Frequently Asked Questions

KYC

How much does faulty or insufficient KYC/onboarding actually cost companies?

It is very hard to get a solid number on this, but most estimates by international banking associations and consulting firms estimate it in the tens of billions of dollars USD every year. In addition to the cost of re-conducting KYC processes or losing customers all together, companies risk getting sanctioned when a serious incident happens.

TRUSTDOCK

How are you priced compared to your competitors?

We are a value solution, meaning we are not as cheap as very basic solutions that provide only pieces of identity verification, but we provide a much superior product to them. We are cheaper than many other fully custom-built products because our integration is so simple and our clients only pay for the specific services they use. Our solution is also typically about 30-50% lower than building an in-house system.

How are TRUSTDOCK products priced?

All our products have the following simple fee structure:
- One-time onboarding fee for initial development to integrate TRUSTDOCK with your system.
- Recurring monthly subscription fee for ongoing maintenance to ensure continued seamless integration.
- Monthly fees based on the number of API calls required for each verification.

What makes TRUSTDOCK’s e-KYC services better than similar products from other companies?

Universal API platform - TRUSTDOCK in Japan currently provides 16 different verification processes, including nine different ID documents including all passports, biometrics and personal verification, AML/PEPs/ATF risk checks, snail mail address verification, and others. These processes are extremely flexible and adaptable to different national documents and verification environments.

- Completely customizable: We can completely customize our products precisely for each client based on specific regulatory, operational, and technical requirements.
- Simple integration: Our uniquely developed APIs are very easy to integrate, even with limited technical know-how or capacity. This means quicker implementation and lower development costs for our clients to get started.
- Scalability and compliance - TRUSTDOCK has a platform that can easily incorporate new front-end solutions that combat new fraud threats, as well as new backend data sources for increased verification reliability. This means as technology and regulations change, we can quickly adjust to ensure all of our clients stay compliant with relevant regulations and always have the most advanced technology and up-to-date data sources.

Superior UI/UX - TRUSTDOCK has developed an extremely intuitive and reliable verification process for users that leads to higher conversion and retention rates for our clients.

What kind of ID documents does TRUSTDOCK accept?

TRUSTDOCK aims to accept as many ID documents as possible and as available in every country we serve.

In Japan, TRUSTDOCK currently accepts nine different ID documents and three supplemental documents.

- Passport
- Driver’s License
- Individual Number Card (“My Number” Card)
- Social Health Insurance Card
- National Health Insurance Card
- Basic Resident Registration Card
- Residence Card
- Special Permanent Resident Certificate
- Certification of Driver's License History
- Supplemental Documents
- Receipt of utility bill
- Certificate of Residence
- Certificate of entry in the Resident Card

In Thailand, we currently accept two (and soon three) different ID documents:
- Passport
- National ID Card
- Driver’s License (coming soon)

The types of ID documents accepted in each country can increase depending on our clients' needs. We can add other supplemental documents such as utility bill receipts as required.

What are TRUSTDOCK verification rules? (e.g. Do you accept expired documents or blurred images?)

The specific verification rules for each company are defined by that company according to legal requirements for their industry and business requirements of their specific operating model. Generally speaking, TRUSTDOCK's clients reject expired documents, documents with information not matching user input or IC chip/database data, altered documents, faces not matching ID document/database/IC chip photos, and users failing liveness/randomness checks.

What does TRUSTDOCK check when verifying? (e.g. name, address, birth date)

Clients define the specific data points required for matching according to the legal requirements for their industry and business requirements of their specific operating model. Generally speaking, TRUSTDOCK’s clients require matching full name, date of birth, address, document issue and expiry date, and document number.

What is unique about your technology?

While we do develop our own proprietary technology that is quite advanced, particularly for our TRUSTDOCK Portal, our uniqueness really lies in how we bring together existing technologies. Our verification processes are both compliant with the current regulations and incredibly easy to integrate for our clients. By doing this, we can completely outsource the verification process for our clients in ways others can’t.
We develop and implement standardized APIs that can be applied for any verification method and can be easily modified to fit the needs of companies in any industry and geography. We also can easily integrate advanced features from other technology providers into our verification processes. Though we have all of this power and flexibility in our platform, we focus on delivering an unrivaled, intuitive, and reliable user experience, as well as a simple single integration for our clients.

Do you have any patented technology or technology that is extremely hard to copy?

We have a patent for:
- Selfie method that is easy to use and unlikely to create errors.

We also have patents pending for:
- Efficient process transition and operation for digital ID creation.
- Technology to reduce the possibility of ID image fabrication by combining IC chip reading and image shooting.

Doesn’t every company doing this have APIs? What is special about yours?

This is mostly true, and it isn’t the use of APIs themselves that makes us unique - it is how we use them. We not only use APIs to run the individual verification processes smoothly on our backend, but we also use a very modern single API to connect with our clients’ systems, which makes it very easy and low cost for clients to integrate with us and to outsource the entire identity verification process with a single API.

Do you do any other processes beyond ID verification? E-consent, e-signature, etc.?

We don’t offer those services as yet because we are tenaciously focused on delivering the best identity verification experience for our clients and their customers. We are a member of FIDO Alliance, a leading global membership organization setting the standard for digital authentication, and we actively participate in both setting these standards and deploying them in our products. E-signature and e-consent are the next two services we will offer, and we are constantly expanding our services to respond with our clients' needs.

How long does it take to get a verification processed and back into your clients’ systems?

In countries where regulations allow fully automated verification processes, our system can return verification results in just seconds. In Japan, a human eye check is required by the law, and we return the response within as little as five minutes. This turnaround is available 24/7, which we can implement in other countries we serve if technically or legally required.

How do you deal with changing regulations and adjust your product to be always compliant?

We have team members committed to making sure we know about changes to laws before they happen. This allows us to keep adjusting the product to be compliant with laws, as we did in Japan in November 2018. We have also adjusted our product to comply with the new eKYC laws in Thailand and the upcoming personal data protection regulations in May 2020.

How do you assess the authenticity of ID documents?

We compare the captured ID document to an established genuine document of the same type. We ensure the layout is the same and that there has been no other detectable alteration to the document. When possible, we use near-field communications or card readers to read the IC chip in the document to read the digital signature of the user and extract the data from the chip for comparison with the information on the card itself, the information the user has entered, and when possible, a database to ensure all data matches.

Can you do identity verification with a passport of any country?

We can do this using near-field communications (NFC) to extract the data from the IC chip in any passport globally. For users without non-NFC smartphones, we can still read many passports the same way we do other ID documents using image analysis, OCR, and database checks.

How many languages do you support?

Currently, we support Japanese, English, and Thai. We are moving forward to increase supported languages, and we plan to support about six languages, focusing on the languages used by expats and tourists visiting Japan, as well as any languages in the new countries we launch. To include additional languages, we have to update the app itself and our APIs to support them, and we sequentially localize the operation tools.

How do you take responsibility if a verification mistake occurs?

Before we launch identity verification services with clients, we define the process they require according to regulations and business operations. Every process balances efficiency with risk. If we fail to deliver that process, the mistake is ours and we take responsibility and work to both solve the problem and fix our operations to be sure the mistake is not repeated. If we effectively carry out the process and a verification failure occurs, that risk was already known and accepted by the client. In that case, we will work with them to redefine the process if they wish to avoid that failure in the future, and we assist them in effectively dealing with the fallout from the current failure.

Do you keep the data from ID documents and face images?

We give our clients a token with expiry date to download the data to their servers and delete the data from our servers via API. We keep the encrypted data if it has not been deleted within the time limit, in accordance with regulations and for use in audits only. We however don’t do data hosting.

How long do you keep the data?

We keep it for 7 years after the verification is complete. This is according to regulations and for our clients’ convenience as they need to comply with AML regulations.

For what purpose do you use the data?

We keep data only for the purpose of complying with regulations and cooperating with any investigation that may arise during the time period we store their data.

How secure is the data you keep?

It’s encrypted and stored according to globally accepted security levels. We fully recognize and appreciate the sensitivity of personal identification data, and our security specs do not allow easy retrieval, even for the client once they have lost access to their own data.

Latest News

Contact Us