Consumer Identity Verification · Interactive Demo
A social login tells you someone
controls an email address. That's it.
This demo shows what happens when you close the gap — combining social login with document verification and liveness detection to produce a trusted, signed identity credential.
Start the demo →$13B+
annual account takeover
fraud losses in the US
fraud losses in the US
73%
of fraud originates at
account creation or login
account creation or login
~90s
added to onboarding with
document + liveness IDV
document + liveness IDV
IAL1.5
assurance level produced
by this demo flow
by this demo flow
Identity assurance is a business decision
NIST SP 800-63 defines identity assurance levels (IAL). Each level trades user friction for fraud resistance. The right choice depends on your risk exposure and regulatory context.
IAL1
Social login
Verifies control of an email address. Nothing more.
Fraud risk
High
Onboarding friction
None — one click
Typical use case
Forums, low-value accounts
Regulatory fit
Minimal compliance coverage
This demo
IAL1.5
Document + liveness
Verifies a real person holds a real document and matches a live face.
Fraud risk
Reduced ~80%
Onboarding friction
~90 seconds
Typical use case
Fintech, healthcare, gig economy
Regulatory fit
FFIEC, PSD2, HIPAA onboarding
IAL2
Government-grade
In-person or certified remote identity proofing against authoritative sources.
Fraud risk
Minimal
Onboarding friction
High — days to weeks
Typical use case
Banking, government services
Regulatory fit
KYC/AML, REAL ID Act
What this demo shows
A complete IAL1.5 verification flow — from social login to a server-signed identity credential — running entirely in your browser. No images or biometrics are transmitted.
1
Mock social login (Google, Microsoft, or Facebook)
Simulates an ID token exchange. Returns realistic claims: name, email, profile picture,
sub, and token metadata. This is your IAL1 baseline.2
Social identity inspection (IAL1)
Surfaces exactly what a social login gives you — and makes visible why it isn't enough for high-trust decisions. Name and email are unverified assertions.
3
Document scan & OCR
Client-side OCR via Tesseract.js reads the document. ICAO 9303 check digit validation confirms the document number hasn't been tampered with.
4
Liveness detection
Blink and head-turn challenge via face-api.js defeats static photo spoofing. Captures a 128-dimension face descriptor for matching in the next step.
5
Binding analysis → IAL1.5 credential
Jaro-Winkler name match + Euclidean face distance + session continuity. On pass, the server mints a signed JWT with
ialLevel: "IAL1.5" — a portable proof of verified identity.
🔒
Nothing you do here leaves your browser. Document scanning and face detection run entirely on your device via WebAssembly. The only server interaction is a final POST that mints a signed JWT from OCR-extracted text fields — no images, no biometrics, no personal data transmitted or stored.