Frequently asked questions about the Keesing AuthentiScan Web API
How does the Authentiscan Web API Work?
The diagram below provides an overview of how Authentiscan Web API works.
How does the system distinguish real documents from fake ones?
The Authentiscan Web API solution makes use of a template database trained on real documents, that allows it to identify fake documents from the real ones. This is done by:
- checking a range of security features (holograms and other optical security features, biometrical features, background pattern matching)
- checking the MRZ code: comparing data in the MRZ code to the corresponding Visual Inspection Zone data and verifying MRZ checksums
- matching the selfie to the photo in the ID document
The system is also optimised to detect and reject submissions of a copy of a document (a printed copy or a copy as photographed from a screen). Please note, that the SDK needs to be integrated to ensure this functionality.
What is a liveness check and why is it important?
A liveness check is performed to ensure that the person submitting the ID document and selfie images is genuinely present during the transaction. They are first required to perform a certain movement (blink, smile, showing their teeth), the SDK recognises this required movement and can thus confirm that the person is truly present. The check will only be passed successfully when the required movements are performed, random movement would not generate a positive check result.
Can this solution help with form-filling?
Yes! When the document is checked for validity, we can extract data from it and pass it on to you along with the check results. We extract data from the fields found in the document which will typically include name, surname, date of birth, document validity period and nationality.
What documents are covered by the AuthentiScan Web API? And what if the document I am interested in is not covered?
Our template database covers passports, ID cards, driver licenses and other government-issued forms of ID documents, this number will continue to grow. In the meantime, our ID Helpdesk is ready to step in where automation is yet to catch up and are able to provide feedback on documents from over 200 countries and organisations. Contact our Sales Team to get the full list of documents covered.
We are continuously improving our system and expanding the coverage of the template engine. If the document is not yet covered in our list, please contact us for a more detailed discussion on how we could get it into the database asap.
Where can I find the documentation for Authentiscan Web API?
You can find all the documentation on our Web API and SDK in Github:
Do I need to integrate the SDK into my front end?
Using the Web API without the SDK is possible, but it is not recommended. There are several reasons for this:
- The SDK performs the Liveness check, the absence of which decreases the level of security of the check
- The SDK ensures that the document images are captured in sufficient quality to be accepted by AuthentiScan for an automatic check
- The SDK guides the customers on capture of images, making it a quick and smooth journey (which is one of the key challenges faced when digitally onboarding customers).
Our Beta is optimised for the API being used with the SDK, so we strongly recommend customers to implement both. However, should the customer prefer to implement Web API only, it is possible. Our Web API documentation contains all the required information on this mode of implementation as well.
Customers who prefer not to implement the SDK but would like to use the on-server liveness check, would need to take the following provisions into account
- You would need to capture and submit a short video (usually recorded in the users’ phone) with a maximum of 3 seconds with a person blinking at least one time. The liveness check on the server side detects the blinking and compares a selfie against a frame of the video.
- There are NO measures in place to ensure that the selfie and the video have been made at the same time as the document capture. The customer needs to ensure this is checked during the process of image capture.
How is customer data processed and stored?
Keesing makes it a priority to follow the strict data security standards. We are fully GDPR compliant and operate on the principle that our customers are in control of their data. During the customer set up process, you can specify how long you want the information to be kept in our system. These preferences typically depend on the customer’s own data policies, choice to use the Keesing ID Helpdesk and customer data storage needs. The customer can also change their preferences at any time by informing Keesing of the desired changes.
I previously used Keesing AuthentiScan APP, how is the Authentiscan Web API solution different?
The Authentiscan APP was developed to facilitate the intake process where the customer’s employee would validate documents during a face-to-face onboarding. The Authentiscan Web API solution is supporting the ID verification for remote digital onboarding: the users are guided through capturing images of their document, making a selfie and liveness check. There is no need for a trained person from the customer’s side to help them capture the data.
From the functionality perspective there are 3 key differences:
- The Web API consists of the SDK that can be integrated into the front end or APP to guide the users through the data capturing process. This makes it easy to add the ID document verification process into any existing workflow.
- The Web API is using a different method of integration: all the check results are passed on to your back end via the API. Results are passed on to you as a PDF report and as a JSON file (easier to digest into existing internal systems)
- The Web API offers much more detailed results, which are available with the JSON file (results of all checks and scores)
Can Authentiscan Web API help me comply with AML5 Directive?
Keesing Authentiscan solutions are aimed at helping customers comply with the increasingly strict AML procedures. Keesing Authentiscan Web API allows you to verify identity of the customer through performing the following checks:
- Confirm the validity of the presented ID document (our system would identify and alert you to any suspicious documents)
- Confirm the match of the customer to the ID document (selfie to ID photo comparison)
- Confirm the ID holder is present during the submission of the document (liveness check)
Please note, for the Web API solution that we discussed earlier, at the moment does not have the PEP / Sanctions list functionality enabled, but we hope to enable it in the future (it is on our roadmap).
What does the Keesing ID Helpdesk do?
The automated checks, relying on a document template database, are the key part of our system. However, in a minority of cases the machine is just not capable of arriving to a final conclusion. Our team of highly-skill document experts deals with such cases: they examine the submitted document closely by checking the document security features to verify its authenticity.
If the customer opts in for this service, documents that were not assigned a final status by the system are reviewed by the Helpdesk team and then given the final status.
How long does a check take?
How much time it takes to do the check depends on the ID document. In the majority of cases the ID document would be validated by the automated system, so the result would be available within seconds. However, if the ID document requires attention of the Document Helpdesk, the result will take longer. We aim to respond within 15 minutes of submission during the working hours (8am-6pm CET, Mo-Fri).
What type of apps does the SDK Support?
The SDK supports native apps only (available on Android, iOS and Web). Currently we do not support hybrid apps.
What are the time and access limits for the document check results?
Below is the outline of the verification process highlighting the access restrictions and timeline limits for getting the verification results:
- Data is collected by with the SDK, passed on to Keesing via the Web API
- Verification is processed, results are ready for collection (PDF report + JSON File)
- Keesing send the Customer a notification that the results are ready with the URL to get the results
- Customer receives the notification => Customer’s system pulls the results from the URL stated in the notificatio
- Once Keesing knows you received the notification, we wait for 5 minutes (which should be enough for the Customer to retrieve the data), then deactivate the URL and delete the data
- The Customer can access the URL only 5 times per minute. So in the 5 minutes it exists, the customer can access it a maximum of 25 times. The Customer ONLY needs to access it once to get the results, however we understand that there can be situations where the process to retrieve data fails. To address that a limited number of repeated attempts to download the data is allowed.
- Please note that the limit is per URL, so if a 100 documents were submitted in the same minute, the Customer can retrieve the results for all of them at the same time (as each result has its unique URL)
- Please note, Keesing do NOT monitor if the Customer has pulled the data successfully. After 5 minutes of Customer receiving it, the link becomes inactive
- If the notification was sent, but not received, we send it again. The reports are queued until the notification is received successfully
Please note that the system is completely scalable, so the number of uploads does not affect the speed of the solution’s performance.
Contact usSales & Consultancy Department +31 (0)20 7157 825
To find out what our solutions can do for your organisation and for further information, please feel free to contact our team of Sales Consultants.