Verification checks

To prove the identity of your customers, Mosaic performs various checks that depend on the verification flow your app implements. Once a verification process is completed, the verification result will include a recommendation on how to proceed. For example, the diagram below represents the checks performed during the document verification process.

Document check

Verifying a government-issued identity document is used to establish the real-world identity of the user. It consists of:

  1. Document validation
  2. Document classification
  3. Document authentication
  4. Document liveliness

Document validation

The process begins by scanning a government-issued identity document, such as a driver's license or passport. Using their mobile device, the user takes a picture of the front and back of the document. These images are analyzed in real-time to check for potential issues that may cause them to be rejected and the user is instructed on what to do next. For example, the user is notified if:

  • image is blurry
  • document isn't supported
  • document wasn't captured
  • image is too dark
  • info is missing or isn't visible
  • glare is detected

Document classification

Once scanned, documents are automatically classified. We support over 10,000 documents worldwide (see Full Global Coverage). If a scanned document wasn't classified, the end user has to resubmit a request.

For example, documents are classified by:

  • country
  • type (Driver License, Passport, National ID, etc.)
  • document template

Mosaic allows restricting documents that match specific criteria, for example, US membership cards. Based on your requirements, you can enable several criteria for the same application, allowing for a tailored and efficient document management process. Each criterion comes with a customizable message that is presented to the end user and instructs them on how to proceed with verification, for example, upload additional documents.

Document authentication

The authenticity of the document is validated to make sure it hasn't been altered or forged. This is done by checking:

  • security features, such as holograms and laser engravings
  • portrait photo issues or inconsistencies
  • cross-references of personal and document data throughout the document
  • mismatches between the template used and the issue date
  • correctly formatted dates (e.g., MM/DD/YYYY vs DD/MM/YYYY)
  • correct fonts, including non-generic ones that can't easily be matched
  • check digits or checksums in the machine-readable data (MRZ lines)

Document liveliness

The document photo is analyzed to validate that it's taken from a physical document. For example, liveness detection is used to detect:

  • printed photos
  • video replays
  • document copies

Selfie & liveness check

In face authentication scenarios, a selfie check is used to ensure that the user indeed interacts with the app and is who they claim they are. In the document verification flows, a selfie check acts as a second layer of verification—if the uploaded document proves to be authentic, a check will ensure that it wasn't stolen. The selfie check consists of:

  1. Face liveness
  2. Face matching

Face liveness

Before a selfie of the user is matched to the photo ID in the document or the reference image, the selfie is analyzed to validate that it's indeed a live person. For example, liveness detection is used to detect:

  • printed photos
  • video replays
  • high-end silicone masks
  • photos on screen
  • face cutouts
  • realistic mannequins

Face matching

To complete the selfie check, the user's selfie must match the photo ID in the document or the reference image. Our face comparison technology was trained on the massive data set and has been proven reliable, taking into account factors like:

  • age-match accuracy
  • race
  • gender
  • black & white vs color photos

Flagged identity check

To complete this check, Mosaic verifies if the user's selfie biometrically matches any of the flagged identities. The flagged identity check consists of:

  1. Multi-session detection
  2. Face blocklist check

Multi-session detection

Once the documents and selfie are uploaded, Mosaic performs the multi-session detection check by comparing submitted data against the past verifications. The primary purpose of this check is to detect anomalies, inconsistencies, or potential fraud by leveraging historical session data where at least one of the key data elements is repeated during these sessions.

This check helps uncover sophisticated fraud schemes that involve reusing biometrics or credentials, for example, the synthetic identity fraud—the type of fraud when a person creates multiple fake accounts by manipulating personal data on the documents while reusing their real face.

Face blocklist

Mosaic automatically checks if the selfie collected during the verification process matches any individual in the face blocklist—a curated gallery of known fraudsters that you've blocked in the past or whose images you've uploaded proactively. Mosaic denies any verification attempts from blocked identities.

Fraud detection

Mosaic Detection and Response services adds an additional layer of fraud prevention to the verification process. In addition to the verification checks, risk and trust are continuously assessed throughout the process. For each user interaction, telemetry data is streamed to the platform. Machine learning models and heuristics are applied to this data to detect risk signals, such as bots, spoofed devices, behavioral anomalies, malicious networks, and more, and issue risk-based recommendations.