Glossary
Last updated: August 28, 2024
This glossary contains brief definitions of the key iProov terms and concepts.
For more detailed summaries see the iProov Biometric Encyclopedia.
Both resources are maintained by the iProov team.
A
Abstraction | See Canny. |
Active authentication | Authentication process that elicits a voluntary response from a user, such as blinking, moving the phone, or reading out numbers. Defined by ISO 30107-1 and used by iBeta. |
Active biometrics detection solution | Application that uses active liveness detection to elicit a voluntary response from a user, such as blinking, moving the phone, or reading out numbers. Also called Active Liveness Solution. |
Active Presentation Attack Detection (PAD) system | A system where a user has to perform an action such as blinking, moving the phone, or reading out a sequence of numbers. |
AI (Artificial Intelligence) generated | Leverages computers and machines to mimic the problem-solving and decision-making capabilities of the human mind. |
Anti-money laundering (AML) | Anti-money laundering refers to the activities financial institutions perform to achieve compliance with legal requirements to actively monitor for, and report, suspicious money laundering activities. |
Application Programming Interface (API) | A set of definitions and protocols for building and integrating application software. An API key contains a service provider's unique configurations. |
Artifact (artefact) | An inanimate object that seeks to represent human biometric traits. Can be a physical artifact such as a mask or a digital artifact, for example, a recording on one device that is presented to the camera on another device. |
Authentication | The process where iProov authenticates an individual to their asserted identity by verifying the individual and comparing the individual's biometric with their pre-captured biometric template. |
Avatarify attack | Creation of ‘living’ avatars that mimic your action. |
B
C
Canny | The face outline abstraction of a user made during iProov’s verification process. |
Centralized biometric | Biometric data that is collected on any supported device, encrypted, and sent to a server for enrollment and later authentication for that device or any other supported device. |
Certification | The testing of a system to verify its ability to meet or exceed a specified performance standard. The certification is usually set by an external party, for example, an ISO Standard. |
Claim | An iProov transaction, for example, someone 'claims' to be a certain person. |
Client application | The host application in which the iProov front-end code is embedded. Can be the customer’s iOS or Android application or HTML5 code for the web. |
Combined Attack Presentation Classification Error Rate (CAPCER) | A measure used by iProov that estimates the False Acceptance Rate (FAR) across the range of attacks that are applicable to iProov products in production (where a spoof is mistaken as a genuine person). |
Completion Rate | The percentage of users that successfully complete an iProov verification process. |
Complicit user fraud | A user pretends to have fraud perpetrated against them but has been involved in a scheme to defraud. |
Cooperative user | When a testing organization is guided by ISO 30107-3, the human subjects used in the tests must provide any and all biometric data that is requested. |
Credential sharing | Two or more individuals do not keep their credentials secret and can access each others accounts. |
Credential stuffing | A cyberattack where stolen collections of login credentials from data breaches are used to gain unauthorized access to accounts on other services. Usually comprised of lists of user names and/or email addresses and the corresponding passwords. |
D
E
F
G
Genuine Presence Assurance® (GPA) |
iProov’s patented solution provides unrivalled defenses against digital and physical presentation attacks, digital injected attacks including deepfakes, as well as future and as yet unknown, biometric attacks. Flashmark technology uses a combination of light, time, and space to deliver a multi-dimensional solution that detects liveness and provides strong assurance that the individual is genuinely present at the point of authentication. Supported by iProov’s Secure Operations Center (iSOC) delivering Active Threat Management Services, Genuine Presence Assurance® is continually updated and reinforced against evolving novel attack methodologies. |
H
I
iBeta |
A National Institute of Standards and Technology (NIST) certified testing laboratory in Denver Colorado currently certifying biometric systems for anti-spoofing and liveness detection to the ISO 30107 standard. |
Identity (ID) verification | The authentication process comparing the identity a user claims to possess with data that assures it. There are many documents that can serve as providers of this objective truth, usually government issued documents such as passports, ID cards, and driving licenses. |
Identity and Access Management (IAM) | A framework of policies and technologies to ensure that only authorized users have the appropriate access to restricted technology resources, services, physical locations, and accounts. Also called identity management (IDM). |
Identity document capture | The process where iProov receives an extracted photo image from a government issued identity document. |
Imposter | A real person trying to represent themselves as another real person. |
International Organization for Standardization (ISO) |
A worldwide federation of national standards bodies. |
iPortal |
iPortal is iProov's customer engagement portal. It is a secure platform giving customers and partners a single point of access to carry out crucial tasks including:
|
iProov Security Operations Center (iSOC) | iProov's active threat management service that receives transactional data to analyze current and emerging threats. iSOC uses machine learning models to develop countermeasures that are then added back to the verification algorithm to prevent future attacks. |
ISO 30107-1 | Standard set by ISO providing a framework for presentation attack detection. The framework applies to active systems where the user has to perform an action such as blinking, moving the phone, or reading out a sequence of numbers. |
ISO 30107-3 | The ISO testing guidance for evaluation of anti-spoofing technology for both active and passive PAD systems. |
K
L
N
O
One to limited (1:limited-N) | Compares the biometric data from one individual to the biometric data from a list of known individuals. |
One to one (1:1 or 1-to-1) | Compares the biometric data from one subject user to the biometric data for the expected user. The user has explicit or implicit awareness that this process is taking place and directly benefits from it. If the biometric data does not match according to and above the chosen False Acceptance Rate (FAR) level, the result is a failed match. |
Optical Character Recognition (OCR) |
A method of capturing data and photographic imagery from ID documents using a camera, for example:
|
P
Passive biometrics detection solution | A solution that does not require a user to perform any actions other than looking at the screen on their device. |
Passive liveness | A liveness solution that does not elicit a voluntary response from a user, such as blinking, moving the phone, or reading out numbers. Defined by ISO 30107-1 and used by iBeta. |
Personally Identifiable Information (PII) | Information that can be used on its own or with other information to identify, contact, or locate a single user, or to identify an individual in a certain context. |
Phishing | Occurs when a user is tricked into giving a bad actor their passwords, Personal Identifiable Information, credentials, or biometric data. Usually occurs when a victim replies to a fraudulent email that demands urgent action. |
Presentation Attack Detection (PAD) | A framework for detecting presentation attack events. PAD is related to liveness detection and anti-spoofing. An active PAD system is one where the user has to perform an action such as blinking, moving the phone, or reading out a sequence of numbers. A passive PAD system is one where the user is not required to perform any action(s). |
Presentation attacks | Forms of attack that are widely acknowledged, such as artifacts held up to the camera on a device. Can take the form of physical objects such as simple photos to highly sophisticated and expensive masks or digital attacks that are digitally created images or videos presented on a screen. |
R
S
Selfie picture | An image of a user taken on a device with a user-facing camera for the purposes of identity verification. |
Service provider | An individual or entity that provides services to another party. |
Session | A number of biometric enrollments or verifications by a unique user (defined by user_id). The number may vary between 1 and 3 attempts. |
Software Development Kit (SDK) | A set of tools for developers to use in producing applications using a particular framework or platform. |
Splice attacks | Reordered frames that are injected to manipulate a system. |
Spoof |
The act of disguising a communication from an unknown source as being from a known, trusted source. Most common is a non-living object that exhibits some biometric traits being presented to a camera or biometric sensor. For example:
|
Subject user | The human individual that is presenting their biometric data to the biometric sensor at that moment. |
Synthetic identity | Occurs when a bad actor uses a combination of biometric data, name, social security number, address, etc. to create a new record for a user who does not actually exist, for the purposes of using an account in that name. |
T
U
V
Verification | iProov's biometric process of assuring a new user at enrollment against their asserted identity, usually via a government-issued photo ID. |