Transaction Tracking and Charging
Transaction reporting is implemented in the Digital Identity Service to provide data for invoicing with Transaction-based model. Customers are contractually obliged to provide reporting to Innovatrics, unless agreed otherwise. The transactions performed by the DIS are tracked in logs and in an online Innovatrics server.
Reporting of Transactions in DIS webservice
Online Reporting
Prerequisite: The Digital Identity Service deployed in production must be connected to Innovatric’s tracking service via a secure connection, as described in technical documentation of DIS.
The transactions are tagged with customer’s individual API key assigned in the product license and used for the API calls.
No manual action is needed on customer’s side.
Manual Reporting for Disconnected Instances of DIS
Customer manually extracts and delivers logs stored in a specified folder of the DIS instance - see technical documentation of DIS. Customer sends all logs to Innovatrics on a quarterly basis or uploads them to the Innovatrics Customer Portal (when available).
Transaction Types Being Charged
Innovatrics is tracking and billing following transactions, each having equal price:
- OCR extraction of data from ID document including visual and MRZ zone (both sides of document count as one transaction)
- Liveness detection (Passive, MagnifEye or Smile type of liveness, each evaluation counts as one transaction)
- Face matching This transaction is charged only if it is the only transaction used, otherwise it’s free if used together with other transactions (face vs document or face vs face, each matching counts as one transaction)
- Face image evaluation (ICAO quality evaluation, cropping, background removal, age and gender estimation; any combination of these functions counts as one transaction)
- Document NFC readout (reading and authenticity checks performed on the device)
- Document authenticity (any combination of screen and print attack detection, BW photocopy detection and document data cross-check counts as one transaction)
Data Security
Transaction logs do not contain any private or sensitive information about clients, nor about the demography of clients. Only failure statistics and data on transaction quantity and quality are collected by Innovatrics in order to optimize server configuration. These same events are also recorded in the service logs, which are fully open for customer audit. All monitored events are listed below.
Customer Onboarding API Events
| Event | API call | Parameters |
|---|---|---|
| dis-customers-selfie | POST /api/v1/customers/{id}/selfie | server-version image-resolution result |
| dis-customers-liveness-selfies | POST /api/v1/customers/{id}/liveness/selfies | server-version assertion (liveness type) image-resolution result |
| dis-customers-liveness-evaluation | POST /api/v1/customers/{id}/liveness/evaluation | server-version type (liveness type) score (rounded) result |
| dis-customers-document-pages | PUT /api/v1/customers/{id}/document/pages | server-version document-type page (front/back) recognized (level of recognition) duration image-resolution image-size-kb image-format ocr-confidence (average rounded) result |
| dis-customers-get-data | every GET operation | server-version operation (name of GET call) |
| dis-customers-get | GET /api/v1/customers/{id} | server-version provided-selfie (true/false) provided-document (true/false) document-face-found (true/false) |
| dis-customers-inspect | POST /api/v1/customers/{id}/inspect | server-version similarity-selfie-document (true/false) similarity-selfie-liveness (true/false) face-mask (true/false) aspect-age (difference between estimation and date of birth) aspect-gender (match between estimation and document) |
| dis-customers-document-inspect | POST /api/v1/customers/{id}/document/inspect | server-version pages (count) expired (true/false) mrz-check (true/false) text-consistency (true/false) color-profile-change-detected (true/false) looks-like-screenshot (true/false) |
| dis-customers-store | POST /api/v1/customers/{id}/store | server-version status |
| dis-metadata-get | GET /api/v1/metadata | server-version |
Mapping the Charged Transactions to the API Events
OCR Extraction
Counted each time the DIS API call GET /api/v1/customers/{id} is called, where at least one page of document was uploaded for that customer entity
Liveness Detection
Counted each time the DIS API call POST /api/v1/customers/{id}/liveness/evaluation is called, no matter how many face images were provided for that liveness evaluation.
Face Matching
Counted each time any of the following two DIS API calls is called POST /api/v1/customers/{id}/inspect or POST /api/v1/faces/{probe_face_id}/similarity. The customers/inspect is matching the face between document and selfie. The similarity is matching any pair of faces provided.
Face Evaluation
Counted in following occasions:
- Each time the DIS API call
GET /api/v1/customers/{id}is called, where for that customer entity is a face uploaded and there is no document page loaded. - Each time the DIS API call
GET /api/v1/faces/{id}/aspectsis called - Each time the DIS API call
GET /api/v1/faces/{id}/cropis called
Document Authenticity Check
- Counted each time the DIS API call
POST /api/v1/customers/{id}/document/inspectis called.
Reporting of Usage with Web Auto Capture Components
The Auto Capture Components for web development are sending usage statistics in order to enforce usage in accordance with license as they are easily available via the Node Package Manager. The statistics are also used for further user experience improvement.
Usage logs do not contain any private or sensitive information about clients, nor any device fingerprinting, nor anything about the demography of clients.
Web Component Events
| Event | component | Parameters |
|---|---|---|
| auto-capture | Face Auto Capture | base domain URL browser name imageResolution confidence averageFps camera (name) captureTime faceSize |
| auto-capture | Document Auto Capture | base domain URL browser name imageResolution confidence averageFps camera (name) captureTime hotspots smallestEdge sharpness brightness |
Reporting of Usage with NFC mobile library
The NFC library collects transaction and debug data about the NFC reading process. The purpose of this is to count NFC reading transactions for our invoicing and to speed up issue fixing. These data do not contain any personal information and they do not assign any tracking or advertising ID to the user. The library sends data to an URL at innovatrics.com and these contain:
- your app name
- reading success
- error type
- security protocol types used
- document type (passport or ID)
- issuing country
- number and type of security objects and data groups
- readout time
- OS version
You will need to declare “anonymous usage statistics” in the Google Play console and the Apple App Store if not already declared.