To provide our Identity Services, we collect certain information about you, our clients’ users. The exact information needed depends on the Identity Services being provided on behalf of our client. Where possible, we pseudonymize, de-identify and/or aggregate data, to protect users’ privacy and minimize security risks. Pseudonymized data is where we replace, transform or remove information so that it no longer identifies an user without additional information.
Onfido’s document checks verify documents from across the globe by analyzing an image or video of the document. Our system then extracts the information from the image or, if possible, from the security chip embedded in the document. Our models analyze the document which may include machine-readable zones, barcodes, QR codes, and security chips to verify the document is genuine and detect fraud.
Information collected: personal information extracted from your document, for example name, document number, date of birth, nationality, type of document, issuing country, expiration date, information embedded in barcodes, QR codes, security chips and features (which will vary depending on the type of document), and the image metadata associated with the image or video of the document.
Important: If you are a user living in the Netherlands, please be advised that Onfido may automatically mask your BSN number on your ID in our back-end systems when required under Dutch law, and particularly the Dutch Prevention of Money Laundering and Terrorist Financing Act.
Facial Biometric Checks and Authentication
When providing biometric checks as part of our Identity Services, we’ll ask for a picture or video of a user’s face as well as the image or video of their identity document. By extracting and comparing numerical biometric data from facial scan data, Onfido assesses whether the person in the photo or video is likely to be the same person pictured in the identity document. We will also look for signs of fraud, for example, someone wearing a mask to impersonate another person or to conceal their own real identity, or by comparing the user with information about compromised identities that have been leaked or otherwise made publicly available. Except as described in this Policy, when performing biometric checks we do not store the extracted biometric data once the check is complete.
Where a client has asked us to provide our authentication service, we maintain a facial image for each of our client’s users. This image is updated and improved with each authentication attempt within retention periods set by our clients and subject to any maximum retention periods specified in applicable laws. When authenticating a user, we will compare an image of the user with the image we have stored. If the two images match, the authentication is confirmed and the stored image is updated.
Information collected: images, videos and sound recordings of you and your identity document and the image metadata and biometric data, including facial scan data and numerical biometric data, extracted from such images and videos.
Onfido provides clients with data verification checks via a network of trusted Data Providers and our own internal checks. These checks enable clients to verify their users, detect fraud and comply with anti money laundering (AML) and Know Your Client (KYC) requirements. We do this by comparing personal information provided by the client or the user with information held by Data Providers or information extracted from documents, e.g. a utility bill for proof of address checks. Our global network of data verification services varies depending on a user's location and includes voter and driving license registers, Social Security Administration and other government databases, police databases, consumer credit agencies, sanctions and Politically Exposed Persons (PEP) lists, adverse media sources, utility companies, mobile network providers and other trusted commercial sources.
At the request of a client, these services may be provided on an ongoing basis, for example where a client’s regulatory obligations require ongoing monitoring against sanction and PEP lists.
Information collected: the information collected will vary depending on the availability of checks in your location and the Identity Services selected by Onfido’s clients. It may include contact details such as postal address, email address, telephone number, social security number or other national identity number, information extracted from a utility bill you upload or other information provided by the Data Provider e.g. your mobile network operator, publicly available information from media searches, sanctions and PEP lists.
Fraud checks, including device integrity and fraud signals
Onfido leverages a number of different fraud detection capabilities. Some of which depend on the scope of the Identity Services selected by Onfido’s clients, other fraud checks are applied across all of the above services. For example, Onfido will analyze the metadata associated with the image or video of the document and user (such as whether any editing software can be detected) to assess the likelihood that the user is genuine.
When using data to detect fraud, including when we develop and improve these services, we will seek to minimize personal information and protect users’ privacy by pseudonymizing, de-identifying and aggregating where possible.
Onfido can help clients to determine whether a device, email address or phone number has previously been used in relation to suspected fraudulent activity, shows unusual usage patterns, has been manipulated or otherwise indicates that the user may not be genuine. At a client’s request, Onfido and our Data Providers may collect ‘passive signals’ from the client (for example mobile number or email address) or a user’s device as they engage with the client’s website or app or Onfido’s Identity Services. Such information may include device identifiers, IP address, information about the device (for example the operating system used, whether the device is providing false randomized device and network information or has otherwise been compromised) and how the user interacts with it. Together this information helps Onfido and our Data Providers assess the likelihood of you being a genuine user, assign a risk score and infer certain information such as your broad geographical location from your IP address.
In some cases, we may also further check whether we have previously verified a user on behalf of a specific client by comparing the information submitted as part of one of the above checks (including biometric checks) to a pseudonymized or de-identified version of information we have previously verified for that client. This helps our client not only verify users’ identities but further protects them and their users from fraud by helping clients understand when a user may be generating multiple identities, editing and tampering with documents or manipulating device or network information.
Information collected: the information collected will vary depending on the availability of checks in your location and the Identity Services selected by Onfido’s clients. It may include mobile number, email address, IP address, device details including device identifiers and other information about your device and how you are interacting with our Identity Services (for example we may collect information about the upload time, which version of our software was used, the camera name and model used to capture any images and whether there are any indicators that the device has been tampered with or emulated). We may also analyze how you are interacting with your device to assess the likelihood of you being a genuine user and who you say you are, for example fraudsters will cut and paste large volumes of information from their clipboard, use this functionality multiple times and otherwise navigate between applications on their device very differently from a genuine user. Onfido and our Data Providers may also use such information to infer other information about you, for example your broad geographical location from your IP address, or to calculate an identity risk score to assist clients in determining whether you are a genuine user.
Other Information we may Collect
To enable Onfido and our clients to comply with global sanctions and the increasing number of biometric and privacy laws that apply to our Identity Services, we may collect your broad geographic location (e.g. country or city-level location), either directly from you or the client or by approximating this based on your device’s IP address. This enables us to provide a localized service and collect any necessary biometric consents where required to meet our legal obligations. Where Onfido is processing this information to comply with its legal obligation (as opposed to our clients’) we do so as a data controller for the purpose of our legitimate interests in complying with applicable laws. We balance such interests with the rights and freedoms of end users, by only processing location data to a city level.
We also keep logs of how our clients, users, and Data Providers interact with our Identity Services for complying with Onfido’s and our clients’ legal and regulatory obligations, to monitor the security and performance of and to improve the Identity Services. This might include timestamps of when the information was submitted to Onfido, the method used to upload information and information about the device used to submit that information. We will pseudonymize, aggregate and/or de-identify information for statistical analysis and business insight reporting.