Verification Process
How VerifiMe verifies identities and assesses risk
VerifiMe verifies two categories of identity: individuals and organisations. The pipeline for each differs significantly - individual verification is fully automated, while organisation verification requires manual review. Both feed into the same downstream risk assessment and webhook delivery flow.
See Identity Types for the distinction between individual and organisation identities.
Individual Verification
Individual verification is a fully automated pipeline. Once a customer submits their information, VerifiMe runs all checks in parallel with no human intervention required under normal conditions.
Document Validation
VerifiMe uses OCR to extract data from uploaded identity documents (passport, driving licence, or Medicare card depending on your configuration). The extracted data is cross-referenced against what the customer provided. Documents are flagged as capture-complete once this step passes.
Government Database Verification
Extracted document data is submitted to the Document Verification Service (DVS), a government-operated database that confirms document authenticity against official records. A successful DVS match flags the document as match-complete.
Biometric Analysis
The customer completes a liveness check - a short live video capture that includes anti-spoofing measures. VerifiMe then performs facial comparison between the live capture and the portrait on the identity document, generating a similarity score. If the score meets the configured threshold, biometrics pass automatically.
PEP and Sanctions Screening
Concurrently with the above checks, VerifiMe screens the customer against Politically Exposed Person (PEP) lists and international sanctions watchlists. Flags from this step may trigger manual review.
Verification Outcome
Verification ends in one of two outcomes: the customer is verified (all checks passed, eligible for risk assessment) or the verification fails (an administrator documents the reason, and the customer can re-enter the process).
Your integration receives the outcome via webhook. See Integration Flow for delivery details.
Organisation Verification
Organisation verification covers companies, trusts, partnerships, and sole traders. Because these entity types vary significantly in structure, documentation, and the number of associated individuals involved, the process cannot be automated end-to-end and requires manual review.
The customer submits formation documents appropriate to their entity type - for example, a company extract for a company or a trust deed for a trust. A VerifiMe administrator examines these documents to confirm the organisation's registered details, identify associated individuals (directors, trustees, partners), and determine each person's role.
This contrasts with individual verification, where the entire pipeline runs without human intervention.
After Verification
Once an identity is verified, VerifiMe's risk assessment engine runs automatically. It evaluates the verified data against the rules configured for your organisation and produces a risk rating.
See Risk Assessment for a full explanation of how rules are evaluated and how ratings are determined.
The outcome - both the verification result and the risk assessment - is delivered to your system via webhook. See Integration Flow for details on how to receive and handle these events.
Re-entry After Failure
If verification fails, the customer is not permanently excluded. VerifiMe sends an automated notification explaining the reason and guiding the customer back into the process. Your application does not receive a webhook when verification fails. The notification is sent directly to the customer.