In terms of identity verification, there are numerous complex terms and acronyms abound, making it challenging for the users to maintain clarity. There are few terms which are not so common but hold equal importance as other terms. In this glossary, we aim to explain the key identity concepts and address common inquiries for each term.
Access Management
Configuring access levels in a software system involves granting authorized users access and preventing unauthorized access. This may include organizing access hierarchies through user groups. Regular auditing and maintenance are necessary to adapt to evolving business needs and employee roles.
Active Directory Federation Services (ADFS)
ADFS establishes a federated authentication system for Microsoft-centric networks using Active Directory. It enables seamless authentication and single sign-on across large organizations, granting autonomy to individual groups for managing their access control needs.
Adaptive Authentication
Adaptive authentication adjusts security measures based on user, device, and location context, considering both static factors like user type and dynamic elements such as access patterns. For instance, users accustomed to logging in from a specific location may face restrictions if attempting access from elsewhere.
Adaptive Multi-Factor Authentication
Adaptive authentication adjusts login criteria based on situations, including the dynamic addition of extra factors like SMS codes for identity assurance when detecting unusual access patterns, avoiding complete user blocks.
API Access Management
API Access Management system addresses authentication challenges unique to APIs, where the user is often another software system rather than an individual. It ensures seamless integration of API services with the overall user management system.
Application Network
Enterprise IT is moving from monolithic systems to modular applications linked through open APIs, allowing businesses to specialize and giving customers flexibility in choosing and customizing functionality.
Attack Surface
An organization's vulnerability to attacks is determined by its overall "surface area," which includes bugs, vulnerabilities, and insecure policies. Robust identity access management seeks to minimize this attack surface, reducing risk through measures such as automated user provisioning, timely patching, and enforcing least privileged access control.
Authentication
Verifying the asserted identity of a communicating party is the process of confirming that they are who they claim to be.
Authentication Factors
These encompass three interlinked authentication factors: 1. Biometrics (physical traits like retina, thumbprint, voice), 2. Possession (having a specific device or fob), and 3. Knowledge (such as a password or secret code).
Authorization
The procedure of verifying if a specific identity has permission to access a designated resource or function.
ABRADIE
Established in 2023, ABRADIE in Brazil is dedicated to combating match-fixing and corruption in sports. The organization enforces financial monitoring and ethical codes, striving to maintain sports integrity at all levels. The ongoing mission requires collective commitment from stakeholders.
Age Verification
Age verification is vital in gaming, gambling, and mobility industries to prevent fraud and protect minors. It ensures legal driving age for safety and compliance through online verification using valid identification documents.
Alcohol and Gaming Commission of Ontario (AGCO)
The Alcohol and Gaming Commission of Ontario (AGCO), established in 1998, oversees alcohol, gaming, horse racing, and cannabis retail. With a specific focus on iGaming through iGaming Ontario, it sets regulatory standards, registers operators and suppliers, ensures compliance, and addresses complaints. The commission is committed to fair policies, effective controls, customer focus, and a positive work environment.
Alderney Gambling Control Commission
Established in 2000, the Alderney Gambling Control Commission (AGCC) is an independent regulator overseeing e-gambling in the British Channel Islands. It focuses on maintaining fairness in online gambling businesses, collaborating with entities like Guernsey Police and GFSC. In 2021, it generated nearly £2 million in profits, solidifying its reputation as a leading authority in the field.
AMLA EU
Anti-Money Laundering Authority of the European Union (AMLA EU) was established to strengthen the AML-CFT framework, supervise high-risk entities, and harmonize efforts against money laundering in the EU. Funded by the EU budget and fees from obligated individuals, it ensures the proper implementation of EU regulations.
AMLD5
The 5th Anti-Money Laundering Directive (5AMLD), EU Directive 2015/849, seeks to combat money laundering, terrorism financing, and evolving challenges by addressing novel areas, promoting transparency, improving data accessibility, fostering collaboration, and establishing updated criteria for high-risk third countries.
AMLD6
The 6th Anti-Money Laundering Directive (6AMLD), implemented in 2018, enhances the European Union's regulations against money laundering, aiming to counter organized crime and terrorism. It addresses loopholes, enhances transparency, and facilitates authorities in prosecuting offenders.
Anti-Money Laundering Directive (AMLD)
The AMLD establishes uniform regulations among EU member states to address money laundering and terrorist financing, promoting a standardized regulatory framework.
Arbing in betting
Arbing is a strategy employed by bettors who place simultaneous bets on all possible outcomes of a sports event to guarantee a profit. Referred to as "arbers," these individuals pose a substantial risk to bookmakers, leading to regulations on exchange sites. The technique generated $83.65 billion in 2022.
ARJEL
ARJEL, the regulatory authority for online gaming in France, oversees licenses for sports and horse race betting, as well as card games like poker. It enforces regulations to ensure compliance in the online gambling industry.
Army Romance Scam
An army romance scam involves impersonating military personnel for financial gain, manipulating victims into acting on the scammer's behalf, and possibly stealing personal information for other fraudulent activities.
Artificial intelligence (AI)
AI involves programming machines to simulate human intelligence, replicating human-like thinking.
Authorized Push Payment fraud
Authorized Push Payment (APP) fraud, a rising concern in the UK, has been exacerbated by real-time payment initiatives such as the Faster Payments service. According to the UK Payment Systems Regulator, losses from APP scams reached £583.2 million in 2021, marking a 39% surge from the previous year.
AMLID
The Anti-Money Laundering International Database, or AMLID is a global database analyzing AML laws and regulations, providing contact details for anti-money laundering authorities worldwide. It serves as a crucial reference for law enforcement, investigators, and those handling cross-border money laundering cases.
Account takeover (ATO) fraud
Account takeover (ATO) fraud involves thieves acquiring a user's authentic credentials to gain control of their online accounts, enabling them to conduct unauthorized transactions or make changes to the account.
Anti-money laundering (AML)
AML consists of protocols, legislation, and regulations designed to prevent criminals from laundering unlawfully acquired money by masking it as lawful earnings.
Access control
Access control is a foundational security method that manages permissions for users or entities within a computing system, determining their ability to access and utilize resources. This crucial security concept plays a key role in mitigating risks to the business or organization.
Application/app
An application is a software program installed on a device, often mobile, that necessitates authentication and authorization to secure access to its data, ensuring only authorized users can use it.
Authorization
Authorization, a server-based procedure, establishes a user's access rights, often for specific applications or types of information, serving various purposes.
Attack Protection
IDMERIT offers various security features to identify and counteract attacks, such as preventing brute-force attacks, implementing throttling for suspicious IPs, detecting breached passwords, identifying and blocking bots, and employing adaptive multi-factor authentication.
2FA
Moderate strength authentication employs two factors: something you know (username/password) and something you possess (token or cell phone) or something you are (biometric).
Authentication Standards
Authentication standards refer to established criteria and protocols that govern the verification of a user's identity, ensuring secure and reliable access to a system or service.
Account Takeover (ATO)
Account takeover (ATO) is a cyber threat in which unauthorized individuals gain access to consumer accounts, leading to financial loss or fraudulent transactions. This necessitates the implementation of solutions for fraud prevention and detection.
Active Liveness Detection
Active liveness detection, which necessitates users to perform specific physical actions for biometric verification, results in increased friction and higher rates of customer drop-off.
Address Risk
Utilizing technology, address risk assessment examines the potential for fraud linked to physical addresses, verifying their legitimacy and assessing the probability of a person residing at the specified address.
Address Verification Service
Address Verification Service (AVS) validates consumer details, including the correlation of shipping addresses and card ownership, by confirming billing addresses and ensuring identity match.
Age Verification System
Age verification systems confirm a person's age, restricting access to age-sensitive content and ensuring legal adherence in areas such as gaming, adult entertainment, and alcohol, thereby fostering a more secure marketplace.
Anti-Money Laundering (AML) & KYC
AML and KYC regulations require businesses to appoint senior AML officers, perform customer due diligence, monitor transactions, and report suspicious activities. Staying updated on regulations, training employees, and complying with authorities are vital. The FFIEC BSA/AML manual helps ensure compliance.
Application Fraud
Application fraud occurs when someone uses another person's personal information, without their permission, to apply for new financial products like credit cards, bank accounts, or loans.
Artificial Intelligence (AI)
AI allows machines to mimic intelligent human behavior, automating tasks and decision-making through algorithms that continually learn and adapt. It is utilized to enhance identity verification and predict fraud at scale.
Adverse media
Adverse media, also known as negative news, refers to unfavorable information present in various sources.
API (Application Programming Interface)
A system of guidelines enabling diverse software applications to communicate and collaborate seamlessly.
BaFin
BaFin, the financial regulatory body in Germany, supervises banks, insurance firms, and securities trading to ensure stability, compliance, and prevent money laundering by enforcing due diligence obligations.
Bank drop
Bank drops, associated with money laundering, involve criminal accounts established through fraudulent or stolen credentials. To address this threat, financial institutions should promote awareness, enact anti-money laundering initiatives, and fortify cybersecurity measures.
Bank regulation
Bank regulations, differing between countries, establish guidelines for financial institutions to safeguard consumers, maintain stability, combat financial crime, and encourage secure practices. These rules cover reserve, capital, and liquidity requirements.
Betting and Gaming Council (BGC)
The Betting and Gaming Council (BGC) is the voice of 90% of the UK online gambling industry, dedicated to enhancing standards, tackling problem gambling, and ensuring a fair, safer, and more enjoyable betting environment.
Betting Bots/Casino Bots
Automated betting tools, such as bots and scripts, present a notable risk to the iGaming sector by facilitating concerns like account takeover and bonus exploitation.
Biometric check
Biometrics involves capturing distinct physical traits for security purposes in gates, time clocks, and smartphones. Identification and verification use both passive and active features, with advancements in AI and camera technologies enhancing accuracy and reliability.
BKYC
BKYC, short for Business Know Your Customer, pertains to the authentication procedure for business clients.
British Esports Association
Established in 2016, the British Esports Association is a non-profit organization dedicated to promoting esports in the UK. It focuses on grassroots events, public education, and career guidance.
Bank Account Validation Service
AVS is a fraud prevention tool that validates real-time account information, safeguarding against payment fraud and delays in transactions such as ACH and micro-transactions.
Bank Secrecy Act (BSA)
The Bank Secrecy Act (BSA) mandates that US financial institutions cooperate with the government in addressing suspected cases of money laundering and fraud.
Bad Actors
Threat actors, or entities, are individuals or groups intending to cause harm to a business or environment. This harm may involve physical damage or cyber threats, such as unauthorized access to data centers or hacking with stolen credentials.
Behavioral Analytics
Behavioral analytics uses device intelligence and behavioral biometrics to create an identity-linked profile. It detects anomalies and potential fraud by comparing current behavior with past actions.
Biometric Verification
Biometric verification employs biological characteristics such as fingerprints or facial features to authenticate identity, granting access to secure areas, including financial services.
Background Screening
Background screening involves researching and gathering the employment, criminal, commercial, and financial histories of an individual or organization.
Bust-Out Fraud
Bust-out fraud involves maxing out a credit line without repayment, commonly orchestrated by organized crime rings. Detecting this fraud is challenging due to the difficulty in establishing trust, and it can lead to substantial losses for financial institutions.
Business & Entity Verification (KYB)
KYB procedures help financial institutions comprehend potential risks and activities of their enterprise customers to prevent financial crime.
Behavioural biometrics
Examine a user's cognitive patterns in digital media.
Blockchain
Blockchain, unlike traditional databases, utilizes cryptographic links to connect data stored in blocks within a shared database.
Biometrics
Biometrics is a technology employed to precisely recognize individuals by their distinctive physical and behavioral characteristics, primarily for purposes such as identification, access control, or surveillance.
Continuous Authentication
Continuous authentication tracks user sessions for alterations, employing biometrics and subtle cues to minimize risks such as impersonation and timeouts.
Canadian Gaming Association
The Canadian Gaming Association (CGA) unites operators and suppliers in Canada's gaming, sports betting, esports, and lottery industries, fostering advocacy, research, and collaboration.
Central Bank Digital Currency
CBDC, a decentralized digital currency issued by central banks, facilitates efficient payments, enables easy tracking, and reduces privacy. Almost 180+ nations have embraced it.
Collusion in Betting
Collusion in betting is an unethical tactic where two or more players collaborate covertly to gain an advantage. This form of cheating is most prevalent at poker tables, posing a substantial challenge to the online gambling sector and potentially leading to serious offenses like money laundering.
Chip dumping
Chip dumping in online gaming involves players deliberately losing or transferring chips to another player, which is illegal and harmful to the industry. To prevent this, operators should implement safety measures, identity verification, withdrawal limits, collaborate with authorities, utilize AI, and conduct regular audits.
Combating the Financing of Terrorism (CFT)
Globally, combating terrorism financing involves freezing assets, closing financial institutions, and criminalizing such funding. The Financial Action Task Force (FATF) oversees regulations, and anti-money laundering laws encourage reporting. Banking compliance is crucial as terrorists often use banks for fund transfers.
Compliance
Compliance involves the essential measures organizations must take to conform to laws, policies, and regulations, particularly crucial in industries like gaming, fintech, and mobility.
Cryptocurrency
A cryptocurrency is a digital form of currency designed for online transactions and payments.
Customer Due Diligence (CDD)
CDD is a mandated process for businesses to confirm customer identities and financial origins, comprising inquiries, reliance on reputable third parties, information gathering, enhanced due diligence, and ensuring data security.
CPPA
A CPPA, or corporate power purchase agreement, is a extended contract where a company commits to purchasing a portion or all of its electricity directly from a renewable energy source, like a solar or wind farm connected to the grid.
California Consumer Privacy Act (CCPA)
The CCPA and CPRA safeguard consumer rights by enabling them to request information, opt out, and manage the sharing and selling of their personal data.
Children’s Online Privacy Protection Act (COPPA)
COPPA, established in 1998, is a US federal law safeguarding the online privacy of children under 13 years old.
Card Not Present (CNP) Fraud
CNP fraud occurs when fraudulent activity takes place in transactions where a physical card presentation is not needed, typically occurring online.
Clean Fraud
Clean fraud involves deceptive activities that mimic legitimacy, making detection challenging. It typically exploits stolen or obtained data to deceive online retailers.
Computer Vision
Computer vision, a subset of artificial intelligence, enables digital systems to analyze visual data akin to human vision. In biometric facial matching, algorithms detect and compare facial features for biometric matches.
Consumer Friction
Consumer friction is any unnecessary effort or inconvenience that significantly slows down a consumer's action, potentially leading to transaction abandonment. It can occur offline or online, involving delays, extra steps, or manual reviews, and may be intentionally used to verify identity.
Customer Abandonment
Customer abandonment, or drop-off, happens when users leave a financial services application due to complex onboarding and excessive security checks causing friction and manual reviews.
Customer Auto-Approval
Customer Auto-Approval streamlines identity verification, reducing manual reviews and staff workload in various sectors. While offering 24/7 availability and consistency, it has limitations.
Customer Identity & Access Management (CIAM)
CIAM is a subset of identity access management focused on securely managing customer access to digital services.
Customer Onboarding
Customer onboarding is the procedure of creating a new consumer account, involving necessary Know Your Customer (KYC) checks or identity validation to prevent potential fraud.
Customer Pollination Fraud
Customer Pollination Fraud is the creation of synthetic identities by mixing real and fake information for building fraudulent credit histories. Regular monitoring is crucial to prevent severe penalties associated with this illegal practice.
Customer Data Platform (CDP)
A centralized database that gathers, combines, and oversees customer information from various origins, offering a holistic customer perspective for analysis and engagement.
Credit and Financial Identity
Creating an individual's credit and financial identity involves analyzing their financial information, history, and activity to expand access to various services.
Customer Identification Program (CIP)
The USA Patriot Act mandates financial institutions to implement a concise Customer Identification Program (CIP) comprising a written plan, four key identification pieces, verification procedures, recordkeeping, and customer notification.
Data Breach
Describes an event in which unauthorized individuals or software systems gain access to data.
Data Breach Prevention
To secure an organization, integrate technology, personnel, and processes, incorporating user authentication, real-time network monitoring, and circuit breakers to detect potential data breaches.
Danish Gambling Authority (DGA)
The Danish Gambling Authority (DGA) regulates and oversees the gambling market in Denmark, ensuring responsible gambling, protecting vulnerable players, and promoting technological innovation.
Data privacy
Data privacy is a facet of data security that deals with proper data handling, including consent, notification, and compliance with regulations, especially regarding lawful data collection, storage, and sharing with third parties.
DeFi – Decentralized Finance
Decentralized finance leverages blockchain for transparent, borderless, and permissionless financial services, utilizing Layer 1 cryptocurrencies, smart contracts, and decentralized applications. This system operates without central authorities or intermediaries.
Digital Onboarding
Digital onboarding streamlines online service sign-ups, ensuring a quick and hassle-free experience for customers, boosting satisfaction. This approach spans industries such as finance, insurance, gaming, automotive, and telecommunications.
Document Fraud
Document fraud involves creating, altering, or using fake or genuine documents to deceive controls, with penalties ranging from fines to imprisonment.
Dubai Financial Services Authority (DFSA)
The Dubai Financial Services Authority (DFSA) regulates financial activities in Dubai International Financial Centre, ensuring integrity and professionalism for investor confidence.
Due Diligence
Due diligence is an essential legal and business procedure that verifies information prior to making purchasing decisions, safeguarding both reputation and economic interests.
Deepfake
Deepfakes, using advanced deep learning, produce deceptive content for fraud, fooling verifications for fake accounts, accessing sensitive data, and authorizing unauthorized transactions.
Document check
Identity verification includes document checks on items like driver's licenses and passports to confirm their validity, utilizing either manual or automated methods.
Distributed identity
Distributed identity in a multi-cloud or hybrid-cloud strategy creates identity silos by storing digital identities in multiple locations, empowering individuals to control access to their personal information.
Digital Signature
An encrypted string safeguards token bits against tampering; any alterations will render the signature unverifiable, leading to rejection.
Digital Identity
Digital Identity is a virtual representation of a person, facilitating online tasks and automated access to services, transforming civil and personal identity.
Document Verification
Document verification confirms a person's identity by validating and verifying a government-issued ID.
Data Extraction
Data extraction uses OCR to retrieve information from the front of a government-issued ID for verifying security features, fonts, formats, and digit validation.
Demand Deposit Account (DDA) Fraud
Demand deposit account fraud involves stealing debit cards or PINs, resulting in fund depletion and misusing checks through endorsements or kiting schemes, occurring online, via mobile, or at ATMs in various forms.
Device Fingerprinting
Device fingerprinting involves gathering details about the software and hardware of a remote computing device to identify it uniquely.
Device Risk
Device risk assesses the likelihood of fraud by analyzing the characteristics and past activities of a device.
Digital Identity Verification
Digital Identity Verification Utilizing AI technology such as machine learning, IDMERIT Document Verification is a vital tool for digital identity verification, playing a key role in preventing identity fraud through efficient and secure transactions.
Digital Onboarding
Digital onboarding integrates new individuals, utilizing technology for collecting, processing, and verifying information, reducing the need for in-person interactions, particularly during the COVID-19 pandemic.
Documentary Verification
In accordance with BSA/CIP standards, documentary verification mandates financial institutions to confirm a customer's identity during account opening by utilizing a valid government-issued ID.
eID
eID, or electronic identification, is a digital passport verifying the identity of individuals or organizations, enabling access to services from government agencies, banks, or other entities.
eIDAS
The eIDAS Regulation, effective since 2016, ensures legal certainty for digital transactions in the EU by promoting harmonized laws, security, and interoperability. It categorizes electronic signatures into simple, advanced, and qualified types.
eIDV
Electronic identity verification (eIDV) is the initial phase of the Know Your Customer (KYC) process, confirming individual identities by cross-referencing information such as name, date of birth, address, and other specified criteria from both public and private datasets.
Embezzlement
Embezzlement Embezzlement, a form of financial fraud, leads to losses, disruption, and erosion of trust. Detection requires monitoring financial alterations, vigilant employees, and transaction records.
Enhanced Due Diligence (EDD)
EDD is a risk-based KYC process that organizations use to prevent financial crime, assessing the identities, fund sources, and transactions of high-risk individuals.
European Casino Association (ECA)
The European Casino Association (ECA) is a non-profit organization advocating for European casino operators, raising awareness, providing information, and contributing to EU decisions on casino-related issues.
European Gaming and Betting Association (EGBA)
EGBA, a trade group representing leading European online gaming operators, strives to establish a thoroughly regulated industry, advocate for responsible gambling, and publish sustainability reports to encourage responsible gaming practices.
eKYC
eKYC is a digital process in banking, telecom, and healthcare to verify customer identities using electronic documents and biometric authentication. Its adoption has accelerated during the COVID-19 pandemic, reducing in-person interactions and enhancing customer service.
Fake ID Fraud
Fraudulent use of fake IDs for financial crimes, identity theft, and human trafficking requires financial institutions to implement training, KYC processes, and alert mechanisms for protection.
False Acceptance Rate (FAR)
FAR in biometric security measures false acceptances, indicating system precision and technology advancement through the rate of unauthorized user verifications.
Financial Action Task Force (FATF)
Established in 1989, the Financial Action Task Force (FATF) collaborates with 39 member countries to set and monitor standards against money laundering and terrorist financing.
Financial Services Regulatory Authority Abu Dhabi (FSRA)
Abu Dhabi's FSRA regulates financial activities, enforces global standards, and combats financial crimes. In 2021, it introduced a new framework for third-party fintech services.
FINTRAC
FINTRAC in Canada enforces PCLMFTA compliance, collaborating with authorities to combat money laundering and financial crimes.
Fraud
Fraud in legal terms involves deceit aimed at obtaining unjust gains or denying someone their legal entitlements. In identity verification, preventing fraud is crucial and requires appropriate measures.
False negative
In identity verification, a false negative occurs when a genuine user is unable to be verified, leading to the exclusion of the legitimate individual.
False positive
In identity verification, a false positive occurs when an individual successfully clears the identity check despite providing inaccurate information, essentially allowing a fraudulent actor to pass through.
Federal Trade Commission (FTC)
The Federal Trade Commission (FTC) is a U.S. federal agency that prevents fraudulent business practices, safeguards consumer rights, and educates against scams and fraud.
Federated identity management (FIM)
Federated identity management (FIM) links user identities across security domains, facilitating single sign-on (SSO) and streamlined resource access within Identity and Access Management.
Financial Crimes Enforcement Network (FinCEN)
The Financial Crimes Enforcement Network (FinCEN), part of the US Treasury, prevents money laundering and enhances national security through financial transaction analysis.
Financial Industry Regulatory Authority (FINRA)
The Financial Industry Regulatory Authority (FINRA), a non-profit organization, is committed to protecting investors from fraud and misconduct by regulating broker-dealers.
Fullz
"""Fullz"" is a term used by criminals for packages containing individuals' complete information, often exploited for illegal activities in the black market."
Federated Identity
Federation operates on a trust basis, where an identity provider authenticates and authorizes users, while a service provider manages access to resources.
Facial Recognition Technology
A collection of digital tools designed for various tasks related to human faces, such as detecting the presence of a face in an image, analyzing facial features, and identifying the individual depicted.
Face verification
When verifying identity, entities may compare a facial image or recording with an existing one to confirm a person's claimed identity.
Face Match
Face match technology, or face recognition technology, analyzes an image with a face and determines if it likely corresponds to one or more other facial images, indicating a potential match for the same individual.
Face identification
When attempting to recognize a face in surveillance footage without prior knowledge of the person's identity, individuals often compare a given faceprint to a gallery of faceprints to identify a match.
False Positive Ratio
In fraud detection, the false positive ratio gauges a model's accuracy by measuring instances where flagged accounts are not actually fraudulent. A ratio of 2:1 signifies two flagged accounts for each genuine fraud incident.
Financial Crime
Financial crime involves misusing funds for personal gain through activities like fraud, embezzlement, money laundering, insider trading, and Ponzi schemes, often leading to severe consequences.
First Payment Default (FPD)
First Payment Default (FPD) happens when a borrower misses their first payment, indicating potential future financial issues. Lenders may use terms like Never Pay or Straight Roller based on severity.
First-party fraud
First-party fraud, exploiting one's identity for gain, requires proactive measures like identity verification, ongoing monitoring, and data analysis to safeguard businesses, maintain a secure economic environment, and ensure a positive customer experience.
Friendly Fraud
Friendly fraud, also known as chargeback fraud, occurs when a cardholder disputes a purchase on their statement, claiming it as fraudulent, even though they or someone they know may have made the purchase.
Frictionless Onboarding
Frictionless onboarding streamlines customer adoption by understanding user needs and creating engaging processes.
Fuzzy matching
IDMERIT utilizes proprietary fuzzy matching techniques in computer science and identity verification, enhancing match accuracy by accommodating typos, miskeys, and cultural variations in partially matching text elements.
Fraud Detection and Prevention
Fraud solutions employ risk-based methods to scrutinize transaction records and network activities, aiming to detect possible instances of fraudulent or high-risk behavior patterns.
Facial biometrics
Utilizing facial images for identity verification involves employing technology to authenticate individuals based on their facial features.
Facial Matching
Facial matching is a biometric authentication method involving computer vision algorithms that assess the biological facial attributes in two images to determine a "match" or "no match" result.
Fraud Detection and Prevention
Fraud solutions employ risk-based methods to assess transaction history and network activity, aiming to detect possible instances of fraudulent or high-risk behavior patterns.
Gibraltar Betting and Gaming Association (GBGA)
The GBGA is a Gibraltar-based trade association that advocates for online gaming operators, emphasizing legal and regulatory compliance, data protection, and the promotion of responsible gambling practices.
Gibraltar Regulatory Authority (GRA)
The Gibraltar Regulatory Authority (GRA) is a non-profit organization in Gibraltar that formulates regulations for online gambling firms, ensures equitable gaming, and advocates for player protection and responsibility.
Glücksspielstaatsvertrag (GlüStV)
Germany's Glücksspielstaatsvertrag introduces new gambling laws to prevent addiction, combat black markets, protect youth, and maintain sports integrity.
Gnoming/Multi-Accounting in betting
Gnoming in betting involves creating multiple accounts under someone else's name to exploit platform restrictions for bonuses and manipulate odds, potentially resulting in tax-free income and harm to sportsbooks.
GSC Isle of Man Supervision Authority
Established in 1962, the Isle of Man Gambling Supervision Authority (GSC) issues licenses to online platforms, ensuring fair and responsible gambling practices.
General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) mandates strict data privacy rules for businesses collecting personal information on EU citizens, covering data such as IP addresses, cookies, addresses, and Social Security numbers.
Global Checks
A thorough global sanctions check scans international watchlists to ensure a candidate is not listed, a vital step for compliance with regulations such as the Anti-Money Laundering Act and the Patriot Act.
Global Watchlist
Databases perform regular identity checks on individuals suspected of terrorism, money laundering, fraud, and against adverse media or sanctions lists maintained by government, regulatory agencies, and businesses.
Generative AI fraud
Generative AI fraud utilizes neural networks to create fake content, including selfies, videos, and audio, to bypass verification systems and engage in spam and phishing.
Governance, risk, and compliance (GRC)
GRC denotes how an organization manages governance, risk, and compliance, including legal responsibilities, security, and internal controls.
Gramm-Leach-Bliley Act (GLBA)
The Gramm-Leach-Bliley Act mandates financial institutions to protect private information and disclose their information-sharing practices.
Health Insurance Portability & Accountability Act (HIPAA)
The Health Insurance Portability & Accountability Act of 1996 (HIPAA), a 1996 US federal law, sets privacy standards for all healthcare information, regardless of its form or transmission method within and outside healthcare facilities.
Identity as a Service (IDaaS)
Outsourcing identity management to a cloud-based service minimizes the necessity for in-house software or functional development.
Identity Management
The encoding of users and groups, along with their metadata such as contact details and location, involves authentication mechanisms.
Identity Theft
Identity theft is a widespread issue globally, with 20% of Europeans experiencing personal information fraud in recent years.
ICAO 9303
ICAO 9303, set by the United Nations' International Civil Aviation Organization (ICAO), defines global standards for Machine Readable Travel Documents.
Impostor Fraud
In 2021, impostor fraud, a prevalent form of deception, caused losses exceeding USD 2.3 billion, eliciting 984,756 complaints and ranking as the second most reported fraud in the United States.
International Betting Integrity Association
Founded in 2005, the International Betting Integrity Association represents regulated sports betting operators. Collaborating with organizations like the IOC and FIFA, it employs an anti-corruption tool to eliminate illegal activities such as spot-fixing.
ID documents
An identification document, like passports, ID cards, IC cards, or citizen cards, serves as proof of an individual's identity.
Identity Fraud
Identity fraud involves utilizing someone else's personal information without their permission.
Identity Verification
Identity verification services authenticate physical identity documents like driver's licenses, passports, or nationally issued papers through documentary verification, ensuring accuracy.
iGaming Ontario (iGO)
iGaming Ontario, a branch of the Alcohol and Gaming Commission of Ontario, is responsible for managing the growth of the iGaming sector in Ontario as mandated by a recent legislation.
International Association of Gaming Regulators (IAGR)
Established in the 1980s, the International Association of Gaming Regulators (IAGR) became an independent non-profit organization in 2011 after breaking away from the International Association of Gaming Attorneys in 2010. IAGR provides a platform for global regulators to convene, share best practices, and discuss policies.
Instituto Brasileiro de Jogo Responsável (IBJR)
IBJR in Brazil is spearheading a major change in gambling laws since 1946, focusing on responsible gambling to revolutionize online gaming.
INFORM Consumers Act
The INFORM Consumers Act requires online marketplaces in the United States to minimize the sale of stolen and counterfeit goods and address various forms of marketplace fraud.
Identity Assurance Levels (IAL)
Identity Assurance Levels (IALs) are NIST-established benchmarks assessing the certainty in confirming an individual's asserted identity as their authentic identity.
Identity and access management (IAM)
Identity and access management (IAM) is essential for managing access to secure systems for employees, users, or third parties.
Identity authentication
Identity authentication involves verifying if users should be granted specific actions or services.
Identity graph
An identity graph is a database that illustrates the relationships among user accounts through shared attributes like names, email addresses, device fingerprints, IP addresses, or birthdates.
Identity verification (IDV)
Identity verification (IDV) is an essential procedure that validates the genuine identity of an individual or business prior to engaging in any transactions.
Identification
The procedure includes confirming an individual's identity through official documents, alternative data sources, and collecting biometric data to establish or validate their identity.
Identity Attribute
A digital identity encompasses vital details like name, address, phone number, and affiliations, including key attributes such as date and place of birth, as well as gender.
Identity Hub (Broker)
The Identity Hub links service providers with trusted Identity and Authentication providers, ensuring compliance with IPP 12 through federated identifiers and managing trust levels.
Identity validation
Identity validation involves confirming a person's real-world existence by cross-referencing their personal details, including name, address, phone number, and email, using databases.
Identity proofing
Identity proofing verifies if a user is genuinely who they claim to be, using methods like Document Verification and IDV/(KYC) during enrollment or account registration for heightened assurance.
Identity theft protection
Consumer Identity Theft Protection monitors personal data for irregularities like social security or credit card issues, offering restoration through reimbursement, customer support, and legal assistance to minimize damage from identity theft.
Identity wallets
Identity wallets, smartphone apps that enable individuals to oversee their digital identity credentials and information, provide control over the sharing of data, ensuring privacy, security, and consent management.
Identity Document Verification
ID document verification is a procedure that employs machine learning, artificial intelligence, and computer vision technologies to confirm the authenticity of a government-issued ID.
Identity Fraud Detection and Prevention Software
Digital identity fraud poses risks to finance, regulations, and reputation. Adapting software is crucial, but security measures may impact user experience and revenue. Understanding these factors is essential for minimizing risk and maximizing revenue.
Identity Fraud Detection in Banking
Identity fraud in banking is growing, with 36% of US customers experiencing financial fraud in the past year. To address this, banks must implement protective measures and provide clear guidelines for individuals.
Identity Verification Software
Fintech's growth sparks an ongoing battle between businesses and bad actors, demanding robust identity verification. Traditional methods fall short against digital fraud, but identity verification software offers tools for enhanced security and user-friendly experiences.
Image Capture Application
A photo capture app facilitates users in uploading document scans and selfies from their smartphone cameras, connected to a network, for ID verification and biometric purposes.
Identity fraud management
Identity fraud risks personal finances and security, but AI software, biometrics, and tailored security protocols can protect valuable assets.
Identity trends
The rise of digital identities, while diminishing reliance on driver's licenses, brings security challenges like identity theft and fraud. Effective management methods are crucial to address these concerns.
Identity Analytics
Examining user identity data and behavioral patterns to enhance security, customization, and user experiences.
Identity Governance and Administration (IGA)
The field and tools employed to oversee and control user identities, roles, and access privileges in an organizational context.
Identity Verification (KYC)
IDV/KYC is the process of confirming a user's true identity, utilizing data-centric methods such as document authentication to validate government-issued IDs.
IDMaml
IDMaml minimizes money laundering and illicit activity risks, helping build a robust compliance program and reducing fraud and losses.
IDMscan
IDMscan is a tool designed to verify and authenticate customer identity by scanning documents like passports.
IDMkyc
IDMkyc is a leading KYC solution with quick identity verification and robust fraud detection. Through its REST API, it accesses 400+ data sources across 175+ countries, providing seamless digital KYC solutions.
IDMlive
IDMlive offers a secure and convenient video identification software for live customer verification with agent assistance, enabling remote identity verification.
IDMtrust
Identify high-risk clients and onboard reliable customers.
IDMsocial
Retrieve user data from over 20 social media platforms and achieve verification through your social account, even without a bank account.
IDMkyb
Validate business legitimacy swiftly using IDMkyb. Our API offers a seamless and effective solution for businesses to instantly verify customer identities.
Identity verification services
Safely authenticate your customers and clients using our cutting-edge digital identity verification solutions, customized to suit your business requirements. Our scalable platform is suitable for businesses of all sizes, ensuring a secure and efficient verification process.
IDMkyx
IDMERIT provides secure verification solutions for businesses, ensuring compliance with anti-money laundering regulations and verifying customer identities.
Know Your Patient (KYP)
Know Your Patient (KYP) is a healthcare procedure designed to confirm and periodically validate a patient's identity, guarding against fraudulent activities, safeguarding confidential information, and maintaining compliance with HIPAA regulations.
Know Your Seller (KYS)
Online marketplaces use "Know Your Seller" (KYS) to verify seller identities based on criteria like a minimum of $5,000 in revenue and 200 transactions.
Know your business (KYB)
KYB is a corporate KYC process ensuring business legitimacy and safety through key details and continuous AML monitoring.
Know your customer (KYC)
KYC, or customer due diligence, involves confirming the identities of existing or potential customers and assessing potential business risks.
Knowledge-based authentication (KBA)
Knowledge-based authentication (KBA) verifies users by posing personal questions, either static (security questions) or dynamic (using credit history or public records), prior to login or action.
Knowledge-based verification (KBV)
Knowledge-Based Authentication (KBA) or Knowledge-Based Proofing (KBP) is an identity verification approach utilizing private information linked to the asserted identity.
Kansspelautoriteit
Founded in 2012, the Kansspelautoriteit is the autonomous Dutch regulatory body tasked with overseeing and enforcing the Gambling Act, as well as regulating the games of chance sector.
KYC Check
Banks and financial service providers utilize KYC checks to confirm customer identities, thwart money laundering, and safeguard the economy.
Layering in money laundering
Money laundering, a worldwide financial system problem, comprises three phases: placement, layering, and integration. Illegally obtained funds are collected, fragmented into smaller amounts during layering to obscure their source, creating challenges for authorities in tracking their origin.
License Conditions & Codes of Practice (LCCP)
The UK's License Conditions & Codes of Practice (LCCP) set rules for gambling operators, ensuring fairness, transparency, and responsible practices. Non-compliance may result in penalties or license revocation.
Liveness detection
Active liveness detection combines user actions such as blinking, facial movements, or keystroking with biometric checks to ensure the verification of user presence.
LOA (Level of Assurance) - Identity
An LOA framework assesses identity provider reliability. Levels 1 and 4 lack proofing but allow remote registration. Level 1 needs a government photo ID, Level 3 requires document verification, and Level 4 involves in-person registration with two ID documents.
LOA (Level of Assurance) - Authentication
An LOA framework assesses authentication reliability across levels, from Level 1's diverse technology acceptance to Level 4's top-tier assurance for remote network authentication.
Legacy identity system (IDP)
Organizations need to update outdated on-premises identity management systems for modernization without the need for extensive refactoring, as these systems are not originally designed for cloud environments.
Multi-Factor Authentication (MFA)
Multi-factor authentication (MFA) improves security by demanding multiple credentials for user authentication, preventing unauthorized access and identity spoofing, using methods like one-time passcodes.
Money services businesses (MSB)
Money Services Businesses (MSBs) like currency dealers and money transmitters are regulated under BSA and AML rules, posing high risk due to limited customer relationships.
Machine Learning
Machine learning, a branch of AI, involves computer programs that autonomously learn and adapt to new data without human intervention.
Malta Gaming Authority (MGA)
Since 2001, the Malta Gaming Authority (MGA) has been a global leader in regulating diverse gaming sectors, being the first EU member state to oversee remote gambling.
MiCA
MiCA oversees digital platform crypto asset regulation, encompassing utility, payment, and e-money tokens. It sets rules, fosters collaboration, and forms the European Blockchain Partnership.
Money Laundering
Money laundering involves unlawfully hiding the source of funds obtained through intricate banking transactions, typically executed by individuals such as money mules or account holders.
Matched Betting
Matched betting is a risk-free strategy where individuals place bets on two possible outcomes, ensuring profit regardless of the result, despite potential legal or controversial concerns.
Money Mules
Money mules, unknowingly contributing to criminal activities, willingly share their information to aid fraud. They open bank accounts, enabling criminals to execute financial misappropriations without their awareness of the consequences.
Machine Readable Zone (MRZ)
The machine readable zone (MRZ) on a government ID contains machine-readable data that is compared with the information on the front of the document using optical character recognition (OCR).
Marketplace Fraud
Marketplace fraud involves deceptive listings, misrepresented items, and undeliverable goods, leading to financial risks and reputational damage for platforms.
National Institute of Standards and Technology (NIST)
NIST, a Commerce Department lab, drives innovation through technology standards, including biometric software certification.
National Games Authority (ANJ)
The National Games Authority (ANJ) is an independent French authority that oversees licensed gambling activities, including casinos, and ensures responsible gaming policies are enforced.
Near-field communication (NFC)
Sony and Philips jointly developed NFC technology in the 2000s, enabling secure data exchange and document reading among mobile devices.
Non-Fungible Token
NFTs, unique digital assets on blockchains, gained popularity in 2021, revolutionizing digital art consumption. Regulations are essential to prevent Identity Fraud and Money Laundering in the NFT space.
Optical Character Recognition (OCR)
Optical character recognition (OCR) is a computerized technique that automatically transforms text from a scanned document into a format suitable for machine processing.
Ontario Lottery and Gaming Corporation
Since 1975, the Ontario Lottery and Gaming Corporation manages gaming, lotteries, and related products in Ontario to generate revenue, promote economic development, and ensure responsible gambling.
OFAC
The Office of Foreign Assets Control (OFAC), is a division of the United States. Treasury, is responsible for implementing and overseeing U.S. economic and trade sanctions against nations and specific groups of individuals.
Personally identifiable information (PII)
PII, or personally identifiable information, encompasses direct and indirect data elements such as name, address, and contact details, which are utilized for individual identification.
Politically exposed person (PEP)
A politically exposed person (PEP) is at an elevated risk of engaging in financial misconduct such as corruption, bribery, or money laundering due to their significant position of power and influence.
PCMLTFA
The PCMLTFA is a Canadian law targeting money laundering and terrorist financing, setting rules for businesses, requiring reporting of suspicious transactions, and establishing relevant agencies.
Proceeds of Crime Act (POCA)
The UK's Proceeds of Crime Act 2002 targets criminal proceeds, dismantles organized crime, and addresses theft, fraud, money laundering, and tax evasion.
P2P Fraud
In 2022, Americans incurred $2.7 billion in P2P fraud costs, prompting a shift in liability from consumers to banks and fintechs. Effectively identifying and preventing fraudulent transactions is imperative.
Passive Liveness Detection
Passive liveness detection effortlessly verifies facial biometrics by detecting liveness without requiring user actions such as blinking or smiling.
Peel Chain
The peel chain technique involves laundering significant volumes of cryptocurrency through multiple small transactions, typically converting them to fiat currency via exchanges.
Phone Risk
Phone risk assessment utilizes technology to verify the legitimacy of a phone number and assess the likelihood of the owner's identity, particularly in relation to fraud risk.
Piggybacking Credit
Piggybacking involves leveraging someone else's credit history to improve one's own credit score, but it comes with risks that need careful consideration.
Predictive Analytics
Predictive analytics leverages past data to forecast future trends, improving fraud detection with advanced algorithms and precise models.
Presentation Attack Detection (PAD)
Presentation attack detection identifies fraudulent biometric attempts, such as using high-quality photos or 3D masks to substitute real data from a live person in a biometric system.
Passive facial liveness
This technology distinguishes between a live person in front of a camera and a photo or video featuring the same face.
Qualified Electronic Signature (QES)
The Qualified Electronic Signature (QES) requires a qualified device and certificate, offering top-tier security and legal protection with the burden of proof on the disputing party.
Red Flags Rule
The FTC's Red Flags Rule mandates financial institutions to create a written program for preventing identity theft, involving red flag identification, identity verification, appropriate actions, and strategy updates.
Regtech
Regtech utilizes technology to help companies in the financial sector meet regulatory compliance, specifically in areas like anti-money laundering, KYC, and CDD.
Romance Fraud
Romance fraud involves exploiting emotional relationships for financial gain. In 2020, losses of over 91 million USD were reported in Australia, and the U.S. recognized losses of 547 million USD in 2021. Victims are manipulated to participate in money laundering.
Risk Based Authentication (RBA)
Risk Based Authentication (RBA) is a pre-set, real-time authentication method that assesses the risk associated with an access attempt and offers users suitable authentication choices.
Remote identity proofing
Remote identity proofing (RIDP) verifies identity remotely through knowledge-based challenges about credit history or other data.
Regulatory Compliance
To operate effectively, businesses must comply to financial and legal regulations to mitigate legal, financial, and reputational risks.
RESTful API
A RESTful API follows the REST architectural style and allows interaction with RESTful web services, which stands for representational state transfer.
Regulatory Compliance Transaction Monitoring
AML transaction monitoring enables financial institutions and money services businesses to identify potentially suspicious customer activity, report to national FIUs, and prevent financial crime by monitoring transfers, deposits, and withdrawals.
Red Flagged Profiles
A red flagged profile is a signal of potential issues or threats. It is used by investors, analysts, or economists to analyze risks, historically representing dangerous situations.
Security Assertion Markup Language (SAML)
SAML serves as a standardized protocol employed to integrate authentication and authorization functions across various systems, predominantly facilitating single sign-on functionality among applications sourced from diverse vendors.
System for Cross-domain Identity Management (SCIM)
SCIM operates as a REST-centric platform designed to model identity information using entities such as users and groups. This framework enables the modification of these entities in the form of JSON objects.
Security
The key focus of the KYC process is security. By thoroughly examining security features, fraud prevention can be established. To address evolving fraud tactics, vulnerabilities must be considered. Biometric checks, when used in conjunction with additional steps, create a strong security framework.
Smurfing
A 'smurf' is a player who creates a new account in online games to compete against lower-ranked opponents. This term originated in Warcraft II when two skilled players made accounts to avoid cheating.
Synthetic Identity Fraud
A rising financial crime, synthetic identity fraud cost lenders a lot of money in 2016 and accounted for 20% of credit losses. Fraudsters take advantage of security enhancements in credit card chips and records breaches to create false identities using personal information.
Similarity Fraud
Look-alike fraud, often referred to as similarity fraud, is a type of identity theft when the criminal uses the personal information of a person who resembles the victim physically or behaviorally in order to make the fraud harder to identify.
Stack Balancing
Due to compliance violations, stack balancing—a popular betting collusion technique—can result in legal problems, harm to an online betting platform's image, and loss of business.
Simple Electronic Signature (SES)
With stringent requirements in Europe and the UK, electronic signatures, such as Simple Electronic Signature (SES), are commonly employed in organisations to securely connect signers with documents.
Spelinspektionen Swedish Gambling Authority?
With a permission requirement for gambling software that is scheduled to take effect in July 2023, the Swedish Gambling Authority (SGA) oversees the online gambling sector and ensures safety and compliance with the 2019 Gambling Act.
Sanctions List
A sanctions list is an enumeration of people, organisations, or nations that are prohibited by governments or international organisations due to risks to national security, acts of terrorism, or breaches of human rights.
Suspicious Activity
Individuals may perceive suspicious behaviour differently, but generally speaking, suspicious activity is defined as observable behaviour that raises the possibility that someone is doing or about to commit a crime.
Sanctions
Sanctions are harsh punishments levied by nations as a form of strategic self-defense or retaliation for breaking laws or regulations.
Securities and Exchange Commission (SEC)
Overseeing securities exchanges, safeguarding investors, and promoting capital creation are the responsibilities of the US Securities and Exchange Commission (SEC), a federal organisation.
Self-sovereign identity (SSI)
Self-sovereign identification, or SSI, is a digital identity solution that uses blockchain technology to give people control over how their personal information is used and their digital identities.
Selfie check
Selfie checks are techniques for confirming identity that ask users to snap a picture of themselves and compare it to a document supplied by the government.
Spear phishing
Spear phishing is an email spoofing assault that targets a particular company or person by pretending to be someone they know and trust in order to get private data.
Strong Customer Authentication (SCA)
Strong Customer Authentication (SCA) requires organisations to employ two separate authentication components for payment verification, with 3D Secure 2 serving as the primary authentication method, as of September 14, 2019.
Subject Access Request (SAR)
A subject access request (SAR) is a formal request made by an individual under data privacy rules such as the GDPR and CCPA/CPRA to reveal their personal data and how it is used.
Synthetic ID
When fraudsters build a synthetic identity (ID), they typically combine actual and fictitious data to create a phoney identity that is used for fraudulent actions such as creating accounts, making purchases, and committing healthcare and employment fraud.
Synthetic Fraud
In synthetic fraud, a false identity is created by faking personal identification numbers and actual information, which is then used to open credit cards, open fraudulent accounts, and make unrepaid purchases.
Security Token
Artefact that has been digitally signed and serves as proof that the user's authentication was successful.
Session cookie
In order to avoid repeating token operations and to allow users to be regarded as authenticated as long as the cookie is present, middleware emits an object indicating successful authentication with an identity provider.
Suspicious IP Throttling
Using this technique, you can protect your renter against rogue login attempts that attempt to access several accounts from the same IP address.
Single sign on (SSO)
Software systems with access control enable users to log in with a single ID and password, facilitating easy access to linked systems without the need for separate login credentials.
Self asserted attribute
The subject claims something without having it independently verified.
Service provider
A private firm or agency providing services.
Sanctions Screening
Sanctions screening is an AML regulation that countries impose and enforce on people and organisations that are forbidden from conducting business within their borders in order to identify, stop, and disrupt financial crime.
Selfie ID Verification
Selfie ID verification, which combines high-level security with ease through cutting-edge technology, is a potential response to today's security issues.
Shipping Fraud
When a customer uses a false delivery address or a seller gets paid but never ships, it's known as shipping fraud. This happens most frequently when stolen credit cards are used for online purchases. Once shipment confirmation is received, the original address is modified.
Sigma Fraud Score
The Sigma Fraud score, ranging from 0 to 1, is generated by the Sigma Fraud model to predict the likelihood of presented identity being fraudulent. Higher scores signify increased risk.
Single Frame Liveness Detection
Single frame liveness detection streamlines the facial matching and liveness assessment process by using a single selfie image. This eliminates the need for users to capture multiple images or record videos for authentication.
Sleeper fraud
Sleeper fraud involves creating a dormant fake identity, known as a "sleeper," to bypass fraud detection systems that flag new identities as high-risk, restricting immediate credit access.
SOC 2 Type 2 Controls
SOC 2 Type 2 controls refer to the internal measures implemented by a company to protect customer data, addressing risks related to third-party technology services.
Sponsor Bank
A sponsor bank, often a federally or state-chartered institution affiliated with credit card associations, provides financial oversight and compliance support to fintechs, assuming the risk for their customers and transactions.
Spoofing
In biometric verification, spoofing, or presentation attacks, involve cybercriminals submitting fraudulent biometric data to mimic a genuine user. Common facial spoofing techniques include using high-definition photos, cut-out masks, video frames, and 3D masks.
Synthetic identity verification solutions
To combat synthetic identity fraud, adopt robust identity verification, advanced analytics, machine learning fraud detection, and biometric authentication. Collaborate with organizations and regulatory bodies while investing in effective tools to protect your business and customers.
Time-Based One-Time Password (TOTP)
TOTP enhances security by generating time-based codes using a secret seed and current date/time. Intercepted codes expire in a minute, adding complexity to attacks. It's cost-effective on hardware/smartphones, and the seed is hard to replicate.
Token Authentication
Authentication involves a signed cookie with session data for user validation. Initially, a traditional method establishes user identity, and a token is generated for subsequent re-authentication.
Two-Factor Authentication (2FA)
Two-factor authentication, a component of multi-factor authentication, enhances security by employing two out of three authentication factor categories. This approach significantly bolsters security as each factor necessitates a distinct type of attack for compromise.
Terrorist Financing
Terror financing involves supporting terrorists through fundraising and money laundering, with online banking and digital currencies making it easier, especially for groups like ISIS. Global efforts, led by organizations like the United Nations since 2001, focus on countering terrorism financing through actions and anti-money laundering measures.
Trust Framework Certification
The Digital Identity and Attributes Trust Framework establishes rules and standards for trustworthy digital identity products in the UK. Organizations can obtain a trustmark through formal assessment, signifying their secure handling of individuals' identity data. It currently applies to Right to Work, Right to Rent, and DBS (Criminal Background Check) sectors.
Trust
Resources rely on an identity provider or authority by trusting the information provided about its users.
Thin File
A thin file pertains to individuals with minimal credit history, leading conventional fraud prevention models to lack sufficient data for risk assessment. Consequently, numerous businesses automatically reject legitimate consumers in this category, resulting in missed revenue opportunities.
Third Party identity fraud
Third-party identity fraud occurs when a stolen identity is used for fraudulent activities without the knowledge of the individual whose identity is exploited. The involved parties typically include the fraud perpetrator and the financial institution.
Universal Authentication Frameworks
UAF, an open standard by FIDO Alliance, offers secure passwordless primary authentication, unlike U2F's second-factor approach. However, its widespread adoption is limited due to lack of integration into major browsers.
United Kingdom Gambling Commission (UKGC)
The UK Gambling Commission, headquartered in Birmingham, regulates gambling activities in the UK, overseeing all regions, including Northern Ireland, under the UK Gambling Act of 2005.
USA Patriot Act
The USA PATRIOT Act, enacted after 9/11, prevents terrorism by addressing money laundering and funding of terrorist activities, building on the Bank Secrecy Act and related anti-money laundering statutes.
Ultimate Beneficial Owner
UBO refers to an individual or entity that benefits from a company, and financial institutions must disclose UBO information during transactions. Companies in Know Your Business processes must authenticate UBOs.
Universal Login
IDMERIT's integration of the authentication process, a pivotal aspect of an Authorization Server, involves directing your applications to Universal Login whenever a user must verify their identity. IDMERIT takes the necessary steps during this process to ensure the user's identity is securely established.
Unstructured Documents
Unstructured documents, such as pay stubs, tax returns, utility bills, and birth certificates, can be scanned and stored as part of account origination, and verification may or may not be necessary.
Verified Credentials
Confirmed credentials consist of one or more assertions presented by an issuer. A verifiable credential is an indisputable credential with authorship that can be cryptographically authenticated, and the assertions within it may pertain to various subjects.
Verification
The act of verifying the truth, precision, or legitimacy of a given matter.
Verified Attribute
An attribute validated by an external third-party authority.
Verified Identity
An identity acknowledged by an authoritative body.
Watchlists
Watchlists consist of individuals or entities that businesses observe and evaluate, including OFAC sanctions, SDN, and PEP lists. These lists are utilized to improve user comprehension, identify fraudulent activities, and perform KYC/AML monitoring.
WAYF
WAYF functions as a tool designed to lead users to their Authentication Provider or aid in the selection of a suitable Identity Provider. This service has the capability to be contextually aware, ensuring that it presents only relevant Identity Providers based on the situation.
Zero Trust
The zero trust model is a data security strategy that restricts access to requested information until user identity is verified, promoting the principle of "distrust everyone and validate all."
Zelle Fraud
P2P money transfer apps are increasingly used for fraudulent activities, with scammers exploiting their user-friendly nature and rapid transfer capabilities, such as social engineering and deceptive schemes.