What This Application Specifies
Remote onboarding for banks, exchanges, lenders, and regulated marketplaces requires the applicant to submit an image of a government identity document, often alongside a selfie. Know-Your-Customer and anti-money-laundering programs, driven by requirements such as the U.S. Customer Identification Program rule under the Bank Secrecy Act and comparable obligations in other jurisdictions, treat that document image as the anchor of the applicant's claimed identity. The dominant fraud against this step is not forging the document's printed content; it is submitting an image that was never freshly captured from a physical document at all. A fraudster photographs another person's ID displayed on a laptop screen, uploads a leaked passport scan pulled from a data breach, or feeds a generatively synthesized ID that no camera ever saw.
This application specifies a document-authenticity layer that sits inside the KYC capture flow and is built on the Content Anchoring inventive step, disclosed in PCT International Application No. PCT/US26/28630. The disclosed technology derives a unique identifier for a digital artifact from the artifact's own internal structure by extracting a multi-axis variance vector: a first axis encoding energy distribution across spatial scales, a second encoding frequency compaction, and a third, designated the Z-axis, encoding structural phase persistence based on gradient orientation distribution. Two capabilities of that disclosed pipeline carry the KYC use case. First, the screenshot recapture classifier evaluates the Z-axis gradient histogram component for the characteristic variance signature introduced when a digital display is re-captured by a camera or screen-grab, producing a recapture probability score from the candidate artifact alone. Second, the lineage query and orphan detector determine whether a submitted artifact has any registered structural lineage in a governed corpus, flagging structurally unanchored artifacts for heightened scrutiny.
No content is embedded in the applicant's document image, no enrollment of that image is required, and no central registry of citizens' documents is created. The identity is derived post-hoc from the pixels the applicant already submitted.
Why It Matters
The recapture problem is structural, and conventional KYC tooling is not equipped for it. Optical character recognition reads the document's text; face-match compares the portrait to the selfie; template checks confirm that fonts and layout match a known document design. All three can pass on a photograph of a screen showing a genuine, stolen document, because the printed content, the face, and the layout are all authentic. What is inauthentic is the provenance of the capture, and provenance is precisely what a pixel-level content read does not surface.
The disclosed recapture detection method exploits a physical fact rather than a learned classifier. When a digital display renders an image and a camera or screen-capture device re-captures the rendered output, the display's sub-pixel geometry, the compression and dithering artifacts of the display pipeline, and the optical point-spread function of the capturing lens introduce a periodic spatial-frequency structure in the luminance channel. As disclosed, these artifacts manifest in the Z-axis gradient histogram as elevated energy in the horizontal and vertical orientation bins relative to the diagonal bins, yielding a horizontal-vertical bias score that is systematically elevated compared to the original digital artifact. The screenshot recapture classifier evaluates that bias against a policy-calibrated threshold. The disclosure states that this detection requires no reference to the original artifact and operates entirely from the structural features of the candidate itself, so no corpus lookup is needed to make the recapture call.
This matters for regulated onboarding in three concrete ways. It gives a reproducible, auditable authenticity signal rather than an opaque classifier verdict, because the disclosed admissibility decisions are replayable from the versioned policy object and the artifact's variance-derived identifier. It avoids building a database of applicants' identity images, which is itself a privacy and breach liability, because the method derives identity from the artifact rather than enrolling it. And it runs at the moment of capture rather than after the account is opened, which is where the disclosed platform positions its evaluation.
How It Composes With the Domain
A KYC onboarding flow can adopt the disclosed technology as a faithful enabling implementation as follows. The capture client is a standard web or mobile front end that already collects the document image through a browser file input or media-capture API. The disclosure specifies a client-side execution architecture in which canonical resizing, grayscale conversion, and orientation canonicalization are performed using only standard Canvas 2D interfaces, the multi-scale variance analysis and gradient-histogram computation produce a variance vector using standard arithmetic, and a 320-bit unique identifier is produced by the disclosed hash combiner, all within the browser without server-side inference or GPU compute.
At capture time the client runs the screenshot recapture classifier over the freshly computed Z-axis component. Because the recapture signal is read from the artifact itself, the raw document image need not leave the device to produce the recapture probability score; the disclosure states that the raw artifact does not leave the client during the admissibility evaluation phase and only the computed identifier and the resulting decision are transmitted. This aligns the fraud check with data-minimization expectations that constrain transmission of personal media, which is a recurring constraint in regulated identity handling.
The recapture score is one input to the disclosed composite risk score aggregator, which combines lineage absence, recapture probability, and synthesis probability into a single governance signal that routes to the pre-release admissibility engine. In the KYC framing:
- The recapture probability score flags screen-photograph and screen-grab submissions from the Z-axis horizontal-vertical bias.
- The orphan detector flags a submitted image with no registered structural lineage in the governed corpus. As disclosed, structurally unanchored artifacts are not necessarily fraudulent, but they cannot be admitted under a policy object that requires verifiable provenance and they trigger heightened scrutiny under policy objects that govern synthetic content. For an institution that anchors its own genuine-capture reference set, an out-of-distribution submission surfaces here.
- The synthetic content detector compares the candidate variance vector against a slope-band-indexed statistical model of known synthetic-content variance profiles, producing a synthesis probability score for generatively fabricated IDs. The disclosure notes this distribution can be updated continuously as new generative architectures emerge, without retraining an inference model.
The commitment boundary is the account-approval or funding event. The disclosed pre-release admissibility engine interposes an admissibility evaluation between the candidate artifact and any irreversible or externally visible side effect, including customer delivery and downstream anchoring. A submission that trips the recapture threshold is rejected, sent back for re-capture under modified constraints, or escalated to a human reviewer through the disclosed rejection and escalation paths, each governed by a versioned, cryptographically signed policy object that defines the similarity tolerance thresholds, override authorities, and escalation routes for the relevant jurisdiction.
For institutions that resolve against a shared reference corpus, the disclosed UID resolution query protocol lets a client submit only the computed identifier, not the document, and receive an identity, derivative, orphan, or conflict resolution. Bulk resolution supports high-volume onboarding pipelines resolving many submissions per network round-trip rather than per document.
What This Enables
Adopting this layer lets a KYC program treat capture authenticity as a first-class, computable check rather than an inference left to a downstream fraud model. A screen-photograph of a stolen but genuine ID, which passes OCR, template, and face-match, is caught by the Z-axis recapture signature that those checks never examine. A synthetic ID with no plausible capture lineage is caught by the orphan and synthesis signals feeding the composite risk score.
Because evaluation runs client-side and returns a replayable decision, an institution can demonstrate to an examiner or auditor why a given onboarding was accepted or rejected: the versioned policy object plus the artifact's variance-derived identifier reproduce the determination, in contrast to a black-box classifier score. The consultation event logger, disclosed for recording each generation event that consults a reference artifact, provides a deterministic audit record when a submission is resolved against a governed corpus, supporting the record-keeping posture that KYC and AML regimes expect. And because nothing is embedded in and no enrollment of the applicant's document is required, the institution reduces its own exposure to holding a registry of citizen identity images.
The same variance identity supports adjacent workflows without new infrastructure: detecting when the same leaked document image is replayed across many fraudulent applications through near-exact identity resolution, and detecting cropped or lightly edited derivatives of one source document through the disclosed derivative-resolution mode and per-quadrant similarity, which localizes which region of a document was altered.
Boundary Conditions
This application is faithful to what the disclosure claims and no more. The recapture classifier produces a probability score against a policy-calibrated threshold; it is a structural signal, not a legal or definitive determination of fraud, and the disclosure frames orphan and synthesis findings as triggers for heightened scrutiny rather than automatic rejection. Threshold calibration is a policy matter, and a poorly calibrated threshold will trade false accepts against false rejects; the disclosure specifies the mechanism and the policy-object governance, not a guaranteed error rate, and no accuracy or benchmark figures are asserted here.
The recapture signal derives from display and lens artifacts of a re-captured screen. A capture pipeline that does not exhibit the disclosed elevation of horizontal-vertical gradient energy, or an adversary who deliberately reintroduces diagonal structure, may attenuate the signal; the disclosure positions recapture detection as one input to a composite risk score alongside lineage and synthesis, not as a sole determinant. Orphan detection depends on the presence and scope of a governed reference corpus; its usefulness for a given institution depends on what that institution chooses to anchor, and an unanchored artifact is expressly not equivalent to a fraudulent one. Face matching, liveness of the applicant, and document data validation are separate concerns handled by other components of a KYC stack; this layer addresses artifact-capture authenticity and structural identity, not biometric liveness.
Disclosure Scope
Every claim in this article about what the technology does traces to the Content Anchoring disclosed in PCT International Application No. PCT/US26/28630, including the multi-axis variance vector and Z-axis gradient orientation encoding, the screenshot recapture classifier and its horizontal-vertical bias signature, the orphan detector and synthetic content detector, the composite risk score aggregator, the pre-release admissibility engine and commitment boundary, the client-side execution architecture, the consultation event logger, and the UID resolution query protocol. The identity-document and KYC framing, including references to Know-Your-Customer, anti-money-laundering, the Bank Secrecy Act Customer Identification Program rule, data-minimization expectations, and remote-onboarding fraud patterns, is external domain and regulatory context provided as an enabling implementation setting; it is not part of the disclosed invention and does not constitute legal, compliance, or regulatory advice. Named regulatory obligations are cited only as real domain context and their applicability to any particular institution is a matter for that institution's counsel.