that are going to have different levels of importance depending on your use case, your user base and your platform dynamics. For example, how important is it to ensure that good users who start your flow are able to complete your flow? How important is it for the data extracted from the ID to be accurate? How important is ease of integration? What types of fraud are most important to catch on your platform?
Knowing the answers to all of these questions (and more) is the critical first step of identifying a verification vendor. Below we’ll cover a number of the questions above and attempt to provide context on how different vendor types approach these challenges.
But before we dive into these questions, there are a few high level elements that should be discussed.
Across the identity verification industry, there are two broad approaches to solving the challenges on behalf of customers.
Companies that have response times higher than one minute typically fall into this category. An actual human is often on the other side of the screen validating, transcribing or comparing information. The benefit of having a human reviewing the verifications is that humans tend to be extremely versatile. They can catch fraud vectors often through intuition alone.
On the other hand, reviewers are susceptible to human problems. They have bias, unconscious or otherwise. They can get tired or otherwise lose focus. They can have perverse incentives depending on the structure of the system within which they work. Reviewers need to be hired, trained, evaluated and potentially fired. This can mean significant lead and ramp-up times to get up and running with a manual vendor. Furthermore, key decisions about what to accept and what to reject are left to individuals with potentially different values and training than your own internal standards.
Response times for these systems are typically between one and five minutes, but can be significantly longer if there is a large backlog of verifications.
The contrasting approach to manual review is fully automatic. For these vendors, automated systems are fully responsible for the decisions made. They are trained by data previously collected by the systems and because they are automated, they are consistent - identical data will yield an identical decision every time. The specific outcomes of a given verification will often be configurable based on signals extracted during the verification process.
While the systems are consistent, fully automated systems are often subject to training data bias. Depending on the system itself, the accuracy of the data extracted can be variable. Computers are hard to train to detect novel situations without supervision and it may be harder for a system to detect novel or one-off fraud vectors.
Response times for these systems are typically less than 30 seconds, but can be as low as 0-2 seconds.
For many companies, years of effort are expended in maximizing user conversion funnels. As the highest leverage investment of any company’s growth trajectory, percentage point improvements are critically important. If your growth metrics are of paramount importance, selecting a vendor who can maximize the number of “good” users who complete the verification flow successfully is a key dimension to evaluate vendors.
For a manual vendor with a pure backend integration process, the “conversion” may be high at face value, but once you consider the number of successful outcomes, the rate may drop dramatically. This is because in these cases, collection of images, extraction of data and validation of legitimacy are decoupled, so while the collection may have higher success, detecting unsuccessful verifications will typically only happen after the fact, and will necessitate a user returning to complete a process.
Automated vendors, on the other hand, should be able to automatically reject images that don’t meet the success criteria and prompt the user to try again. While the rate of users who complete the flow may be lower, the number of successful users should be higher.
Berbix has invested heavily in maximizing the success rate of users to maximize your conversion funnels. We understand the importance and investment into these funnels and have demonstrated our ability to be the highest converting verification flow available.
Some companies do not have a need for accurate data to be extracted from their verification flows. For example, if they are using it purely to check a compliance box but are otherwise uninterested in using the data for fraud mitigation or downstream purposes.
However, most companies care deeply about the accuracy of the data extracted. The fraud mitigation and downstream processes are just as important as checking the box, if not more important.
For vendors that rely solely on the optical character recognition (“OCR”) extracted from the ID, there are known limitations to the accuracy of such processes. Common situations, like focus or brightness challenges, can make OCR-based verification extremely challenging. Issues such as these will typically stymie human reviewers as well, so it is not purely a challenge for automated vendors.
Berbix ensures that it has high data accuracy through several different means. First, the system can coach users to provide images with the highest likelihood of successful extraction. Second, Berbix marries OCR extraction with machine readable component consumption, which often includes data integrity checks to ensure accurate extraction. Finally, when Berbix is unsure of the correct information, the user can be prompted to review or correct information that was incorrectly extracted.
For any vendor selection process, ease of integration should be one of the many important facets that are evaluated. Often, ease of integration is correlated with ease of ongoing maintenance and ease of operation.
For manual vendors, the integration process can be quite arduous. Because there is a step in your funnel with a variable time delay that can succeed or fail and necessitate a retry, you either need to consider letting the user continue in the onboarding process or to block them pending a result. If you let them continue, you need to be able to gracefully handle a failure and bring the user back, whether it’s asynchronously via email or in some other way. If you prompt them asynchronously, some percentage of users will never successfully try again, rendering potential users stuck in the beginning of your funnel, effectively leaving money on the table. This makes your integration path more cumbersome and challenging in the common case, requiring you to consider multiple potential states of a given verification.
On the other hand, if you block the user, then they may abandon out of frustration. Seconds turning into minutes with a creeping, false progress bar may cause them to leave and use a competitor or to simply forget what they were doing and fail to continue their activity. While this simplifies the integration, it comes at the expense of a significantly heavier user experience.
In either case, you’ll need to not only ensure that you have a functional webhook system to know when the processing has completed, you’ll also need to implement a separate polling mechanism in the event that the webhook fails for some unknown reason.
Automated vendors, on the other hand, should be able to function in a primarily synchronous manner. As soon as the user has completed the verification flow, a result is ready for your consumption and you should not have to wait for a webhook or poll for a result. Users should be able to proceed to the next step of whatever process immediately assuming a successful verification.
Berbix has prioritized ease of integration by having response times always under two seconds. This reduces the complexity of your integration substantially and minimizes the chance of user dropoff due to failed verifications, processing delays or bad user experience.
Many customers of identity verification platforms use those platforms for one or both of two purposes.
Oftentimes identity verification performs double duty by fulfilling both roles. And different providers have different strengths and weaknesses.
Manual systems have the advantage of dynamic reviewers who can learn new patterns from signals of one. If something doesn’t look quite right, a reviewer is likely to detect and reject those fraudulent behaviors, even if they’ve never seen something quite like it before. However, those reviewers may become fatigued or “zone out” after some period of reviewing verifications and miss obvious fraud signals. Your results may vary depending on the caliber of reviewer that happens to review your verifications. This may be less of a factor if you’re in the evaluation process, as there may be incentives to utilize the best reviewers to maximize likelihood of successful evaluation.
On the other hand, automated systems often struggle with signals of one. Machine learning models require some substantial training data to start to discern between different situations, particularly when those are less common situations. Automated systems do have the distinct advantage of being able to perform on-ID data validation to ensure accuracy or detect certain fraud patterns. A human cannot decode a barcode, and an information mismatch between data encoded in a barcode and printed on an ID would not be possible for a human to detect without technological assistance.
Ultimately, what is important is determining the types of fraud you expect to encounter, to understand the impact of that fraud and to perform a cost analysis on how that fraud impacts and creates risk for your business.
Berbix has invested significant resources into novel means of detecting fraud in a fully automated way, including training specialized machine learning models for the most frequent fraud patterns, but also through complex analysis of the data collected to distinguish legitimate from illegitimate identity documents. A two-pronged, fully-automated approach allows us to be versatile and comprehensive in our fraud detection capabilities.
While there is no simple answer to what is the right choice for any organization, ultimately a selection process should optimize for receiving the highest value with the lowest cost, where cost is defined not only as the number of dollars spent on a given solution, but also the cost of purchasing, the cost of integration, the cost of operation, the cost of lost business due to poor conversion and the cost of lost value due to missed fraud. This is a many-dimensional problem that is different from business to business.
Berbix strives to provide the optimal solution for the majority of businesses evaluating identity verification vendors today. By providing a high converting, highly accurate solution with low cost by leveraging technology in ways that weren’t possible 5 years ago, we have upended the value proposition of the traditional and up-and-coming identity verification market. If you’re ready to find out for yourself if Berbix is the right solution, come talk to us at berbix.com/contact.