WorldReach Software

Frequently Asked Questions

Does WorldReach use a smartphone token to verify identity?

In short, no. WorldReach does not supply a mobile digital credential to replace traditional physical tokens. However, we do supply a remote mobile capability for individuals to assert their identity using a smartphone and passport or other eMRTD. This is typically an onboarding service where the verified identity is then securely enrolled into an existing system, such as a case management system, a PAX facilitation system, a customer system etc.

How does WorldReach Software perform datachecks?

We offer multiple solutions that currently use the mobile phone to capture an image of an identity document, such as a passport, or national ID card.

We also layer additional checks using a combination of automated techniques to verify documentation. These steps require an analysis of known physical and digital security features on the identity document, as well as a comparison of live and stored facial images.

Our IDV solution reads eMRTD chips using Near Field Communication (NFC), which provides the following benefits:

  • It is the most secure assessment available. There is no need for any detailed visual inspection of the data page if the chip verification is successful, which is the same technique as used in airport e-Gates
  • It is completely automizable and scalable. No human intervention is necessary on the majority of assessments

The IDV technology can be applied to documents with an ICAO compliant chip (passport and many national ID cards)

How does WorldReach sell?

WorldReach sells to our trusted partners or end-user clients in a Software-as-a-Service (SaaS) manner. Each of our solutions is by default a Cloud-hosted SaaS. What this means for our clients is that:

  • The client can still host all their own systems and databases on premise
    • WR IDV does not store or host any data belonging to our clients.

We verify identity in the cloud and then send the verified identity to the customer hosted on-premise system, and then delete once transmitted. So, the client’s data is still all on premise