Everything you need to know about PVID. Discover why you need a PVID-certified identity verification provider to unlock the potential of remote identity proofing today.
One in four companies in France are affected by fraud. Identity theft, which is often the preferred technique of fraudsters, affects companies disproportionately, with 14% of French companies attacked revealing they suffered a loss of more than €100,000. In an attempt to protect companies and customers from the threat of online fraud, ANSSI (National Safety and Security Agency) rolled out a framework in 2021: the (prestataire de verification d’identité à distance) Remote Identity Verification Providers (PVID) standard.
The ACPR (Autorité de contrôle prudentiel et de résolution) quickly mandated that financial and banking institutions should use this standard.
(We are now PVID-certified! Read more about our PVID-standard identity verification services in our recent press release.)
All service providers that wish to comply with the Financial Markets Code (FMC) in France for remote onboarding are also required to meet the same requirements. So how do you select the right PVID-certified provider for you?
What is the PVID standard?
To reduce identity theft, the PVID standard requires providers to offer a certified service that is equivalent to face-to-face.
The PVID-standard goal was developed to add due diligence measures to the remote identity verification process to ensure financial and banking institutions comply with the 5th AML Directive by using robust and effective ANSSI-certified solutions. Key to becoming certified as a PVID-standard provider is being able to offer reliable identity verification that is equivalent to face-to-face experience, or a high level of assurance of identity theft prevention.
How can you become PVID certified?
Nowadays, all remote ID verification providers that wish to comply with the FMC’s requirements regarding remote onboarding must be ANSSI certified.
Service providers must prove that their services comply with all technical and organizational requirements as dictated by the March 2021 ANSSI standard.
What steps are involved in the PVID certification process?
- The service provider submits its application to ANSSI, which delegates a certification agent to the applicant.
- Evaluation tasks are carried out to ensure the remote service is equivalent to the face-to-face experience, and that biometrics, ID document verification, micro payments and other aspects of the technology (including its Qualified Electronic Signature functionality) are safe and secure.
As part of the certification process, ANSSI collaborates with the Bureau of Document Fraud of the Central Directorate of Border Police, and the Documents Department of the Criminal Research Institute of the National Gendarmerie.
- If the applicant meets the requirements, the ANSSI will issue a certification, and the remote identity verification provider will then be able to meet the banks’ requirements.
3 steps to the PVID standard.
- Video capture of document data and user’s face: Our identity verification services enable the dynamic capture of an ID document and ID holder’s face, which is cross-referenced during analysis.
- Automated and manual data verification: Completed in two steps, identity verification is first conducted through automated document analysis (via optical character recognition and deep learning algorithms.) The second step is manual analysis, which is completed by trained fraud operators.
- Creation of evidence file and result submission: Containing the identification data as well as submission results, evidence files are kept for the duration required, and available in case of disputes. Results are also submitted to the company and includes the identity of the user, the dynamic captures of the document and ID holder’s face, and, in case of failure, the reason for the analysis failure.
What to consider when choosing a PVID provider.
All PVID certified providers are compliant with LCB-FT 5 (The French equivalent of 5AMLD). So what should you consider when choosing a provider? What sets apart a good PVID provider from a bad one?
- User experience: Which provider offers the most intuitive experience?
- Processing time: Which provider completes the verification process the fastest?
- Document processing capability: The ability to process a variety of documents
- Geographic coverage: Does the provider have multi-geographical coverage?
- Size of product portfolio: What other solutions are offered by the provider?
- Offering Qualified Electronic Signature functionality.
- Capturing documents in real time, web and mobile SDKs enable the capture process to be integrated through different channels: directly from the service provider’s website, or application, in an email path or via SMS.
One identity verification provider for many regulations.
Ensuring you meet the myriad of different regulatory requirements across regions, countries and jurisdictions can take significant time and effort, and stifle and inhibit growth and innovation. However, not offering a PVID-standard identity verification service could result in substantial fines, penalties, and reputational damage.
At IDnow, we are committed to helping global businesses navigate the complex regulatory landscape in order to drive growth and scale with ease. Adding to our expansive regulatory certification and expertise across Europe, our latest PVID certification for VideoIdent and IDCheck.io demonstrates once again the integrity, security and strength of our remote identity proofing services – a certified service that you can trust anytime, anywhere.
Learn more about the challenges and opportunities of becoming PVID certified, in our ‘How to comply with the PVID standard’ blog.
By
Rayissa Armata
Senior Head of Regulatory Affairs at IDnow
Connect with Rayissa on LinkedIn