Glossary

In terms of identity verification, there are numerous complex terms and acronyms abound, making it challenging for the users to maintain clarity. There are few terms which are not so common but hold equal importance as other terms. In this glossary, we aim to explain the key identity concepts and address common inquiries for each term.

A

  • Access Management

    Configuring access levels in a software system involves granting authorized users access and preventing unauthorized access. This may include organizing access hierarchies through user groups. Regular auditing and maintenance are necessary to adapt to evolving business needs and employee roles.

  • Active Directory Federation Services (ADFS)

    ADFS establishes a federated authentication system for Microsoft-centric networks using Active Directory. It enables seamless authentication and single sign-on across large organizations, granting autonomy to individual groups for managing their access control needs.

  • Adaptive Authentication

    Adaptive authentication adjusts security measures based on user, device, and location context, considering both static factors like user type and dynamic elements such as access patterns. For instance, users accustomed to logging in from a specific location may face restrictions if attempting access from elsewhere.

  • Adaptive Multi-Factor Authentication

    Adaptive authentication adjusts login criteria based on situations, including the dynamic addition of extra factors like SMS codes for identity assurance when detecting unusual access patterns, avoiding complete user blocks.

  • API Access Management

    API Access Management system addresses authentication challenges unique to APIs, where the user is often another software system rather than an individual. It ensures seamless integration of API services with the overall user management system.

  • Application Network

    Enterprise IT is moving from monolithic systems to modular applications linked through open APIs, allowing businesses to specialize and giving customers flexibility in choosing and customizing functionality.

  • Attack Surface

    An organization's vulnerability to attacks is determined by its overall "surface area," which includes bugs, vulnerabilities, and insecure policies. Robust identity access management seeks to minimize this attack surface, reducing risk through measures such as automated user provisioning, timely patching, and enforcing least privileged access control.

  • Authentication

    Verifying the asserted identity of a communicating party is the process of confirming that they are who they claim to be.

  • Authentication Factors

    These encompass three interlinked authentication factors: 1. Biometrics (physical traits like retina, thumbprint, voice), 2. Possession (having a specific device or fob), and 3. Knowledge (such as a password or secret code).

  • Authorization

    The procedure of verifying if a specific identity has permission to access a designated resource or function.

  • ABRADIE

    Established in 2023, ABRADIE in Brazil is dedicated to combating match-fixing and corruption in sports. The organization enforces financial monitoring and ethical codes, striving to maintain sports integrity at all levels. The ongoing mission requires collective commitment from stakeholders.

  • Age Verification

    Age verification is vital in gaming, gambling, and mobility industries to prevent fraud and protect minors. It ensures legal driving age for safety and compliance through online verification using valid identification documents.

  • Alcohol and Gaming Commission of Ontario (AGCO)

    The Alcohol and Gaming Commission of Ontario (AGCO), established in 1998, oversees alcohol, gaming, horse racing, and cannabis retail. With a specific focus on iGaming through iGaming Ontario, it sets regulatory standards, registers operators and suppliers, ensures compliance, and addresses complaints. The commission is committed to fair policies, effective controls, customer focus, and a positive work environment.

  • Alderney Gambling Control Commission

    Established in 2000, the Alderney Gambling Control Commission (AGCC) is an independent regulator overseeing e-gambling in the British Channel Islands. It focuses on maintaining fairness in online gambling businesses, collaborating with entities like Guernsey Police and GFSC. In 2021, it generated nearly £2 million in profits, solidifying its reputation as a leading authority in the field.

  • AMLA EU

    Anti-Money Laundering Authority of the European Union (AMLA EU) was established to strengthen the AML-CFT framework, supervise high-risk entities, and harmonize efforts against money laundering in the EU. Funded by the EU budget and fees from obligated individuals, it ensures the proper implementation of EU regulations.

  • AMLD5

    The 5th Anti-Money Laundering Directive (5AMLD), EU Directive 2015/849, seeks to combat money laundering, terrorism financing, and evolving challenges by addressing novel areas, promoting transparency, improving data accessibility, fostering collaboration, and establishing updated criteria for high-risk third countries.

  • AMLD6

    The 6th Anti-Money Laundering Directive (6AMLD), implemented in 2018, enhances the European Union's regulations against money laundering, aiming to counter organized crime and terrorism. It addresses loopholes, enhances transparency, and facilitates authorities in prosecuting offenders.

  • Anti-Money Laundering Directive (AMLD)

    The AMLD establishes uniform regulations among EU member states to address money laundering and terrorist financing, promoting a standardized regulatory framework.

  • Arbing in betting

    Arbing is a strategy employed by bettors who place simultaneous bets on all possible outcomes of a sports event to guarantee a profit. Referred to as "arbers," these individuals pose a substantial risk to bookmakers, leading to regulations on exchange sites. The technique generated $83.65 billion in 2022.

  • ARJEL

    ARJEL, the regulatory authority for online gaming in France, oversees licenses for sports and horse race betting, as well as card games like poker. It enforces regulations to ensure compliance in the online gambling industry.

  • Army Romance Scam

    An army romance scam involves impersonating military personnel for financial gain, manipulating victims into acting on the scammer's behalf, and possibly stealing personal information for other fraudulent activities.

  • Artificial intelligence (AI)

    AI involves programming machines to simulate human intelligence, replicating human-like thinking.

  • Authorized Push Payment fraud

    Authorized Push Payment (APP) fraud, a rising concern in the UK, has been exacerbated by real-time payment initiatives such as the Faster Payments service. According to the UK Payment Systems Regulator, losses from APP scams reached £583.2 million in 2021, marking a 39% surge from the previous year.

  • AMLID

    The Anti-Money Laundering International Database, or AMLID is a global database analyzing AML laws and regulations, providing contact details for anti-money laundering authorities worldwide. It serves as a crucial reference for law enforcement, investigators, and those handling cross-border money laundering cases.

  • Account takeover (ATO) fraud

    Account takeover (ATO) fraud involves thieves acquiring a user's authentic credentials to gain control of their online accounts, enabling them to conduct unauthorized transactions or make changes to the account.

  • Anti-money laundering (AML)

    AML consists of protocols, legislation, and regulations designed to prevent criminals from laundering unlawfully acquired money by masking it as lawful earnings.

  • Access control

    Access control is a foundational security method that manages permissions for users or entities within a computing system, determining their ability to access and utilize resources. This crucial security concept plays a key role in mitigating risks to the business or organization.

  • Application/app

    An application is a software program installed on a device, often mobile, that necessitates authentication and authorization to secure access to its data, ensuring only authorized users can use it.

  • Authorization

    Authorization, a server-based procedure, establishes a user's access rights, often for specific applications or types of information, serving various purposes.

  • Attack Protection

    IDMERIT offers various security features to identify and counteract attacks, such as preventing brute-force attacks, implementing throttling for suspicious IPs, detecting breached passwords, identifying and blocking bots, and employing adaptive multi-factor authentication.

  • 2FA

    Moderate strength authentication employs two factors: something you know (username/password) and something you possess (token or cell phone) or something you are (biometric).

  • Authentication Standards

    Authentication standards refer to established criteria and protocols that govern the verification of a user's identity, ensuring secure and reliable access to a system or service.

  • Account Takeover (ATO)

    Account takeover (ATO) is a cyber threat in which unauthorized individuals gain access to consumer accounts, leading to financial loss or fraudulent transactions. This necessitates the implementation of solutions for fraud prevention and detection.

  • Active Liveness Detection

    Active liveness detection, which necessitates users to perform specific physical actions for biometric verification, results in increased friction and higher rates of customer drop-off.

  • Address Risk

    Utilizing technology, address risk assessment examines the potential for fraud linked to physical addresses, verifying their legitimacy and assessing the probability of a person residing at the specified address.

  • Address Verification Service

    Address Verification Service (AVS) validates consumer details, including the correlation of shipping addresses and card ownership, by confirming billing addresses and ensuring identity match.

  • Age Verification System

    Age verification systems confirm a person's age, restricting access to age-sensitive content and ensuring legal adherence in areas such as gaming, adult entertainment, and alcohol, thereby fostering a more secure marketplace.

  • Anti-Money Laundering (AML) & KYC

    AML and KYC regulations require businesses to appoint senior AML officers, perform customer due diligence, monitor transactions, and report suspicious activities. Staying updated on regulations, training employees, and complying with authorities are vital. The FFIEC BSA/AML manual helps ensure compliance.

  • Application Fraud

    Application fraud occurs when someone uses another person's personal information, without their permission, to apply for new financial products like credit cards, bank accounts, or loans.

  • Artificial Intelligence (AI)

    AI allows machines to mimic intelligent human behavior, automating tasks and decision-making through algorithms that continually learn and adapt. It is utilized to enhance identity verification and predict fraud at scale.

  • Adverse media

    Adverse media, also known as negative news, refers to unfavorable information present in various sources.

  • API (Application Programming Interface)

    A system of guidelines enabling diverse software applications to communicate and collaborate seamlessly.

B

  • BaFin

    BaFin, the financial regulatory body in Germany, supervises banks, insurance firms, and securities trading to ensure stability, compliance, and prevent money laundering by enforcing due diligence obligations.

  • Bank drop

    Bank drops, associated with money laundering, involve criminal accounts established through fraudulent or stolen credentials. To address this threat, financial institutions should promote awareness, enact anti-money laundering initiatives, and fortify cybersecurity measures.

  • Bank regulation

    Bank regulations, differing between countries, establish guidelines for financial institutions to safeguard consumers, maintain stability, combat financial crime, and encourage secure practices. These rules cover reserve, capital, and liquidity requirements.

  • Betting and Gaming Council (BGC)

    The Betting and Gaming Council (BGC) is the voice of 90% of the UK online gambling industry, dedicated to enhancing standards, tackling problem gambling, and ensuring a fair, safer, and more enjoyable betting environment.

  • Betting Bots/Casino Bots

    Automated betting tools, such as bots and scripts, present a notable risk to the iGaming sector by facilitating concerns like account takeover and bonus exploitation.

  • Biometric check

    Biometrics involves capturing distinct physical traits for security purposes in gates, time clocks, and smartphones. Identification and verification use both passive and active features, with advancements in AI and camera technologies enhancing accuracy and reliability.

  • BKYC

    BKYC, short for Business Know Your Customer, pertains to the authentication procedure for business clients.

  • British Esports Association

    Established in 2016, the British Esports Association is a non-profit organization dedicated to promoting esports in the UK. It focuses on grassroots events, public education, and career guidance.

  • Bank Account Validation Service

    AVS is a fraud prevention tool that validates real-time account information, safeguarding against payment fraud and delays in transactions such as ACH and micro-transactions.

  • Bank Secrecy Act (BSA)

    The Bank Secrecy Act (BSA) mandates that US financial institutions cooperate with the government in addressing suspected cases of money laundering and fraud.

  • Bad Actors

    Threat actors, or entities, are individuals or groups intending to cause harm to a business or environment. This harm may involve physical damage or cyber threats, such as unauthorized access to data centers or hacking with stolen credentials.

  • Behavioral Analytics

    Behavioral analytics uses device intelligence and behavioral biometrics to create an identity-linked profile. It detects anomalies and potential fraud by comparing current behavior with past actions.

  • Biometric Verification

    Biometric verification employs biological characteristics such as fingerprints or facial features to authenticate identity, granting access to secure areas, including financial services.

  • Background Screening

    Background screening involves researching and gathering the employment, criminal, commercial, and financial histories of an individual or organization.

  • Bust-Out Fraud

    Bust-out fraud involves maxing out a credit line without repayment, commonly orchestrated by organized crime rings. Detecting this fraud is challenging due to the difficulty in establishing trust, and it can lead to substantial losses for financial institutions.

  • Business & Entity Verification (KYB)

    KYB procedures help financial institutions comprehend potential risks and activities of their enterprise customers to prevent financial crime.

  • Behavioural biometrics

    Examine a user's cognitive patterns in digital media.

  • Blockchain

    Blockchain, unlike traditional databases, utilizes cryptographic links to connect data stored in blocks within a shared database.

  • Biometrics

    Biometrics is a technology employed to precisely recognize individuals by their distinctive physical and behavioral characteristics, primarily for purposes such as identification, access control, or surveillance.

C

  • Continuous Authentication

    Continuous authentication tracks user sessions for alterations, employing biometrics and subtle cues to minimize risks such as impersonation and timeouts.

  • Canadian Gaming Association

    The Canadian Gaming Association (CGA) unites operators and suppliers in Canada's gaming, sports betting, esports, and lottery industries, fostering advocacy, research, and collaboration.

  • Central Bank Digital Currency

    CBDC, a decentralized digital currency issued by central banks, facilitates efficient payments, enables easy tracking, and reduces privacy. Almost 180+ nations have embraced it.

  • Collusion in Betting

    Collusion in betting is an unethical tactic where two or more players collaborate covertly to gain an advantage. This form of cheating is most prevalent at poker tables, posing a substantial challenge to the online gambling sector and potentially leading to serious offenses like money laundering.

  • Chip dumping

    Chip dumping in online gaming involves players deliberately losing or transferring chips to another player, which is illegal and harmful to the industry. To prevent this, operators should implement safety measures, identity verification, withdrawal limits, collaborate with authorities, utilize AI, and conduct regular audits.

  • Combating the Financing of Terrorism (CFT)

    Globally, combating terrorism financing involves freezing assets, closing financial institutions, and criminalizing such funding. The Financial Action Task Force (FATF) oversees regulations, and anti-money laundering laws encourage reporting. Banking compliance is crucial as terrorists often use banks for fund transfers.

  • Compliance

    Compliance involves the essential measures organizations must take to conform to laws, policies, and regulations, particularly crucial in industries like gaming, fintech, and mobility.

  • Cryptocurrency

    A cryptocurrency is a digital form of currency designed for online transactions and payments.

  • Customer Due Diligence (CDD)

    CDD is a mandated process for businesses to confirm customer identities and financial origins, comprising inquiries, reliance on reputable third parties, information gathering, enhanced due diligence, and ensuring data security.

  • CPPA

    A CPPA, or corporate power purchase agreement, is a extended contract where a company commits to purchasing a portion or all of its electricity directly from a renewable energy source, like a solar or wind farm connected to the grid.

  • California Consumer Privacy Act (CCPA)

    The CCPA and CPRA safeguard consumer rights by enabling them to request information, opt out, and manage the sharing and selling of their personal data.

  • Children’s Online Privacy Protection Act (COPPA)

    COPPA, established in 1998, is a US federal law safeguarding the online privacy of children under 13 years old.

  • Card Not Present (CNP) Fraud

    CNP fraud occurs when fraudulent activity takes place in transactions where a physical card presentation is not needed, typically occurring online.

  • Clean Fraud

    Clean fraud involves deceptive activities that mimic legitimacy, making detection challenging. It typically exploits stolen or obtained data to deceive online retailers.

  • Computer Vision

    Computer vision, a subset of artificial intelligence, enables digital systems to analyze visual data akin to human vision. In biometric facial matching, algorithms detect and compare facial features for biometric matches.

  • Consumer Friction

    Consumer friction is any unnecessary effort or inconvenience that significantly slows down a consumer's action, potentially leading to transaction abandonment. It can occur offline or online, involving delays, extra steps, or manual reviews, and may be intentionally used to verify identity.

  • Customer Abandonment

    Customer abandonment, or drop-off, happens when users leave a financial services application due to complex onboarding and excessive security checks causing friction and manual reviews.

  • Customer Auto-Approval

    Customer Auto-Approval streamlines identity verification, reducing manual reviews and staff workload in various sectors. While offering 24/7 availability and consistency, it has limitations.

  • Customer Identity & Access Management (CIAM)

    CIAM is a subset of identity access management focused on securely managing customer access to digital services.

  • Customer Onboarding

    Customer onboarding is the procedure of creating a new consumer account, involving necessary Know Your Customer (KYC) checks or identity validation to prevent potential fraud.

  • Customer Pollination Fraud

    Customer Pollination Fraud is the creation of synthetic identities by mixing real and fake information for building fraudulent credit histories. Regular monitoring is crucial to prevent severe penalties associated with this illegal practice.

  • Customer Data Platform (CDP)

    A centralized database that gathers, combines, and oversees customer information from various origins, offering a holistic customer perspective for analysis and engagement.

  • Credit and Financial Identity

    Creating an individual's credit and financial identity involves analyzing their financial information, history, and activity to expand access to various services.

  • Customer Identification Program (CIP)

    The USA Patriot Act mandates financial institutions to implement a concise Customer Identification Program (CIP) comprising a written plan, four key identification pieces, verification procedures, recordkeeping, and customer notification.

D

  • Data Breach

    Describes an event in which unauthorized individuals or software systems gain access to data.

  • Data Breach Prevention

    To secure an organization, integrate technology, personnel, and processes, incorporating user authentication, real-time network monitoring, and circuit breakers to detect potential data breaches.

  • Danish Gambling Authority (DGA)

    The Danish Gambling Authority (DGA) regulates and oversees the gambling market in Denmark, ensuring responsible gambling, protecting vulnerable players, and promoting technological innovation.

  • Data privacy

    Data privacy is a facet of data security that deals with proper data handling, including consent, notification, and compliance with regulations, especially regarding lawful data collection, storage, and sharing with third parties.

  • DeFi – Decentralized Finance

    Decentralized finance leverages blockchain for transparent, borderless, and permissionless financial services, utilizing Layer 1 cryptocurrencies, smart contracts, and decentralized applications. This system operates without central authorities or intermediaries.

  • Digital Onboarding

    Digital onboarding streamlines online service sign-ups, ensuring a quick and hassle-free experience for customers, boosting satisfaction. This approach spans industries such as finance, insurance, gaming, automotive, and telecommunications.

  • Document Fraud

    Document fraud involves creating, altering, or using fake or genuine documents to deceive controls, with penalties ranging from fines to imprisonment.

  • Dubai Financial Services Authority (DFSA)

    The Dubai Financial Services Authority (DFSA) regulates financial activities in Dubai International Financial Centre, ensuring integrity and professionalism for investor confidence.

  • Due Diligence

    Due diligence is an essential legal and business procedure that verifies information prior to making purchasing decisions, safeguarding both reputation and economic interests.

  • Deepfake

    Deepfakes, using advanced deep learning, produce deceptive content for fraud, fooling verifications for fake accounts, accessing sensitive data, and authorizing unauthorized transactions.

  • Document check

    Identity verification includes document checks on items like driver's licenses and passports to confirm their validity, utilizing either manual or automated methods.

  • Distributed identity

    Distributed identity in a multi-cloud or hybrid-cloud strategy creates identity silos by storing digital identities in multiple locations, empowering individuals to control access to their personal information.

  • Digital Signature

    An encrypted string safeguards token bits against tampering; any alterations will render the signature unverifiable, leading to rejection.

  • Digital Identity

    Digital Identity is a virtual representation of a person, facilitating online tasks and automated access to services, transforming civil and personal identity.

  • Document Verification

    Document verification confirms a person's identity by validating and verifying a government-issued ID.

  • Data Extraction

    Data extraction uses OCR to retrieve information from the front of a government-issued ID for verifying security features, fonts, formats, and digit validation.

  • Demand Deposit Account (DDA) Fraud

    Demand deposit account fraud involves stealing debit cards or PINs, resulting in fund depletion and misusing checks through endorsements or kiting schemes, occurring online, via mobile, or at ATMs in various forms.

  • Device Fingerprinting

    Device fingerprinting involves gathering details about the software and hardware of a remote computing device to identify it uniquely.

  • Device Risk

    Device risk assesses the likelihood of fraud by analyzing the characteristics and past activities of a device.

  • Digital Identity Verification

    Digital Identity Verification Utilizing AI technology such as machine learning, IDMERIT Document Verification is a vital tool for digital identity verification, playing a key role in preventing identity fraud through efficient and secure transactions.

  • Digital Onboarding

    Digital onboarding integrates new individuals, utilizing technology for collecting, processing, and verifying information, reducing the need for in-person interactions, particularly during the COVID-19 pandemic.

  • Documentary Verification

    In accordance with BSA/CIP standards, documentary verification mandates financial institutions to confirm a customer's identity during account opening by utilizing a valid government-issued ID.

E

  • eID

    eID, or electronic identification, is a digital passport verifying the identity of individuals or organizations, enabling access to services from government agencies, banks, or other entities.

  • eIDAS

    The eIDAS Regulation, effective since 2016, ensures legal certainty for digital transactions in the EU by promoting harmonized laws, security, and interoperability. It categorizes electronic signatures into simple, advanced, and qualified types.

  • eIDV

    Electronic identity verification (eIDV) is the initial phase of the Know Your Customer (KYC) process, confirming individual identities by cross-referencing information such as name, date of birth, address, and other specified criteria from both public and private datasets.

  • Embezzlement

    Embezzlement Embezzlement, a form of financial fraud, leads to losses, disruption, and erosion of trust. Detection requires monitoring financial alterations, vigilant employees, and transaction records.

  • Enhanced Due Diligence (EDD)

    EDD is a risk-based KYC process that organizations use to prevent financial crime, assessing the identities, fund sources, and transactions of high-risk individuals.

  • European Casino Association (ECA)

    The European Casino Association (ECA) is a non-profit organization advocating for European casino operators, raising awareness, providing information, and contributing to EU decisions on casino-related issues.

  • European Gaming and Betting Association (EGBA)

    EGBA, a trade group representing leading European online gaming operators, strives to establish a thoroughly regulated industry, advocate for responsible gambling, and publish sustainability reports to encourage responsible gaming practices.

  • eKYC

    eKYC is a digital process in banking, telecom, and healthcare to verify customer identities using electronic documents and biometric authentication. Its adoption has accelerated during the COVID-19 pandemic, reducing in-person interactions and enhancing customer service.

F

  • Fake ID Fraud

    Fraudulent use of fake IDs for financial crimes, identity theft, and human trafficking requires financial institutions to implement training, KYC processes, and alert mechanisms for protection.

  • False Acceptance Rate (FAR)

    FAR in biometric security measures false acceptances, indicating system precision and technology advancement through the rate of unauthorized user verifications.

  • Financial Action Task Force (FATF)

    Established in 1989, the Financial Action Task Force (FATF) collaborates with 39 member countries to set and monitor standards against money laundering and terrorist financing.

  • Financial Services Regulatory Authority Abu Dhabi (FSRA)

    Abu Dhabi's FSRA regulates financial activities, enforces global standards, and combats financial crimes. In 2021, it introduced a new framework for third-party fintech services.

  • FINTRAC

    FINTRAC in Canada enforces PCLMFTA compliance, collaborating with authorities to combat money laundering and financial crimes.

  • Fraud

    Fraud in legal terms involves deceit aimed at obtaining unjust gains or denying someone their legal entitlements. In identity verification, preventing fraud is crucial and requires appropriate measures.

  • False negative

    In identity verification, a false negative occurs when a genuine user is unable to be verified, leading to the exclusion of the legitimate individual.

  • False positive

    In identity verification, a false positive occurs when an individual successfully clears the identity check despite providing inaccurate information, essentially allowing a fraudulent actor to pass through.

  • Federal Trade Commission (FTC)

    The Federal Trade Commission (FTC) is a U.S. federal agency that prevents fraudulent business practices, safeguards consumer rights, and educates against scams and fraud.

  • Federated identity management (FIM)

    Federated identity management (FIM) links user identities across security domains, facilitating single sign-on (SSO) and streamlined resource access within Identity and Access Management.

  • Financial Crimes Enforcement Network (FinCEN)

    The Financial Crimes Enforcement Network (FinCEN), part of the US Treasury, prevents money laundering and enhances national security through financial transaction analysis.

  • Financial Industry Regulatory Authority (FINRA)

    The Financial Industry Regulatory Authority (FINRA), a non-profit organization, is committed to protecting investors from fraud and misconduct by regulating broker-dealers.

  • Fullz

    """Fullz"" is a term used by criminals for packages containing individuals' complete information, often exploited for illegal activities in the black market."

  • Federated Identity

    Federation operates on a trust basis, where an identity provider authenticates and authorizes users, while a service provider manages access to resources.

  • Facial Recognition Technology

    A collection of digital tools designed for various tasks related to human faces, such as detecting the presence of a face in an image, analyzing facial features, and identifying the individual depicted.

  • Face verification

    When verifying identity, entities may compare a facial image or recording with an existing one to confirm a person's claimed identity.

  • Face Match

    Face match technology, or face recognition technology, analyzes an image with a face and determines if it likely corresponds to one or more other facial images, indicating a potential match for the same individual.

  • Face identification

    When attempting to recognize a face in surveillance footage without prior knowledge of the person's identity, individuals often compare a given faceprint to a gallery of faceprints to identify a match.

  • False Positive Ratio

    In fraud detection, the false positive ratio gauges a model's accuracy by measuring instances where flagged accounts are not actually fraudulent. A ratio of 2:1 signifies two flagged accounts for each genuine fraud incident.

  • Financial Crime

    Financial crime involves misusing funds for personal gain through activities like fraud, embezzlement, money laundering, insider trading, and Ponzi schemes, often leading to severe consequences.

  • First Payment Default (FPD)

    First Payment Default (FPD) happens when a borrower misses their first payment, indicating potential future financial issues. Lenders may use terms like Never Pay or Straight Roller based on severity.

  • First-party fraud

    First-party fraud, exploiting one's identity for gain, requires proactive measures like identity verification, ongoing monitoring, and data analysis to safeguard businesses, maintain a secure economic environment, and ensure a positive customer experience.

  • Friendly Fraud

    Friendly fraud, also known as chargeback fraud, occurs when a cardholder disputes a purchase on their statement, claiming it as fraudulent, even though they or someone they know may have made the purchase.

  • Frictionless Onboarding

    Frictionless onboarding streamlines customer adoption by understanding user needs and creating engaging processes.

  • Fuzzy matching

    IDMERIT utilizes proprietary fuzzy matching techniques in computer science and identity verification, enhancing match accuracy by accommodating typos, miskeys, and cultural variations in partially matching text elements.

  • Fraud Detection and Prevention

    Fraud solutions employ risk-based methods to scrutinize transaction records and network activities, aiming to detect possible instances of fraudulent or high-risk behavior patterns.

  • Facial biometrics

    Utilizing facial images for identity verification involves employing technology to authenticate individuals based on their facial features.

  • Facial Matching

    Facial matching is a biometric authentication method involving computer vision algorithms that assess the biological facial attributes in two images to determine a "match" or "no match" result.

  • Fraud Detection and Prevention

    Fraud solutions employ risk-based methods to assess transaction history and network activity, aiming to detect possible instances of fraudulent or high-risk behavior patterns.

G

  • Gibraltar Betting and Gaming Association (GBGA)

    The GBGA is a Gibraltar-based trade association that advocates for online gaming operators, emphasizing legal and regulatory compliance, data protection, and the promotion of responsible gambling practices.

  • Gibraltar Regulatory Authority (GRA)

    The Gibraltar Regulatory Authority (GRA) is a non-profit organization in Gibraltar that formulates regulations for online gambling firms, ensures equitable gaming, and advocates for player protection and responsibility.

  • Glücksspielstaatsvertrag (GlüStV)

    Germany's Glücksspielstaatsvertrag introduces new gambling laws to prevent addiction, combat black markets, protect youth, and maintain sports integrity.

  • Gnoming/Multi-Accounting in betting

    Gnoming in betting involves creating multiple accounts under someone else's name to exploit platform restrictions for bonuses and manipulate odds, potentially resulting in tax-free income and harm to sportsbooks.

  • GSC Isle of Man Supervision Authority

    Established in 1962, the Isle of Man Gambling Supervision Authority (GSC) issues licenses to online platforms, ensuring fair and responsible gambling practices.

  • General Data Protection Regulation (GDPR)

    The General Data Protection Regulation (GDPR) mandates strict data privacy rules for businesses collecting personal information on EU citizens, covering data such as IP addresses, cookies, addresses, and Social Security numbers.

  • Global Checks

    A thorough global sanctions check scans international watchlists to ensure a candidate is not listed, a vital step for compliance with regulations such as the Anti-Money Laundering Act and the Patriot Act.

  • Global Watchlist

    Databases perform regular identity checks on individuals suspected of terrorism, money laundering, fraud, and against adverse media or sanctions lists maintained by government, regulatory agencies, and businesses.

  • Generative AI fraud

    Generative AI fraud utilizes neural networks to create fake content, including selfies, videos, and audio, to bypass verification systems and engage in spam and phishing.

  • Governance, risk, and compliance (GRC)

    GRC denotes how an organization manages governance, risk, and compliance, including legal responsibilities, security, and internal controls.

  • Gramm-Leach-Bliley Act (GLBA)

    The Gramm-Leach-Bliley Act mandates financial institutions to protect private information and disclose their information-sharing practices.

H

  • Health Insurance Portability & Accountability Act (HIPAA)

    The Health Insurance Portability & Accountability Act of 1996 (HIPAA), a 1996 US federal law, sets privacy standards for all healthcare information, regardless of its form or transmission method within and outside healthcare facilities.

I

  • Identity as a Service (IDaaS)

    Outsourcing identity management to a cloud-based service minimizes the necessity for in-house software or functional development.

  • Identity Management

    The encoding of users and groups, along with their metadata such as contact details and location, involves authentication mechanisms.

  • Identity Theft

    Identity theft is a widespread issue globally, with 20% of Europeans experiencing personal information fraud in recent years.

  • ICAO 9303

    ICAO 9303, set by the United Nations' International Civil Aviation Organization (ICAO), defines global standards for Machine Readable Travel Documents.

  • Impostor Fraud

    In 2021, impostor fraud, a prevalent form of deception, caused losses exceeding USD 2.3 billion, eliciting 984,756 complaints and ranking as the second most reported fraud in the United States.

  • International Betting Integrity Association

    Founded in 2005, the International Betting Integrity Association represents regulated sports betting operators. Collaborating with organizations like the IOC and FIFA, it employs an anti-corruption tool to eliminate illegal activities such as spot-fixing.

  • ID documents

    An identification document, like passports, ID cards, IC cards, or citizen cards, serves as proof of an individual's identity.

  • Identity Fraud

    Identity fraud involves utilizing someone else's personal information without their permission.

  • Identity Verification

    Identity verification services authenticate physical identity documents like driver's licenses, passports, or nationally issued papers through documentary verification, ensuring accuracy.

  • iGaming Ontario (iGO)

    iGaming Ontario, a branch of the Alcohol and Gaming Commission of Ontario, is responsible for managing the growth of the iGaming sector in Ontario as mandated by a recent legislation.

  • International Association of Gaming Regulators (IAGR)

    Established in the 1980s, the International Association of Gaming Regulators (IAGR) became an independent non-profit organization in 2011 after breaking away from the International Association of Gaming Attorneys in 2010. IAGR provides a platform for global regulators to convene, share best practices, and discuss policies.

  • Instituto Brasileiro de Jogo Responsável (IBJR)

    IBJR in Brazil is spearheading a major change in gambling laws since 1946, focusing on responsible gambling to revolutionize online gaming.

  • INFORM Consumers Act

    The INFORM Consumers Act requires online marketplaces in the United States to minimize the sale of stolen and counterfeit goods and address various forms of marketplace fraud.

  • Identity Assurance Levels (IAL)

    Identity Assurance Levels (IALs) are NIST-established benchmarks assessing the certainty in confirming an individual's asserted identity as their authentic identity.

  • Identity and access management (IAM)

    Identity and access management (IAM) is essential for managing access to secure systems for employees, users, or third parties.

  • Identity authentication

    Identity authentication involves verifying if users should be granted specific actions or services.

  • Identity graph

    An identity graph is a database that illustrates the relationships among user accounts through shared attributes like names, email addresses, device fingerprints, IP addresses, or birthdates.

  • Identity verification (IDV)

    Identity verification (IDV) is an essential procedure that validates the genuine identity of an individual or business prior to engaging in any transactions.

  • Identification

    The procedure includes confirming an individual's identity through official documents, alternative data sources, and collecting biometric data to establish or validate their identity.

  • Identity Attribute

    A digital identity encompasses vital details like name, address, phone number, and affiliations, including key attributes such as date and place of birth, as well as gender.

  • Identity Hub (Broker)

    The Identity Hub links service providers with trusted Identity and Authentication providers, ensuring compliance with IPP 12 through federated identifiers and managing trust levels.

  • Identity validation

    Identity validation involves confirming a person's real-world existence by cross-referencing their personal details, including name, address, phone number, and email, using databases.

  • Identity proofing

    Identity proofing verifies if a user is genuinely who they claim to be, using methods like Document Verification and IDV/(KYC) during enrollment or account registration for heightened assurance.

  • Identity theft protection

    Consumer Identity Theft Protection monitors personal data for irregularities like social security or credit card issues, offering restoration through reimbursement, customer support, and legal assistance to minimize damage from identity theft.

  • Identity wallets

    Identity wallets, smartphone apps that enable individuals to oversee their digital identity credentials and information, provide control over the sharing of data, ensuring privacy, security, and consent management.

  • Identity Document Verification

    ID document verification is a procedure that employs machine learning, artificial intelligence, and computer vision technologies to confirm the authenticity of a government-issued ID.

  • Identity Fraud Detection and Prevention Software

    Digital identity fraud poses risks to finance, regulations, and reputation. Adapting software is crucial, but security measures may impact user experience and revenue. Understanding these factors is essential for minimizing risk and maximizing revenue.

  • Identity Fraud Detection in Banking

    Identity fraud in banking is growing, with 36% of US customers experiencing financial fraud in the past year. To address this, banks must implement protective measures and provide clear guidelines for individuals.

  • Identity Verification Software

    Fintech's growth sparks an ongoing battle between businesses and bad actors, demanding robust identity verification. Traditional methods fall short against digital fraud, but identity verification software offers tools for enhanced security and user-friendly experiences.

  • Image Capture Application

    A photo capture app facilitates users in uploading document scans and selfies from their smartphone cameras, connected to a network, for ID verification and biometric purposes.

  • Identity fraud management

    Identity fraud risks personal finances and security, but AI software, biometrics, and tailored security protocols can protect valuable assets.

  • Identity trends

    The rise of digital identities, while diminishing reliance on driver's licenses, brings security challenges like identity theft and fraud. Effective management methods are crucial to address these concerns.

  • Identity Analytics

    Examining user identity data and behavioral patterns to enhance security, customization, and user experiences.

  • Identity Governance and Administration (IGA)

    The field and tools employed to oversee and control user identities, roles, and access privileges in an organizational context.

  • Identity Verification (KYC)

    IDV/KYC is the process of confirming a user's true identity, utilizing data-centric methods such as document authentication to validate government-issued IDs.

  • IDMaml

    IDMaml minimizes money laundering and illicit activity risks, helping build a robust compliance program and reducing fraud and losses.

  • IDMscan

    IDMscan is a tool designed to verify and authenticate customer identity by scanning documents like passports.

  • IDMkyc

    IDMkyc is a leading KYC solution with quick identity verification and robust fraud detection. Through its REST API, it accesses 400+ data sources across 175+ countries, providing seamless digital KYC solutions.

  • IDMlive

    IDMlive offers a secure and convenient video identification software for live customer verification with agent assistance, enabling remote identity verification.

  • IDMtrust

    Identify high-risk clients and onboard reliable customers.

  • IDMsocial

    Retrieve user data from over 20 social media platforms and achieve verification through your social account, even without a bank account.

  • IDMkyb

    Validate business legitimacy swiftly using IDMkyb. Our API offers a seamless and effective solution for businesses to instantly verify customer identities.

  • Identity verification services

    Safely authenticate your customers and clients using our cutting-edge digital identity verification solutions, customized to suit your business requirements. Our scalable platform is suitable for businesses of all sizes, ensuring a secure and efficient verification process.

  • IDMkyx

    IDMERIT provides secure verification solutions for businesses, ensuring compliance with anti-money laundering regulations and verifying customer identities.

K

  • Know Your Patient (KYP)

    Know Your Patient (KYP) is a healthcare procedure designed to confirm and periodically validate a patient's identity, guarding against fraudulent activities, safeguarding confidential information, and maintaining compliance with HIPAA regulations.

  • Know Your Seller (KYS)

    Online marketplaces use "Know Your Seller" (KYS) to verify seller identities based on criteria like a minimum of $5,000 in revenue and 200 transactions.

  • Know your business (KYB)

    KYB is a corporate KYC process ensuring business legitimacy and safety through key details and continuous AML monitoring.

  • Know your customer (KYC)

    KYC, or customer due diligence, involves confirming the identities of existing or potential customers and assessing potential business risks.

  • Knowledge-based authentication (KBA)

    Knowledge-based authentication (KBA) verifies users by posing personal questions, either static (security questions) or dynamic (using credit history or public records), prior to login or action.

  • Knowledge-based verification (KBV)

    Knowledge-Based Authentication (KBA) or Knowledge-Based Proofing (KBP) is an identity verification approach utilizing private information linked to the asserted identity.

  • Kansspelautoriteit

    Founded in 2012, the Kansspelautoriteit is the autonomous Dutch regulatory body tasked with overseeing and enforcing the Gambling Act, as well as regulating the games of chance sector.

  • KYC Check

    Banks and financial service providers utilize KYC checks to confirm customer identities, thwart money laundering, and safeguard the economy.

L

  • Layering in money laundering

    Money laundering, a worldwide financial system problem, comprises three phases: placement, layering, and integration. Illegally obtained funds are collected, fragmented into smaller amounts during layering to obscure their source, creating challenges for authorities in tracking their origin.

  • License Conditions & Codes of Practice (LCCP)

    The UK's License Conditions & Codes of Practice (LCCP) set rules for gambling operators, ensuring fairness, transparency, and responsible practices. Non-compliance may result in penalties or license revocation.

  • Liveness detection

    Active liveness detection combines user actions such as blinking, facial movements, or keystroking with biometric checks to ensure the verification of user presence.

  • LOA (Level of Assurance) - Identity

    An LOA framework assesses identity provider reliability. Levels 1 and 4 lack proofing but allow remote registration. Level 1 needs a government photo ID, Level 3 requires document verification, and Level 4 involves in-person registration with two ID documents.

  • LOA (Level of Assurance) - Authentication

    An LOA framework assesses authentication reliability across levels, from Level 1's diverse technology acceptance to Level 4's top-tier assurance for remote network authentication.

  • Legacy identity system (IDP)

    Organizations need to update outdated on-premises identity management systems for modernization without the need for extensive refactoring, as these systems are not originally designed for cloud environments.

M

  • Multi-Factor Authentication (MFA)

    Multi-factor authentication (MFA) improves security by demanding multiple credentials for user authentication, preventing unauthorized access and identity spoofing, using methods like one-time passcodes.

  • Money services businesses (MSB)

    Money Services Businesses (MSBs) like currency dealers and money transmitters are regulated under BSA and AML rules, posing high risk due to limited customer relationships.

  • Machine Learning

    Machine learning, a branch of AI, involves computer programs that autonomously learn and adapt to new data without human intervention.

  • Malta Gaming Authority (MGA)

    Since 2001, the Malta Gaming Authority (MGA) has been a global leader in regulating diverse gaming sectors, being the first EU member state to oversee remote gambling.

  • MiCA

    MiCA oversees digital platform crypto asset regulation, encompassing utility, payment, and e-money tokens. It sets rules, fosters collaboration, and forms the European Blockchain Partnership.

  • Money Laundering

    Money laundering involves unlawfully hiding the source of funds obtained through intricate banking transactions, typically executed by individuals such as money mules or account holders.

  • Matched Betting

    Matched betting is a risk-free strategy where individuals place bets on two possible outcomes, ensuring profit regardless of the result, despite potential legal or controversial concerns.

  • Money Mules

    Money mules, unknowingly contributing to criminal activities, willingly share their information to aid fraud. They open bank accounts, enabling criminals to execute financial misappropriations without their awareness of the consequences.

  • Machine Readable Zone (MRZ)

    The machine readable zone (MRZ) on a government ID contains machine-readable data that is compared with the information on the front of the document using optical character recognition (OCR).

  • Marketplace Fraud

    Marketplace fraud involves deceptive listings, misrepresented items, and undeliverable goods, leading to financial risks and reputational damage for platforms.

  • National Institute of Standards and Technology (NIST)

    NIST, a Commerce Department lab, drives innovation through technology standards, including biometric software certification.

N

  • National Games Authority (ANJ)

    The National Games Authority (ANJ) is an independent French authority that oversees licensed gambling activities, including casinos, and ensures responsible gaming policies are enforced.

  • Near-field communication (NFC)

    Sony and Philips jointly developed NFC technology in the 2000s, enabling secure data exchange and document reading among mobile devices.

  • Non-Fungible Token

    NFTs, unique digital assets on blockchains, gained popularity in 2021, revolutionizing digital art consumption. Regulations are essential to prevent Identity Fraud and Money Laundering in the NFT space.

O

  • Optical Character Recognition (OCR)

    Optical character recognition (OCR) is a computerized technique that automatically transforms text from a scanned document into a format suitable for machine processing.

  • Ontario Lottery and Gaming Corporation

    Since 1975, the Ontario Lottery and Gaming Corporation manages gaming, lotteries, and related products in Ontario to generate revenue, promote economic development, and ensure responsible gambling.

  • OFAC

    The Office of Foreign Assets Control (OFAC), is a division of the United States. Treasury, is responsible for implementing and overseeing U.S. economic and trade sanctions against nations and specific groups of individuals.

P

  • Personally identifiable information (PII)

    PII, or personally identifiable information, encompasses direct and indirect data elements such as name, address, and contact details, which are utilized for individual identification.

  • Politically exposed person (PEP)

    A politically exposed person (PEP) is at an elevated risk of engaging in financial misconduct such as corruption, bribery, or money laundering due to their significant position of power and influence.

  • PCMLTFA

    The PCMLTFA is a Canadian law targeting money laundering and terrorist financing, setting rules for businesses, requiring reporting of suspicious transactions, and establishing relevant agencies.

  • Proceeds of Crime Act (POCA)

    The UK's Proceeds of Crime Act 2002 targets criminal proceeds, dismantles organized crime, and addresses theft, fraud, money laundering, and tax evasion.

  • P2P Fraud

    In 2022, Americans incurred $2.7 billion in P2P fraud costs, prompting a shift in liability from consumers to banks and fintechs. Effectively identifying and preventing fraudulent transactions is imperative.

  • Passive Liveness Detection

    Passive liveness detection effortlessly verifies facial biometrics by detecting liveness without requiring user actions such as blinking or smiling.

  • Peel Chain

    The peel chain technique involves laundering significant volumes of cryptocurrency through multiple small transactions, typically converting them to fiat currency via exchanges.

  • Phone Risk

    Phone risk assessment utilizes technology to verify the legitimacy of a phone number and assess the likelihood of the owner's identity, particularly in relation to fraud risk.

  • Piggybacking Credit

    Piggybacking involves leveraging someone else's credit history to improve one's own credit score, but it comes with risks that need careful consideration.

  • Predictive Analytics

    Predictive analytics leverages past data to forecast future trends, improving fraud detection with advanced algorithms and precise models.

  • Presentation Attack Detection (PAD)

    Presentation attack detection identifies fraudulent biometric attempts, such as using high-quality photos or 3D masks to substitute real data from a live person in a biometric system.

  • Passive facial liveness

    This technology distinguishes between a live person in front of a camera and a photo or video featuring the same face.

Q

  • Qualified Electronic Signature (QES)

    The Qualified Electronic Signature (QES) requires a qualified device and certificate, offering top-tier security and legal protection with the burden of proof on the disputing party.

R

  • Red Flags Rule

    The FTC's Red Flags Rule mandates financial institutions to create a written program for preventing identity theft, involving red flag identification, identity verification, appropriate actions, and strategy updates.

  • Regtech

    Regtech utilizes technology to help companies in the financial sector meet regulatory compliance, specifically in areas like anti-money laundering, KYC, and CDD.

  • Romance Fraud

    Romance fraud involves exploiting emotional relationships for financial gain. In 2020, losses of over 91 million USD were reported in Australia, and the U.S. recognized losses of 547 million USD in 2021. Victims are manipulated to participate in money laundering.

  • Risk Based Authentication (RBA)

    Risk Based Authentication (RBA) is a pre-set, real-time authentication method that assesses the risk associated with an access attempt and offers users suitable authentication choices.

  • Remote identity proofing

    Remote identity proofing (RIDP) verifies identity remotely through knowledge-based challenges about credit history or other data.

  • Regulatory Compliance

    To operate effectively, businesses must comply to financial and legal regulations to mitigate legal, financial, and reputational risks.

  • RESTful API

    A RESTful API follows the REST architectural style and allows interaction with RESTful web services, which stands for representational state transfer.

  • Regulatory Compliance Transaction Monitoring

    AML transaction monitoring enables financial institutions and money services businesses to identify potentially suspicious customer activity, report to national FIUs, and prevent financial crime by monitoring transfers, deposits, and withdrawals.

  • Red Flagged Profiles

    A red flagged profile is a signal of potential issues or threats. It is used by investors, analysts, or economists to analyze risks, historically representing dangerous situations.

S

  • Security Assertion Markup Language (SAML)

    SAML serves as a standardized protocol employed to integrate authentication and authorization functions across various systems, predominantly facilitating single sign-on functionality among applications sourced from diverse vendors.

  • System for Cross-domain Identity Management (SCIM)

    SCIM operates as a REST-centric platform designed to model identity information using entities such as users and groups. This framework enables the modification of these entities in the form of JSON objects.

  • Security

    The key focus of the KYC process is security. By thoroughly examining security features, fraud prevention can be established. To address evolving fraud tactics, vulnerabilities must be considered. Biometric checks, when used in conjunction with additional steps, create a strong security framework.

  • Smurfing

    A 'smurf' is a player who creates a new account in online games to compete against lower-ranked opponents. This term originated in Warcraft II when two skilled players made accounts to avoid cheating.

  • Synthetic Identity Fraud

    A rising financial crime, synthetic identity fraud cost lenders a lot of money in 2016 and accounted for 20% of credit losses. Fraudsters take advantage of security enhancements in credit card chips and records breaches to create false identities using personal information.

  • Similarity Fraud

    Look-alike fraud, often referred to as similarity fraud, is a type of identity theft when the criminal uses the personal information of a person who resembles the victim physically or behaviorally in order to make the fraud harder to identify.

  • Stack Balancing

    Due to compliance violations, stack balancing—a popular betting collusion technique—can result in legal problems, harm to an online betting platform's image, and loss of business.

  • Simple Electronic Signature (SES)

    With stringent requirements in Europe and the UK, electronic signatures, such as Simple Electronic Signature (SES), are commonly employed in organisations to securely connect signers with documents.

  • Spelinspektionen Swedish Gambling Authority?

    With a permission requirement for gambling software that is scheduled to take effect in July 2023, the Swedish Gambling Authority (SGA) oversees the online gambling sector and ensures safety and compliance with the 2019 Gambling Act.

  • Sanctions List

    A sanctions list is an enumeration of people, organisations, or nations that are prohibited by governments or international organisations due to risks to national security, acts of terrorism, or breaches of human rights.

  • Suspicious Activity

    Individuals may perceive suspicious behaviour differently, but generally speaking, suspicious activity is defined as observable behaviour that raises the possibility that someone is doing or about to commit a crime.

  • Sanctions

    Sanctions are harsh punishments levied by nations as a form of strategic self-defense or retaliation for breaking laws or regulations.

  • Securities and Exchange Commission (SEC)

    Overseeing securities exchanges, safeguarding investors, and promoting capital creation are the responsibilities of the US Securities and Exchange Commission (SEC), a federal organisation.

  • Self-sovereign identity (SSI)

    Self-sovereign identification, or SSI, is a digital identity solution that uses blockchain technology to give people control over how their personal information is used and their digital identities.

  • Selfie check

    Selfie checks are techniques for confirming identity that ask users to snap a picture of themselves and compare it to a document supplied by the government.

  • Spear phishing

    Spear phishing is an email spoofing assault that targets a particular company or person by pretending to be someone they know and trust in order to get private data.

  • Strong Customer Authentication (SCA)

    Strong Customer Authentication (SCA) requires organisations to employ two separate authentication components for payment verification, with 3D Secure 2 serving as the primary authentication method, as of September 14, 2019.

  • Subject Access Request (SAR)

    A subject access request (SAR) is a formal request made by an individual under data privacy rules such as the GDPR and CCPA/CPRA to reveal their personal data and how it is used.

  • Synthetic ID

    When fraudsters build a synthetic identity (ID), they typically combine actual and fictitious data to create a phoney identity that is used for fraudulent actions such as creating accounts, making purchases, and committing healthcare and employment fraud.

  • Synthetic Fraud

    In synthetic fraud, a false identity is created by faking personal identification numbers and actual information, which is then used to open credit cards, open fraudulent accounts, and make unrepaid purchases.

  • Security Token

    Artefact that has been digitally signed and serves as proof that the user's authentication was successful.

  • Session cookie

    In order to avoid repeating token operations and to allow users to be regarded as authenticated as long as the cookie is present, middleware emits an object indicating successful authentication with an identity provider.

  • Suspicious IP Throttling

    Using this technique, you can protect your renter against rogue login attempts that attempt to access several accounts from the same IP address.

  • Single sign on (SSO)

    Software systems with access control enable users to log in with a single ID and password, facilitating easy access to linked systems without the need for separate login credentials.

  • Self asserted attribute

    The subject claims something without having it independently verified.

  • Service provider

    A private firm or agency providing services.

  • Sanctions Screening

    Sanctions screening is an AML regulation that countries impose and enforce on people and organisations that are forbidden from conducting business within their borders in order to identify, stop, and disrupt financial crime.

  • Selfie ID Verification

    Selfie ID verification, which combines high-level security with ease through cutting-edge technology, is a potential response to today's security issues.

  • Shipping Fraud

    When a customer uses a false delivery address or a seller gets paid but never ships, it's known as shipping fraud. This happens most frequently when stolen credit cards are used for online purchases. Once shipment confirmation is received, the original address is modified.

  • Sigma Fraud Score

    The Sigma Fraud score, ranging from 0 to 1, is generated by the Sigma Fraud model to predict the likelihood of presented identity being fraudulent. Higher scores signify increased risk.

  • Single Frame Liveness Detection

    Single frame liveness detection streamlines the facial matching and liveness assessment process by using a single selfie image. This eliminates the need for users to capture multiple images or record videos for authentication.

  • Sleeper fraud

    Sleeper fraud involves creating a dormant fake identity, known as a "sleeper," to bypass fraud detection systems that flag new identities as high-risk, restricting immediate credit access.

  • SOC 2 Type 2 Controls

    SOC 2 Type 2 controls refer to the internal measures implemented by a company to protect customer data, addressing risks related to third-party technology services.

  • Sponsor Bank

    A sponsor bank, often a federally or state-chartered institution affiliated with credit card associations, provides financial oversight and compliance support to fintechs, assuming the risk for their customers and transactions.

  • Spoofing

    In biometric verification, spoofing, or presentation attacks, involve cybercriminals submitting fraudulent biometric data to mimic a genuine user. Common facial spoofing techniques include using high-definition photos, cut-out masks, video frames, and 3D masks.

  • Synthetic identity verification solutions

    To combat synthetic identity fraud, adopt robust identity verification, advanced analytics, machine learning fraud detection, and biometric authentication. Collaborate with organizations and regulatory bodies while investing in effective tools to protect your business and customers.

T

  • Time-Based One-Time Password (TOTP)

    TOTP enhances security by generating time-based codes using a secret seed and current date/time. Intercepted codes expire in a minute, adding complexity to attacks. It's cost-effective on hardware/smartphones, and the seed is hard to replicate.

  • Token Authentication

    Authentication involves a signed cookie with session data for user validation. Initially, a traditional method establishes user identity, and a token is generated for subsequent re-authentication.

  • Two-Factor Authentication (2FA)

    Two-factor authentication, a component of multi-factor authentication, enhances security by employing two out of three authentication factor categories. This approach significantly bolsters security as each factor necessitates a distinct type of attack for compromise.

  • Terrorist Financing

    Terror financing involves supporting terrorists through fundraising and money laundering, with online banking and digital currencies making it easier, especially for groups like ISIS. Global efforts, led by organizations like the United Nations since 2001, focus on countering terrorism financing through actions and anti-money laundering measures.

  • Trust Framework Certification

    The Digital Identity and Attributes Trust Framework establishes rules and standards for trustworthy digital identity products in the UK. Organizations can obtain a trustmark through formal assessment, signifying their secure handling of individuals' identity data. It currently applies to Right to Work, Right to Rent, and DBS (Criminal Background Check) sectors.

  • Trust

    Resources rely on an identity provider or authority by trusting the information provided about its users.

  • Thin File

    A thin file pertains to individuals with minimal credit history, leading conventional fraud prevention models to lack sufficient data for risk assessment. Consequently, numerous businesses automatically reject legitimate consumers in this category, resulting in missed revenue opportunities.

  • Third Party identity fraud

    Third-party identity fraud occurs when a stolen identity is used for fraudulent activities without the knowledge of the individual whose identity is exploited. The involved parties typically include the fraud perpetrator and the financial institution.

U

  • Universal Authentication Frameworks

    UAF, an open standard by FIDO Alliance, offers secure passwordless primary authentication, unlike U2F's second-factor approach. However, its widespread adoption is limited due to lack of integration into major browsers.

  • United Kingdom Gambling Commission (UKGC)

    The UK Gambling Commission, headquartered in Birmingham, regulates gambling activities in the UK, overseeing all regions, including Northern Ireland, under the UK Gambling Act of 2005.

  • USA Patriot Act

    The USA PATRIOT Act, enacted after 9/11, prevents terrorism by addressing money laundering and funding of terrorist activities, building on the Bank Secrecy Act and related anti-money laundering statutes.

  • Ultimate Beneficial Owner

    UBO refers to an individual or entity that benefits from a company, and financial institutions must disclose UBO information during transactions. Companies in Know Your Business processes must authenticate UBOs.

  • Universal Login

    IDMERIT's integration of the authentication process, a pivotal aspect of an Authorization Server, involves directing your applications to Universal Login whenever a user must verify their identity. IDMERIT takes the necessary steps during this process to ensure the user's identity is securely established.

  • Unstructured Documents

    Unstructured documents, such as pay stubs, tax returns, utility bills, and birth certificates, can be scanned and stored as part of account origination, and verification may or may not be necessary.

V

  • Verified Credentials

    Confirmed credentials consist of one or more assertions presented by an issuer. A verifiable credential is an indisputable credential with authorship that can be cryptographically authenticated, and the assertions within it may pertain to various subjects.

  • Verification

    The act of verifying the truth, precision, or legitimacy of a given matter.

  • Verified Attribute

    An attribute validated by an external third-party authority.

  • Verified Identity

    An identity acknowledged by an authoritative body.

W

  • Watchlists

    Watchlists consist of individuals or entities that businesses observe and evaluate, including OFAC sanctions, SDN, and PEP lists. These lists are utilized to improve user comprehension, identify fraudulent activities, and perform KYC/AML monitoring.

  • WAYF

    WAYF functions as a tool designed to lead users to their Authentication Provider or aid in the selection of a suitable Identity Provider. This service has the capability to be contextually aware, ensuring that it presents only relevant Identity Providers based on the situation.

Z

  • Zero Trust

    The zero trust model is a data security strategy that restricts access to requested information until user identity is verified, promoting the principle of "distrust everyone and validate all."

  • Zelle Fraud

    P2P money transfer apps are increasingly used for fraudulent activities, with scammers exploiting their user-friendly nature and rapid transfer capabilities, such as social engineering and deceptive schemes.

Copyright © 2024 IDMERIT. All Rights Reserved.