Overview of MobileMatch to BioGovID

An overview of the MobileMatch to BioGovID workflow.

Summary

MobileMatch is one of five standardized, best practice workflows that ID DataWeb offers. MobileMatch utilizes a two-step process to 1) verify a person's identity based on mobile carrier data attached to a provided phone number and 2) verify possession of that phone number via a one-time password challenge. Additionally, it screens each verification session for indicators of risk and nefarious behavior.

MobileMatch is an available verification method for the United States, Canada, and the United Kingdom.

BioGovID (short for "biometric-government ID authentication") is one of five standardized, best practice workflows that ID DataWeb offers. BioGovID cross-references personally identifiable information (PII), a live selfie, and images of a government-issued document to verify a person's identity in real-time. Additionally, it screens each verification session for indicators of risk and nefarious behavior.

BioGovID is an available verification method for over 120 countries and compatible with thousands of document types.

MobileMatch to BioGovID Process

911
  • 0 - Country Selection. The user is asked to select the country which they live in.
    • If they select US, UK or Canada - they will proceed to MobileMatch. For any other countries, they will proceed directly to BioGovID (step 2.)
    • Passive risk analysis is also performed at this step - if the user is deemed high risk (TOR browser, bot behavior, blacklisted IP address) - they will be immediately denied and prevented from proceeding.
  • 1a - PII validation. The user will complete the PII form, which includes Full name, Home Address, and Personal Phone Number. Upon completion, the system will analyze the correlation between the PII and the phone number using 3rd party data sources. If a link is established, they will proceed to step 1b - (OTP phone possession check.)
  • 1b - MobileMatch Verification. If the user's PII is correlated to their phone number, the last step is to confirm possession of the device. The user can choose between a voice or SMS based one-time passcode to be sent to their phone. Once they receive it, they type it into the screen. This confirms they are in possession of a device registered to who they are claiming to be, with no risk detected, leading to a verified identity.
  • 2 - BioGovID Document Selection. The user will be asked to select which document they'd like to use to verify their identity (passport, ID card, or driver's license.)
  • 3 - The user will complete the BioGovID process.
    • If they are on a desktop, the user will receive an SMS, where they will continue the government issued ID and selfie capture process.
    • If they are on a mobile device, they will immediately proceed with government issued ID and selfie capture.
    • Liveness confirmation is also performed on the selfie step. The user must take a natural selfie, and not an image of a screen or a picture of a picture.
    • Once complete, the user will submit the images for verification. If the document is valid, the selfie matches the document headshot, and the document full name matches the claimed full name, the user is approved.

Integration and Testing

  • If your workflow is set to use test data, please follow the instructions here to test this workflow.
  • Standalone testing - If this is a pilot, use the link sent to you in the Pilot kick off email. To signup for a pilot, click here.
  • If you've created a workflow yourself, you can use the "Copy Link" feature to get a test link.
  • If you are looking to do a OpenID connect integration with your application, add your workflow's client id, secret, and scopes to your OpenID connect client, OR follow the process outlined here. Note, you'll need to register your application's redirect URL on your workflow.
  • If you are looking to do an API integration, review the steps outlined here: MobileMatch and BioGovID
  • If you are looking to hook a verification workflow into one of your existing IAM tools, we more than likely have an integration or package waiting for you! Reach out to your Solutions Architect or account rep for more details.

Updated over 1 year ago