Re-useable Digital Identity
The Luciditi Platform is complete Digital Identity Platform designed to provide trust between unconnected parties and reduce fraud.
It replaces traditional one-time KYC checks with a digital on-device identity that can be presented multiple times for different use cases.
Unlike other Digital Identity systems, Luciditi’s trust model is mutual. This means that users know who they are sharing information with before sharing it – we believe this is an essential factor when building trust.
Data is stored and encrypted as ‘attributes’ which can be revealed individually so that only the minimum amount of data is shared between parties. Since only the ID holder knows the private key to their encrypted data, only with their explicit consent can they share it to another user.
A Luciditi Digital Identity for business reduces friction, automates onboarding, streamlines customer acquisition, builds trust and most importantly, reduces fraud.
Our Digital ID’s are verified using our own Digital Identity Verification (IDV) technology ensuring that all holders are genuine and conform to UK GPG-45 and other international eID standards for remote identity proofing.
Compliance is no longer just a requirement for the financial industry; many other businesses now need to protect themselves and their customers by incorporating an Identity Verification Process.
As a certified Identity Service under DIATF (a scheme run by Department for Digital, Culture, Media and Sport – formerly DCMS), we understand this demand is far more complex than you might first imagine and it’s a constantly evolving one.
Poor processes, outdated technology and clumsy user interfaces will lead to a significant decline in customer or user acquisition. Our “Identity Verification” flow encapsulates this entire process using mobile and web technology to verify individuals to an exacting standard.
Luciditi’s Document Identity Verification (IDV) capability can detect and read hundreds of government IDs from around the world (including those with electronic biometrics), identify fake documents and detect selfie impersonation transparently to the end user.
You can quickly embed the Luciditi Identity Verification Service into your own onboarding process, and Luciditi will take care of the entire electronic ID verification process for you. In return you get exactly what you need – verified users in minutes.
Whether you wish to run your Identity Verification process as a standalone service or incorporate it within an existing mobile, desktop or web application, there are a range of options available. Whichever implementation-type you choose, we’ll guide you along the way.
Our “unique to Luciditi” approach is designed to reduce the data security burden of businesses where they do not wish, require or need to hold sensitive information like the kind that is required to prove identity. All they need to know that the person is real.
Instead of exchanging identity data, Luciditi simply returns a confirmation proof of the information that would normally be requested. In order to provide businesses with compliant proof that the individual had a valid set of identity data at the time of the request, a record of that data is deposited in Luciditi GlassVault. So even if a Luciditi user deletes their account, the GlassVault transaction data held on behalf of the business is accessible, but only by them and for a fixed period of time.
GlassVault is an “escrow-like” service that is only accessible in emergency situations such as providing information to authorities after system abuse (for example, a hate crime on social media). In order to “break-the-glass” and access the data, you must have a valid reason for doing so which is audited and the action communicated to the individual who supplied it.
This is a win-win for everyone because the business isn’t responsible for the security of the data and the user doesn’t need to worry that the system they signed up for that required IDV isn’t going to misuse, misplace or put its storage at risk.
There are many situations where it is advantageous to perform an age check without revealing the identity of a individual. Whereas age verification requires proof using identity documentation, advances in the application of Artificial Intelligence mean that is it now possible to add accurate age checks with low-enough average error rates that doesn’t disrupt application flow or cause user abandonment.
By embedding Luciditi Age Estimation, it is possible to estimate an individual’s age with nothing more than a live selfie taken by web cam or mobile device. The process takes just a few seconds and the whole experience is driven through a pre-built guided user-friendly interface branded with your own logo.
Where a users’ age is detected lower than they actually are, you can optionally allow them to prove their age categorically using a valid government issued photo ID document (passport, drivers license, identity card).
However a user completes the check, you’ll only every receive a pass or fail based on your pre-specified age limit, keeping your data handling to the absolute minimum and the entire process anonymous.
Integration is a breeze with our pre-built integrations such as the Luciditi Age Assurance plugin for WordPress.
Age Verification uses a combination of factors such as data source checks with optional identity document checks to ensure that the individual presenting is of a valid age. Unlike age estimation, this provides proof of age and is the most accurate way to validate age.
By embedding Luciditi Age Verification, it is possible to confirm an individual’s in just a few minutes. The whole experience is driven through a pre-built guided user-friendly interface branded with your own logo.
Post-check, the individual is invited to turn the data used to generate a reusable Luciditi Digital ID so that any future checks are 1-tap on the users mobile.
Just like Age Estimation, you’ll only every receive a pass or fail based on your pre-specified age limit, keeping your data handling to the absolute minimum and the entire process anonymous.
Time Limited Data
Time Limited (sometimes referred to as ‘disappearing data’) is a fundamental approach to data sharing in Luciditi. Why leave it to someone else to remove access to data they no longer need when you can control this yourself?
Thats why all data exchanged via Luciditi has a built-in shelf life. This encourages responsible data retention and ensures data is not held for longer than absolutely necessary. The retention timespan can be set as a fixed policy or default at organisation level or set on a per share / request basis.
The provider of the data whether it be a business or individual has the ability to revoke access to their data at any time.
The requestor can easily re-request it should they need it again in the future. This makes re-validation of data such as identity a couple of taps process for both parties.
To protect individuals from receiving unsolicited requests from Luciditi businesses, the contact pairing feature allows users to accept or block business accounts, either because they don’t know them or they are no longer wish to deal with them.
Luciditi Sign-In removes passwords from the authentication process and replaces them with user biometrics such as fingerprint or facial recognition.
Using the power of the verified biometric identity held in the Luciditi App, users can breeze through logins with a couple of taps. No need to remember increasingly complex passwords and no cumbersome OTP steps involved.
Passwordless authentication significantly reduces the risk of ‘account take over’ through phishing or credential leaks and is far stronger than a simple second factor via OTP. Luciditi Sign-In takes regular passwordless authentication a step further by linking it to a verified digital identity, without revealing any information about the individual.
From a security perspective, there are no credentials held business side databases which reduce the financial risk associated with fines as a result of hacks and credential leaks.
To make integration quick and easy, we’ve built a low-code SDK which is enabled by inserting less than a dozen lines of boiler plate code. Developers can have a fully operational passwordless authentication option conforming to FIDO2 / WebAuthn standards, up and running in less than an hour.
Luciditi allows organisations to define and issue their own Digital credentials in place of physical ID cards. Suitable for employees, contrators, members, indeed anyone who needs to prove something about themselves or their profession with a high level of confidence to another person. All within in a privacy preserving, fraud-resistant way.
Such high confidence comes from the fact that the holder is biometrically ID verified to their device-pinned credential.
The person accepting the credential is able to scan a dynamic QR code using their native smartphone camera or using the Luciditi app if they have it. The result is a time limited response confirming limited (configurable) holder information.
Perfect for Tradespeople visiting homes, Doctors on home visit, Police or any situation where an individuals true identity is critical to another.
Adding Trust at any stage of any process
With both businesses and users armed with Luciditi identities, you can improve compliance by checking identity at any time.
Whether this be a service desk calling a customer or an ecommerce site checking the age for an age restricted purchase, Luciditi ensures that you are dealing with the person/entity you think you are.
It takes a couple of seconds and the audit trail in your account logs every transaction so you can keep track
A Re-usable Digital Identity
At the core of Luciditi is a re-usable digital identity that has been verified using government issued identity documents (such as a passport) and facial matching technology from a live selfie.
Once created, it can be used to prove who you are in seconds without the need to repeatedly supply identity documents.
As the owner of a Luciditi identity, you choose what information you wish to share, every time you use it by giving consent.
For example, if you want to prove you are over 18 or live in the UK, you can do this without sharing your actual date of birth or address. Such “data minimisation” helps businesses with GDPR compliance because there is no need to request more information than necessary. It helps data owners because the less information shared, the better.
Whatever you share, you can be sure that it was requested by a legitimate person/entity, and they can rely on the response you gave because they are able to trust you.
Save on-going costs
One of the advantages of a re-usable identity is speed and convenience of on-going or re-verification processes.
Where an individual’s identity remains valid, there is no need for them to re-scan documents because they are already contained in the Luciditi ID. Consequently, servicing a request for re-identification of a Luciditi user takes less than two seconds.
You don’t even need to know if the user is a Luciditi user in advance, we handle that for you so that your processes remain simple and straightforward.
- Instantly confirm identity and share sensitive data attributes in seconds.
- Detect when ID documents are about to or have already expired
- Prevent re-use of expired or replaced identity documents
How does it work
Luciditi stores data as “attributes”, individual pieces of information such as name, address, passport information as individual data items. These are then secured with encryption using a key (a private key) known only to the owner and held on the owners device
When someone requests some data, it is exchanged by re-encrypting it with their key (a public key) so only they can read it.
They know it came from you because it was backed by a verified digital identity, and the sender feels safe in sharing with them because the request also originated from a verified digital identity.
This is mutual trust and is a fundamental design principle of Luciditi
HR - Right to Work
Enhance your recruitment process by automating Right to Work identity verification. Check progress at any stage, get notified when complete and securely hold proof. Provides individuals with a simple and convenient way to prove their identity, remotely, in their own time on their own device.
Property - Right to Rent
As an accredited DIAFT Identity Service Provider, we are able to offer Right to Rent checks to prospective tenants. Pre checks (KYC) can be performed in advance of contract if required, or by the user via the mobile app. Securely exchange account details rather than email or over the phone. Track progress in the Luciditi app.
Accounting and Finance
Avoid fraud through business email compromise and phishing attacks via secure confirmation of identity Adopt as BAU process for all high-risk transactions and instructions.
Customers & Suppliers
Provide confirmation of your identity to your customers and allow them to do the same. Exchange sensitive information securely and to the correct party rather than email or text.
eCommerce and User Onboarding
Confirm name, age and address and validate ownership against user held physical ID at point of sale or during your onboarding process.
Add an "Age Wall" to your website protecting under age children from accessing inappropriate content or services. We use Age Estimation to reduce the friction for adults, only challenging where necessary.
Apply for your Luciditi Business Account
Comply with Age and Identity Regulation | Conduct Right to Work Pre-Employment Checks | Protect minors from inappropriate content and services | Secure Exchange Sensitive Data in Real-Time | Protect your cyber-perimeter with Passwordless Authentication. Signing up is free!