Transaction Tracking and Charging

Transaction reporting is implemented in the Digital Identity Service to provide data for invoicing with Transaction-based model. Customers are contractualy obliged to provide reporting to Innovatrics, unless agreed otherwise. The transactions performed by the DIS are tracked in logs and in an online Innovatrics server.

Reporting of Transactions in DIS webservice

Online Reporting

Prerequisite: The Digital Identity Service deployed in production must be connected to Innovatric’s tracking service via a secure connection, as described in technical documentation of DIS.

The transactions are tagged with customer’s individual API key assigned in the product license and used for the API calls.

No manual action is needed on customer’s side.

Manual Reporting for Disconnected Instances of DIS

Customer manually extracts and delivers logs stored in a specified folder of the DIS instance - see technical documentation of DIS. Customer sends all logs to Innovatrics on a quarterly basis or uploads them to the Innovatrics Customer Portal (when available).

Transaction Types Being Charged

Innovatrics is tracking and billing following transactions, each having equal price:

  • OCR extraction of data from ID document including visual and MRZ zone (both sides of document count as one transaction)
  • Liveness detection (Passive, MagnifEye or Smile type of liveness, each evaluation counts as one transaction)
  • Face matching This transaction is charged only if it is the only transaction used, otherwise it’s free if used together with other transactions (face vs document or face vs face, each matching counts as one transaction)
  • Face image evaluation (ICAO quality evaluation, cropping, background removal, age and gender estimation; any combination of these functions counts as one transaction)
  • Document NFC readout * (as functionality initiated by server and evaluated on server)
  • Document authenticity (any combination of screen and print attack detection, BW photocopy detection and document data cross-check counts as one transaction)

* To be applicable when Innovatrics releases given feature

Data Security

Transaction logs do not contain any private or sensitive information about clients, nor about the demography of clients. Only failure statistics and data on transaction quantity and quality are collected by Innovatrics in order to optimize server configuration. These same events are also recorded in the service logs, which are fully open for customer audit. All monitored events are listed below.

Customer Onboarding API Events

EventAPI callParameters
dis-customers-selfiePOST /api/v1/customers/{id}/selfieserver-version
image-resolution
result
dis-customers-liveness-selfiesPOST /api/v1/customers/{id}/liveness/selfiesserver-version
assertion (liveness type)
image-resolution
result
dis-customers-liveness-evaluationPOST /api/v1/customers/{id}/liveness/evaluationserver-version
type (liveness type)
score (rounded)
result
dis-customers-document-pagesPUT /api/v1/customers/{id}/document/pagesserver-version
document-type
page (front/back)
recognized (level of recognition)
duration
image-resolution
image-size-kb
image-format
ocr-confidence (average rounded)
result
dis-customers-get-dataevery GET operationserver-version
operation (name of GET call)
dis-customers-getGET /api/v1/customers/{id}server-version
provided-selfie (true/false)
provided-document (true/false)
document-face-found (true/false)
dis-customers-inspectPOST /api/v1/customers/{id}/inspectserver-version
similarity-selfie-document (true/false)
similarity-selfie-liveness (true/false)
face-mask (true/false)
aspect-age (difference between estimation and date of birth)
aspect-gender (match between estimation and document)
dis-customers-document-inspectPOST /api/v1/customers/{id}/document/inspectserver-version
pages (count)
expired (true/false)
mrz-check (true/false)
text-consistency (true/false)
color-profile-change-detected (true/false)
looks-like-screenshot (true/false)
dis-customers-storePOST /api/v1/customers/{id}/storeserver-version
status
dis-metadata-getGET /api/v1/metadataserver-version

Mapping the Charged Transactions to the API Events

OCR Extraction

Counted each time the DIS API call GET /api/v1/customers/{id} is called, where at least one page of document was uploaded for that customer entity

Liveness Detection

Counted each time the DIS API call POST /api/v1/customers/{id}/liveness/evaluation is called, no matter how many face images were provided for that liveness evaluation.

Face Matching

Counted each time any of the following two DIS API calls is called POST /api/v1/customers/{id}/inspect or POST /api/v1/faces/{probe_face_id}/similarity. The customers/inspect is matching the face between document and selfie. The similarity is matching any pair of faces provided.

Face Evaluation

Counted in following occasions:

  • Each time the DIS API call GET /api/v1/customers/{id} is called, where for that customer entity is a face uploaded and there is no document page loaded.
  • Each time the DIS API call GET /api/v1/faces/{id}/aspects is called
  • Each time the DIS API call GET /api/v1/faces/{id}/crop is called

Document Authenticity Check

  • Counted each time the DIS API call POST /api/v1/customers/{id}/document/inspect is called.

Reporting of Usage with Web Auto Capture Components

The Auto Capture Components for web development are sending usage statistics in order to enforce usage in accordance with license as they are easily available via the Node Package Manager. The statistics are also used for further user experience improvement.

Usage logs do not contain any private or sensitive information about clients, nor any device fingerprinting, nor anything about the demography of clients.

Web Component Events

EventcomponentParameters
auto-captureFace Auto Capturebase domain URL
browser name
imageResolution
confidence
averageFps
camera (name)
captureTime
faceSize
auto-captureDocument Auto Capturebase domain URL
browser name
imageResolution
confidence
averageFps
camera (name)
captureTime
hotspots
smallestEdge
sharpness
brightness

Reporting of Usage with NFC mobile library

The NFC library collects transaction and debug data about the NFC reading process. The purpose of this is to count NFC reading transactions for our invoicing and to speed up issue fixing. These data do not contain any personal information and they do not assign any tracking or advertising ID to the user. The library sends data to an URL at innovatrics.com and these contain:

  • your app name
  • reading success
  • error type
  • security protocol types used
  • document type (passport or ID)
  • number and type of security objects and data groups
  • readout time
  • OS version

You will need to declare “anonymous usage statistics” in the Google Play console and the Apple App Store if not already declared.