Today, we announce the release of 4 new significant features:

• Environmental Risk - ThreatMetrix enhancements
• Government Issued ID Verification - AuthenticID enhancements
• Desktop to Mobile Service for Gov-ID Image Collection & Verification
• Enhancements to Verify API - OTP, Gov-ID support

Environmental Risk - ThreatMetrix enhancements

A significant improvement is being introduced for ThreatMetrix today. This includes the following:

Acquired Attributes

Acquired attributes for tmx are environmental variables that are detected when the code runs in the user's browser. Items like IP, device, etc are sometimes more accurate than what is seen by the web server, and harder to spoof. The AXN detects these attributes and adds them to the endpoint information.

True IP

True IP is different from the server IP because it is the IP detected when the code runs in the users browser, rather than whatever the user's device chooses to tell the server. This should be the true IP actually being used by the machine. It may or may not match the user's given IP.

True IP Geo Country Code

This is the alpha-2 country code from the True IP detected.

Platform / agent type (will be either browser_computer or browser_mobile)

Platform is the detected type of device that the user is browsing from. This will be more accurate than standard device checks.

Fuzzy device id (also called smart id in some tmx docs)

The ThreatMetrix device ID that relies on the unique fingerprint of the device. Rather than using tokens/cookies to identify a computer “Smart ID” takes advantage of the many attributes of a device that ThreatMetrix collects to assign an independent device ID to a particular device. This technique allows ThreatMetrix to dentify the device even if the cookies/persistent objects have been deleted, or if a user has invoked “Private Browsing Mode” now available on all web browsers. Fuzzy ID also allows ThreatMetrix to re-identify devices even if they have been intentionally altered by a cybercriminal or if they are suppressing cookies or flash.

Fuzzy device id confidence

The probability of this being the same device. This attribute ranges from 0 to 100%.

Digital id

Probabilistic matching approach is used to match each event to a Digital ID. Depending on the entities involved in the event, there could be more than one Digital ID that could be a potential match. The best match is returned using a proprietary matching algorithm.

Digital id confidence

The confidence score returned signifies the level of confidence that the event appears to be matching the behavior from the returned Digital ID. Confidence scores raw values range from 0 to 10000.
A value below 25% (i.e 2500) should be interpreted as very low confidence.
A value about 70% (7000) generally indicates high confidence.

Personas

Personas are a system of detecting consistent combinations of attributes. For example, a 3-month Name and Address persona would exist when a user had passed in the same name and address combination at least three times over a 3 month period.

Neat persona age

This means that Name, Email, Address, Telephone were seen with this credential at least 3 times over this timeframe.
Values: 0 (not seen), 1 (month), 2 (months), 3 (months)

ExactID IP persona

This means that the exact ID (a very restrictive device id) was seen at this IP at least 3 times over this time frame
Values: 0 (not seen), 1 (month), 2 (months), 3 (months)

SmartID Browserstring persona

This means that this smartID (flexible device) was seen with this browser and browser hash at least 3 times over this time period
Values: 0 (not seen), 1 (month), 2 (months), 3 (months)

Assertions

Assertions in tmx are certain conditions that return a pass/fail. A pass means the condition was met, a fail means that TMX detected that the condition was not met. If an attribute required for detection is not configured for a service, the assertion will pass by default.

Attribute Age

test.nameAgeGTE30d

This assertion pass means that if there was a name attribute present, it was first seen in the tmx system greater than or equal to 30 days ago.

test.emailAgeGTE30d

This assertion pass means that if there was an email attribute present, it was first seen in the tmx system greater than or equal to 30 days ago.

test.addressAgeGTE30d

This assertion pass means that if there was an address attribute present, it was first seen in the tmx system greater than or equal to 30 days ago.

test.telephoneAgeGTE30d

This assertion pass means that if there was a telephone attribute present, it was first seen in the tmx system greater than or equal to 30 days ago.

test.exactIDAgeGTE7d

This assertion pass means that if there was a detectable exact ID (An ID detected generally by using browser cookies), it was first seen in the tmx system greater than or equal to 7 days ago.

test.smartIDAgeGTE7d

This assertion pass means that if there was a detectable smart ID (An ID derived from a complex set of system variables), it was first seen in the tmx system greater than or equal to 7 days ago.

test.lte3CredentialsDevice7d

This assertion pass means there have been three or less user credentials seen for this device in 7 days

Geographic

test.expectedLanguage

This assertion pass means the language detected as actually running in the browser matched the expected language for this True IP country.

test.credentialLTE500mi1hr

This assertion pass means that in the past hour, this credential has only been seen from regions less than 500 miles apart.

link.addressCountry_TrueGeoCountry

This assertion pass means that if an address was given, it was in the same country as the True IP was detected.

link.timeZone_TrueGeo

This assertion pass means that the timezone the user has configured matches the timezone for their True IP location.

test.trueIPLTE500miInputIP

This assertion pass means that the True IP location is less than or equal to 500mi away from the Input IP given. (Input IP is the IP seen by the server)

Blacklist

blacklist.email

This assertion pass means that an email attribute, if provided, is not on the blacklist.

blacklist.telephone

This assertion pass means that a telephone attribute, if provided, is not on the blacklist.

blacklist.ip

This assertion pass means that the ip is not on the blacklist.

blacklist.device

This assertion pass means that a device id, if provided, is not on the blacklist.

blacklist.ofacIP

This assertion pass means that the IP detected does not come from an OFAC country.

Network

detect.malware

This assertion pass means that the TMX algorithms that run to try and detect hidden malware in the user's machine, did not detect any.

detect.aggregator

This assertion pass means that the page visit did not come from an aggregator.

detect.tor

This assertion pass means that the session detected was not suspected of running on the tor network.

detect.torNode

This assertion pass means that the True IP detected is not a Tor exit node. A tor exit node may or may not be on the tor network.

detect.vpn

This assertion pass means that tmx did not detect this to be vpn traffic.

Proxy

detect.proxyHidden

This assertion pass means that tmx did not detect this to be a hidden or suspicious proxy.

detect.proxyAnonymous

An anonymous proxy does not send your real IP address in the HTTP_X_FORWARDED_FOR header, instead it submits the IP address of the proxy or is just blank.
The HTTP_VIA header is sent with a transparent proxy, also revealing that you are using a proxy server.

detect.proxyOpenTransparent

A transparent proxy sends your real IP address in the HTTP_X_FORWARDED_FOR header, this means a website that does not only determine your REMOTE_ADDR but also check for specific proxy headers will still know your real IP address.

test.lte3ProxyToday

This assertion pass means that if multiple proxies were seen, it was still less than or equal to 3 proxies today.

link.proxyGeo_TrueGeo

This assertion pass means that the country of the proxy matched the location of the user's True IP.

link.proxyOrg_TrueOrg

This assertion pass means that the organization of the proxy matched the organization of the user's True IP.

link.proxyISP_TrueISP

This assertion pass means that the ISP of the proxy matched the ISP detected.

Anomalies

detect.browserAnomaly

This assertion pass means that there were no cookie or browser session anomalies detected. Anomalies include things like, screen resolution of 1x1, Low screen colors, time on page <150ms, etc.

detect.unusualActivity

This assertion pass means no unusual threatmetrix interaction was detected, like duplicate sessions.

Government Issued ID Verification - AuthenticID enhancements

Significant updates have been made to our government issued ID scanning capabilities for US Driver’s Licenses and International Passports.

AuthenticID – Driver’s License

Verification of front and back of a valid US Driver’s License. Includes a selfie for facial comparison.

Assertions

test.driversLicenseVerified

Pass if the overall verification of the driver’s license was successful. Will return Fail if any significant tests return FAIL below.

test.driversLicenseExpiryDateVerified

Pass if driver’s license is not currently expired. Fail if the driver’s license is expired.

test.selfieCredentialDetectorCheck

Pass if selfie is naturally captured. Fail if there is an indication of a selfie spoof (unnaturally captured selfie, altered in any way.)

test.driversLicenseTinyOcclusionCheck

Pass if no modifications were made to the text on the ID. Fail if small modifications were made to the text, for example DOB or Full Name.

test.driversLicenseFrontColorVerified

Pass if the colors detected on the front of the license match that which is on record for the input state and year.

test.driversLicenseIssueDateVerified

Pass if the issue date in reasonable in comparison with the other dates on the card. Will Fail if it appears the date has been altered.

test.driversLicenseVisualAuthenticityVerified

Pass if the driver’s license appears to be an authentic document without spoofing or alteration. Will fail if alterations are detected.

test.driversLicenseFacialPhotoUsable

Pass if the picture of the face was submitted, passes face detection, and can be compared against the driver’s license image.

test.selfieImageRecieved

Pass if the selfie image was received to the system. Fail if there was an issue getting the image to the system.

test.driversLicenseDigitalReproductionCheck

Pass if the image was not determined to contain a digital reproduction of a driver’s license (manipulated in any way.)

test.driversLicenseFrontScreenPhotoCheck

Pass if image of driver’s license was captured naturally. Fail if transaction is either a digital, reproduced or paper submission. Will also fail if the image is a picture of a screen.

test.selfieNaturalCaptureVerified

Pass if the selfie is naturally captured. Will fail if it is photoshopped, cropped, filtered or doctored in any way.

test.driversLicenseBiographicTamperCheck

Pass if no modifications were made to the photo or the data on the image. Will fail if it appears modifications have been made to the text or the face picture.

test.driversLicenseDOBVerified

Pass if DOB on document is reasonable compared to the other dates on the document. Will Fail if the DOB does not make sense in comparison with the other dates.

test.driversLicenseFrontDPIResolutionVerified

Pass if the input image meets the minimum requirements for “dots per inch”, aka DPI. Fail if the image does not meet minimum quality requirements.

test.driversLicenseBiometricSpliceCheck

Pass if no changes have been made to the person’s image on the ID. Fail if it appears that the image has been swapped out or altered in any way.

test.selfieMinimumSizeCheck

Pass if the images submitted meet the minimum required size for the image.

test.driversLicenseBarcodeVerified

Pass if image of back of license barcode was usable by the OCR engine. Fail if there was an issue with the image.

test.driversLicenseBiometricTamperCheck

Pass if no changes have been made to the person’s image on the ID. Fail if it appears that the image has been swapped out or altered in any way.

test.selfieColorAnalysisVerified

Pass if the color analysis of the document matches that of the country and year on record. Will fail if grayscale, or if the image has been altered.

test.driversLicenseNotExpired

Pass if driver’s license is not currently expired. Fail if the driver’s license is expired.

test.driversLicenseBiographicSpliceCheck

Pass if no changes have been made to the person’s image on the ID. Fail if it appears that the image has been swapped out or altered in any way.

test.driversLicenseBlurOrOcclusionCheck

Pass if no blur or blockage of the image are detected. Will fail if image is overly blurry, or if there are foreign objects in the image (for example, a finger blocking some of the document.)

test.idFacialComparisonVerified

Pass if the face on the driver’s license front image matches the submitted selfie.

test.driversLicenseBackDPIResolutionVerified

Pass if the input image meets the minimum requirements for “dots per inch”, aka DPI. Fail if the image does not meet minimum quality requirements.

test.driversLicenseRearIDRecieved

Pass if an image was submitted for the back of the driver’s license.

test.selfiePhotoIntegrityVerified

Pass if the selfie image has not been altered or adjusted. Fail if there are any issues detected.

link.dOB_driversLicense

Pass if the input DOB (entered by user or federated from the identity provider) matches that which is extracted from the front/barcode of the Driver’s license.

link.fullName_driversLicense

Pass if the input Full Name (entered by user or federated from the identity provider) matches that which is extracted from the front/barcode of the Driver’s license.

AuthenticID – International Passport

Verification of the identification page of an International Passport. Includes a selfie for facial comparison.

Assertions supported:

test.passportVerified

Pass if the overall verification of the passport was successful. Will return Fail if any significant tests return FAIL below.

test.selfieCredentialDetectorCheck

Pass if selfie is naturally captured. Fail if there is an indication of a selfie spoof (unnaturally captured selfie, altered in any way.)

test.selfieMinimumSizeCheck

Pass if the images submitted meet the minimum required size for the image.

test.passportDigitalReproductionCheck

Pass if the image was not determined to contain a digital reproduction of a passport (manipulated in any way.)

test.passportScreenPhotoCheck

Pass if image of passport was captured naturally. Fail if transaction is either a digital, reproduced or paper submission. Will also fail if the image is a picture of a screen.

test.selfieColorAnalysisVerified

Pass if the color analysis of the document matches that of the country and year on record. Will fail if grayscale, or if the image has been altered.

test.passportTinyOcclusionCheck

Pass if no modifications were made to the text on the ID. Fail if small modifications were made to the text, for example DOB or Full Name.

test.passportBiometricSpliceCheck

Pass if no changes have been made to the person’s image on the ID. Fail if it appears that the image has been swapped out or altered in any way.

test.passportFacialPhotoUsable

Pass if the picture of the face was submitted, passes face detection, and can be compared against the passport image.

test.passportBlurOrOcclusionCheck

Pass if no blur or blockage of the image are detected. Will fail if image is overly blurry, or if there are foreign objects in the image (for example, a finger blocking some of the full identification page.)

test.selfieImageRecieved

Pass if the selfie image was received to the system. Fail if there was an issue getting the image to the system.

test.passportFacialComparisonVerified

Pass if the face on the passport’s identification page matches the submitted selfie.

test.selfieNaturalCaptureVerified

Pass if the selfie is naturally captured. Will fail if it is photoshopped, cropped, filtered or doctored in any way.

test.passportDOBVerified

Pass if the DOB could be read and verified on the document.

test.passportColorVerified

Pass if the colors on the passport match to the pattern on file for the country and year. Fail if this has been altered or changed (Grayscale, photoshop.)

test.selfiePhotoIntegrityVerified

Pass if the selfie image has not been altered or adjusted. Fail if there are any issues detected.

test.passportDPIResolutionVerified

Pass if the input image meets the minimum requirements for “dots per inch”, aka DPI. Fail if the image does not meet minimum quality requirements.

link.dOB_passport

Pass if the input DOB (entered by user or federated from the identity provider) matches that which is on the identification page of the Passport.

Desktop to Mobile Service for Gov-ID Image Collection & Verification

The Desktop to Mobile flow allows user’s of the Government Issued ID verification service to provide their end users a simple way to capture high quality pictures of their documents through a hosted, interactive mobile experience.

If enabled, the user is asked to continue verification on their mobile device. At this point, they will be sent a text message, which initiates the government issued ID capture process.

Throughout this experience, the user will be challenged to take pictures of the appropriate pictures for the policy, including front & back of driver’s license, identification page of passport, and selfie.

As the user’s take the images, the DCUI application performs “post-processing” on the images, including:

• Face detection – determines if there is a human face present in the front of driver’s license, passport identification page, and selfie images.
• Orientation check – determines if the images are captured in the correct orientation.
• Blur check – determines if there is blur detected in the images.

Once complete, the images are re-uploaded to the user’s desktop session, where they can complete their verification.

Enhancements to Verify API - OTP, Gov-ID support

New features have been introduced for the Verify API. This helps deliver feature parity between the federated gateway and the Verify API.

Updates:

• send and verify OTP (one time pin) challenges for SMS, Email and Voice
• Initiate Government Issued ID capture & verification using the AXN Desktop to Mobile application (DCUI)
• Directly submit images captured in your own application for verification