Identity intelligence
built around trust.
Every check that can run on a device runs fully offline — and every result is signed. Proof that lives on the device, not in a promise.
- ICAO 9303
- Passive Authentication
- PACE / BAC
- PDF417 · AAMVA
- MRZ TD1 · TD2 · TD3
- MRZ check digits✓Valid
- Chip clone-detection✓Pass
- Face match✓0.99
- Signed · device-bound✓Yes
- Verified offline✓Yes
A decision you can prove.
Offline by default
Capture, read, and verify in airplane mode. Connectivity-dependent checks degrade gracefully and sync when a connection returns.
Signed, end to end
Each verification emits a tamper-evident record, cryptographically bound to the device that produced it. Anyone can check it — even offline.
Private by construction
Captured data never leaves the device. No third-party server sees the document, the face, or the chip.
From document capture to a decision you can prove.
A complete on-device pipeline. Each stage adds evidence; nothing leaves the device to earn it.
Document capture
A native camera pipeline with automatic document detection, edge finding and perspective correction, and real-time rejection of glare, blur and occlusion.
- Edge detection
- Quality scoring
- Multi-side
Data extraction
MRZ OCR across TD1, TD2, TD3 and MRV formats with full check-digit validation, visual-zone OCR, and PDF417 / AAMVA barcode parsing.
- MRZ
- VIZ OCR
- PDF417
- QR · Aztec
Document recognition
An on-device model recognises the document type, so every check runs against the right template. Passports and ID cards today, with more document types rolling out.
- Document type
- Template-aware
- On-device
NFC chip verificationThe wedge
Reading the secure chip over NFC under ICAO 9303 — BAC / PACE secure channel, data groups, and three authenticity proofs combined into one clone-detection verdict.
- ICAO 9303
- Passive Auth
- Chip Auth
Document forensics
Per-template security-feature checks, hologram verification through device motion, screen-recapture and print detection, and photo-substitution detection.
- OVD / hologram
- Recapture
- Photo swap
Face & liveness
On-device face matching between the live subject, the printed portrait and the chip image, with passive liveness — no frames sent off the device.
- 1:1 match
- Passive liveness
Adaptive decisioning
Expiry and date validity, MRZ structural integrity, barcode authenticity and cross-source agreement each contribute a reason-coded signal — resolved into a single, explainable verdict, with every reason recorded.
- Date & validity
- MRZ structure
- Barcode authenticity
- Reason codes
Captured. Read. Proven genuine. Signed. Trusted.
The same beat runs through every verification — and you can replay the evidence at each step.
- 9:41×01
Align your document
✓Captured
The document is framed, corrected and quality-scored on device. Nothing blurry, glared or recaptured gets through.
- 9:41×02
Reading the zones
P<UTOSAMPLE<<A<<<<<<<L898902C36UTO7408122120415<<<<<<<<<<<06Reading zones…
Read
MRZ, printed zone, barcode and chip are decoded and cross-validated against one another, field by field.
- 9:41×03
Verifying the chip
PassAuthenticating chipProven genuine
The chip’s signature is checked against trusted national certificates — proof the document is genuine, not just well-photographed.
- 9:41×04
Sealing the result
✓Signing · device-boundSigned
The result is sealed into a tamper-evident record, cryptographically bound to this device and this moment.
- 9:41×05
Verified
✓ Verified · offlineTrusted
Anyone can verify the seal independently — online or off. The decision travels with its proof.
We read the chip,
not just the photo.
Inside every ePassport and eID is a secure chip. We open a secure channel to it over NFC, read its data groups, and check three independent proofs of authenticity — combined into a single clone-detection verdict.
Passive Authentication
The chip’s signed data is verified offline against trusted national signing certificates.
Active Authentication
A challenge-response proves the chip holds a private key it cannot reveal.
Chip Authentication
A fresh secure channel confirms the chip is the original silicon, not a clone.
Secure channel
PACE established · reading
- Captureon device
- MRZ + VIZ OCRon device
- NFC chip readon device
- Face match + livenesson device
- Seal + signon device
Data never leaves the device.
Put the phone in airplane mode and run a full verification end to end. The document image, the face, and the chip contents are read, matched and sealed locally. No third-party server ever holds your customer’s identity.
- Capture, OCR, NFC and matching run entirely on device
- No document, portrait or chip data is uploaded to verify
- Only the signed verdict — never the raw identity — needs to travel
- Connectivity-dependent checks sync later, and degrade gracefully offline
Four sources, one agreement.
The printed text, the machine-readable zone, the chip and the barcode are compared against each other. Where they agree, confidence rises; where they don’t, the discrepancy is recorded.
Every result is signed.
A verification ends in a tamper-evident evidence record — the inputs, the checks, the confidence, and the verdict — sealed with a signature bound to the device that produced it. Anyone can verify the seal, even offline.
“Every result is signed — and anyone can check it, even offline.”
- verdict
- GENUINE
- chip.clone_check
- PASS
- mrz.checkdigits
- VALID
- face.match
- 0.991
- device.bound
- true
- verified.offline
- true
Signed & device-bound
sig: 3a9f…e21c · verifiable offline
Trust, measured.
Indicative figures from offline-first deployments.
Talk to us.
Tell us about your verification flow and we’ll set up a live, offline demonstration — we bring the documents.
We typically reply within one business day.
Build digital trust with confidence.
See an offline verification, signed and verified, end to end. We’ll bring the documents.