Login
VAAS · Onboarding & Identity

Real identity in seconds, no friction.

Facial biometrics, liveness, document OCR, and deepfake detection in a single decision. Fraudsters stop at the door. Legitimate customers never notice they were verified.

REC · LIVENESSCAM 01 · 1080p00:04
slowly turn your face
Decision
processing…
verified identity · liveness 99.2% · audit trail
04s
The problem

Identity fraud enters through account opening.

Three attack vectors that grow with digital fraud maturity, faster than manual verification can track.

Deepfake

Synthetic face clears weak verification.

Video generation and injection attacks bypass simple liveness. Without a dedicated model for synthetic imagery, onboarding approves a face that never existed and losses only surface at the first withdrawal.

+700%
in deepfake attack volume at onboarding reported over the past two years
Friction

Overly strict verification drops legitimate customers.

Every extra liveness step loses a slice of the funnel. Tightening to block fraud costs conversion, and loosening to convert opens the door to fraud.

1 in 4
legitimate customers abandon registration at each poorly calibrated verification step
Document

Tampered document without cross-checking becomes a real account.

Standalone OCR reads what is on the page but does not confirm whether the document is genuine or whether the person behind it matches watchlists. A valid document on the wrong person is an approved onboarding.

40+
bureau integrations need cross-referencing for identity to close with confidence
What we cross-check

Everything in a single call.

Public and private sources queried in parallel, normalized and weighted by the use-case matrix.

Facial biometricsActive and passive livenessDocument OCRDeepfake detectionDevice fingerprintPEP, sanctions and media
Regulations covered
Res. CMN 4.893Res. CMN 4.753Res. CVM 50COAF · ReportingLGPD
Decision anatomy

Four proofs. One identity.

The engine collects biometrics, liveness, document, and device in a single call, cross-checks against watchlists, and returns allow, step-up, or block before the account is created.

DECISION · ONB-2026-91204 · 09/jun 14:22
New individual customer · digital bank · onboarding
allow · 1.1s
Capture
Active liveness99.2%
Face match · official base98.6%
Document OCR · CNHValid
Device fingerprintNew · clean
Cross-checked signals
Active liveness
Passive liveness
Deepfake / synthetic image
Injection attack
PEP · 8 sources
Sanctions (OFAC/UN)
Adverse media
Document on stolen list
Score · identity risk
Biometric confidence98.6/100
Deepfake riskLow · 7/100
Device reputationClean
Global score94/100 · green
AI-generated summary

Recommendation: Approve. Biometrics with liveness (99.2%) and face match of 98.6% against official base. No signs of synthetic image or injection attack. Valid document, clean device, negative cross-check on watchlists. Identity confirmed in 1.1s.

1
Active and passive liveness in the same capture

Liveness does not rely on the requested gesture alone. The engine combines active and passive signals, so recorded video and printed faces fail before face match.

2
Deepfake and injection have a dedicated model

Beyond Unico, Caf, and Facephi, proprietary models hunt for generation artifacts and camera injection attempts. Synthetic images are not treated as valid faces.

3
Allow, step-up, or block by risk

The vast majority pass through directly. Only the ambiguous case gets step-up, and only the clearly fraudulent is blocked, so conversion and security do not compete.

Regulatory

The identity the regulation requires confirming.

Secure onboarding is a regulatory duty before it is a fraud defense. Four instruments put identity verification at the center of account opening.

4.893
CMN Res. · 2021

Cybersecurity policy

Requires identification and authentication controls proportional to risk in digital contracting. Biometrics with liveness satisfies the requirement without unnecessary friction.

4.753
CMN Res. · 2019

Know your customer at opening

Customer identification and qualification are mandatory at onboarding. OCR, biometrics, and watchlist cross-checks form the due diligence evidence.

CVM 50
CVM Res. · 2021 · AML

Identification in capital markets

Participants must identify and qualify customers before the business relationship begins. The onboarding decision is recorded with an auditable trail.

LGPD
Law 13.709

Biometric data processing

Biometric data is sensitive. Collection has a legal basis in fraud prevention, with defined purpose and minimization, with retention per policy.

Rollout

From kickoff to go-live in 4 weeks.

Multi-tenant architecture. What changes per client: contracted bureaus, liveness thresholds, and step-up policy.

01
Week 1

Discovery & scope

Map the onboarding funnel, available bureaus, and acceptable friction points per product.

02
Week 2

Calibration

Tune liveness and face match thresholds, step-up policy, and block rules. Validate false positive rate.

03
Week 3

Directed pilot

Live onboarding of a traffic slice in shadow mode. Compare engine decision against current flow.

04
Week 4

Go-live

Full traffic decided in real time. Calibrated step-up active. Deepfake detection in production. Team trained.

Ready?

Decide in seconds.
Start with a meeting.

In 15 minutes we show how VAAS works in your scenario, with your rules, your data, your volume.

Explore the platform