logo logo

Trust Evaluator

The Trust Evaluator feature handles the decision process of the identity verification applying defined rules.

It simplifies the usage and removes the need to write code handling the results of various biometric models from multiple API calls.

Identity Verification

Identity verification proves person’s identity by evaluating the data provided during the process. Trust Evaluation is provided by Digital Identity Service (DIS) and evaluates various results obtained from the provided data - these individual aspects are called Trust Factors and the outcome of Trust Evaluation is a combination of the Trust Factors.

Trust Factors

A Trust Factor defines one single aspect of the Identity verification - it is a condition or a rule that needs to be fulfilled to accept that the identity is proved. The Trust Factors can be of following types:

  1. Score - condition on a numeric result of a biometric model
  2. Bool - rule based on an outcome of a logical check

Each Trust Factor needs to be configured, how it’s result affects the outcome of identity verification. It can be following:

  • Accept - the outcome of the condition shows that the evaluated aspect of identity can be trusted
  • Review - the outcome of the condition is at the edge values and a manual review is needed
  • Reject - the outcome of the condition shows that the identity cannot be trusted

The overall outcome is logical AND of all the outcomes of Trust Factors. That means, all partial outcomes must be Accept for the overall result to be Accept. If there is one Trust Factor resulting as Reject, the whole identity verification ends as Reject. If there are Trust Factors in Review state and none Rejected, the identity verification is set for manual review. A Trust Factor can be configured to be Ignored.

Recommendation for setting the Trust Factors

When setting up the system in production, it is recommended for some initial time to dedicate resources to manual review of cases that are around the threshold values. Later on can be the Trust Factors configured for fully automatic decision using the experience from manual reviews.

Recommended Trust Factor Definition file can be downloaded from the Customer Portal in the DIS downloads section.

Trust Factors documentation

The individual Trust Factors are documented in the Customer Portal in the DIS downloads section.

Trust Factors Definition

The Trust Factors are defined in a JSON object for the evaluation API call. Each Trust Factor has a name, type and configuration of outcome. A Trust Factor of type Score is defined like this:

   {  "name": "passive_liveness",
      "type": "SCORE",
      "scoreConfiguration": {
        "rejectLow": 88.5,
        "reviewLow": 90
      }
    }

The rejectLow in the scoreConfiguration defines below which score is the Trust Factor rejecting the onboarding. It supports also rejectHigh and reviewHigh values, in this case the Trust Factor rejects above such score.

A Trust Factor of type Bool is defined like this:

    { "name": "document_not_expired",
      "type": "BOOLEAN",
      "booleanConfiguration": "REJECT_IF_FALSE"
    }

The booleanConfiguration defines how the Trust Factor behaves with the result. It supports also REVIEW_IF_FALSE, REJECT_IF_TRUE and REVIEW_IF_TRUE.

The Trust Factor Definition overrides for that given evaluation any global threshold setting of the DIS.

Trust Evaluation in DIS

The Trust Evaluation is performed with the API call PUT /api/v1/customers/{customerUuid}/trust-evaluation/evaluate. The input is the Trust Factors definition to be applied for Identity verification.

← Active Liveness Detection
TrustPlatform Identity Management →