Document OCR was built for printed photos. Liveness detection was built for screen replays. Neither was built for real-time deepfake injection at $15 per synthetic identity.
AI-generated fake IDs, deepfake injection attacks, and synthetic identity rings have industrialised customer onboarding fraud. What used to require coordinated criminal groups is now available as a service on Telegram for the price of lunch.
Legacy KYC ā document OCR plus passive liveness plus optional selfie ā was designed for a threat model that no longer exists. Every signal it analyses can now be synthesised faster than your detection model can be retrained.
Regulators know this. AMLD6 in the EU, FinCEN's CDD Rule in the US, and NYDFS 500 all increasingly require identity assurance, not just identity collection. The difference is the difference between a policy and a proof.
The synthetic identity wave does not treat all sectors equally. These are the industries where bad onboarding translates directly into loss, regulatory exposure, and brand damage.
New account fraud, synthetic credit building, instant-payment exploitation, AML breach risk. Direct financial loss plus regulatory penalty exposure under EBA guidelines and national AML directives.
Exchange KYC is a primary target of state-sponsored deepfake operations (including DPRK-linked wallets). Account takeover of high-balance users is now a crypto-native attack surface.
AI-generated buyer and seller profiles, credential stuffing at scale, payment fraud, and loyalty-point theft. Fake identity on both sides of the marketplace erodes trust platform-wide.
Document-based KYC proves that a document exists. Liveness detection proves that a face is physically present. Neither proves that the document is authentic or that the face belongs to the person on the document. The NFC chip in a biometric passport is the only widely-available artefact that proves both ā cryptographically, nation-signed, and unforgeable by generation.
Most KYC vendors pick one lane: either chip-based verification in a few countries, or document-based verification with varying reliability. IdentiGate covers both ā highest assurance where NFC is available, globally deployable document-based route where it isn't. Every verification returns a mathematical proof ā a signed X.509 certificate. One stack, one API, every customer your platform can reach.
| Capability | Document OCR KYC | Liveness-Enhanced KYC | IdentiGate |
|---|---|---|---|
| Global coverage | Selected countries | Selected countries | Worldwide ā 179 NFC countries + document route for the rest |
| Mathematical proof for every verification | No ā pass/fail verdict only | No ā pass/fail verdict only | Yes ā signed X.509 certificate every time |
| Highest assurance where NFC exists | No | No | Yes ā eIDAS High-equivalent, nation-signed chip |
| Cryptographic fallback for non-NFC documents | No ā pass/fail only | No ā pass/fail only | Yes ā IdentiGate-attested certificate, eIDAS Substantial |
| Defeats deepfake injection (NFC route) | No | Partial ā bypass ~$15 | Yes ā chip signature cannot be generated |
| Defeats AI-generated documents | No | No | Yes ā issuer cryptographic signature |
| Reusable identity ā no repeat KYC | No | No | Yes ā one identity, every service |
| eIDAS AdES signature on decision | No | No | Yes ā default |
| Personal data returned to your platform | Full identity record | Full identity record | Signed attestation only |
IdentiGate is the only identity layer that covers both ends of the global spectrum ā with a mathematical proof every time. Where an NFC passport exists, we deliver the highest assurance available: nation-signed chip verification, immutable by design. Where it doesn't, we read standard identity documents, match them to a live biometric, and issue our own signed certificate. Either route, your platform receives a signed X.509 certificate ā not a pass/fail verdict, but cryptographic evidence you can carry into every downstream decision.
Every improvement in liveness detection gets defeated by the next generation of generative models. Defenders retrain quarterly; attackers iterate weekly.
This race is unwinnable at the model level. The only durable answer is to anchor identity to something that cannot be generated ā a cryptographic signature written onto the passport chip by the issuing state.
Your customer verifies once for your bank, again for your brokerage, again for your crypto exchange, again for your insurance. Each step collects personal data, each is a breach surface, each drops conversion by 10ā40%.
Reusable passport-anchored identity eliminates repeat KYC across every IdentiGate-powered platform ā less friction for customers, less liability for you.
Synthetic identities combine real fragments (valid SSN, plausible address) with fabricated identity. No human was defrauded ā so no one reports it. The fraud surfaces only after credit is extended and the account disappears.
Chip-anchored identity makes synthetic identities cryptographically impossible. If there is no real passport, there is no verified identity ā full stop.
EUDI Wallet will cover 27 EU countries. Your customers live in 140 more. Most KYC vendors patch this gap by reading national ID documents ā but the cryptographic authenticity of those documents varies wildly.
IdentiGate reads the NFC chip from any ICAO 9303 passport ā an internationally standardised, nation-signed artefact. Coverage is not a business decision; it is a property of the standard.
We don't replace your onboarding system ā we add the identity layer it was never built to handle. Each capability below solves a specific moment in the onboarding lifecycle, from the first NFC scan to reusable identity across every service the customer touches. Deployable today, built on our existing products.
A synthetic identity ring opens 47 accounts in a single night. The AI-generated IDs pass OCR. The deepfake selfies pass liveness. The attack fails only where the passport chip is read ā because the nation-signed cryptographic signature inside it cannot be generated, only issued by a state.
No password to steal. Every login requires device and PIN. The human is in the loop, every time.
One IdentiGate verification eliminates repeat KYC. The next service receives a signed attestation, not a new passport photo.
Regulator asks six months later? Cryptographically signed AdES decision, timestamped, linked to the reviewer. Court-admissible.
Every decision, every attestation, every identity event chained cryptographically ā a sequence that cannot be rewritten.
Verify the company AND the authorised individual in one API call. Two verifications, cryptographically linked.
The industry isn't here yet. Our architecture already is.
The regulator requires "over 18". Today you collect full date of birth. With zero-knowledge proof, the customer proves the threshold without transmitting the birthdate. Collect less, prove more.
Customer's AI agent opens the account. The EU AI Act (August 2026) requires the human sponsor be cryptographically linked to every agent action. Infrastructure already live.
One verified customer, every service. No duplicate KYC, no duplicate data collection, no duplicate breach risk. Identity travels with the human.
| Choose your deployment | API IntegrationFor platforms with engineering capacity | Signing PortalIdentity + cross-border signing, no integration |
|---|---|---|
| What your customer does | Verifies inside your platform via API | Creates digital identity via NFC passport, signs documents in the portal |
| Integration model | REST API Ā· SAML/OIDC/SCIM | No integration ā send customer to hosted portal |
| Cross-border signing | ā eIDAS AdES via API | ā eIDAS AdES ā USA, EU, Africa, Asia, replaces weak click-wrap |
| Reusable digital identity | ā Portable across platforms | ā Customer keeps it for future signing |
| AML / CDD alignment | ā Workflow-aligned | ā Built-in |
| Compliance evidence reporting | ā Full reporting | Audit artefacts from every signature |
IdentiGate API as an alternative to Signing Portal ā use the one that fits your team today, or both as you grow.
Full pricing, volume tiers, and enterprise terms live on the product pages. Integration fee scoped per engagement ā we quote after a short discovery call.
20 minutes. A real passport scan on a real device. A real deepfake attempted against both legacy liveness and chip-anchored verification. You see exactly how your current KYC would respond ā and what IdentiGate would stop.