Identity Verification Best Practices for a Competitive Bake-Off

image showing a computer screen with checkmark and title: 14 Best Practices for a Competitive Bake-Off

Increasing scrutiny from customers and regulators combined with increasingly scrupulous fraudsters means your online identity verification program must get real. Verifying the real life identity of your online customers is a growing concern and necessity of businesses across industries.

Many of solutions exist to help companies identify the true identity of their online customers. If you’re in the market, you’ll soon discover that not all solutions are created equal in terms of fraud detection and deterrence, compliance, and user experience.

Consider knowledge-based authentication (KBA), as one example. A formerly widely accepted verification method, the KBA system is straightforward and offers a fairly positive user experience due to its simplicity: it verifies online identity by asking users specific security questions. However, it can be vulnerable to data breaches when fraudsters purchase personal data for impersonation. The 2017 Equifax data breach was one example of KBA gone wrong, impacting at least 148 million people.

As you look for the right online identity verification solution for your customer ID proofing, it’s critical to perform rigorous tests to ensure the solution you choose is accurate, meets compliance requirements, and offers a positive user experience. The last point is key, as online identity verification is found to be a critical deciding factor as to whether customers complete a sign-up process.

In the online gaming industry, for example, a study found 1 in 4 online gaming customers were discouraged from opening an account due to a negative registration experience. This trend is also witnessed in other industries, such as banking. In fact, an overly long account opening process was found to be a key source of friction and was cited as the top reason for abandonment among online banking customers.

How can companies evaluate vendor solutions to ensure they meet their needs and those of their customers? Our infographic offers 14 ways to perform a competitive bake-off and rigorously evaluate the effectiveness of different vendors.

This infographic highlights 14 best practices for a competitive "bake-off" for online identity verification solutions. A text version of the infographic is available on the page.



Text Version of Infographic:

Online Identity Verification Solutions

14 Best Practices for a Competitive Bake-Off

Online identity verification is becoming a requirement across industries:

  • Cryptocurrency exchanges
  • Sharing economy
  • Banking and finance
  • Gaming
  • Travel
  • Retail

At the most basic level, your requirements include:


Stop the fraudsters. Let in the good customers.


Avoid fines and chargebacks for AML/KYC/GDPR non-compliance.

User Experience

Make it easy for customers to perform the required tasks.

The only real way to know if your prospective vendor can deliver is to perform a competitive bake-off.  Here’s how:

1. Compare apples to apples.

Compare similar types of solutions.

It doesn’t make sense to compare an identity verification solution that only performs database pings to a full identity proofing solution with liveness detection and advanced risk signals.

2. Have a representative sample.

Ideally, your test should include thousands of transactions that will lead to statistically significant results.

3. Test legit IDs as well as fake ones.

Fraudulent transactions typically make up less than 1% of total transactions.

Don’t turn good customers away. Test a large sample of legitimate IDs to see how well each vendor correctly identifies them as good.

Warning: Based on Jumio’s benchmark tests, many automated solutions are no better than a coin toss at correctly identifying legitimate IDs, which means they often deny legitimate customers.

4. Test under less-than-ideal circumstances.

Simulate real-world conditions.

PRO TIP: Include sample IDs and selfies taken under realistic circumstances. This includes pictures of IDs that are captured with bad lighting, images that are blurred or captured with excessive glare, and IDs that are bent or folded.

5. Test for expired IDs.

Loophole alert! When a passport or driver’s license is expired, the issuing agency will usually punch a hole through it.

Many automated verification solutions won’t actually catch these expired IDs.

6. Test for older or different versions of an ID.

Your customers might have:

  • Older IDs
  • Commercial driver’s licenses
  • Paper-based licenses

Accurate identity verification solutions will be able to capture and verify all legitimate forms of ID — not just a recently issued ID.

7. Make sure a reason code is issued with denied verifications.

What went wrong?

With many vendor solutions, verifications are returned without explaining why the verification was denied.

Your chosen solution should tell your customer what went wrong so they can course correct in real-time.

8. Test international IDs.

Ensure your test includes a variety of IDs (not just the most common ID types) from the countries you serve.

INSIDER TIP: Test ID cards, older versions of driver’s licenses, and IDs in different languages.

9. Test black & white IDs.

There are no legitimate ID types that are completely black and white.

Accurate ID/identity solutions will be able to detect and deny black and white IDs.

10. Test the time it takes to receive a verification result.

Many automated solutions will boast a verification SLA measured in seconds, but when put into production, the actual response times are much slower.

INSIDER TIP: Test with production data to see in real-time just how long it takes to get a response back.

11. Test the speed of manual reviews.

Many solutions can quickly read driver’s licenses and passports because they’re only reading and extracting information from the barcode or MRZ.

When the verification goes into the “gray zone” and must be reviewed by a human verification expert, the response times can go from seconds to hours to sometimes days.

12. Audit the results.

Did the vendor catch the bogus IDs?

Did the vendor pass legitimate users?

Who performed best against your criteria?

13. Test at all times of the day.

Not all identity verification vendors operate 24/7, which can cause lag times. Test performance at various times of the day and night to ensure consistent responsiveness, regardless of normal business hours.

14. See how many results come back as uncertain.

Some online identity verification vendors return results classified as ‘suspect.’ When this happens, you are required to conduct a manual review to accept or reject these transactions, which can slow down your overall review process.

PRO TIP: While testing vendors, check to see what percentage of transactions end up flagged as suspect, remembering that the fewer, the better.


Congratulations! You’re ready to perform a successful bake-off.

When identity matters, trust Jumio.



Originally published May 15, 2018; updated December 9, 2022




Get the latest updates from the Identity and Beyond blog, delivered to your inbox.

    Yes, I would like to receive periodic updates from the Jumio blog as well as marketing communications regarding Jumio products, services, and events. I can unsubscribe at any time.

    Jumio values your privacy. To learn more, visit our Privacy Statement.