Turning a face toward a phone camera or photographing an ID has become routine in digital onboarding, from banking apps to travel services. Behind that familiar flow sits electronic identity verification, or eIDV, a set of technologies designed to authenticate an identity document and confirm that the person presenting it is its rightful holder.
Industry research cited in recent cybersecurity coverage suggests adoption is accelerating, but not yet universal. A notable share of organisations still rely on manual document checks, even when onboarding happens remotely via video calls or human review of uploaded images. The gap points to a market in transition: eIDV tools are widely available, but many businesses have not integrated them end-to-end or do not fully trust automated decisions for higher-risk use cases.
What electronic identity verification is—and what it replaces
Electronic identity verification is the digital evolution of traditional identity checks. Instead of a staff member visually inspecting a physical document and comparing a photo to the person in front of them, eIDV uses software, device sensors, and cryptographic validation to verify both the document and the user.
Most modern eIDV platforms combine two pillars:
- Document verification, which assesses whether an ID is genuine and unaltered.
- Biometric verification, which checks whether the person presenting the ID matches the identity data contained within it.
Document verification systems typically identify the document type and issuing country, confirm the document’s physical presence, read printed and machine-readable data, and detect manipulation. Where supported, they can also read embedded chip data via NFC and validate it cryptographically.
Why businesses are shifting to eIDV
Manual checks remain common, but automated verification is increasingly attractive for several reasons.
Speed and scalability
Automated systems can complete checks in seconds, while manual reviews often take minutes. At scale—such as during high-volume customer onboarding—those time savings translate into lower operating costs and faster customer conversion.
Access to security features humans can’t validate
Many modern identity documents rely on cryptographic protections stored in chips or digital credentials. A human can inspect holograms and printing patterns, but cannot validate digital signatures or chip authentication. eIDV systems can verify chip data and signatures against issuer-backed trust chains, adding a layer of assurance beyond visual inspection.
More consistent biometric matching
Rather than subjective “looks like” comparisons, biometric verification performs algorithmic matching between a live capture (often a selfie) and a reference image stored in the document. In higher-security contexts, fingerprints or iris data may also be used where legally permitted and technically available.
Remote onboarding as a default
Perhaps the biggest driver is remote verification. Users can scan a document and complete a biometric check from their own device, reducing the need for in-person visits and enabling digital-first services.
How eIDV works with modern electronic IDs
The full value of eIDV is most visible when it is applied to cryptographically protected identity documents such as ePassports, electronic national IDs, and emerging digital credentials like mobile driver’s licenses.
RFID chips, MRZ data, and standards
Many electronic IDs contain a contactless RFID chip that stores personal data and biometrics. For ePassports, chip contents commonly include biographic details, a digital facial image, and in some cases fingerprints. These systems follow standards such as ICAO Doc 9303 and ISO 18013, and typically communicate over NFC at 13.56 MHz.
Alongside chip data, eIDV systems read the machine-readable zone (MRZ) printed on passports and many IDs. The MRZ is not only a data source; it also helps establish secure access to the chip by contributing to key derivation in secure messaging protocols.
Data groups and controlled access
Chip data is organised into structured files often referred to as data groups. In passport chips, these can include groups for personal details, the facial image, and—where present—fingerprints and iris data. This structure supports differentiated access controls, enabling basic validation while restricting access to more sensitive biometrics to authorised readers.
Secure access protocols: BAC and PACE
Before chip data can be read, the reader and document must establish secure communication. Older documents use Basic Access Control (BAC), where keys are derived from MRZ information, effectively requiring physical access to the document. Newer documents increasingly use Password Authenticated Connection Establishment (PACE), which offers stronger cryptography and improved protection against interception and brute-force attempts while still leveraging document-specific information such as MRZ data or a card access number.
Cryptographic checks that confirm authenticity
Reading chip data is not enough; eIDV systems must confirm it is authentic and unmodified. Electronic IDs typically include a digitally signed object containing hashes of the data groups. Verification steps may include:
- Passive Authentication, which validates hashes and digital signatures to confirm the data was issued by a legitimate authority and has not been altered.
- Active Authentication or Chip Authentication, designed to help detect cloned chips and establish secure session keys.
- Terminal Authentication, which can restrict access to sensitive biometrics by requiring the reader to prove authorisation.
Biometrics and liveness detection
After the document is validated, the user typically provides a live facial capture. The system compares that capture to the facial image stored in the chip, adding liveness detection to reduce spoofing risks such as photo replays, video injections, or masks.
Standards are also evolving. Updated ICAO requirements call for support of the ISO/IEC 39794-5 facial image format by 2026, a shift expected to standardise richer biometric metadata as issuing authorities transition over the coming years.
A typical remote eIDV workflow
In a common remote onboarding scenario using an ePassport, a user scans the MRZ (or enters a card access number), establishes an NFC connection using BAC or PACE, and the system reads and validates chip data via cryptographic checks such as Passive Authentication. The platform then performs biometric verification by matching a live selfie to the chip image with liveness detection. If checks fail, the case may be flagged for manual review.
The continued reliance on human review in many organisations underscores the current state of the market: eIDV is increasingly central to digital trust, but adoption, integration depth, and confidence levels still vary widely across industries and regions.
Related
