Onfido Detects Document Fraud, Not Identity Drift

1. Vendor and Product Reality

Onfido, founded in 2012 in London and acquired by Entrust in 2024, is one of the most widely deployed identity-verification vendors in regulated digital onboarding. Its Real Identity Platform serves banks, fintechs, marketplaces, mobility platforms, and gaming operators across more than 195 countries, processing tens of millions of verifications annually. The product surface is anchored by two engines: a document-authentication engine that ingests photographs of government-issued credentials and runs them through computer-vision classifiers, and a biometric-matching engine that compares a live selfie or short video against the document portrait, with liveness detection layered on top to defeat photographs, masks, and screen replays.

The document engine is trained on millions of labeled fraud examples spanning passports, national identity cards, driver's licenses, and residency permits across hundreds of issuing authorities. It scores documents against template libraries, hunts for inconsistent fonts, examines security holograms and microprint, and flags pixel-level manipulation. The biometric engine uses face-embedding models that produce distance scores between the live capture and the document photo. The liveness layer mixes passive cues (texture, depth, illumination consistency) with active challenges (head turn, blink, randomized gestures) to confirm that a real person is in front of the camera.

The commercial wrapper is a cloud API that customers integrate into onboarding flows, with SDKs for iOS, Android, and the web that handle capture quality and user experience. Pricing is per verification, with tiered packages for repeat-customer flows, transaction-monitoring add-ons, and watchlist screening. The customer base is concentrated in jurisdictions with strong KYC and AML regimes — UK FCA, EU AMLD, US BSA — and Onfido's regulatory positioning emphasizes audit trails, ISO 27001 and SOC 2 compliance, and data-residency options for European customers. Within its scope the product is mature and well-engineered: the document and biometric pipelines are state of the art, the SDKs handle edge-case capture conditions gracefully, and the customer-services organization has internalized the operational rhythm of high-volume KYC.

Analyst placement consistently lists Onfido among the top three or four identity-verification specialists alongside Jumio, Veriff, and Persona. Its strengths are a deep document corpus, low friction in the consumer flow, and a mature anti-spoofing posture against the dominant attack patterns of the last decade — photograph swaps, manipulated PDFs, and synthetic deepfake injection through camera replay. Onfido is the reference implementation for what the industry calls "document-plus-selfie" verification, and the verification event is the unit of analysis around which the entire platform is organized.

2. The Architectural Gap

The structural property Onfido's architecture does not exhibit is biological-trajectory continuity across verification events. Each Onfido check is a standalone event: a document is ingested, a selfie is captured, classifiers fire, a decision is emitted, and the artifacts are archived. The product asks two questions — is this document genuine, and does the person in front of the camera match the document photograph — and answers them at a single point in time. There is no architectural place in the platform where a person's biological signals from prior verifications inform the evaluation of the current one. Even when a customer re-verifies the same individual, Onfido treats it as a fresh event and emits a fresh decision rather than as an observation that extends or contradicts an accumulated trajectory.

The gap matters because the dominant fraud pattern has shifted. A decade ago, document fraud — manipulated PDFs, swapped photos, counterfeit credentials — was the operative attack surface, and document classifiers were the right defense. Today, the operative attack surface is identity substitution with genuine documents: stolen credentials sold on dark markets, identities harvested through breaches, synthetic identities built around real attributes, and increasingly, real-time deepfake injection that defeats single-point biometric matching. In all of these patterns the document is authentic and the biometric capture matches the document — because the attacker has the document and is aiming the deepfake at it. The Onfido pipeline returns a clean verification because every check it knows how to run passes.

Onfido cannot patch this from within its current architecture because the platform was designed as a verification-event service, not as a substrate of accumulated biological observations. Adding a "repeat customer" flag to the API does not produce trajectory continuity in the structural sense; storing additional biometric templates does not produce stable sketching or trust-slope trajectory; layering a behavioral-analytics product on top does not produce biological identity in the primitive sense. The chain of reasoning the product runs is: document plausible, face matches, person is live, therefore admit. None of the three terms references prior interactions. The pipeline shape is a classifier stack, not a trajectory accumulator.

This shows up in concrete failure modes that customers already experience. Identity-recycling fraud, where a stolen credential is presented across many institutions, succeeds at every Onfido check because each check is local. Account-takeover fraud, where a legitimate user is replaced by an attacker who has the document, presents no continuity discrepancy that the platform can surface. Drift over years — a customer aging, gaining or losing weight, growing facial hair — is treated either as a false negative against the document photo or as a forced re-enrollment, neither of which captures that the change is consistent with the person's actual biological evolution. The structural shape Onfido lacks is the shape that would convert each verification into a contribution to a trajectory rather than a verdict in isolation.

3. What the AQ Biological-Identity Primitive Provides

The Adaptive Query biological-identity primitive specifies three structural properties that together produce trajectory-based continuity validation. Property one is stable sketching: every biological capture is reduced to a compact, non-invertible representation that supports comparison against accumulated history without retaining the underlying biometric data. The sketch is engineered so that natural drift (aging, weight, hair, illumination, capture device) maps to nearby points and substitution maps to distant points, while the inverse mapping from sketch back to face or fingerprint is computationally infeasible. This is not a hashed template; it is a geometry-preserving compression specifically engineered to support trajectory algebra.

Property two is trust-slope trajectory accumulation: every verification event contributes a sketch to the individual's trajectory, and the trajectory itself is the credentialed history. The slope of the trajectory — how quickly the sketch is moving and in what direction — is itself a signal. Slow, smooth movement consistent with aging and lifestyle change produces a high trust slope. Discontinuous jumps, oscillation, or movement inconsistent with prior segments produce trust-slope decay that flags substitution, sharing, or capture compromise. Trust slope is a structured value with a defined mode set, not a binary verdict, so a trajectory can be on probation, recovering, or affirmatively confirmed depending on accumulated evidence.

Property three is governed continuity composition: the trajectory is admissible into downstream identity decisions through a published authority taxonomy that defines which counterparties may contribute observations, what evidential weight their observations carry, and how the trajectory composes across jurisdictions and operators. A bank's verification, a mobility platform's verification, and a government re-issuance event each contribute weighted observations under a credentialed authority, and the trajectory accumulates without any single operator owning the biometric template. The recursive closure is load-bearing: each trajectory update is itself a credentialed observation that downstream consumers can admit, weight, and act on. The primitive is technology-neutral (any sketch construction, any slope algorithm, any storage) and composes hierarchically (issuer, operator, jurisdiction, coalition), so a deployment scales by adding levels of the same trajectory rather than by re-architecting. The inventive step disclosed under USPTO provisional 64/049,409 is the closed three-property biological-identity construct as a structural condition for continuity-based verification systems.

4. Composition Pathway

Onfido integrates with AQ as a domain-specialized capture and document-authentication surface running over the biological-identity substrate. What stays at Onfido: the document corpus and classifier stack, the SDKs and capture UX, the liveness engine, the watchlist and PEP screening modules, the regulatory-mapping work that translates KYC requirements into verification configurations, and the entire customer-services and account-management commercial relationship. Onfido's investment in document expertise — the labeled corpus across 195 jurisdictions, the issuer-template library, the anti-spoofing arms race against deepfake injection — remains its differentiated layer and is not displaced by the substrate.

What moves to AQ as substrate: the biometric capture is reduced at the edge to a stable sketch, the sketch is admitted as a credentialed observation under the customer's or coalition's authority taxonomy, and the sketch contributes to an accumulating trust-slope trajectory rather than to a one-shot match score. The integration points are well-defined. Onfido's mobile and web SDKs emit sketches alongside (or instead of) raw biometric captures; the Onfido decisioning engine consumes the trajectory state as an input to its current verdict logic, so a clean document plus a degraded trajectory produces a graduated outcome (step-up, defer, conditional admit) rather than a binary pass; and trajectory updates flow back to the substrate as lineage records that survive the customer's vendor relationship with Onfido.

The composition resolves the genuine-document attack surface directly. An attacker presenting a stolen credential matches the document and passes liveness, but has no accumulated trajectory under the legitimate holder's authority taxonomy, so the trust slope is undefined and the substrate emits a graduated outcome calling for step-up rather than a clean admit. A legitimate holder re-verifying after years presents a sketch that is far from the document photo but consistent with their accumulated trajectory, and the substrate admits the drift as expected evolution rather than failing the match. Cross-operator continuity emerges naturally: a customer's trajectory accumulated through Onfido at one bank composes with their trajectory at a mobility platform under the same authority taxonomy, without either operator holding biometric templates of the other.

The new commercial surface for Onfido is continuity-as-substrate for regulated customers that need verification capable of detecting genuine-document substitution and that need biometric-data minimization sufficient to navigate GDPR, BIPA, and emerging biometric-storage regimes. The trajectory belongs to the customer's authority taxonomy rather than to Onfido's database, which paradoxically makes Onfido stickier — the customer's continuity is portable, but Onfido's capture quality, document corpus, and liveness engine are what differentiate access to that substrate.

5. Commercial and Licensing Implication

The fitting arrangement is an embedded substrate license: Onfido (now under Entrust) embeds the AQ biological-identity primitive into the Real Identity Platform and sub-licenses trajectory participation to its enterprise customers as part of the verification subscription. Pricing is per-credentialed-trajectory or per-sketch-contribution rather than per-verification, which aligns with how regulated customers actually want to consume continuity — as an accumulating asset rather than as a stack of disconnected events.

What Onfido gains: a structural answer to the genuine-document attack surface that document and liveness classifiers cannot close on their own; a defensible position against the wave of AI-driven verification entrants and against in-platform competition from cloud-hyperscaler identity products; biometric-data-minimization posture that converts a regulatory liability into a regulatory advantage under GDPR, the EU AI Act, BIPA, and the next generation of biometric-storage law; and a forward-compatible footing as deepfake injection and synthetic-identity attacks continue to erode single-point verification. What the customer gains: portable continuity across vendor and jurisdiction changes, detection capability that genuine-document substitution does not defeat, and a single trajectory spanning onboarding, transaction-time step-up, and periodic re-verification under one authority taxonomy. Honest framing — the AQ primitive does not replace identity verification; it gives identity verification the trajectory substrate it has always needed and never had.