Overview of IAL2 Verification

Summary

IAL2 Identity Verification is a standardized, best-practice workflow offered by ID DataWeb that adheres to the National Institute of Standards and Technology (NIST) Special Publication 800-63-3 guidelines for Identity Assurance Level 2 (IAL2). This workflow ensures that an applicant's identity is verified through a combination of identity document authentication, biometric verification, and authoritative data source checks.

The IAL2 process includes:

  1. Identity Document Verification – The applicant submits a government-issued ID, which is validated for authenticity.
  2. Biometric Verification – A selfie or live facial scan is captured and matched against the document photo to confirm identity.
  3. (PII)- Personal Identity Information Validation – The applicant’s personal information (PII) is cross-checked against authoritative data sources to ensure accuracy and legitimacy.

Additionally, IAL2 verification incorporates fraud prevention measures, detecting potential risks such as document tampering, impersonation attempts, and synthetic identity fraud.


If PII checks fail, the applicant validates two government-issued IDs.

BioGovID Process

ID DataWeb’s BioGovID service facilitates the identity proofing process for IAL2 verification. The process consists of the following steps:

  1. Link Generation – The applicant receives a secure link via the send-link or get-link endpoint.
  2. Document Capture – The applicant is prompted to take a picture of their government-issued ID.
  3. Selfie Capture – A real-time selfie is taken to enable biometric comparison.
  4. Liveness Detection & Matching – The system ensures the applicant is present and compares the selfie against the document photo.
  5. Data Validation – The extracted ID details are checked against authoritative sources for consistency and legitimacy.

Once the process is complete, the verification results, including risk signals and fraud indicators, are returned for further decision-making.

BioGovID provides a secure and streamlined solution for organizations requiring IAL2-compliant identity verification, ensuring high assurance while minimizing friction for the end user.

First Document Assertions


NameDescription
test.documentTamperedDetects whether the document has surpassed its official validity period. .
test.documentIdAlterationCheckDetects physical modifications on the ID, such as replaced information or scratched areas.
test.documentAlignmentCheckEnsures the document is correctly centered and aligned in the frame. Proper alignment is necessary for accurate evaluation.
test.possibleFraud
test.screenIdLivenessDetermines whether the ID was shown on a screen (e.g., a photo or screenshot), rather than physically presented. Helps block replay attacks.
test.paperIdLivenessChecks whether the ID is printed on authentic card material or simply on paper. Prevents fake printouts.
test.document_isRealIDValidates the document against a library of real ID templates to confirm legitimacy.
test.documentBalancedLightFrontCheckEvaluates the lighting across the ID image to ensure it's evenly illuminated and supports readability.
test.documentBalancedLightBackCheckEvaluates the lighting across the ID image to ensure it's evenly illuminated and supports readability.
test.documentSharpnessFrontCheckChecks whether the image is clear and sharp, enabling reliable detection of document features.
test.documentSharpnessBackCheckChecks whether the image is clear and sharp, enabling reliable detection of document features.
test.fakeBrowserCheck
test.punchedHoles
test.documentFakedIdentifies synthetic or non-government-issued IDs based on document structure and design. This adds a high level of security by blocking counterfeit templates. Uses image analysis and known forgery patterns to detect counterfeit IDs.
test.documentVisibleCharacteristicsConfirms the presence of visible security features such as holograms and watermarks. Enhances confidence in document authenticity.
test.evasionAttack
test.digitalAttack
test.documentTypeSideCrosscheck
test.documentFacialPhotoCheckChecks that biometric facial features are clearly visible and distinguishable.
test.2DBarcodeReadable
test.documentExpirationDateValidChecks that the ID’s expiration date is in a valid range and format.
test.documentSexCrosscheckCompares gender data across the document’s regions and digital fields.
test.documentNumberCrosscheckChecks that the document number follows official standards and is consistent across fields.
test.documentIssueDateValidValidates the issuance date format and logic.
test.documentDOBCrosscheckEnsures consistency of the birth date across printed and machine-readable sections.
test.documentClassifiedConfirms that the ID belongs to a known and supported category (e.g., national ID, passport).
test.documentSeriesExpired
test.documentDOBValidConfirms that the birth date on the document is logically valid (e.g., not in the future, not implausibly old, and properly formatted). This ensures that the date of birth adheres to standard date formats and reasonable ranges for identity verification.
test.documentFullNameCrosscheckEnsures the full name appears consistently across various zones on the document.
test.2DBarcodeContentCheck
test. expiredDetects whether the document has surpassed its official validity period. .
test.documentExpirationDateCrosscheckVerifies that the expiration date on the ID is consistent across all zones (e.g., printed text, barcode, MRZ). This prevents tampering where only part of the document is updated or falsified.
test.documentAuthenticatedThis check confirms that the primary ID document (e.g., driver’s license or passport) has successfully passed all required validations — including format, photo integrity, data consistency, and security features. A passing result means the document appears authentic and unaltered.
test.documentOcrConfidenceEvaluates the overall OCR (Optical Character Recognition) confidence score for the primary government-issued ID document. This check reflects how accurately the system was able to extract and interpret the document's text, based on the configured OCR data fields.
test.governmentValidationThis check validates identity data against authoritative DMV records via the AAMVA network. It provides high-assurance verification of government-issued IDs (e.g., driver’s license), helping detect forged or stolen identities. It is particularly effective at mitigating synthetic identity fraud and strengthening trust in onboarding and account recovery workflows.

Second Document Assertions

NameDescription
test.secondDocumentTamperedDetects whether the document has surpassed its official validity period. .
test.secondDocumentIdAlterationCheckDetects physical modifications on the ID, such as replaced information or scratched areas.
test.secondDocumentAlignmentCheckEnsures the document is correctly centered and aligned in the frame. Proper alignment is necessary for accurate evaluation.
test.secondDocumentScreenIdLivenessDetermines whether the ID was shown on a screen (e.g., a photo or screenshot), rather than physically presented. Helps block replay attacks.
test.secondDocumentPaperIdLivenessChecks whether the ID is printed on authentic card material or simply on paper. Prevents fake printouts.
test.secondDocumentBalancedLightFrontCheckEvaluates the lighting across the ID image to ensure it's evenly illuminated and supports readability.
test.secondDocumentSharpnessFrontCheckChecks whether the image is clear and sharp, enabling reliable detection of document features.
test.secondDocumentPunchedHoles
test.fontAlterationCheck
test.secondDocumentFakedIdentifies synthetic or non-government-issued IDs based on document structure and design. This adds a high level of security by blocking counterfeit templates. Uses image analysis and known forgery patterns to detect counterfeit IDs.
test.secondDocumentVisibleCharacteristicsConfirms the presence of visible security features such as holograms and watermarks. Enhances confidence in document authenticity.
test.secondDocumentFacialPhotoCheckChecks that biometric facial features are clearly visible and distinguishable.
test.secondDocumentExpirationDateValidChecks that the ID’s expiration date is in a valid range and format.
test.secondDocumentSexCrosscheckCompares gender data across the document’s regions and digital fields.
test.mrzLineFormatCheck
test.secondDocumentNumberCrosscheckChecks that the document number follows official standards and is consistent across fields.
test.secondDocumentIssueDateValidValidates the issuance date format and logic.
test.underageCheck
test.secondDocumentDOBCrosscheckEnsures consistency of the birth date across printed and machine-readable sections.
test.mrzParsableCheck
test.secondDocumentExpirationDateCrosscheckVerifies that the expiration date on the ID is consistent across all zones (e.g., printed text, barcode, MRZ). This prevents tampering where only part of the document is updated or falsified.
test.secondDocumentClassifiedConfirms that the ID belongs to a known and supported category (e.g., national ID, passport).
test.birthDateCheckDigit
test.secondDocumentDOBValidConfirms that the birth date on the document is logically valid (e.g., not in the future, not implausibly old, and properly formatted). This ensures that the date of birth adheres to standard date formats and reasonable ranges for identity verification.
test.secondDocumentFullNameCrosscheckEnsures the full name appears consistently across various zones on the document.
test.compositeCheckDigit
test.expirationDateCheckDigit
test.secondExpiredDetects whether the document has surpassed its official validity period.
test.secondDocumentAuthenticatedVerifies the second supporting document (if provided) and assesses whether it passes similar authentication checks as the primary ID. These include barcode integrity, data structure, expiration validity, and document-specific features.
test.secondDocumentOcrConfidenceEvaluates the overall OCR (Optical Character Recognition) confidence score for the second government-issued ID document. This check reflects how accurately the system was able to extract and interpret the document's text, based on the configured OCR data fields.

Biometric Assertions

Below AssertionsFocus on selfie checks
test.hasHeadCoverliveness.hasHeadCoverDetects if the user is wearing any head covering that may obscure facial features.
test.hasClosedEyesliveness.hasClosedEyesChecks whether the user's eyes are closed, which may interfere with facial analysis.
test.physicalAttackliveness.physicalAttackFlags potential physical tampering or manipulation of the device or image (e.g., printed photo, mask).
test.selfieLivenessliveness.livenessScoreDetermines if the person in front of the camera is a real, physically-present human — not a photo, video, or mask. It’s a percentage-based confidence score that combines results from multiple liveness checks, like eye movement, 3D shape, and natural lighting.
test.selfieMaskCheckfaceRecognition.maskCheckDetects if the person is wearing a mask that could obstruct face matching. Adds a layer of defense against identity obfuscation.
test.selfieLensesCheckfaceRecognition.lensesCheckChecks for glasses or contact lenses that might interfere with face detection. Ensures clear visibility of biometric markers. .
test.selfieBrightnessCheckfaceRecognition.faceBrightnessEnsures the face in the selfie is well-lit for accurate comparison. Contributes to overall match reliability.
link.selfie_govIDfaceRecognition.details.selfieVsIdPerforms a face match between the user's selfie and the photo on the primary government-issued ID document. This check verifies that the same individual appears in both images, helping confirm document ownership and prevent impersonation or identity fraud.
link.selfie_secondGovIDfaceRecognitionSecondId.details.selfieVsIdPerforms a face match between the user's selfie and the photo on the second government-issued ID document. This check verifies that the same individual appears in both images, helping confirm document ownership and prevent impersonation or identity fraud.

Overall Transaction Level Assertions

NameDescription
test.deviceRiskAssesses the risk level associated with the device used for verification. Detects anomalies or known fraudulent behavior.
test.overallBehaviorRiskAnalyzes user behavior during the session for patterns linked to fraud (e.g., erratic cursor movement, speed)
test.overallDocumentsAuthenticationProvides an aggregated result that reflects the combined outcome of all document validation checks — including both the primary and secondary IDs. It gives a single summary score of how trustworthy and authentic the submitted identity documents are.

Comparative Assertions

First Document - Drivers LicenseDescription Second Document - Passport Description
link.dob_documentCompares the date of birth (DOB) extracted from the primary document with the DOB provided by the user. Ensures consistency between document data and declared identity information.link.dob_secondDocumentCompares the date of birth from the second document (e.g., backup ID) against the user-provided DOB. Adds an extra layer of validation in dual-document workflows.
link.fullName_driversLicenseChecks whether the full name extracted from the primary ID document matches the name entered by the user during onboarding or verification.link.fullName_passportCompares the full name from the secondary ID to the user-provided name. Reinforces identity confirmation when two forms of ID are used.
 link.nationality_documentVerifies the nationality on the second document matches the declared user nationality. Reinforces verification when multiple IDs are provided.