Criteria for automated identity verification according to eIDAS – Digital identity verification with the cidaas ID validator
On 1 April, the Federal Network Agency published a new order on video identification with automated procedures. This order defines the official criteria for automated digital identity verification via video using artificial intelligence, as provided by the cidaas ID validator. The criteria were developed by the Federal Network Agency (BNetzA) in consultation with the Federal Office for Information Security (BSI). “We are pleased to have accompanied the journey from the creation of the supplementary criteria to the new order with our conformity assessment for the cidaas ID validator.” (Yael)
Fully automated identification with Artificial Intelligence is the innovation which customers are demanding. In numerous use cases, Artificial Intelligence is used to accelerate processes or to be carried out directly autonomously by the system. So far, this step has been lacking in Germany due to regulatory hurdles in strong identification.
The cidaas ID validator offers an innovative, fully automated, digital identity verification and perfectly extends the cidaas Identity Platform. “With the order issued now, we offer our customers legal certainty in digital identity verification.” (Yael)
The identity check with the cidaas ID validator can be carried out directly via the webcam on the laptop/PC or in the mobile end device via cidaas Authenticator App or SDK and is supplemented by an identity check via eID. “The possibilities offered by the cidaas ID validator for identity verification clearly distinguish it from other so-called selfie or Robo-ident procedures on the market” (Sadrick).
cidaas Identity Platform’s comprehensive and innovative feature set enables its customers to provide consistent and end-to-end identity and access management, from digital identity verification to single sign-on, multi-factor authentication, or consent management.
How do specific AI algorithms ensure highly secure authentication and identification?
During the identification process, the AI compares biometric aspects of the ID card with those of the corresponding real person and checks the ID card for security features that confirm the authenticity of the document. Furthermore, aliveness detection and a real-time check provide additional security that a person is a real person and not a recording, thus offering ideal protection against, for example, replay attacks.
How is a unique, comfortable user experience created?
No contact with a second person is needed, because the process is completely automated thanks to machine learning and Artificial Intelligence. Thus, verifications for e.g., the conclusion of a contract can be carried out at any time, any place and on any camera- and internet-enabled device. With further functions of the cidaas Identity Platform, a consistent user experience is created.
Why is an automated digital identity verification cheaper?
The costs per identification case are significantly lower than older procedures, the outsourcing of external labour can be cancelled and internal employees experience an increase in work efficiency. Accordingly, the extraction and maintenance of personal customer data can be made easily available with the help of well-thought-out interfaces.
eIDAS – What is tha?
Identification via an automated process is the next logical step to stay successful in the market. In the past, customers were forced to visit a branch or the customer service to show their ID in person for strong identification. For the first time in 2014, a circular from BaFin, which permitted the video identification procedure for concluding contracts, brought the movement to the market and online identification became possible.
In the meantime, some new regulations for online identification have been added, for example, only certain identity documents that have sufficient security mechanisms are eligible for online identification.  It is clear that digital identification is accepted on the market and is widely used.
One of the most important milestones in recent years is the eIDAS Regulation on electronic identification and trust services. It came into existence in 2016 and defines Europe-wide regulations for electronic identification and electronic trust services. It thus forms a uniform framework across all 28 EU member states and the European Economic Area.
Trust services are checked, authorized and supervised by a supervisory body in each country. In Germany, this is the Federal Network Agency. In the decree pursuant to Section 11 (1) VDG, the Federal Network Agency, in consultation with the BSI, defines the minimum requirements for recognized other identification methods.
In the initial ruling, these requirements were strongly geared towards video identification by means of call centers, so that with the now published ruling on video identification with automated procedures, these innovative, state-of-the-art procedures are officially considered to be equivalent in terms of security to an on-site check.
About the cidaas ID validator – automated identity verification
With the cidaas ID validator we have created a new, innovative service for the verification of identity cards, passports and driving licences. In this process, the documents are recorded in videos by the user himself with the camera in the end device according to clear instructions. Via facial recognition of the user, it is verified that users match the owner of the document. The process is based on AI technologies and the checks are automated within seconds (process times are 20 – 60 sec).
For ID and passport verification, the cidaas ID validator complies with the highest European standards for digital identification according to eIDAS.
About cidas
cidaas, the European cloud identity and access management system from Widas ID GmbH, delivers an out-of-the-box solution for federated identities, single sign-on and multi-factor authentication. With cidaas, companies create unique user identification and maximum security across all channels. Based on the standards OAuth2.0, OpenID and its “Everything is an API” architecture, cidaas can be seamlessly integrated into any software landscape and scales effortlessly up to many millions of users.