WO2018129594A1 - Verification system - Google Patents

Abstract

The invention relates to a method and system for the verification of identity of persons. There are many purposes where it is required to conduct a verification of identity (VOI) of a person. These purposes include property transactions, other financial or economic transactions, legal requirements and others. VOIs may be required to conform to various processes and rules, which can vary from jurisdiction to jurisdiction. The present invention provides a computing system which is arranged to carry out VOI processes, including instructing persons involved in the process in the steps that they need to implement. These steps may include face to face interviews with the person to be identified, obtaining images of documentation and uploading them to the system, obtaining meta data around the process, to confirm that the VOI is conducted correctly, without error or fraud and to result in a verification of identity.

Description

Verification System

Field of the Invention

The present invention relates to a method and system for the verification of identity of a person to be identified, and, particularly, but not exclusively to a method and a system for verification of identity in accordance with standards specified in a jurisdiction.

Background of the Invention

There are many purposes for which it is a reguirement to conduct a verification of identity of a person or verification/certification of original identity documentation associated with a person (together or separately referred to as "VOI"). These purposes include property and other financial or economic transactions in various jurisdictions, where verification of identity reguirements as a result of a law, regulation, accepted or expected practice or policy that apply or may apply in the relevant circumstances ("Rules"). The Rules may apply to entities and people who are buying or selling, transferring, transacting or interacting in relation to goods and services generally. The purpose of the Rules includes but is not limited the risk of identity fraud and the completion of and/or registration of fraudulent, money laundering or other illicit transactions such as terrorism finance. The Rules place responsibilities on conveyancers, lawyers, financial institutions, mortgage brokers, securities brokers, financial advisors, gaming/wagering entities, employers and a vast number of other individuals and enterprises to verify the identity of people.

So, for example, in a sale and purchase of a property by 2 vendors (holding as joint tenants) to 2 purchasers (buying as joint tenants) who have granted a mortgage as security for a loan used to fund the purchase. Where these transactions are covered by Rules there are 6 or more possible requirements for a verification of identity.

Solicitor/Conveyancer acting for the vendors may be required to conduct 2 VOI, Solicitor/Conveyancer acting for the purchasers may be required to conduct 2 VOI and the incoming lender/mortgagee may be required to also conduct 2 VOI. The person or entity required to comply with the Rules (the "Principal") may be responsible for ensuring that each VOI is carried out correctly. As part of the transition toward paperless or electronic settlement of property transactions in Australia, a detailed set of VOI procedures have been described in a schedule to the Participation Rules governing the use of the PEXA settlements platform and in a guidance note (both issued by the Australian Registrars National Electronic Conveyancing Council "ARNECC"). These procedures have been referenced in and/or adopted by various jurisdictions as part of the adoption of the Electronic Conveyancing National Law (ECNL). For example the ECNL was first implemented in NSW as an Appendix to its Electronic Conveyancing (Adoption of National Law) Act 2012.

By way of a second example when an individual opens an account with an online gambling company licensed in the Northern Territory, the company will be required to confirm the identity of the individual in accordance with requirements of the Code of Conduct for Responsible Online Gambling and also in accordance with the Anti-Money Laundering and Counter-Terrorism Finance Act 2006 ("AML CTF Act") within a defined number of days of the account being opened or before winnings may be withdrawn.

Certain Rules specify procedures that must be used or otherwise that "reasonable steps" must be used in identifying a client and may provide that compliance with certain activities prescribed by the Rules is deemed to qualify as reasonable steps. In that sense the prescribed verification procedures form a "safe-harbour" in the Rules. If a VOI is performed in accordance with "safe harbour" procedures specified in applicable Rules, then the responsibilities of the Principal can be presumed to have been discharged. Verification procedures required may for example include the requirement to verify the person's name and other data from certified copies of primary photographic identification.

The basic requirements of the VOI procedures prescribed in some of the Rules require that the VOI must be conducted during a face-to face interview, between a person conducting the interview, (the "PCI") and the person being identified (the "PBI"). In other of the Rules there may not be a requirement to conduct a face to face interview but such an interview may occur as a matter of practice or convenience. In these contexts a face to face interview may involve the PBI and the PCI in person and face- to-face (as both are physically present and meet at the same time and place) or alternatively it may be face to face by using digital or video technology such as but not limited to Skype™ or FaceTime™ (whereas they are not physically present in the same place at the time of the meeting). In any case Government issued documents containing photographs such as passports and drivers licenses and other identification documents are produced by the PBI (often under a hierarchy of categories which may be described in the Rules) and the PCI must sight those original documents and be satisfied that for example that the PBI is a "reasonable likeness" to the person depicted in the photograph (in cases where the identification document is a photo identification document) or that the identification documents produced are originals. There are also often requirements to create and keep records about the verification that has been undertaken. At its simplest level, the PBI will attend the premises of the PCI (such as a lawyer or notary), who may also be the Principal, together with identification documentation in order to conduct a face to face interview (as may be required by relevant Rules). The VOI will be completed and records including copies of the documentation and certification of the VOI may be created by the PCI. In this example it predicates that the PBI physically makes the effort to meet the lawyer or notary, and under simple use cases seems reasonable. Consider however, the situation where the PBI resides in a different geographic from the lawyer/notary or where the lawyer/notary will charge at a professional hourly rate to undertake VOI or simply does not want to waste the time that could otherwise be used more productively for billable purposes. Arranging and conducting VOI is a resource intensive process for enterprises often already operating on thin margins.

In many cases the Rules allow that the Principal may authorise an agent ("Verification Agent") to conduct verification of Identity on behalf of the Principal. The Verification Agent may take on some or all of the responsibility for ensuring that VOI is carried out in accordance with the Rules on behalf of the Principal.

At its simplest the Principal required to comply with the Rules may execute an agency agreement with a Verification Agent specifying that identification is to be conducted in accordance with the Rules. The PBI may attend the premises of the Verification Agent together with identification documentation in order that the Verification Agent conduct a face to face interview (as may be required by relevant Rules). The Verification Agent may carry out the required procedures and provide a certification of the identity or certify documents as true copies to the Principal as may be required to comply with the Rules. For example, Australia Post provides a VOI service where a Principal required to comply with the Rules can execute an online registration form and execute paper documentation appointing Australia post as the Verification Agent. The Principal can then request that a PBI attend an Australia Post branch with an application and identification documentation during Australia Post opening hours, wait in a queue and an employee of Australia Post will conduct a face to face interview, take images of the identification documentation provided by the PBI and verify the identity of the PBI on behalf of the Principal. During the face to face interview the Australia post employee or agent inputs data into a system maintained by Australia Post and that data is used to provide an Identity Agent certification to the Principal.

Another variant of a similar theme to the Australia Post VOI service involves the Principal required to comply with the Rules appointing a Verification Agent who has appointed another company or person to act as a sub agent (for example a courier company). The PBI must make an appointment through an online system linked to the sub-agents booking system for a time window (eg 2 hours) during specific hours say between 8am-6pm, 5 days per week. At some time during that time window it is expected that an employee of the sub agent will attend the premises of the PBI in order to conduct the face to face interview (so long as those premises are within defined geographical areas where the courier company operates). The employee of the sub agent inputs data into a hand held device and system maintained by the Verification Agent. The employee of the sub agent provides a confirmation that the identity of the PBI has been verified to the Verification Agent and the Verification Agent provides an Identity Agent certification to the Principal.

The Rules may be quite specific and it can be complex to apply their specificity in certain situations. The documentary evidence necessary to satisfy VOI will depend on the particular circumstances of the PBI, including whether the PBI has changed their name (e.g. by marriage) and how that name compares to the identity that is being verified. Different documents or combinations of documents as evidence for identity may be required depending upon the circumstances. The PCI (who may be one or more of the Principal or agent or sub agent or employee or customer or the Principal or otherwise associated with or known to the Principal) have generally been trained in how to apply the Rules, so that they can confirm that the documents that the PBI has available are correct in light of all the specific circumstances and that the procedures are appropriately followed. This training can be quite complex and human error or mistakes during the execution of the VOI process can be made. These errors could result in the VOI failing to satisfy the specifics of the procedures set out in the applicable Rules thereby putting in doubt the benefits that arise when the procedures are correctly followed. The entire process is often manually intensive, time consuming and therefore expensive as well as being prone to error. Although information technology may be employed to record images of documentation and the PBI (e.g. identification documentation and identification images), this is done so mainly for the purpose of satisfying documentation record keeping requirements. Even if a PCI is appropriately trained and is able to meet with a PBI, the PBI (who is unlikely to understand the specificity in the Rules) may not discover they don't have the correct documentation until the time when they meet with the PCI to complete the VOI. This can result in the VOI procedure taking more time than anticipated or otherwise being delayed or terminated. In each case there is an efficiency cost and potentially an economic cost to one or more of the PBI, the PCI and the Principal.

Jurisdictions other than Australia have various Rules specifying requirements for VOI and VOI may be required for purposes other than property transactions or other examples that are provided above. Identity verification may be required in many jurisdictions for many purposes. Not all of the Rules require a face to face interview as part of the prescribed procedures.

Summary of the Invention

In accordance with a first aspect, the present invention provides a method of verifying identity of a person to be identified, comprising the steps of:

at a host computing system;

receiving, from a first remote computing device, at least one image of identification documentation for verifying identity;

receiving, from a second remote computing device, confirmation that a further person has met with the person to be identified and viewed the identification documentation, and confirms that the person to be identified is associated with the identification documentation.

In an embodiment, the method comprises the step of processing the confirmation and the image of the identification documentation and providing a verification of identity of the person to be identified. In embodiments, the further person may meet face to face with the person (where both the further person and the person are physically present and meet at the same time and place) or, alternatively, the meeting may be face to face using digital or video or other technology (where the further person and person are not physically present in the same place at time of the meeting)

The first and second remote computing devices may be mobile devices, such as smart phones, tablets, laptop computers, desktop computers or any other mobile device. Image of identification documentation may include but is not limited to any image of an identity document or an image related to, forming part of, contained or embedded within or otherwise associated with an identity document together with any digital or other data associated with that image. In an embodiment, the invention has the advantage of using a plurality of computing devices together in order to facilitate the verification of identity. Programming can be used to stipulate control of the process, in order to minimise mistakes and to ensure that the correct identification documentation for the particular circumstances is utilised. Additional programming may also be used to screen out or remove devices and / or individuals from the process, on the basis of risk, for example.

In an embodiment, a remote device may utilise a radio frequency identification (RFID) reader or near field communication (NFC) reader associated with the device to receive an image of identification documentation.

In an embodiment, the second remote computing device is associated with the further person. The further person may be the person carrying out the identification (PCI). In an embodiment, the second remote computing device is configured to provide an image of identification documentation for verifying the identity of the PCI (further person) to the host computing system. The PCI can therefore provide their identification for verification to the host computing system as well as the PBI providing identification documentation. The second remote computing device may also be configured to capture data which may include an image or a biometric of the PBI and provide that to the host computing system. This enables the host computing system to verify that circumstances and specific requirements relevant to satisfaction of procedures associated with the relevant Rules have been satisfied. In an embodiment, the PBI can upload the image of identification documentation using the first remote computing device. PCI can then use the second remote computing device to confirm that they have met with the person to be identified and viewed the original ID documentation and confirm that the person to be identified is a reasonable likeness to any images of the person on the images of identification documentation and/or that the images of identification documentation appears to be a genuine copy of or from an original. The use of the two or more devices to facilitate the process, results in efficiencies which may include time, privacy, information security, economic or other efficiencies.

In an embodiment, the host computing system is configured to control the method of verifying the identity of the person, so as to minimise manual judgement or intervention in the procedures that might rely on training in relation to the Rules. It may therefore be possible that the PCI and/or the PBI requires minimal or no training as the capture of data and identification documentation and procedures for verification of identity is controlled by the host computing system, which is appropriately configured to do so. Advantageously, the PCI may be any person of legal capacity without the requirements of being legally trained as the PCI may be acting in a permitted agency role of such a legally trained person/entity or notary. Subject to configuration required for relevant Rules it may be an associate, neighbour or friend of the PBI, for example.

In an embodiment, the host computing system is configured to provide instructions for enabling the correct identification documentation for a particular set of circumstances to be determined. In an embodiment, the host computing system is configured to identify a documentary hierarchy which will satisfy VOI and to instruct the PCI or PBI or both through the identified hierarchy, to provide the correct identification

documentation to comply with relevant Rules.

In an embodiment, the host computing system is configured to receive name data associated with one or more names of the person to be identified (e.g. their current name and any previous names/aliases), and to receive documentation data associated with available documentation for identification of the person being identified. The host computing system is configured to process the name data and documentation data, to establish a process for verification of the identity of the PBI and determine the documentation required to verify the identity. This may comprise the host computing system being configured to match the name data and documentation data against Rules for VOI as well as to collect, provide and analyse data relevant to the risk associated with an inaccurate VOI as a result of identity document or image tampering.

In an embodiment, the host computing system is configured to compile requests that are responsive to name, documentation data, image of identification documentation or other data obtained by the host computing system. These requests may be provided to one of or both the first or second remote computing device, and the answers, images or data received from the first or second remote computing device may be used to determine further requests in order to facilitate the verification of the identity or other characteristics of a user, a device or other information about the way the VOI is conducted.

The host computing system may be configured to perform the above functionality by way of software and/or hardware applications. Advantageously, the host computing system configuration obviates the prior art requirement to have previously trained PCI's. In an embodiment, the PBI themselves can use their own mobile device to access the host computing system and interact with the host computing system application(s) to determine the documents that they need and that are available to them for VOI. Advantageously, this can be done by the PBI so that when the PCI meets face to face with the PBI, the process can be highly efficient and can be conducted in any location and any time of the day or night.

The host computing system may act as an intelligent "guide" to guide the PBI and/or PCI through the process for VOI. In an embodiment, the host computing system is configured to provide an

application(s) accessible over a network to remote devices to implement a process for the identification of a PBI and the completion of documentation necessary to complete transactions (including but not limited to a user electronically executing client authorisations and other agreements which may include the capture of electronic signatures from any user). It is also configured to request and receive meta data associated with or from the remote device or the user, or associated with the process.

In an embodiment, capturing and analysis of meta data can facilitate verification of information about the VOI process, the computing devices and/or the users. For example, meta data on the location of the device when the device is involved in the VOI process can be obtained, to establish that the device is at an acceptable location at a given time e.g. that the PCI is with the PBI when they are verifying identity. Further examples include meta data that is associated with images of a person may be used to confirm that images are of a physical "live" person as distinct from a pre-existing image or an image of a pre-existing image or alternatively it may be used as part of an algorithmic computation that measures inconsistency between the appearance of images and the orientation or gyroscopic position of the computing device at the time the image was captured.

Verification of the device may comprise verifying that the device is associated with the correct person e.g. PCI or PBI. Meta data may also be obtained to verify that the first remote computing device is a separate device from the second remote computing device.

Meta data may be used for any other purpose to facilitate verification of identity or other characteristics of a user, authenticity or integrity of images of identification documentation, authenticity or integrity of documentation data or information about the way the VOI was conducted.

The use of meta data enables the application to identify the remote devices and also other useful information.

In an embodiment, the application is a "Web Application". This has the advantage that the application can be easily maintained at the host computing system and no "Native Application" is required to be installed on the remote devices. In an embodiment, the application is a "Hybrid Application". This has the advantage that the majority of the application can be maintained at the host computing system and only some is required to be installed on the remote devices.

Programming of the devices may also be carried out by the application. For example, programming of the device in relation to the camera, RFID reader, NFC reader and the capture of images and other data or otherwise the capture of data from a device gyroscope, magnetometer, accelerometer and GPS.

In accordance with a second aspect, the present invention provides a system for verifying identity of a person to be identified, comprising a computing apparatus configured to:

receive, from a first remote computing device, at least one image of identification documentation for verifying identity;

receive, from a second remote computing device, confirmation that a further person has met with the person to be identified and viewed the identification documentation, and confirms that the person to be identified is associated with the identification documentation, and

In an embodiment, the computing apparatus is configured to process the confirmation and the image of the identification documentation and provide a verification of identity of the person to be identified.

In accordance with a third aspect, the present invention provides a computer program, comprising instructions for controlling a computer to implement a method in accordance with the first aspect of the invention. In accordance with a fourth aspect, the present invention provides a computer readable medium, providing a computer program in accordance with the third aspect of the invention.

In accordance with a fifth aspect, the present invention provides a data signal, comprising a computer program in accordance with the third aspect of the invention.

In accordance with a sixth aspect, the present invention provides a method of verifying the identity of a person to be identified, comprising the steps of, at a computing system:

receiving name data associated with name(s) of a person to be identified; receiving documentation data associated with available documentation for identification of the person being identified;

processing the name data and documentation data and establishing a process for verification of the identity of the person being identified and determining documentation required to verify the identity;

implementing the process for verification, and obtaining images of the documentation required.

In an embodiment, the method comprises the step of providing a verification of identity of the person being identified. In an embodiment, the method comprises the step of processing the name data and documentation data by matching the name data and documentation data against Rules for VOI which may involve matching data against other identification databases. In an embodiment, the method comprises the step of collection, provision and analysis of data by employing decisioning logic relevant to the risk associated with an inaccurate VOI, for example, as a result of identity document data or image tampering.

In an embodiment, the method may comprise the step of matching name data and / or documentation data against other available identification databases.

In an embodiment, the method comprises the step of determining, from the name data and documentation data, whether a process for verification of identity can be implemented and, if not, generating requests for further name data and/or

documentation data and/or other data. In an embodiment, the step of generating the request(s) comprises the computing system compiling questions or instructions and providing the questions or instructions to a user device, and receiving answers from the user device relating to name data and/or documentation data and/or other data.

The other data may include meta data. The meta data may be associated with the user device, images of identification documentation, documentation data, and/or the operation of the user device and/or the user. Capturing and analysis of the meta data may be utilised by the computing system for the generation of requests. For example, if meta data indicates that the user is operating in a particular location that could be deemed "high risk" for VOI purposes, a question or request may be generated about where the user is located or if meta data indicates that an image of identification documentation has characteristics that are different to the claimed or expected characteristics then a request may be generated about the authenticity or integrity of the image. In an embodiment, the user device is a computing device remote from the computing system. The user may be the PBI and/or may be a person PCI or a further person (e.g. a Principal or broker initiating the request for VOI).

In an embodiment, the computing system is configured (by way of software, hardware or a combination) to instruct the PCI and/or PBI in the VOI process and establish the identification documentation required. This intelligent system advantageously obviates need for training the PCI and/or PBI in relation to the relevant Rules. In an embodiment it assists to mitigate or draw attention to occurrences of potentially inaccurate VOI, for example, as a result of identity document or image tampering that may not be detectable to an individual that is not trained with highly specific skills. As a result it reduces errors and improves efficiency of the VOI process.

In an embodiment, the method of this aspect of the invention may include any or all of the features of the first aspect of the invention discussed above.

In accordance with a seventh aspect, the present invention provides a system for verifying identity of a person to be identified, comprising a computing apparatus configured to:

receive name data associated with name(s) of a person to be identified;

receive documentation data associated with available documentation for identification of the person being identified;

process the name data and documentation data and establish a process for verification of the identity of the person being identified and determine documentation required to verify the identity;

implement the process for verification, and obtain images of the documentation required.

In an embodiment, the system is configured to provide a verification of identity of the person to be identified.

In accordance with an eighth aspect, the present invention provides a computer program, comprising instructions for controlling a computer to implement a method in accordance with the seventh aspect of the invention.

In accordance with a ninth aspect, the present invention provides a computer readable medium, providing a computer program in accordance with the eighth aspect of the invention.

In accordance with a tenth aspect, the present invention provides a data signal, comprising a computer program in accordance with the eighth aspect of the invention. In accordance with an eleventh aspect, the present invention provides a method of verifying identity of a person to be identified, comprising the steps of:

a host computing system providing an application accessible over a network to a remote device to implement a process for the identification of a person to be identified;

receiving from the remote device over the network, identification data for implementing the process for identification;

receiving from the remote device over the network, meta data associated with the remote device or operation of the remote device, or a user of the remote device implementing the process for identification, verifying the device or user or other elements of the process for identification using the or meta data. The "meta data associated with the remote device" may include meta data about the device, meta data about the operation or other meta data of the device, meta data about the user meta data about the process, meta data about the images of identification documentation and meta data about documentation data. In an embodiment, the method comprises the step of providing a verification of identity of the person to be identified.

In an embodiment, the remote device is associated with a person carrying out the identification and/or a person being identified. In an embodiment, the capturing of metadata enables verification of the remote device(s) and other information in order to avoid or reduce the chances for errors being made in the VOI or the procedures specified by the Rules. Metadata on the location of the device, for example, when the device is involved in a VOI process, can be used to establish that the device is in the correct location, or if meta data indicates that an image of identification documentation has characteristics that are different to the claimed characteristics then a question or request may be generated about the authenticity or integrity of the image

The metadata may be location data, browser data of a browser application running on the remote device, data associated with the capture of an image by the remote device (e.g. an image of the PBI, the PCI or an image of identification documentation) or any other metadata that may be helpful in verifying the PBI, PCI, remote device or devices, or verifying the VOI process has been properly conducted as required by the relevant Rules. In an embodiment, meta data may be used to determine the location of the remote device, for example to determine risks associated with the location and/or to determine whether the device is at the correct location. In an embodiment, meta data may be used to determine whether the PCI and PBI are located together at the time of face-to- face interview.

In an embodiment, meta data may be used to determine whether the characteristics of an image captured by a remote computing device (for example by the device camera, RFID reader, NFC reader) are inconsistent with characteristics that are expected if the VOI was conducted without mistake or fraud, for example as may occur following tampering with identification documentation, images of identification documentation or other images or biometrics obtained as part of the VOI process. Meta data may for example provide very simple information such as the camera model used to take the image which may be compared to the device which was used to upload the image and was supposed to have taken the image. Another simple example may include analysis of the movement and orientation data collected from a device at or around the time that an image was collected or the orientation of the image itself. There are a large number of techniques that may be used and this explanation is not intended to limit the ways meta data may be used.

In embodiments the meta data may be used to determine whether separate devices are used by the PCI and PBI.

An advantage of an embodiment of this aspect of the invention is that it enables a host computing system to host an application for implementing the method of verifying the identity of the person. A Web Application or a Hybrid Application may be utilised, for example. This facilitates ease of maintenance of the application (it can be solely or largely maintained at one site and easily updated). No installation or limited installation of a specific VOI application is required on the remote device in this case other than a web browser (i.e. no Native apps or only in limited circumstances are native apps required on mobile remote devices). This is more convenient for the Principal, PBI and/or PCI. The use of the metadata to verify information about the remote devices, the users and the process of VOI enables a Web Application (or a Hybrid Applications) to be used, while still enabling close management and control of the VOI process.

In an embodiment, the invention of this aspect may include any or all of the features of the seventh or first aspects of the inventions discussed above.

In accordance with a twelfth aspect, the present invention provides a system for verifying identity of a person to be identified, comprising a computing apparatus configured to:

provide an application accessible over a network to a remote device to implement a process for the identification of a person to be identified;

receive from the remote device over the network, identification data for implementing the process for identification;

receive from the remote device over the network, metadata associated with the remote device or operation of the remote device, or a user of the remote device;

implement the process for identification, verifying the device or user or other elements of the process for identification using the metadata.

In accordance with a thirteenth aspect, the present invention provides a computer program, comprising instructions for controlling a computer to implement a method in accordance with the eleventh aspect of the invention. In accordance with the fourteenth aspect, the present invention provides a computer readable medium, providing a computer program in accordance with the thirteenth aspect of the invention.

In accordance with a fifteenth aspect, the present invention provides a data signal, comprising a computer program in accordance with the thirteenth aspect of the invention.

In accordance with a sixteenth aspect, the present invention provides a method of verifying the identity of a person to be identified, comprising the steps of:

at a host computing system;

receiving, from a first remote computing device operated by the person to be identified, at least one image of identification documentation for verifying identity; implementing a process for verification of identity of the person to be identified;

providing a verification of identity of the person to be identified.

In an embodiment, the method comprises the further steps of the host computing system compiling requests, which may include questions and instructions, and providing the requests to the remote computing device operated by the PBI. The requests are presented at the remote computing device and may be arranged to enable the PBI to identify the required identification documentation and required documentation data, required images of identification documentation and other data for the VOI process. In embodiments, the requests generated may be responsive to name, documentation, image or other data obtained from the remote computing device or other data sources. Answers to the requests, received from the remote computing device, or images or data received from the remote computing device or other sources may be used to determine further requests in order to facilitate the VOI or other characteristics of the PBI, the device being used by the PBI or other information about the way the VOI is conducted.

Advantageously, in an embodiment the method provides an intelligent "guide", whereby a PBI can establish a process for VOI based on their particular circumstances and identification documentation available. Advantageously, this is implemented by a host computing system appropriately configured. This intelligent system

advantageously enables the PBI to do most of the work in the VOI process, unlike the prior art. It is therefore time efficient for all parties.

This aspect of the invention may include any or all of the features of the first, seventh and eleventh aspects as discussed above.

In accordance with a seventeenth aspect, the present invention provides a system for verifying identity of a person to be identified, comprising a computing apparatus configured to:

receive, from a first remote computing device operated by the person to be identified, at least one image of identification documentation for verifying identity; to implement a process for verification of identity of a person to be identified; and provide a verification of identity of the person to be identified.

In accordance with an eighteenth aspect, the present invention provides a computer program, comprising instructions for controlling a computer to implement a method in accordance with the sixteenth aspect of the invention.

In accordance with a nineteenth aspect, the present invention provides computer readable medium, providing a computer program in accordance with the eighteenth aspect of the invention. In accordance with a twentieth aspect, the present invention provides a data signal comprising a computer program in accordance with the eighteenth aspect of the invention. In accordance with a twenty first aspect, the present invention provides a method of verifying identity of a person to be identified, comprising the steps of:

capturing, by a first remote computing device, at least one image of identification documentation for verifying identity;

capturing, by a second remote computing device, confirmation that a further person has met with the person to be identified and have viewed the identification documentation, and confirms that the person to be identified is associated with the identification documentation. In accordance with a twenty second aspect, the present invention provides a system for verifying identity of a person to be identified, comprising:

A first remote computing device configured to capture at least one image of identification documentation for verifying identity;

A second remote computing device configured to capture confirmation that a further person has met with the person to be identified and viewed the identification documentation, and confirms that the person to be identified is associated with the identification documentation.

In accordance with a twenty third aspect, the present invention provides an identity verification system, comprising a system in accordance with the twenty second aspect of the invention, and a system in accordance with the second aspect of the invention.

In accordance with the twenty fourth aspect, the present invention provides a computer program comprising instructions for controlling a computer to implement a method in accordance with the twenty first aspect of the invention.

In accordance with a twenty fifth aspect, the present invention provides a computer readable medium, providing a computer program in accordance with the twenty fourth aspect of the invention.

In accordance with a twenty sixth aspect, the present invention provides a data signal comprising a computer program in accordance with the twenty fourth aspect of the invention. Brief Description of the Drawings

Features and advantages of the present invention, will become apparent from the following description of embodiments thereof, by way of example only, with reference to the accompanying drawings, in which;

Figure 1 is a schematic diagram of a system for verifying identity of a person to be identified in accordance with an embodiment of the present invention;

Figure 2 is a schematic diagram of a computing system which may be utilised to implement the System of Figure 1 ;

Figure 3 is a flow diagram illustrating overall operation of a method of verifying identity of a person to be identified in accordance with an embodiment of the present invention.

Detailed Description of Embodiments

Figure 1 illustrates a system for verifying the identity of a person to be identified, generally designated by reference numeral 1 . The person to be identified (PBI) may be any natural OR legal person whose identity is required to be verified for any purpose.

In this embodiment, the System comprises a computing apparatus 2, which in this example is a server computing apparatus including one or more processors, memory, and an operating system 3 for supporting computer processes 4. A database 5 is also provided, and a communications interface 6 for communicating with a network 7, such as the Internet, for example. Communications interface 6 may also communicate with networks other than the Internet, including local area networks (LANs),

computing apparatus 2 is arranged to communicate, via communications interface 6 and network 7, with remote computing devices 8, 9, 10, in order to implement a process for verifying identity of a person. In order to implement the process, in this example embodiment, the computer processes 4 include a Web application 5 arranged to serve web pages over the network 7 which can be accessed via browser applications supported by remote devices 8, 9, 10. In this embodiment, the computing apparatus 2 is arranged to receive, from a first remote computing device 8, 9 at least one image of identification documentation for verifying the identity of the PBI. The computing apparatus 2 is also arranged to receive from a second remote computing device, confirmation that a further person has met with the PBI and viewed the identification documentation and confirms that the PBI is associated with the identification documentation. The further person may be a person assisting with the identification (PCI).

In this embodiment computer processes 4, 5 supported by the computing apparatus 2 are then arranged to process the confirmation and one or more image of the identification documentation and provide a verification of identity of the PBI. In this embodiment, a Certificate verifying identity may be provided to the person requiring the identification (the Principal). In this embodiment, the computing apparatus 2 is arranged to receive, via communication 6 and web application 5, name data of the PBI and also documentation data associated with documentation that the PBI may have available for identification purposes. The computing apparatus 2 is then configured to process the name data and documentation data and establish a process for VOI and determine documentation required to perform the VOI . This enables the PBI and/or PCI and any other person to establish whether a VOI can be implemented and, if so, what documentation and process is required.

In this embodiment, the computing apparatus 2 is also configured (by way of computer processes 4, 5) to obtain metadata associated with operation of the remote devices. Metadata is used to establish and verify the answers to one or more requests of the remote devices 8, 9, 10, advantageously to reduce the likelihood of fraud or mistake.

The remote Devices 8, 9, 10 may comprise any computing device. In this

embodiment, devices such as smart phones 8, 9 may be utilised by the PCI and the

PBI. The Devices 8, 9 may be associated with the PCI, PBI in the sense that these are devices the PCI and the PBI may normally use. They may be owned by the PCI, PBI, or they may be associated with the PCI and the PBI in any other way. Devices 8, 9 are not limited to smart phones and may be tablets, laptops, any other mobile device, or any other type of computing device.

Similar computing devices 10 may be associated with a Principal who requires the identification of the PBI. The Principal may be any person requiring the verification of identification for example, a bank, a conveyancer, or any other organisation, entity or person. The System 1 may also be arranged to communicate, via network 7 and

communications 6 with remote verification systems 1 1 . The remote verification systems 1 1 may provide other data checks requested by the System 1 , such as credit checks, any other ID checks or checks against any other information relevant to the PBI, PCI and/or Principal including but not limited to documentation data, images of identification documentation, meta data and other images or biometrics.

Figure 2 is a schematic diagram of a computer system which may be utilised to implement the System 1 of the embodiment of Figure 1. Variations of the illustrated computer system may also be utilised to implement devices 8, 9, 10 and System 1 1

The computer system 900 may be a high performance machine, such as a supercomputer, a desktop workstation or a personal computer, or may be a portable computer such as a laptop or a notebook or may be a distributed computing array or a computer cluster or a networked cluster of computers. In the embodiment of Figure 1 , the computing apparatus 2 is a server computer. The invention is not limited to this arrangement. The computers may include any types of system discussed above. In an embodiment, the server may compromise "virtual" server(s) implemented in the "Cloud".

The computer system 900 comprises a suitable operating system and appropriate software processes for implementation of embodiments of the present invention.

The computer system 900 comprises one or more data processing units (CPUs) 902; memory 904, which may include volatile or non-volatile memory, such as various types of RAM memories, magnetic discs, optical disks and solid state memories; a user interface 906, which may comprise a monitor, keyboard, mouse and/or touch-screen display; a network or other communication interface 908 for communicating with other computers as well as other devices; and one or more communication busses 910 for interconnecting the different parts of the System 900.

The computer system for implementing embodiments of the invention is not limited to the computer system described in the preceding paragraphs. Any computer system architecture may be utilised, such as standalone computers, networked computers, dedicated computing devices, handheld devices or any device capable of receiving processing information in accordance with embodiments of the present invention. The architecture may comprise client/server architecture, or any other architecture. The software for implementing embodiments of the invention may be processed by "cloud" computing architecture.

Software may be implemented in any convenient software architecture, routines or sub routines, or software modules, any other architecture that can implement the functionality described in this description.

Referring again to Figure 1 , and to Figure 3, an overview of a process for VOI in accordance with an embodiment of the present invention will now be described.

Before VOI can be implemented, the person requiring the identification must register with the System 1 . The person requiring the identification may be any person but will usually be a Principal (e.g. a lawyer/conveyancer who may be responsible for a property transaction, a financial institution obtaining mortgage security or creating an account, an online gaming entity that created an account). Registration could also be implemented on behalf of the Principal or any other person.

At step 1 (Figure 3) whoever is registering the requirement for a VOI accesses the apparatus 2 via the Web Application 5 and advises the System 1 that they wish to implement a VOI and advises the System 1 the details of the parties involved.

The System 1 contacts one or more of the parties and at step 2 determines whether a VOI can be implemented and, if so, the documentation that is available and required. In this embodiment, either the PBI (most usually) or the PCI will interact with the Web Application 5. System 1 may also interact with System 1 1 . An interactive process between the System 1 and the PBI and PCI is then implemented in which in determination is made by the System 1 whether the VOI process can be implemented and what documentation is required. In this embodiment (see more detail later) the System 1 may prepare questions and instructions and provide these to the PBI/PCI over the network. Depending on answers from the PBI/PCI and other data collected the System 1 will then collate further questions and/or determine the documents that are available and required and the process for VOI.

Once the process and documentation has been established, at step 3 the images of identification documentation, documentation data, meta data and other data are obtained by remote devices, 8, 9 and uploaded to the System 1 . The PBI and PCI may then have a face-to-face meeting, as may be required by the Rules and the PCI confirms (step 4) that the PBI is a reasonable likeness to images of the PBI in the documentation uploaded (amongst other things). The confirmation is provided to the System 1 from the PCI device. In this embodiment, the PBI Device 9 may be responsible or mainly responsible for uploading the data required for establishing the process and documentation required, together with the System 1 . The PCI Device 8 may also be responsible or mainly responsible for uploading data and provides the confirmation during the face-to-face meeting. At step 5, the System 1 verifies the identity and provides a certification of the VOI to the Principal via their device 10, or may provide to the PBI or any other person.

Embodiments of the invention will now be described in more detail. There are number of alternatives in this embodiment for commencing the VOI process:

Start alternative A:

The person or entity required to comply with the Rules (the "Principal") uses the System 1 to contractually engage the agent (from heron the "Verification Agent") to conduct the VOI of a person being identified (a "PBI") and provide a certification of the VOI. The contractual engagement between a Principal and the Verification Agent includes the first and each subsequent VOI conducted by the Verification Agent on behalf of the Principal. The Principal may but is not required to nominate the person conducting a face to face interview as may be required by the Rules (from hereon in the "PCI").

If the start Alternative A is used the PBI and (if nominated) the PCI will receive electronic communications from the System 1 requiring electronic acceptance of contractual terms relevant to their specific role or function.

Start alternative B:

A PBI may also access the System 1 to request the Verification Agent to perform a VOI and provide details of the Principal and the PCI. The PCI may be any person with legal capacity the PBI are to nominate (e.g. a friend/neighbour etc) or there may be other restrictions that are applied depending upon how the relevant Rules are applied. If the Start alternative B is used the PBI will use their Device 9 to provide information and take capture or receive images of government issued documents containing photographs such as passports and drivers licenses and other identification documentation (under a hierarchy of categories such as those described later in relation to the VOI Standard which is an example of Rules - see later but other Rules may apply).

If the Start alternative B is used the relevant Principal (if the Principal has not previously used the System) will receive electronic communications requiring electronic acceptance of contractual terms relevant to their specific role or function including the appointment of the Verification Agent.

Verification of Identity

Once the Principal and the PBI have each agreed to any required contractual arrangements and, where relevant, have provided other information and images using the System 1 , the PCI will be sent an electronic communication with a request to the System 1 . System 1 will facilitate the PCI entering into contractual relations with the Verification Agent and becoming a sub agent for the purpose of the conduct of the VOI of the PBI.

The System 1 will also facilitate the PCI being in receipt of the information and images obtained pertaining to the PBI and the relevant identification documentation. The PCI and the PBI will meet face to face (as may be required by the relevant Rules) and the PCI will use their Device 8 to provide information to the System 1 including that the PCI has sighted original items of identification that are captured in the images of identification and that the relevant PBI is a reasonable likeness to the person depicted in the images.

The System 1 may also receive images, images of identification documentation, and other information about the identity of the PCI. Either before, during or both before and during while the PCI is undertaking the face to face interview (as may be required by the relevant Rules) the System 1 will conduct various checks through third party Systems 1 1 to mitigate the risk that fraud is present or that the identities,

documentation data, images of identification documentation and other data provided or received is not legitimate or other risks that the VOI is not completed appropriately.

The System 1 may provide real time feedback to the PCI if there are suspected issues. Generating the Identity Agent Certification

After any face to face interview is completed (as may be reguired by relevant Rules) and the identity of the PBI has been verified the System 1 will generate an Identity Agent Certification in accordance with the reguirements specified in the relevant Rules. The System will deliver this report to the Principal electronically, via the Principal's device 10.

In more detail:

1 . Beginning the workflow

Principal may access Server 2 using Device 10 and provide details about PBI (for example name, DOB, email address, phone number, residential address) and potentially also the purpose for which the verification of identity may be used (these may be limited by Verification Agent from time to time). It may be possible (but also may not) that Principal also nominates PCI and provides details about PCI (for example name, DOB, email address, phone number, residential address).

PBI may access Server 2 using Device 9 and provide details about Principal (for example name or entity name, email address, phone number, address) and potentially also the purpose for which the verification of identity may be used (these may be limited by Verification Agent from time to time). It may be possible (but also may not) that PBI also nominates PCI and provides details about PCI (for example name, DOB, email address, phone number, residential address).

If the details of PBI and/or, PCI, Principal are provided the Server 2 will determine to either facilitate a contractual agreement and/or other

authorisation(s) between Verification Agent and PBI , PCI, and Principal and/or send PBI, and/or PCI, Principal a communication via an electronic medium

(such as but not limited to email or SMS) to open Application 5 on Device 8, 9, 10 and facilitate a contractual agreement and/or other authorisation(s) between Verification Agent and PBI, PCI and Principal.

Each time Principal, PBI or PCI opens or receives a communication via an electronic medium (such as but not limited to email or SMS) from Server 2 on their Device 8, 9, 10 and continues with the workflow using the System 1 . The System 1 may also use dynamic data lookup, application programming interface and or SMS authentication. Application 5 will be accessed Device 8, 9, 10 causing Device 8, 9, 10 to operate in accordance with Application 5. ctioning and completing workflow

- Application 5 causes the Device 8, 9, 10 to capture one or more identification images, images of identification documentation, documentation data or other biometric or identification information for the purpose of verifying the identity of PBI and/or PCI. Device 8, 9 are advised by the Application 5 which specific forms of identification documentation, images of identification documentation, documentation data or biometric data PBI must provide based on data entered by the PBI, PCI and/or data provided to or received from Device 8, 9 and/or Server 2 and System 1 1 . The advice is based on a number of initial questions/requests that contain corresponding rules, decisions and logic, which will dictate the responses that are contained within Application 5.

- Application 5 informs the relevant PBI and/or PCI which one or more

identification images (or identifying information) of identification (and/or other biometric information are to be provided) PBI, PCI and or Principal will use their Device 8, 9, 10 to provide one or more identification images of identification documentation, documentation data or other biometric or identification information.

Devices 8, 9, 10 are instructed to accept or obtain the relevant data including but not limited to the images of identification documentation, documentation data, meta data, other biometric or identification information and transmit them in a secure encrypted format to and from Server 2.

Devices 8, 9, 10 may also be instructed to capture amongst other things the GPS location and IP address and other meta data associated with Devices 8, 9, 10 used by PBI, PCI and Principal during use of the System. Devices will also be instructed to transmit this information in a secure encrypted format to Server 2. Images taken on devices using the device camera or obtained via the RFID or NFC reader may use an EXIF, JPEG or other formats, which may capture or be associated with (amongst other things) Date and Time of image taken, camera settings (make and model) geolocation, device orientation, gyroscopic position and other identifiers. The Application 5 also captures Operating System, Browser details and IP address and other information.

Server 2 will receive, transmit and store data received from Device 8, 9, 10 in Database 12 in a secure encrypted manner for a period of time such as but not limited to seven years.

Server 2 may be programmed by Application 5 to receive and transmit data to and from System 1 1

At the time that PCI is conducting the face to face interview (as may be required by the relevant Rules), Application 5 may run on Server 2 and Device 8, 9, 10 and System 11 to request data including but not limited to the images of identification documentation, documentation data, meta data and other biometric or identification information provided by PBI, PCI and or Principal to process in a decisioning algorithm.

Application 5 may cause the Server 2 and or Device 8, 9, 10 to request the relevant PBI, PCI or Principal make and or provide confirmation of a decision about the suitability or otherwise of the identification images, images of identification documentation, documentation data, meta data and other biometric or identification information provided by PBI, PCI or Principal.

Application may cause Server 2 to make and or provide a decision about the ability to use or otherwise of the identification images, images of identification documentation, documentation data, meta data and other biometric or identification information provided by a PBI, a PCI or a Principal. This may involve Server 2 being programmed by the Application 5 to connect to, make requests and receive information using to or from a third party device or server (including but not limited to System 1 1).

Application 5 running on Server 2 and or Device 8, 9, 10 may use one or more algorithm to make and/or provide a decision about the suitability or otherwise of the identification images, images of identification documentation,

documentation data, meta data and other biometric or identification information provided by PBI, PCI or Principal.

Application 5 running on Server 2 and or Device 8, 9, 10 may determine, either to request further agreement from the PBI, PCI and or Principal that has provided identification images, images of identification documentation, documentation data, meta data other biometric or identification information and/or send PBI , PCI and/or Principal a communication via an electronic medium (such as but not limited to email or SMS) that the identification images, images of identification documentation, documentation data, meta data and other biometric or identification information provided are not sufficient

Server 2 and or Device 8, 9, 10 may be programmed by Application 5 to use one or more algorithms based on a variety of factors including (but not limited to):

o PBI third party Identify Verification (such as Document Verification

Service, National Facial Biometric Matching Capability, electoral roles etc)

o PCI, PBI or Principal Identify Verification or Credit Score

o Fraud checks on PBI, PCI and or Principal

o Results of searching databases of high risk or politically exposed

persons

o Facial recognition and photo matching

o Other biometric and biometric matching

o A comparison of the GPS locations of Device used PBI, PCI or Principal at the time of any face to face interview

o A comparison of IP addresses used by Device of PBI, PCI or Principal while communicating with Server 2;

o Device browser and operating system and other information captured by

Server 2

o Optical character recognition

o Meta data captured by Server 2 - Server may be programmed to produce and send a communication (Certificate) to Principal by email or SMS following the completion of the face to face interview (as may be required by the relevant Rules).

In this embodiment, the System 1 is arranged to provide instructions for enabling the correct identification documentation for a particular set of circumstances to be determined. The System 1 is configured to identify a documentary hierarchy which will satisfy VOI for particular Rules. In Australia, one example of the Rules may include the VOI Standards set out in the ARNECC Model Participation Rules which may operate together with or separate to the procedures and requirements set out in other legislation, regulation practice and policy including but not limited to the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1), FATCA, GATCA,

Financial Transaction Reports Act 1988. The System 1 is arranged to receive name data documentation data and other data from the Devices 8, 9, 10 and determine whether the available name data and documentation data enable VOI to be performed, by employing decisioning logic relevant to the risk associated with an inaccurate VOI, for example, as a result of identity document data or image tampering and matching data against the Rules and potentially System 1 1 .

The System 1 is configured to provide instructions and ask questions of either a PCI or a PBI to establish what documents are available and whether the VOI can be performed, and establish the required documentation.

This enables a PBI and/or PCI to undertake VOI with minimal or no training. A PBI, for example, can interact with the Application 5 to determine the documentation required, depending on the available documentation they have, and any names that they have and have had in the past (e.g. aliases, names changed by marriage, etc). The System 1 acts as an intelligent system utilising algorithms to facilitate determination of VOI, and documentation required for a particular VOI process.

Although the PCI may be available to assist the PBI in this process, generally, in this embodiment it will be the PBI that will be interacting with the System 1 to establish the

VOI process and determine the documents required. Of course, once this has been established, the PCI requires no particularly special training. They can also be advised from the System 1 as to what is required during the face-to-face interview with the PBI. A description of an example process where the PBI interacts with the System to establish VOI and documents required will now be given. This process is described in relation to the VOI Standard which is just one example of the Rules. It will be appreciated, however, that the system may be adapted for any Rules in any jurisdiction, and the invention is not limited to VOI Standard.

The Rules may provide a hierarchy of categories that must be used as part of the VOI of the PBI. For example in the VOI Standard, which is one example of the Rules in Australia, there are 5 categories for people who are Australian citizens/residents and one for foreign citizens/residents. Each category prescribes possible combinations of minimum identification documentation requirements to evidence the identity of the PBI.

The categories are hierarchical as the rules specify that that a combination of minimum documentation specified in a higher category cannot be used if a combination specified in a lower category can be met. Thus a combination of minimum documentation requirements in category 3 may only be used where the Verification Agent using System 1 is reasonably satisfied that a combination of minimum documentation identified in category 1 (firstly) and then category 2 (secondly) cannot be met.

Each category also requires that a change of name certificate or marriage certificate is part of the minimum documentation requirement where necessary. As a result if the name associated with an identity being verified is different to the name on a particular piece of identification documentation then the relevant document cannot be used unless there is certificated evidence for the difference in names.

The VOI Standards require that each piece of identity documentation used to satisfy the minimum documentation requirement in a specific category must also be current (other than passports which may be used for up to 2 years after expiry).

As a result the move from a lower category to a higher category (and thus a different set of minimum documentation requirements) can arise if:

(a) The PBI does not have the original of a required piece of identification

documentation in that category; or

(b) The original of the required identification documentation in that category is not current; or

(c) The name on the original of a required piece of identification documentation in that category varies from the name of the identity being verified and the variance or variances (if multiple changes) cannot be evidenced by originals of a change of name and/or marriage certification.

In the context of this example the System 1 process is specifically designed to:

(a) Ask the PBI questions via Device 9 interacting in this embodiment with the Application 5 and process the responses to ensure that the PBI is only asked to capture images of identification documentation if that documentation will be used to satisfy the Rules (as is required by the VOI Standard applied in this example) saving time and improving the user experience. The Application 5 uses program logic and algorithms to evaluate the information that is provided by the PBI and advise what images are required to comply with the Rules (as is required by the VOI Standard applied in this example) in the specific factual circumstances that apply to an identity verification as distinct from simply asking for all and sundry possibly relevant information for future review offline;

(b) Ask the PBI questions and process the responses in a way that removes the need for user knowledge and understanding of the requirements of the Rules (as is required by the VOI Standard applied in this example) ("no training required");

(c) Ask the PBI questions and process the responses in a way that reduce the risk that a PBI makes an uninformed decision that would inadvertently compromise compliance with the strict requirements of the Rules (as is required by the VOI Standard applied in this example) ("it is on rails");

(d) Ask the PBI questions and process the responses in a way that creates an auditable information trail and permanent record (stored in Database 12) to demonstrate compliance with the Rules (as is required by the VOI Standard applied in this example) and the rationale how a specific category is satisfied as well as the capture of the PBI's device and browser and other meta data ("satisfies VOI data collection and procedural requirements");

(e) Ask the PBI questions and process the responses in a manner that will assist with satisfaction of the Rules (as is required by the VOI Standard applied in this example) while saving time and improving the user experience ("simple and easy to use");

(f) Allow the PBI to complete the process at a time and place that is convenient to the PBI and independent of the presence of the Principal or the PCI which is very significant legally as the process artificially allows the Principal to rely on the verification of identity in the same way as if they had physically conducted any face to face interview of the PBI and collected the minimum documentation requirements (as is required by the VOI Standard applied in this example);

(g) Ask the PBI questions and process the responses to any computing device that is internet enabled, has a browser and has camera capability. The capability of the Device 9 to be programmed by the Application 5 to "fire" the camera and obtain images of the individuals specific minimum documentation requirements is an essential part of the system as it facilitates the delivery and storage of the minimum documentation requirements in a manner that complies with the Rules (as is required by the VOI Standard applied in this example);

(h) Ask the PBI questions and process the responses to minimise the number of PBI's that cannot use the system as a result of system inflexibility (eg allows for multiple name changes, verification of an "old identity" such as a past alias against current identification documentation in a different name, verification of a "new identity" against current identification documentation in a past alias) ;

(i) Ask the PBI questions and process the responses to minimise PBI

time/inconvenience/cost that might be incurred if required documentation is not on hand as it is simple and does not cost the PBI to exit the identification and image collection process and re-enter at another time. This could be a significant advantage versus other available alternatives that require the data to be provided within a short window that cannot be extended or repeated without additional time and/or cost;

(j) Ask the PBI questions and process the responses to ensure that if a PBI will not be able provide the minimum documentation requirements to satisfy a category of the Rules (as is required by the VOI Standard applied in this example) using the System 1 that this is identified and the process is truncated. The Application 5 uses the program logic and algorithms to evaluate the information that is provided by the PBI and other data and advise that they will not be able to satisfy the requirements of the Rules (as is required by the VOI Standard applied in this example) as distinct from simply collecting data for future review offline;

(k) Use data received from System 1 1 to determine the validity, authenticity,

integrity of data and other information about matters relevant to the PBI, PCI and/or Principal

How the System 1 will operate in various circumstances will now be given by way of a series of examples. The facts that the examples are based on, are as follows:

A solicitor is engaged to perform sell-side conveyancing in NSW for a client whose current name is PBI 3. PBI 3 was born with the name PBI 1 and kept the name until her first marriage when she became known as PBI 2. She changed her name to PBI 3 after her first marriage ended in divorce.

PBI 3 is an Australian resident has an Australian Passport in the name of PBI 3, a driver's license in the name of PBI 2, a birth certificate in the name of PBI 1 , a marriage certificate changing her name from PBI 1 to PBI 2 but she has lost her change of name certificate when she became PBI 3. Her Medicare card is in the name of PBI 2 and she has no other photographic identity documents.

Example 1 : PBI 3 is selling an apartment that she bought in the name PBI 2 (PBI 2 is still on the certificate of title).

The System 1 is arranged to collate a number of questions depending on the VOI Standards (or any rules that are applied for a particular jurisdiction) and answers by the PBI to the questions, via their Device 9: Q1 Do you have an Australian Passport? Yes Q2 What is the name on the Australian Passport? PBI 3 Q3 Do you have a Foreign Passport? No Q4 Do you have a current driver's license? Yes

Q5 What name is on the driver's license? PBI 2 Q6 Do you have an original birth certificate in the name PBI 1 ? Yes Q7 Do you have a Medicare card? Yes

Q8 What is the name on this Medicare card? PBI 2

The programme logic is applied to recognise that the minimum documentation requirements for Category 1 and 2 is failed (because there is no evidence of the name change to PBI 3 the Passport cannot be used). However, Category 3 can be passed as the name on the license matches the name of the identity being verified, there is an original birth certificate in the name of PBI 1 , a Medicare certificate in the name PBI 2 as well as a marriage certificate evidencing the change of name from PBI 1 to PBI 2.

As a result PBI 3 is asked to take images of and provide information about the driver's license, the birth certificate, the Medicare card and the marriage certificate and the VOI can proceed. Example 2: PBI 3 is selling an apartment that she bought in the name PBI 3 rather than PBI 2 (PBI 3 is on the certificate of title). Note the different questions asked as well as the different results even though there is only a small change in the factual position. Q1 Do you have an Australian Passport? Yes

Q2 What is the name on the Australian Passport? PBI 3 Q3 Do you have a current drivers license? Yes Q4 What name is on the drivers license? PBI 2

Q5 Do you have an Australian photo card? No

Q6 Do you have an Australian citizenship certificate? No Q7 Do you have a current Australian Government issued photographic identity document? No

Q8 Do you have an Australian descent certificate? NO The programme logic is applied to recognise that the minimum documentation requirements for the VOI standard cannot be met and PBI 3 is informed immediately after Q 8 is answered.

- Category 1 is failed despite the current Australian Passport in the name PBI 3 because the Driver's License is in the name PBI 2 (there is no certificated evidence for the change of name from PBI 2 to PBI 3 so the Driver's license is excluded).

- Category 2 is failed despite the current Australian Passport in the name PBI 3 and a full birth certificate (there is no certificated evidence for the change of name from PBI 2 to PBI 3 and therefore even though there is evidence of change of name from PBI 1 to PBI 2 the birth certificate is excluded). As there is also no citizenship or descent certificate it becomes impossible to meet the minimum documentation requirements of Category 2.

- Category 3 is failed as the name on the driver's license in the name of PBI 2 cannot be used (there is no certificated evidence for the change of name from PBI 2 to PBI 3 so the driver's license is excluded). As there is no Photo Card it becomes impossible to meet the minimum documentation requirements of Category 3.

- Category 4 (a) is failed despite the existence of a Passport that can be used as there is no other form of government issued photographic identity document.

- Category 4(b) is failed even though there is a useable Australian Passport and an original birth certificate there is no change of name certificate that can evidence the change of name from PBI 2 to PBI 3 and therefore even though there is evidence of change of name from PBI 1 to PBI 2 the birth certificate is excluded. There is no question about another form of Government issued Identity Document as category 4(b) cannot be satisfied .

As a result PBI 3 is not asked to take images of and provide any further information the 5 VOI cannot proceed.

Example 3: PBI 3 is selling an apartment that she bought in the name PBI 2 (PBI 2 is still on the certificate of title) BUT also her Australian Passport is in the name PBI 2 rather than PBI 3. Note the different questions asked as well as the different results o even though there is only a small change in the factual position.

Q1 Do you have an Australian Passport? Yes

Q2 What is the name on the Australian Passport? PBI 2

5

Q3 Do you have a current driver's license? Yes Q4 What name is on the driver's license? PBI 2 o The programme logic is applied to recognise that the minimum documentation

requirements for the VOI standard can be met and PBI 3 is informed immediately after Q 4 is answered.

Category 1 is passed as the Australian Passport and the current Driver's License are in 5 the name PBI 2 which is the same as the identity being verified.

As a result PBI 3 is asked to take images of and provide information about the Passport and Driver's License in the name of PBI 2 and the VOI can proceed without the requirement to take any further images of PBI 3's identification.

0

A more detailed description of operation of the programme for eliciting the appropriate VOI process is given later in this document.

In this embodiment, a Web application 5 is used to communicate with the remote5 devices 8, 9, 10 (via their browsers). In prior art systems which exist (only using a single remote device for capture of documents for recording purposes) Native applications are downloaded to the remote devices. Native Apps have a number of disadvantages. They are installed directly on to the device itself. They are built for specific device operating systems, so that if the functionality is to be applied on different operating systems, different Native Apps must be prepared. If a Native App is to be maintained properly and used broadly, updates must be prepared for all operating systems and downloaded to the device.

Native Apps are therefore quite difficult to maintain. There is also a reluctance as far as many users are concerned to download Native Apps to their devices. An advantage of Native Apps, however, is that more control can be applied over the user device than with remote, Web Applications. Further, Native Apps have direct access to device specific hardware such as (but not limited to) cameras, NFC/RFID readers, gyroscope, magnetometer, accelerometer, GPS chips and information such as unique device details/identifiers. The extent to which Native Apps can access and control the mobile device hardware is set and determined by the operating system provider.

Web Apps are internet-enabled applications programmed into a remote server that are accessible via a device's browser. Users don't need to downloaded and install the app onto device in order to access it. The app is written in HTML and CSS code, with the interactive parts in JavaScript using JQuery and other frameworks. Meaning that single web application can be used on all mobile devices that are capable of browsing the web, regardless of the operating system they use. The Application usually behaves as a client in a client-server architecture and requires internet connectivity to

communicate with the server.

Web Apps are instantly accessible to users via a browser across a range of devices (iPhone, Android, Windows, etc.) ie no downloading of a Native App is required. They are also much easier to update or maintain by the developer. Just like a standard website, mobile Web Apps can be developed into dynamic data driven applications with complex integration into larger backend systems very much like Native Apps.

It is however, incorrect to assume that anything that is done by a Native App (which is installed on and programs a specific mobile device) can also be achieved by programming a remote server and allowing the mobile device to interact with the mobile device via an internet browser. Web Apps have greater limitations relative to what can be achieved when the specific programming associated with a mobile device has complete access to a mobile device operating system and hardware (which can be achieved easily with a Native App).

It would be useful to have some Native App-like functionality with the advantages of a Web App. In this embodiment, the System 1 accesses meta data which is associated with the processes occurring on the computing Devices, 8, 9, 10 and also associated with the computing devices. It utilises this meta data to facilitate operation of the process and, in some ways, achieve "Native like" functionality (see later on in this document for a detailed description of how the meta data is utilised).

The rules and algorithms applied by the System 1 of this embodiment provide a solution to the problem of requiring the Principal OR specially trained representatives of a Verification Agent to determine which combination of identification documentation is required to accurately and correctly satisfy the VOI Standard.

In the prior art, the Principal or specially trained representative would look at the alternate forms of identification documentation that may be input into or collected by the mobile device and the PBI's available identification documentation and make a judgment about what combination of documentation is required to comply with the VOI Standard.

As a consequence of utilising the System 1 each PBI can determine accurately and conclusively whether they possess the correct identification documentation and use their mobile device to provide identification information and images relevant to correctly satisfying the VOI Standard (as applicable in this example). In another embodiment an untrained PCI could determine accurately whether the PBI possesses the correct identification documentation and use their mobile device to provide identification information and images relevant to accurately satisfying the VOI Standard (as applicable in this example).

There is no need for the PCI to be the Principal OR a specifically trained representative of a Verification Agent. The System 1 evaluates the user's inputs, to make judgements and provide answers rather than relying on the intelligence gathered by a Principal or trained representative in understanding how to accurately apply the VOI Standard (as applicable in this example). If an untrained Principal or representative of the Verification Agent can conduct any face to face interview (as applicable in this example) and rely upon the judgements made about what identification documentation is required to accurately satisfy the VOI Standard (as applicable in this example) an enormous amount of additional utility and commercial benefit is created. As such the present embodiment improves upon the other available technologies by employing rules and algorithms to overcome problems that arise because of the limitations of those technologies and the inefficiencies of a manual or basic or physical VOI. These improvements arise largely from the amount of flexibility in who can nominate and perform the roles traditionally reserved for the PCI in the prior technologies. With more flexibility around how and who can accurately and effectively determine the correct combination of identification documentation required to satisfy the VOI Standard (as applicable in this example) there is significantly more flexibility around who can perform the role of the PCI. As a direct consequence there is also flexibility around who can nominate the identity of the PCI. As just about anyone can be the PCI and either the Principal OR the PBI can nominate the PCI the System 1 is able to resolve many of the significant drawbacks and disadvantages of the current technologies.

(a) There is no geographic limitation as to where the VOI can take place unless that limitation is specifically set by the System 1 and Application 5. Anywhere in the world where there is internet connectivity a PCI (nominated by the Principal or the PBI) can conduct a VOI of the PBI.

The System may however use specific parameters to limit the places where a VOI can take place in order to reduce the potential for fraud. For example the Application 5 may record the GPS co-ordinates of both the PBI and PCI when they access the Server 2 through the Application 5. If either sets of co-ordinates are in known high risk fraud areas, the Server 2 may reject the VOI.

(b) As the PCI does not require any specific training to conduct the VOI in a face to face interview the PCI could be a work colleague, spouse, neighbour, friend, family member of the PBI or a party that is known to be transacting with the PBI such as a real estate agent. In most cases the PCI can be chosen in a way that means they do not require meaningful commercial compensation for performing the role of the PCI. This significantly reduces the cost of obtaining a VOI, whether that cost is borne by the Principal or the PBI.

(c) The System 1 may be available at any time. As a result a Principal can request a 5 VOI at ANY TIME, the PBI can provide the required images of identification

documentation at ANY TIME and the PCI and the PBI are free to co-ordinate the time of the face to face interview (as may be required by relevant Rules) at ANY TIME they wish. l o (d) The Application 5 may have the capacity to process many thousands of VOI

transactions every hour and there is never a requirement for the PBI to stand in a queue.

(e) The arrangements that the PBI makes with the PCI are not pre-specified by the

15 System 1 giving the PCI and the PBI far more flexibility to determine what is a mutually acceptable place and time to conduct any face to face interview (as may be required by relevant Rules). As the PBI can nominate as the PCI someone such as a spouse or a neighbour or a relative can very easily conduct any face to face interview at home outside business hours.

20

(f) A Principal can order a VOI check and the completed VOI report can be available to the Principal within a very short time. The VOI report could be made available to the Principal within minutes of the PCI conducting the face to face interview (as may be required by relevant Rules) with the PBI.

25

(g) data collected by System 1 may be used together with Server 1 1 determine whether VOI was conducted without mistake or fraud, for example as may occur following tampering with identification documentation, images of identification documentation or other images or biometrics obtained as part of the VOI process.

30

The System 1 uses an algorithm which processes data in a sequential manner. Each time the user provides data the algorithm makes a new observation, produces a decision and then adaptively updates its parameters to enhance its performance. The algorithm works in an unsupervised manner since in most embodiments it will be 35 operating on a mobile device in the hands of an untrained user.

Below are two alternate explanations of the way the system works. Part A - Explaining the algorithm - Decision Tree Logic

The algorithm operates in two stages for each PBI. In the first stage, it takes data input from either the PBI (and in some cases the Principal) on the specific identity that is being verified, the current legal name of the PBI, any prior legal name(s)/alias(es) and the nature/availability of documented evidence for changes in legal name(s)/alias(es). From this the algorithm is able to construct a data set representing legal

name(s)/Alias(es) that may be associated with any piece of identification

documentation that can be appropriately used to verify the relevant identity. In the second stage, it takes input from the PBI about the types of original identification documentation that the PBI has in their possession and the name/alias associated with each type. The algorithm evaluates the data observed from the PBI (and possibly Principal) inputs and to provide the final decision about whether the VOI can be completed and if so the correct combination of available identification documentation required for compliance with the relevant Rules.

The evaluation of the data observed in the first two stages is processed using a nested decision tree (ie a tree of decision trees) logic. The inner tree logic which relates to the types of identification that may be used by the PBI can be categorised into groups for example 1 A-3B (outlined below). The outer tree logic then determines if an acceptable combination of groups in the inner tree have been met and thus determines the outcome.

The inner decision tree logic:

In order to fulfil the requirements of any individual group in the inner tree the observed data must show the PBI in possession of one (and only one) of the identification types in a group and the name/alias associated with that identification type must be within the acceptable data set calculated in stage one of the algorithm To be within the acceptable data set calculated in stage one of the algorithm an individual piece of identification documentation must meet at least one of the following two conditions:

- The name/alias on the piece of identification documentation must exactly match the identity being verified; or - The user must have a Change of Name or Marriage Certificate for each name/alias change in any series of changes between the name shown on the piece of identification documentation and the identity being verified. Example Inner Tree Group 1A

One of:

- AUS Passport

- Foreign Passport Example Inner Tree Group 1 B

One of:

- AUS Drivers Licence

- AUS Photo Card Example Inner Tree Group 2A

One of:

- birth certificate

- citizenship certificate

- descent certificate

Example Inner Tree Group 2B

One of:

- Medicare card

- Centrelink card

- Veterans Affairs card

Example Inner Tree Group 3A

- Government issued photo ID Example Inner Tree Group 3B

- other forms of Government issued ID

The outer decision tree logic:

Once the requirements of any individual group in the inner tree is determined by the algorithm to (a) have been met OR (b) not met; the algorithm will test the previously observed data against the logic of Example Groups 1 -3 in the outer tree to determine whether any further input is required from the PBI and then: - confirm the correct combination of identification documentation has been determined, OR

- confirm that no combination of identification documentation is possible for using the System, OR

- seek PBI data input in relation to the next group in the inner tree. Example Outer Tree Group 1

Satisfied example inner tree logic group 1A AND 1 B - collect relevant example Group 1 inner tree documents and the Rules are satisfied

Satisfied example inner tree logic group 1A OR 1 B - seek additional inner tree data from the PBI then CONTINUE to example Group 2 outer tree

Did not satisfy example inner tree logic group 1 A NOR 1 B - Rules cannot be satisfied with the System 1

Example Outer Tree Group 2

Satisfied example inner tree logic group 2A AND 2B - collect relevant Group 1 and Group 2 documents and Rules are satisfied with the System 1

Did not satisfy example inner tree logic group (2A AND 2B) BUT did satisfy example inner tree group 1A - seek additional inner tree data from the PBI then continue example Group 3 outer tree ELSE - Rules cannot be satisfied with the System 1

Example Outer Tree Group 3

Satisfied example inner tree logic group 3A - collect relevant Group 1A and Group 3A documents and Rules are satisfied with the System 1

Satisfied example inner tree logic group 3B AND (2A by way of a Birth Cert) - collect relevant Group 1A, Group 2A (birth cert) and Group 3A documents and Rules are satisfied with the System 1 ELSE - Rules cannot be satisfied with the System 1 Part B - Explaining the algorithm by way of example

The algorithm compares each legal name used by the PBI to the name of the identity that is being verified. For example an individual may have been born Name 1 , changed their name at marriage to Name 2, and upon divorce changed their name to Name 3. The identity of the person being verified could be any one of three names (or a variant that was determined by the Principal as the alias to be verified). It is not always a verification of the current name that is required for a transaction. For example if a property was acquired pre marriage in Name 1 that is the name and identity that must be verified if the property is sold in the future and the name on the relevant property register had not been changed (which may not be legally required).

The algorithm determines questions to ask that are defined by a series of rules (programmatically defined by mathematical relationships associated with various features) including whether the person being identified is in possession of individual pieces of identification documentation together with the name appearing on the relevant identification documentation. For each piece of identification documentation in the possession of the person being identified another set of rules (programmatically defined by mathematical relationships associated with various features) determines whether the relationship between the name associated with the relevant piece identification documentation, the name of the identity being verified (or a variant) and any certificated evidence of name change(s) allows the piece of identification documentation to be used. So using the name example above if the person is in possession of an Australian Passport and the name on the Australian Passport is Name 3, the name of the identity being verified is Name 1 , the current name of the person is Name 3, the person has a marriage certificate for the change to Name 2 from

Name 1 but no change of name certificate for the change from Name 2 to Name 3 the algorithm will determine that the Australian Passport cannot be used as a piece of identification documentation and will notify the user why before progressing. Using the same facts but assume the Australian Passport was in Name 2 the algorithm would determine that the Australian Passport can be used as a piece of identification documentation and the application of the next rule will proceed.

The example in the prior step illustrates that even though the individual person is the same the identification documentation requirements for each individual name may be different or exist for one or more legal names for the individual and be non-existent for others. The prior step is repeated in accordance with the programmatically defined rules through a hierarchy of potential identification documentation until it is determined by the algorithm (and reported to the user) that a specific combination of identification documentation can be used to complete the VOI OR that no combination allows the System 1 to be used to complete the VOI. Continuing the example above if the algorithm identified that the Australian Passport could not be used as a piece of identification documentation then the algorithm would determine to progress and request whether the person had a foreign passport and continue as above. If on the other hand the Australian Passport could be used as a piece of identification documentation then the algorithm would determine to request whether the person had an Australian Driver's license and continue as above. Using the analogy the algorithm will repeat applying the rules until it identifies the correct documentation requirements or that no combination of available documentation requirements can be used together with the System 1 .

It is important to note that the algorithm will permit the PBI to go back and change an answer in anticipation that users will often look for the simplest solution while providing the initial inputs but would prefer not to fail if a harder solution requiring different inputs that would generate a successful result is available. Using first example above assume the algorithm initially determined that the identification documentation for the PBI could not be used because the PBI had no foreign passport and their Australian Driver's license, Photo Card and Medicare Card were in Name 3 even though they did have a birth certificate. Assume upon being told that the required identity would not be able to be verified that the PBI decided to have a further look for the change of name certificate from Name 2 to Name 3. Upon finding it and changing the initial answer about change of name certification the algorithm would immediately recalibrate and determine that the only identification documentation required had been satisfied by the Australian Passport and Driver's License in Name 3. Any redundant application of the algorithm would be automatically ignored and the process would continue having established the correct identification documentation required (the answers associated with the questions asked about Birth Certificate, Photo Card and Medicare Card are automatically disregarded by the algorithm as they are no longer required).

After identifying the correct combination of identification documentation the System 1 will instruct the PBI to capture images of the correct combination of verification documentation and will enable the camera of the user's mobile device to fire and capture the images. In this embodiment, meta data is collected from the photo image files and is used to verify the process and devices involved (see more detail below).

Controlling the camera occurs by specific programming that causes the Device 8, 9, 10 browser to activate the device camera. Various controls over the camera may be implemented, for example relating to the way the camera image orientates and the way the image orients.

This embodiment solves technology specific issues associated with using a Web App (as distinct from a Native App) to conduct the VOI process using mobile devices as a consequence, the system can operate on any mobile device regardless of operating system.

As has been discussed prior technology solutions that utilise mobile devices such as smart phones are deployed as Native Apps that work in tandem with a mobile device and the relevant operating system. The System 1 of this embodiment comprises a web application that operates through a browser.

There are disadvantages that arise when a web application capable of connecting to ANY mobile device is used. For example if the System 1 were simply to allow any user to access the server via any web browser on any device to upload images of identification documentation and confirm that a face to face interview had taken place (as may be required by relevant Rules) it would be very difficult or impossible for a Verification Agent to determine whether the application of the Rules had been modified or thwarted prior to providing the identity agent certification to a Principal.

Minimising the risk of deliberate or accidental misuse if the technology is part the process of conducting a VOI. Whenever the Principal does not physically conduct the verification of identity using a direct physical face to face meeting between the Principal and the PBI the process itself is subject to being executed in a way that is not in strict compliance with the Rules or is otherwise deliberately thwarted by end users.

When the System 1 is used to conduct a VOI the final step in the process is the delivery of a identification agent certification issued by the System 1 to the Principal. In accordance with the requirements of the relevant Rules the certification may contain a declaration confirming that the verification was conducted in accordance with the relevant Rules. To the extent that any declaration is incorrect or is subject to unidentified fraud risks then the Verification Agent may become exposed to potential liability as a result of issuing the declaration that the VOI had been appropriately completed.

When the System 1 provides the certification, the Verification Agent, for example, may be confirming to the Principal in accordance with relevant Rules that:

(a) the originals of the identification documentation contained in the identification documentation images have been sighted;

(b) the PBI is a reasonable likeness to the photographs contained in the identification documentation images; and

(c) the VOI was conducted during a face to face interview with the PBI.

When using a Web Application, there are a number of Internet and hardware device centric issues that arise, for example: (a) There are a number of device API's (application programming interface) that are not available using when using a Web App. For example access to personalised device configurations (eg Top 50 playlist, Wifi SSID, device name) that may be used to specifically identify the user of the device is impossible with a Web App. The vast majority of these "fingerprinting" features are not accessible using a Web App as there is no Web API.) ;

(b) Web App access to unique device details/identifiers (eg IMEI/IMSI, MAC address or in the case of IOS the IDFA ) is difficult or impossible; (c) When using a Web App to access a mobile devices geolocation capabilities it is difficult or impossible to determine whether the device GPS is using satellite positioning, wifi or cellular positioning to provide the location which can impact on the degree of certainty around the accuracy of the location data provided. With a Native App it is possible to force the device to use the GPS chip which will give the most accurate GPS reading in most circumstances;

(d) The Web API for camera access is limited to basic camera access and file uploading and there is no ability to control the camera settings; (e) ensuring user interface quality on multiple mobile device screen sizes

(f) ensuring useability on ALL key browser types (g) Where an Apple mobile device is used the IOS browser "Safari" automatically deletes the EXIF data associated with the photograph when it is uploaded

The internet and mobile device centric issues that follow from the use of a Web App (as distinct from a Native App) could result in a significant loss of functional ability to "track", "identify", "data check", "verify" user credentials, the computing devices that are used, the data that is provided as well as the circumstances in which the VOI is conducted. This embodiment implements a number of more innovative techniques must be utilised to identify or "fingerprint" each device that is used in the VOI and to verify or authenticate key data including data about the VOI process itself.

System 1 relies on the specific functionality of the algorithms that the Server 2 enables computing devices to execute as well as the data that each device provides including data about the users and their devices to provide information that is utilised to assist in the mitigation of risk.

As there is no single simple solution a combination of different techniques may be utilised. Examples of the techniques in which a mobile device is utilised as part of risk mitigation are as follows:

(a) GPS co-ordinates of the device used by the PBI and PCI when they are accessing the System 1 are collected. This data can be collected and can be used to exclude certain users (for example exclude PBI or PCI outside Australia or inside a particular jurisdiction of concern) or may be used to confirm information about where the interview took place and the relative position of the users at the time the PCI accessed the Server 2 to conduct any face to face interview (as may be required by relevant Rules).

(b) While conducting any face to face interview (as may be required by relevant Rules) the System 1 requires the PCI to takes an image of the PBI using the PCI's Device 8.

When the image is taken and the file is uploaded the file metadata may be recorded and compared with other data collected from the Device 8 that has accessed the Server 2 with the Application 5. This data is analysed to provide evidence that the photograph that the PCI takes of the PBI was in fact taken during the time when the PBI and PCI were "supposed to be" face to face and connected to the Server 2 and not at some other time. If the photo was taken at some other time it could indicate that the VOI was not conducted appropriately. The same meta data might be used to determine whether the photograph was taken on the Device 8 used by the PCI or otherwise obtained from another source. Data obtained from other sources and passed off as being taken from the device claimed is also an indicator of fraud. (c) using information collected from the Device 8, 9, that is used by the PBI and PCI the Application 5 running on Server 2 can differentiate when a user is attempting to use a device that is not a mobile device and may block the user from completing the process. So for example a user may be restricted from using a desktop computer to upload images of identification documentation as distinct from uploading images taken with a mobile device. If insufficient reliable data or other meta data can be obtained to evidence appropriate conduct of the VOI in accordance with the VOI Standard certain desktops could be used to upload information that may provide more scope for user manipulation. (d) whilst a computing Device 8, 9, 10 is connected to the System 1 via the

Application 5 information is captured about the device which is used to "fingerprint" the device. This information may be used to ensure that the device used by the PCI is different to the device used by the PBI which might otherwise indicate that the VOI is not conducted appropriately. For example if the same user is attempting to conduct the role of the PBI and PCI this could be a risk indicator.

The embodiment may rely on collection and comparison of data from each mobile device such as: - UserAgent

- Language

- Color Depth

- Screen Resolution

- Timezone

- Has session storage or not

- Has local storage or not

- Has indexed DB

- Has IE specific 'AddBehavior'

- Has open DB

- CPU class

- Platform

- DoNotTrack or not - Full list of installed fonts (maintaining their order, which increases the entropy), implemented with Flash

- A list of installed fonts, detected with JS/CSS (side-channel technique) - can detect up to 500 installed fonts without flash

- Canvas fingerprinting

- WebGL fingerprinting

- Plugins (IE included)

Is AdBlock installed or not

- Has the user tampered with its languages

- Has the user tampered with its screen resolution

- Has the user tampered with its OS

- Has the user tampered with its browser

- Touch screen detection and capabilities

- Pixel Ratio

Alternatively or in addition more complex and unusual technical solutions may be used such as measuring the clock skew of each device while the user is connected to the Server 2. All computing devices have built in clock devices triggered by crystal oscillators. Although a crystal oscillator works in a constant frequency under a stable temperature there is always an error in the manufactured frequency to the "ideal one" (such as an atomic clock or a known system clock). As a result every device clock will record the progression of time slightly faster or slower than physical time as measured by the "ideal one". This error in the rate is known as "clock skew", and the difference in rates between two digital clocks is known as "relative clock skew". When accurately measured the value of the relative clock skew tends to be different for each computing device. The Application 5 is capable of collecting large amounts of data about the performance of the clock from a user's Device 8, 9, 10 whilst the user is connected to the Server 2. The Server 2 can then run an algorithm specifically designed to reduce the possible entropy (outlier results) specific to data collected from a device. The result is the calculation and storage of an accurate relative clock skew for each device that is ever connected to the server via the Application 5. This information or "hardware fingerprinting" can be used to identify whether the same device has been used by any more than one person as part of a VOL Whilst clearly an unusual technical effect it can be utilised to minimise the probability of risk using the Application 5 in the same way that unique device details/identifiers (eg IMEI/IMSI or MAC address or in the case of IOS the IDFA) can be. (see references to unusual technical effects in RPL case referencing Research Affiliates case) (e) as the hardware technology develops other biometric data may also be collected from the mobile device and sensors such as user fingerprints, retina scans etc

In the above embodiments, two separate devices are used for the PCI and PBI in the VOI process. The invention is not limited to this. In an alternative embodiment, one device may be used to interact with the system 1 to determine the VOI process and documentation required. The same device may also be used in the face-to-face interview. For example a single device associated with PCI may be utilised. In other embodiments, more than two devices may be used in the process e.g. three or more.

In the above embodiments, the remote devices access the system by way of a Web application. The invention is not limited to this. In other embodiments, Native

Applications may be installed on the remote computing devices. In further embodiments, the application may be a Hybrid Application, with a program installed on the remote computing devices and utilising programming associated with a Web Application. Other software/hardware architectures are also possible. In the above embodiments, the PBI and the PCI physically meet in-person and face to face. The invention is not limited to this. In other embodiments, the PCI and PBI may use one or more remote devices to conduct a face to face interview that is not in- person by accessing or using communications technology. As such in these embodiments the PBI and the PCI may have met without ever having been physically present at the same time and place. The use of the words face to face does not limit embodiments of the invention to a situations where the PCI and the PBI are physically present at the same time and place.

Embodiments of the present invention may be implemented by a variety of hardware and software architecture. General purpose computers may be programmed to implement embodiments of the process. Hardware architecture is not limited to general purpose computers or servers, but any architecture could be implemented, including client-server architecture, central processing unit-terminal architecture, or any other architecture. Programmable hardware may be used to implement embodiments, such as field programmable gate arrays, programmable gate arrays, and the like.

Where software is used to implement the invention, the software can be provided on computer readable media, such as disks, or as data signals over networks, such as the Internet, or in any other way.

In embodiments, hardware architecture already pre-programmed to implement embodiments of the invention may be provided.

It is to be understood that, if any prior art publication is referred to herein, such reference does not constitute an admission that the publication forms a part of the common general knowledge in the art, in Australia or any other country.

In the claims which follow and in the preceding description of the invention, except where the context requires otherwise due to express language or necessary implication, the word "comprise" or variations such as "comprises" or "comprising" is used in an inclusive sense, i.e. to specify the presence of the stated features but not to preclude the presence or addition of further features in various embodiments of the invention.

It will be appreciated by persons skilled in the art that numerous variations and/or modifications may be made to the invention as shown in the specific embodiments without departing from the spirit or scope of the invention as broadly described. The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive.

Claims

Claims

1 . A method of verifying identity of a person to be identified, comprising the steps of:

at a host computing system;

receiving, from a first remote computing device, at least one image of identification documentation for verifying identity;

receiving, from a second remote computing device, confirmation that a further person has met with the person to be identified and viewed the identification documentation, and confirms that the person to be identified is associated with the identification documentation, and

processing the confirmation and the image of the identification documentation.

2. A method in accordance with claim 1 , comprising the further step of receiving, from the second remote computing device, an image of identification documentation for verifying the identity of the further person.

3. A method in accordance with claim 2, wherein the second remote computing device is associated with the further person.

4. A method in accordance with claim 1 , 2 or 3, wherein the confirmation comprises confirming that the further person believes that the person being identified has a reasonable likeness to an image of the person in the identification

documentation.

5. A method in accordance with any one of claims 1 to 4, comprising the further step of the second remote computing device capturing an image or biometric of the person to be identified, and the confirmation received by the host computing system comprising the image or biometric.

6. A method in accordance with claim 5, comprising the step of the host computing system controlling the second remote computing device to capture the image or biometric.

7. A method in accordance with any one of the preceding claims, wherein the first remote computing device is associated with the person to be identified.

8. A method in accordance with claim 7, comprising the step of the host computing system controlling the first computing device to capture the image of the identification documentation.

9. A method in accordance with any one of the preceding claims, comprising the step of providing a verification of identity of the person to be identified.

10. A method of verifying the identity of a person to be identified, comprising the steps of, at a computing system:

receiving name data associated with name(s) of a person to be identified; receiving documentation data associated with available documentation for identification of the person being identified;

processing the name data and documentation data and establishing a process for verification of the identity of the person being identified and determining documentation required to verify the identity;

implementing the process for verification, and obtaining images of the documentation required.

1 1 . A method in accordance with claim 10, wherein the step of processing the name data and the documentation data, comprises the steps of matching the name data and documentation data against rules for verification of identity.

12. A method in accordance with claim 1 1 , comprising the step of determining from the name data and documentation data whether a process for verification of identity can be implemented and, if not , generating a request for further name data and/or documentation data.

13. A method in accordance with claim 10, 1 1 or 12, wherein the step of generating the requests, comprises the computing system compiling requests responsive to meta data obtained by the computing system and associated with the user device and/or the operation of the user the device and/or the user.

14. A method in accordance with any one of claims 10 to 13, comprising the step of the computing system providing the requests to a user device, and receiving answers from the user device relating to name data and/or documentation data and/or meta data or other data.

15. A method in accordance with claim 14, wherein the user device is a computing device remote from the computing system.

16. A method in accordance with claim 13 or claim 14, wherein the user is the person being identified.

17. A method in accordance with any one of claims 13 to 16, comprising the steps of the computing system storing the name data, documentation data, meta data and/or other data including user answers to questions.

18. A method in accordance with any one of claims 10 to 17, comprising the step of providing a verification of identity of the person to be identified.

19. A method of verifying identity of a person to be identified, comprising the steps of:

a host computing system providing an application accessible over a network to a remote device to implement a process for the identification of a person to be identified;

receiving from the remote device over the network, identification data for implementing the process for identification;

receiving from the remote device over the network, meta data associated with the remote device or operation of the remote device, or a user of the remote device; implementing the process for identification, verifying the device or user or other elements of the process for identification using the meta data.

20. A method in accordance with claim 19, where the metadata comprises data associated with the capture of an image by the remote device of the person to be identified.

21 . A method in accordance with claim 20, wherein the remote device is associated with a further person involved with the identification.

22. A method in accordance with claim 20 or claim 21 wherein the meta data is utilised to determine whether the further person is in the same location as the person to be identified when the image is captured.

23. A method in accordance with any one of claims 19 to 22, wherein the application is a Web application, and the meta data is browser data obtained from the remote device.

24. A method in accordance with any one of claims 19 to 23, wherein the remote device is associated with a person to be identified.

25. A method in accordance with any one claims 19 to 23, wherein there are a plurality of remote devices involved in verifying the identity of the person to be identified, and the metadata is used to confirm that the plurality of devices are separate devices.

26. A method of verifying the identity of a person to be identified, comprising the steps of:

at a host computing system;

receiving, from a first remote computing device operated by the person to be identified, at least one image of identification documentation for verifying identity; implementing a process for verification of identity of the person to be identified;

providing a verification of identity of the person to be identified.

27. A method in accordance with claim 26, comprising the further steps of compiling questions and/or instructions to enable determination of identification documentation to be used for verifying identity, and presenting the questions and instructions at the first remote computing device.

28. A method in accordance with claim 27, wherein the questions and instructions are compiled by the host computing system.

29. A system for verifying identity of a person to be identified, comprising a computing apparatus configured to:

receive, from a first remote computing device, at least one image of identification documentation for verifying identity;

receive, from a second remote computing device, confirmation that a further person has met with the person to be identified and viewed the identification documentation, and confirms that the person to be identified is associated with the identification documentation, and

process the confirmation and the image of the identification documentation.

30. A system in accordance with claim 29 configured to receive, from the second remote computing device, an image of identification documentation for verifying the identity of the further person.

31 . A system in accordance with claim 30, wherein the second remote computing device is associated with the further person.

32. A system in accordance with claim 29, 30 or 31 , wherein the confirmation comprises confirming that the further person believes that the person being identified has a reasonable likeness to an image of the person in the identification

documentation.

33. A system in accordance with any one of claims 29 to 32, wherein the second remote computing device captures an image or biometric of the person to be identified, and the confirmation received by the system comprises the image or biometric.

34. A system in accordance with claim 33 wherein the computing apparatus is configured to control the second remote computing device to capture the image or biometric.

35. A system in accordance with any one of claims 29 to 34, wherein the first remote computing device is associated with the person to be identified.

36. A system in accordance with claim 35 wherein the computing apparatus is configured to control the first computing device to capture the image of the

identification documentation.

37. A system for verifying identity of a person to be identified, comprising a computing apparatus configured to:

receive name data associated with name(s) of a person to be identified;

receive documentation data associated with available documentation for identification of the person being identified;

process the name data and documentation data and establish a process for verification of the identity of the person being identified and determine documentation required to verify the identity;

implement the process for verification, and obtain images of the documentation required.

38. A system in accordance with claim 37 wherein processing the name data and the documentation data comprises matching the name data and documentation data against rules for verification of identity.

39. A system in accordance with claim 38 wherein the computing apparatus is configured to determine from the name data and documentation data whether a process for verification of identity can be implemented and, if not, generate a request for further name data and/or documentation data.

40. A system in accordance with claim 37, 38 or 39 wherein generating the requests comprises compiling requests responsive to meta data obtained by the system and associated with the user device and/or the operation of the user the device and/or the user.

41 . A system in accordance with any one of claims 37 to 40 wherein the computing apparatus is configured to provide the requests to a user device, and receive answers from the user device relating to name data and/or documentation data and/or meta data or other data.

42. A system in accordance with claim 41 , wherein the user device is a computing device remote from the system.

43. A system in accordance with claim 41 or claim 42, wherein the user is the person being identified.

44. A system in accordance with any one of claims 37 to 43 wherein the computing apparatus is configured to store the name data, documentation data, meta data and/or other data including user answers to questions.

45. A system for verifying identity of a person to be identified, comprising a computing apparatus configured to:

provide an application accessible over a network to a remote device to implement a process for the identification of a person to be identified;

receive from the remote device over the network, identification data for implementing the process for identification;

receive from the remote device over the network, metadata associated with the remote device;

implement the process for identification, verifying the device or user or other elements of the process for identification using the metadata.

46. A system in accordance with claim 45, wherein the metadata comprises data associated with the capture of an image by the remote device of the person to be identified.

47. A system in accordance with claim 46, wherein the remote device is associated with a further person involved with the identification.

48. A system in accordance with claim 46 or claim 47 wherein the computing apparatus is configured to utilise the meta data to determine whether the further person is in the same location as the person to be identified when the image is captured.

49. A system in accordance with any one of claims 45 to 48, wherein the application is a Web application, and the meta data is browser data obtained from the remote device.

50. A system in accordance with any one of claims 45 to 49, wherein the remote device is associated with a person to be identified.

51 . A system in accordance with any one claims 45 to 50, wherein there are a plurality of remote devices involved in verifying the identity of the person to be identified, and the computing apparatus is configured to use the meta data to confirm that the plurality of devices are separate devices.

52. A system for verifying identity of a person to be identified, comprising a computing apparatus configured to:

receive, from a first remote computing device operated by the person to be identified, at least one image of identification documentation for verifying identity; to implement a process for verification of identity of a person to be identified; and provide a verification of identity of the person to be identified.

53. A system in accordance with claim 52 wherein the computing apparatus is further configured to compile questions and/or instructions to enable determination of identification documentation to be used for verifying identity, and present the questions and instructions at the first remote computing device.

54. A computer program, comprising instructions for controlling a computer to implement a method in accordance with any one of claims 1 to 28.

55. A computer readable medium, providing a computer program in accordance with claim 54.

56. A data signal, comprising a computer program in accordance with claim 54.

57. A method of verifying identity of a person to be identified, comprising the steps of:

capturing, by a first remote computing device, at least one image of identification documentation for verifying identity;

capturing, by a second remote computing device, confirmation that a further person has met with the person to be identified and have viewed the identification documentation, and confirms that the person to be identified is associated with the identification documentation.

58. A system for verifying identity of a person to be identified, comprising:

a first remote computing device configured to capture at least one image of identification documentation for verifying identity;

a second remote computing device configured to capture confirmation that a further person has met with the person to be identified and viewed the identification documentation, and confirms that the person to be identified is associated with the identification documentation.

59. An identity verification system, comprising a system in accordance with claim 58, and a system in accordance with any one of claims 29 to 36.