Identity verification – the process of confirming that a person is who they say they are – helps prevent money laundering and terrorist financing. But businesses that aren’t directly linked to banking often feel the other pressure – the regulatory risks, with penalties exceeding $5 billion for KYC and anti-money laundering (AML) non-compliance.
The identity verification process isn’t one size fits all, with some providers choosing static data matching, others leaning into biometrics and even real-time transaction monitoring in play. But to select the right vendor for your business, and prevent identity fraud, you’ll need to compare the most relevant features for your organization.
At Trustpair, our business is built around automated account validation for clients, so we know a thing or two about the features you’ll need. Use this guide to compare both tech and providers to select the right digital identity verification system for your business.
Key Takeaways
- Non-compliance with KYC and AML regulations can result in penalties exceeding $5 billion, making identity verification a critical business priority even outside of banking
- The five most important features to evaluate in any identity verification solution are: document verification, liveness detection, verification speed, API integration options, and data storage controls
- For B2B businesses, identity verification goes beyond customer onboarding – supplier and vendor identity must also be continuously validated to prevent payment fraud
- No single provider fits every use case: always run parallel testing across shortlisted vendors during RFP, and revisit your requirements at least once a year as your business grows
Key Features To Evaluate In Identity Verification Solutions
Diving straight into the comparison, you’ll need to focus on some key features in order to effectively compare and make your decision. We’ve listed out some of the features that might matter the most to you:
- Document verification
- Liveness detection
- Verification process and speed
- Flexible integration and API options
- Data storage, retention and privacy controls (regulatory compliance)
Evaluating what you need from each feature isn’t easy, especially because it will depend on the priorities, size and complexity of your organization. However, we’re offering up an idea of some of the most important questions to ask for each category.
Document Verification
Document verification is an integral part of any ID verification solution because it checks whether the applicant is who they say they are. But the challenge often lies in validating this phase, because global languages, different document types and varying information found on each makes it a hard process to standardise.
When evaluating providers, we recommend that you intentionally take a sample of varied document types to verify OCR accuracy for key information fields. Ensure that whether it’s a US passport, British driving license or a more obscure document like a military ID, fields like name and date of birth are able to be extracted with the same coverage rate.
Another best practice in the comparison stage for providers is to require global document template coverage, ensuring that every country you operate in is able to be passed through the ID verification system.
Liveness Detection
Liveness detection verifies that the user is a real person, rather than a fraudulent attempt using AI or static imagery.
Your key focus for evaluating providers on this feature should be:
- Requiring both passive and active liveness options: passive liveness will simply ask for a photo, whereas active liveness is considered a stronger form of verification, because it could ask the user to smile or turn their head a certain way.
- Requesting certification evidence for anti-spoofing: firms can manipulate the way that their own tests are performed to sway the results in their favour. Rely on a third party independent testing accreditation to genuinely confirm anti-spoofing success.
- Testing deepfake resilience: with the advancements in AI, criminals can now impersonate individuals with very high accuracy, including voice spoofing and real-time likeness overlay. We recommend that you mock up a few of these synthetic identities to test out the software you’re evaluating.
Verification Process And Speed
Digital experience managers are juggling the pressures of the user experience. Managing high customer expectations with positive friction is leading to requirements for verification at near instantaneous speed – all without increasing the risk of error, a result that would compound negative sentiment.
As such, many choose latency as the lens to evaluate identity verifications through, asking: ‘just how real-time are real-time results?’.
During an RFP process at Trustpair, we’re typically measured by potential clients through average verification throughout. This is the rate that data can be securely transferred through the validation pipeline.
During this inspection, it can also be useful for teams to get a look behind the curtain. Mapping out the data’s journey helps find potential vulnerabilities that feed into risk assessments and countermeasures.
One underrated tip is to check counterfeit detection capabilities. It’s likely that the risk of fraud means a lot to you if ID verification is on your agenda, so most platforms should be able to detect counterfeits. But the gold standard is to perform this without surfacing a load of false positives. So we recommend that you directly ask for false positive rates during the RFP, and define the acceptable false rejection rate as part of the contracting phase.
Flexible Integration And API Options
The best integration method for working with a third party identity verification software will depend on the level of control you need.
| Features | Whitelabel | Widgets | API |
|---|---|---|---|
| General definition | The product is created by a manufacturer and rebranded by you so it appears as if the reseller made it. | A small software application that provides quick information or specific functions without needing to open a full app. | Complete deployment of external ID verification software through a digital connection, with your customers fully aware of the third party involvement. |
| Level of control | Full control over building and branding. | A happy medium in terms of control versus speed of deployment. | Little control over building and branding. |
| Speed of deployment | Long lead times accounting for customisation. | Their UX journey integrated into yours. | Very short lead times from contracting to onboarding. |
Most firms choose to use API as their deployment method for ID verification. If that’s you, here are some considerations:
- Does the provider offer thorough SDKs for web and mobile platforms?
- Does the provider offer a sandbox environment for testing, and sample code?
- Does the webhook and webhook retry behaviour meet your dev requirements?
Data Storage, Retention, And Privacy Controls: Regulatory Compliance
Arguably one of the most important comparison features is data storage, not least because some regulations mandate secure storage of identity documents and customer information. Without guaranteed alignment in this area, you could be operating without meeting compliance standards and therefore risk enforcement action – damaging your long-term reputation.
Here’s what to focus on when comparing data storage and privacy:
- Verify that encryption exists and is secure while data is both in transit and at rest
- Confirm that options are available for regional data residency, especially if you operate across multiple jurisdictions
- Request the provider’s data deletion and retention policies and compare these to your regional regulations, such as General Data Protection Regulation (GDPR), and state-level data security regulations like the California Consumer Privacy Act (CCPA)
With Know Your Customer and Know Your Business requirements also in place, firms must balance the need to collect and store this information with the ability to monitor it, accessing the data continuously to spot account takeover behaviour.
Customer Satisfaction And UX Considerations
As already mentioned, end user experience is one of the top factors to consider. After all, a poor experience in this area will lead to friction, customer drop-off and churn, each increasing customer acquisition costs.
We recommend:
- Testing the end-to-end user flow on mobile as if you’re a first-time user
- Collecting the pass-rate and abandonment metrics
- Surveying support responsiveness during trial – how helpful is the team when things go wrong?
Comparing Top Identity Verification Providers
So you’ve defined your comparison criteria – now it’s time to assemble a short list of the best identity verification providers.
We’ve collected the strengths and weaknesses of some of the top global providers to give you a good place to start:
Trustpair
Trustpair focuses on B2B identity verification as part of the payment fraud prevention process. Fraudsters have realised the significance of high-value invoice, acquisition and expense payments associated with business activity, and are choosing to target businesses because the payment process is much easier to exploit.
For example, with multiple users able to access the finances, it’s easier for a single payment to be overlooked.
The system works by verifying the identity of suppliers, checking the invoice and business information against hundreds of global data points. From bank databases to business blacklists, we verify this in real-time and automatically prevent outgoing payments where the information doesn’t match, protecting your account.
With a 100% record of payment fraud prevention, Trustpair is the best choice for protecting your vendor activity.
Trulioo
Trulioo is a KYC and AML platform that helps businesses to enter new markets with confidence. By verifying the identity of customers in unfamiliar jurisdictions, they’re helping businesses to confidently open up their sales through a single API.
Trulioo’s strengths relate to their global coverage, as it means that organizations won’t have to switch to another provider for their next expansion.
Jumio
Jumio is an AI-driven document and biometric ID verification platform that assesses transaction behaviour as part of their checks. This is helpful because it normalises spending patterns, flagging suspicious behaviour instantly to its users.
Supporting over 5,000 global ID types, Jumio would fit any business scaling into new territories. Because their internal identity graph already has tens of millions of people confirmed, they’re also a great option for enterprises that newly require identity verification services.
Entrust (Onfido)
Entrust, formerly Onfido, offers a number of different identity verification products through their suite of tools. The identity verification solution focuses on compliant account onboarding, with developer-friendly SDK capabilities.
Due to this focus, Entrust would best suit enterprise level customers in the finance and government industries that really require the heavy lifting of regulatory requirements built into any solution they choose.
Veriff
Veriff offers a hybrid blend of AI and human review as part of their identity verification solution, delivering customer onboarding at speed. This focus on low-friction means they’ve invested into their user experience flow, so Veriff is likely well-suited to ecommerce and marketplace account providers.
So in terms of high-risk verification flows, Veriff’s pricing model only takes payment for actual verification sessions. This gives users room for retry attempts without impacting an organization’s bottom line.
Ondato
Ondato combines KYC and AML compliance with its identity verification solution, boasting 99.8% accuracy. It uses 15,000 sources to compare account data and, like Trustpair, covers information from over 190 regions.
Ondato’s reusable KYC profile for under 18s is an interesting feature as it uses AI to estimate a user’s age based on their photo. This grants access to specific services with a pin number, and can be re-used to re-verify after the set time has expired.
| Company | Strengths | Best for… |
|---|---|---|
| Trustpair | B2B vendor verification to prevent payment fraud with 100% success record | Enterprise level businesses making high-value payments consistently to suppliers |
| Trulioo | KYC and AML platform with global compliance coverage | Companies entering a new market for the first time |
| Jumio | Includes AI-driven biometrics and transactions for live verification | Businesses in financial industries with access to transaction data |
| Entrust (Onfido) | Developer-friendly SDK tooling | Highly regulated industries such as finance or government |
| Veriff | Blend of AI and manual review is great for gaining efficiency benefits while still including human-in-the-loop | E-commerce and marketplace accounts |
| Ondato | Highly accurate at 99.8% across truly global coverage | Age-capped accounts that include permissions which change with time |
Conclusion: Choosing The Best Identity Verification Solution For Your Business
Modern identity verification platforms provide automated identity verification so that you can onboard customers, vendors and third parties at scale. Whether you believe in comparing driver’s licenses with human oversight or want to mitigate risk through AI-powered biometric verification, we hope the key factors we’ve compared point you in the direction of the most suitable software provider.
Once your must-have features are selected, we advise running your tests in parallel with all of the providers who make it through to RFP. As you map your needs to vendor capabilities, remember that they may change as your business grows, so revising your priorities at least once per year is highly recommended.
If you’re ready to verify identities with Trustpair, we’d love to hear from you. You can get in touch to book a demo with the team here.
