Enroll from the document photo
Use case showcasing how to enroll (register) the user in Keyless using the user's document photo.
In this tutorial you will use 2 independent modules offered by Keyless:
The Keyless Document SDK: responsible to retrieve user data such as the photo from the idenity document.
The Keyless SDK: responsible to register the user in order to enable biometric authentication.
Important: the Keyless SDK does not check if the photo was retrieved from an identity document using the Keyless Document SDK. The responsibility to pass only photos retrieved from verified documents (e.g. using the Keyless Document SDK) is left to the integrator.
The complete flow to register a user and verifying that the user face matches the document photo is the following:
Retrieve the user photo from the document
Confirm the document is valid.
Enroll using the photo.
Authenticate using the face.
Below are the detailed steps to satisfy the enroll from document photo use case.
1. Retrieve the user photo (from the document)
It is possible to retrieve the photo and user data from the user identity document using the Scan Document API.
KeylessDocument.scanDocument() {
when (it) {
is DocumentResult.Success -> {
// path where the document photo is saved
Log.d(TAG, "Photo path ${it.value.facePath}")
}
is DocumentResult.Failure -> {
Log.d(TAG, "Error ${it.error}")
}
}
2. Confirm the document is valid
In the previous step you retrieved the Document photo, the EDocument
result contains additional fields that we advise to verify before proceeding with registering the user from the photo in Keyless.
Make sure that the EDocument.security.ValidityInformation
are valid:
public enum class Verdict {
NOT_CHECKED, // Not checked
FAILED, // Present, checked, and not ok
SUCCEEDED, // Present, checked, and ok
}
public data class ValidityInformation(
var typeOfAccessControl: String = "",
var activeAuthentication: Verdict = Verdict.NOT_CHECKED,
var chipAuthentication: Verdict = Verdict.NOT_CHECKED,
var dataNotTampered: Boolean = false,
var documentCorrectlySigned: Boolean = false,
var documentSigningCertificateVerified: Boolean = false,
)
3. Enroll using the photo (from the document)
At this point you should have the photo of the user that you retrieved from the user's document.
The enroll from photo is handled by the Keyless Mobile SDK that is the SDk to enable privacy preserving bimoetric.
Install the Keyless Mobile SDK following the Getting Started section.
Now you can enroll the user by providing the document photo. For a detailed explanation of what enrollment with Keyless means, please refer to the enrollment section.
To enroll the user photo follow the enroll from photo.
4. Authenticate using the face (live person)
So far you created a user in Keyless based on the document photo. However you did not verify that the user created is the real person that provided the document. The last step is to verify that the face of the user providing the document matches the photo of the user you just registered.
To close the use case an authentication with Keyless is enough. Authenticate the user following the authentication section. This will match the user face with Keyless privacy preserving biometric authentication against the user document photo.
Congratulation you enrolled a user in Keyless from the identity document and verified that the user face matches the face in the document photo.
Last updated
Was this helpful?