Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

General Questions

What Is KYC?

Know Your Customer. As part of AML, financial institutions need to establish customer identity and do Customer Due Diligence (CDD) to ensure that they know the source of the customer’s funds and determine the associated risk of doing business with them.

What Are PEPs?

Politically exposed persons. These are individuals who, based on their position of power and influence, pose a higher risk of bribery and corruption. Due to their higher risk category, Customer Due Diligence requirements are more stringent (see Enhanced Due Diligence question).

What Is Customer Due Diligence (CDD)?

A legislated responsibility of banks and other financial institutions to understand their customer’s activities and do an analysis of their risk of money laundering and terrorist financing. CDD is a critical element of effectively managing the institution’s risks and protecting itself against potential financial crimes and nefarious activities.

What Is KYB?

Know Your Business. Similar to KYC, it’s a requirement to do proper Customer Due Diligence and risk assessment on corporate accounts to ensure that the source of funds is legitimate and the risk to launder money or finance terrorism is sufficiently low. (Also referred to as corporate KYC.)

From What Countries and How Many Documents Are Accepted?

Ondato accepts 10,000+ documents from 192 countries.

Verification Process

How Much Time Does It Take To Verify a User?

Usually, it takes around 60 seconds. However, this can vary depending on the countries or solution selected by the customer.

How Much Time Is Given for Customer to Finish Identification Flow?

There is a 1-hour session for the entire identification process, which starts from the ‘Consent to the Processing of Personal Data’ to the photo of the document. When taking a selfie photo, a person has to follow certain instructions, i.e. to get closer, not to move, to retreat further and so on. If these instructions are not followed and the person does not move, the session is terminated after 30 seconds.

Identifications

What Is Identity Verification?

An identity verification service is used by businesses to ensure that users or customers provide information that is associated with the identity of a real person.

What Is the Difference between Identity Verification and Identity Authentication?

Verification is usually performed just once and authentication puts a process or processes in place for a user to prove that they are still that person.

Why Identification Has Unfinished Status?

If identification has an unfinished status, it means that the process was interupted or canceled.

What Is Liveness Check?

The User’s face is analyzed by Ondato AI, and if the images do not contain a live human the session is rejected as a spoof.

What Is Liveness Detection?

3D Depth Detection and Face Matching do not prove liveness. For example, masks and dolls are 3D but are not alive. FaceTec also utilizes sophisticated proprietary algorithms to detect concurrent human traits such as skin texture, reflections in the eyes, eye focus, pupil dilation, and many more.

What Is Active Liveness?

Active liveness is an is an ISO certified liveness check technology, which ensures automated liveness detection. It contains 3D FaceMap and is not publicly available online. Ondato ensures the user is physically present, and prevents photos, masks, or deepfakes from fooling the system. 3D face scan – this funcionality checks if a person willing to start identification process is real and prove’s liveness of a person. It requires user to perfrom set of instructions to prove that he or she is a live person. Instructions are as follows: ‘move closer’, ‘frame your face’ ‘move away’.

Data

What Is Data Controller/Service Provider?

Data controller/service providers are Client companies which are using Ondato service. The clients are responsible for any changes and set rules on how to proceed with their users data.

What Is Data Processor?

Ondato, acts as the the data processor for our clients. We are an IT company which provides technological solutions for companies, which need to comply with AML/CFT regulation or simply remotely identify their future or current customers.

How Is the Data on Each Record Collected?

Ondato provides services to organizations in more than 195 countries. As a result, each data source is unique, as are the collection methods when establishing a file. What is consistent across all data providers is adherence to providing notice and requesting options from users before collecting any data, as well as adherence to security and privacy best practices in protecting this information.

How Often Is Ondato Database Updated?

Ondato database is updated once every day.

How Long Does Ondato Store User Data?

User data storage depends on every client’s Service Agreement.

Safety And Compliance

Is Ondato Safe?

Ondato takes the security of systems seriously and our priority is to pay close attention to data security. The data servers and information infrastructures are protected with 24/7 monitoring. Ondato is GDPR compliant and certified by International security standart (ISO/IEC 27001:2013).

Does Ondato Have Any Compliance Certification?

Ondato undergoes regular audits and is certified by International security standart ISO/IEC 27001:2013. As well as ISO/IEC 30 107-3 level 1 and level 2. It defines how Ondato perpetually manages security in a holistic, comprehensive manner.

How Data Servers Are Protected?

The data servers and information infrastructures are protected with 24/7 monitoring.

Is Ondato in Compliance with Different Countries AML Laws?

Ondato is based on the basic requirements of AML regulation, but this flow can be customized.

  • No labels