Skip to main content
Version: v2.0 (latest)

Verification Levels: Dynamic and Express Liveness

Every OIDC Web login includes a liveness check. Two levels are available. Your application selects a level per request through the scope it sends:

LevelScopeWhat it doesacr value returned
Dynamic Livenessfaceauth_dynamic_onlyiProov's flagship Genuine Presence Assurance: a short, screen-illuminated face scan that defeats photos, videos, masks, deepfakes, and injected imagery. Use it for logins where impersonation must be ruled out.face_present:iproov:gpa
Express Livenessfaceauth_express_onlyA faster, lighter liveness check confirming a real human face. Use it for lower-risk, higher-frequency verifications.face_present:iproov:la

The ID token's acr claim carries the level that was actually performed, and amr contains face. Your application can therefore verify the assurance it received, rather than trusting that a token was issued.

Both scopes take the user straight to the in-browser verification page — the pure OIDC Web experience. Your application selects the level it needs on each request; the Integration & User Guide shows the exact request syntax.