Experian Document Verification, OCR Auto-Fill and Facial Comparison (Mitek & IDverse)
Document Verification lets your users scan identity documents (IDs) using their phone or computer and gives you assurance that the ID they’re using is genuine. Combined with Biometric Verification, it’s a seamless way to anchor the identity of a customer at any stage of the online customer lifecycle.
Features
- Available via Experian’s CrossCore Platform or direct API.
- Mobile device auto-capture of document and facial images.
- Real-time and automated review of government issued identity documents.
- Process international passports, driver’s licenses, ID cards and residency permits.
- Real-time feedback on image quality issues during or following capture.
- Facial biometric comparison via selfie with liveness detection.
- Fast and accurate data pre-fill from ID documents.
- Supports Mobile Web, Android and iOS platforms and devices.
- Search ‘CrossCore’ in G-Cloud to view other backing applications available.
- Mitek
Benefits
- Improve application completion rates by using a hybrid approach
- Match ID documents to a person, be confident it's them
- Can help meet GPG45 Identity Standard
- Assists Anti Money Laundering (AML) and Know Your Customer (KYC).
- Implement 100% digital customer onboarding for a positive application journey.
- Deter and detect fraudsters to minimise fraud attacks and losses.
- Reduce false positives, false negatives and unnecessary manual verification processes.
- Global document verification coverage using machine learning and expert reviews
- Help mitigate fraud and risk
- Flexible rule settings to meet different risk appetites.
Pricing
£0.65 to £1.50 a unit
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
7 6 4 2 1 2 8 6 8 5 2 9 6 0 1
Contact
Experian
Experian Public Sector
Telephone: +44 (0) 115 941 0888
Email: digitalmarketplace@experian.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- All Experian Identity and Fraud services, in particular those that are available via the CrossCore platform as an overall decision is provided across multiple services to suit the specific use case.
- Cloud deployment model
- Private cloud
- Service constraints
- Document Verification is provided via the CrossCore and is a 24x7x365 service the majority of maintenance is performed with no interruption to service.
- System requirements
-
- Mobile web, iOS, Android device for MiSnap integration
- Buyer must have an application to interface with restful JSON
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- To manage client services effectively and consistently, Experian provides Major Incident Management, Incident Management, Service Request Management, Problem Management and Operational Change Management with standardised processes. Incidents and Major Incidents are given Priorities, with higher Priorities receiving faster responses and restoration times. Tracking these values and performing internal data analysis enables Experian to continually improve these services and reduce impact to all clients.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- No
- Support levels
- Standard support is weekdays 09:00 - 17:00 UK time, excluding public holidays, but enhanced packages can offer 24/7 Major Incident Management and Availability Management.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Hnical support during service setup and/or integration - User Documentation - On site Training available at cost - User Webinars
- Service documentation
- Yes
- Documentation formats
-
- Other
- Other documentation formats
- Excel
- End-of-contract data extraction
- Not Applicable
- End-of-contract process
- Not Applicable
Using the service
- Web browser interface
- No
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The MiSnap SDK is provided to the buyer to integrate with their own web site or mobile user journey to capture good quality images for passing into the CrossCore API for verification and/or OCR. Both journey's provide very similar capabilities.
- Service interface
- No
- User support accessibility
- None or don’t know
- API
- Yes
- What users can and can't do using the API
- Users can submit transactions into CrossCore and receive responses back. The user cannot make changes to the service via the API - configuration of the service is managed by Experian.
- API documentation
- Yes
- API documentation formats
- Other
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- The strategy responses from CrossCore can be customised to meet customer needs. This service is provided by Experian.
Scaling
- Independence of resources
-
Proactive monitoring is in place to alert when pre-defined thresholds are reached.
All systems are horizontally and vertically scalable to met current and expected demand.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Service availability via Service Management which is a separate, chargeable service.
Batch MI of results is also available as a chargeable service. - Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Mitek Systems Inc
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
- Physical access control, complying with CSA CCM v3.0
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Users are expected to retain copies of the results from CrossCore submissions within their own systems, as required.
- Data export formats
- Other
- Data import formats
- Other
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- Availability SLAs will be defined case-by-case.
- Approach to resilience
- Experian backs up all data that has an on-going business value for operational recovery purposes and to comply with business continuity plans. Backups are regularly tested for reliability and integrity, and restoration procedures are tested for effectiveness and acceptable performance. The confidentiality, integrity and availability of backup media is protected in storage using physical, environmental and technical controls, such as secure storage and encryption. The primary data resides in Fairham House datacentre and backup data is transferred over dedicated dark fibre links to Experian’s DR site in Bulwell. This is a very secure transfer method and the data cannot be intercepted. This data then resides on tapes in robotic silo’s and NEVER leaves this location physically, if the data is needed, it will be recalled over the same dedicated dark fibre links to Fairham.
- Outage reporting
- Email alerts
Identity and authentication
- User authentication needed
- Yes
- User authentication
- 2-factor authentication
- Access restrictions in management interfaces and support channels
- Users have their access controlled using a user role and security group function. In addition access can be restricted to specific client IP addresses.
- Access restriction testing frequency
- At least once a year
- Management access authentication
- 2-factor authentication
Audit information for users
- Access to user activity audit information
- You control when users can access audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- You control when users can access audit information
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- DNV GL Business Assurance Limited
- ISO/IEC 27001 accreditation date
- 20/12/2016
- What the ISO/IEC 27001 doesn’t cover
- The following is covered by the scope of the certificate; the delivery and support of Experian IT infrastructure, operations, architecture and associated compliance and facilities management undertaken within the UK data centres.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- Trustwave
- PCI DSS accreditation date
- 28/10/2016
- What the PCI DSS doesn’t cover
- Everything is covered
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- Experian also holds Cyber Essentials certificate
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Experian have comprehensive Global Security Policies based on the ISO27001 standard which covers; - Organisation and Management - Information Security - Asset Classification - Physical and Environmental Security - Communications and Operations Management - System Access - Systems Development and Maintenance - Compliance - Personnel and Provisioning - Business Continuity Management - Third Party Management
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- All modifications and improvements to Experian's information systems will be managed through a controlled change management process. Experian have a Change Management Policy which is underpinned by processes and procedures based on ITIL best practice. This is a mature process implemented in 2000. We use a Service Management tool that integrates Change Management, Incident Management, Problem Management, Configuration Management and Knowledge Management. Our Change Management policy, process and procedures are regularly audited by independent auditors. Experian business units will establish and maintain a process for documenting proposed changes to information systems.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- In line with our Global Information Security Policy, Experian performs regular vulnerability and integrity checks of our systems. The scheduling varies depending on criticality and exposure of the system being checked Experian has regular network security assessment conducted of both internal and external deployments, in which the Firewall Infrastructure is tested, including internal components, applications, and employed servers Vendor software patches are applied on a monthly cycle with a risk-based approach taken to prioritisation via an automated Patch & Fix strategy which is underpinned with a technology infrastructure to deliver corrective updates.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Monitoring processes and tools are in place to manage alarms generated by security related alerts and these are fed into the incident management process. Experian has a formally documented risk based incident management process to respond to security violations, unusual or suspicious events and incidents. In the event an incident occurs a team of experts from all relevant areas of Experian are gathered to form an incident response team, who manage activities until resolution. The incident response team are available 24/7 to resolve any incident. Out of core hours the dedicated incident hotline is routed to the command centre.
- Incident management type
- Supplier-defined controls
- Incident management approach
- The incident management process incorporates a number of participants and contributors, including: Global Security Office - who facilitate and coordinate activities under the business security coordinator's guidance; Business Security Coordinator - a representative of the impacted business area, responsible for coordinating resolution activities; Incident Response Team (IRT) - IRT is made up of a membership that are empowered to make key decisions surrounding the actions to be taken to reduce impact, control actions, and impose corrective activities. A client report would be created, including: high level overview; facts; overview of events; actions taken.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
As an information services business, we have a relatively small environmental footprint compared to
many other industries. The biggest impact from our controlled operations relates to greenhouse gas
emissions from energy used to power, heat and cool our buildings and data centres, and from
business travel (pre-Covid-19). Every year we reduce our carbon footprint, yet we want to take it
further and accelerate our response to the climate change challenge
We’ve started our journey to becoming carbon neutral. Our global Corporate Responsibility team is
engaging with various teams across the organisation to discuss carbon reduction initiatives and get a
good understanding of what’s needed to achieve our target by 2030. This will allow us to develop a
detailed Carbon Neutral Plan, including initiatives, targets, costings and timeframes, for agreement by
end of November.Covid-19 recovery
We have focused on supporting our people, clients and consumers throughout the COVID-19
pandemic, using data as a force for good, helping to navigate the crisis.
We quickly transitioned the majority of our employees to work from home. We introduced flexible
working and increased collaboration tools and support networks, such as mindfulness programmes, to
help our people navigate the challenges of home working. Webinars and senior leadership vlogs
helped us connect. Our employees around the world have shown incredible resilience, commitment
and flexibility during the COVID-19 pandemic and this is reflected in our results.
We maintained operational capacity throughout the pandemic, we have kept the health and safety of
our employees as the primary consideration of our pandemic response. Most of our employees are
still working remotely. An effort is underway to determine our strategy for work arrangements in the
future. We expect this to be guided by a consistent global framework and principles, with local
flexibility around the approach to account for legal and cultural nuances.
We continue to take industry-leading positions designed to protect and educate consumers, as well as
to promote the responsible reporting of data, with appropriate safeguards, in order to help the
economic recovery from the crisis.Tackling economic inequality
We help millions of people and businesses around the world get fair and affordable access to
essential services and we work hard to make sure our business has a positive impact on the world,
never a negative one. Our responsibilities – to people, society and the environment – guide
everything we do.
By collecting and analysing data, we help people and businesses build up a financial track record and
gain access to essential, everyday services that have previously been out of reach. We’re also
pioneering the use of alternative data, such as rental or utility payments, to help people with limited
financial history build up and strengthen their credit profiles.
Our people’s talents and our business resources go beyond the workplace. We encourage our people
to use their skills to benefit society: many volunteer their time and skills to support their communities
and improve financial education.
We also help our people support local groups and charities by matching funding and giving donations.
At Experian we realise relationships with all our stakeholders are key to our success and sustainable
business growth. We also recognise that we have an impact on and responsibilities for the society we
trade within. We consider these responsibilities carefully and aim to have a positive impact wherever
we can.
Experian has developed a set of CR principles, endorsed by our Management Committee, to guide
and enhance the way we work with our customers (both clients and individual consumers),
colleagues, suppliers and communities. As a company, we are committed to working by these
principles and will regularly benchmark and assess our progress in each area and report through our
parent company.
Please see a copy of Experian’s supply chain principles on the following link:
https://www.experian.com/corporate/code-of-business-conductEqual opportunity
Each and every one of our people deserves to feel valued, represented, and that they belong at
Experian. We have over 30 employee-led groups globally that play a huge part in creating inclusion
and advocating on behalf of our people. These groups are not only a safe space for anyone who
needs it, but also drive change and build awareness across Experian, raising the standard for
everyone.
Experian are registered as ‘Disability Confident’ and are currently undertaking an assessment with the
Business Disability Forum. Our top 3 areas for focus this year is in learning & development,
communications and technology. Our ambition is to remove barriers for all employees with disabilities
at Experian.
Experian recognises that equal opportunities are fundamental to the Company’s success and is
committed to encouraging a working climate that respects and promotes equality. There is a
publicised Equality, Diversity and Inclusion policy which sets out the Company and employee
responsibilities for ensuring equality and embedding a culture and working environment that actively
safeguards against discrimination and unfavourable treatment of people in all aspects of employment
including recruitment, promotion and training opportunities. There is also a Dignity at Work policy
which sets out Experian’s commitment to creating a work environment free of harassment and
bullying, ensuring everyone is treated with dignity and respect. All of the policies are compliant with
the requirements of the Equality Act 2010 and the relevant clauses of the HRA.
More information can be found in Experian’s Diversity, Equity and Inclusion Report here:
https://www.experianplc.com/investors/reports/Wellbeing
Since the pandemic we have increased our focus on the health and well-being of our teams across
the world. We quickly implemented regular pulse surveys so we could respond rapidly and ensure the
right support was available. We emphasised mental health, reflecting the challenges people faced
while working remotely. A response to the statement ‘I am feeling physically and mentally well’ was
75% favourable on average across five pulse surveys we ran during the year. We put in place a range
of initiatives to support our teams, for example #ReachOut, which gave all employees access to
resources to support their physical and mental health whenever they needed it.
Experian has an important role to play in helping everyone through these uncertain times. We
recognise the significance of the role we play in the UK economy and we are committed to ensuring
that our data services are being used to help, protecting vulnerable people, businesses and
communities.
At Experian, we work to create a better tomorrow for consumers, for businesses, and for our
communities. This ambition underpins our plans for our people – to ensure we have the best people,
working in a high-performing and inclusive environment where they feel they can do their best work in
support of our vision.
We help millions of people gain access to essential, everyday services by helping them make the
most of their data by Improving financial identities and access to credit, providing credit and financial
education and tackling unmanageable debt among vulnerable groups. We define our responsibility as
playing an active part in social and economic regeneration in our communities, at a local, national and
global level, and we have many motivations for this engagement.
Pricing
- Price
- £0.65 to £1.50 a unit
- Discount for educational organisations
- No
- Free trial available
- No