Onfido today announced that Azure B2C Active Directory customers can now enable Onfido in their user journey, by calling on Onfido's identity document and facial biometrics verification during user onboarding, step-up or any other touch points in a customer journey. 

Azure Active Directory (Azure AD) External Identities is a set of capabilities that enables organizations to secure and manage any external user, including customers and partners. For white label authentication and fully customizable user experience, Azure Active Directory B2C is capable of supporting millions of users and billions of authentications per day. Customers can use their preferred social, enterprise, or local account identities to get single sign-on access to applications and APIs. With the Onfido integration, Azure AD B2C customers can verify the real identity of their users through document verification and liveness check. In other words, the process ties a user’s digital identity to their real-world person. So what does this look like in practice? 

For example, a bank can verify a user’s identity at sign-up, completing their proof of identity requirements before the user accesses their current account. A car hire company can verify the driving licenses of its customers. And an eCommerce company can allow users to securely log back into their accounts if they forget their passwords, minimizing the risk of account takeovers, all via Azure AD B2C's secure, highly customizable identity and access management solution. 

Ultimately, Onfido supports a simple, secure identity verification solution within Azure AD B2C. Businesses can continue to meet Know Your Customer and identity requirements in real time, as well as reduce fraud, while providing streamlined user experiences for their customers. 

How Onfido’s identity verification solution works

Onfido uses sophisticated AI-based identity verification to verify a user’s photo ID, before matching it against their facial biometrics.

First, the user takes a photo of their identity document. Onfido then analyses this document to determine it is genuine, using a combination of human analysts and machine learning to check for data consistency across the ID, perform image analysis, and check for font anomalies. The user then takes a selfie or video, and Onfido compares this to the image on the ID. A match provides assurance that the owner of the ID is who they say they, and a real person. The image or video is also analyzed, to check for images of images, spoof videos etc, to protect against fraudulent attacks.

Onfido's solution is used during the sign-up or log-in flow to verify the user, and then to authenticate them at various points throughout the customer journey thereafter, for example during risky transactions. Leveraging Onfido’s identity verification as part of a single sign-on access to applications and APIs, creates a simple onboarding process for users, and allows customers to make informed decisions about which product and service the user can access based on Onfido's results.

The implementation process

The following architecture diagram shows the implementation.