We are often asked "how do you recognize someone"? While traditional IDV solutions use multi-factor authentication to recognize as user, we use over 50 factors (or in the AI world we use the term features). Since we are receiving telemetry from so many sources and it's part of our "secret sauce" to help keep our customers safe, we can't share all of our telemetry but we can share some of the commonly known metadata and remote analysis sources:
Device Details: To confirm that a device hasn't been cloned we confirm it is valid by checking TPM 2.0 on a laptop/desktop as well as other device fingerprint details.
Email: Headers often contain ways to confirm they are sent from the proper domain including but not limited to encryption proving the sender is authorized (SPF, DKIM, DMARC)
Voice: We check the UUID on a mobile phone to confirm it has not been cloned and we also check if the remote caller has a Flurp installed and the frequency and modality with which that user has contacted you.
Video: In addition to the metadata from the calendar invite and the video session and similar to voice with regard to frequency and modality, our video capabilities include additional remote analysis. One such remote analysis is called remote photoplethysmography (rPPG). rPPG is a methodology that allows us to measure the red levels in your face to determine if you have circulation and a heart rate to determine if you a real or a deepfake.
AI Models and Voting Ensembles: Each of our over 50 features don't stand alone, they are assimilated into a number of AI models and subsequently each of details/output of these models is entered into a voting ensemble to determine the visual output: Red, Amber or Green.
.png?width=670&height=436&name=Detail%20(2).png)