The following interview was conducted by Lynn Fosse, Senior Editor, CEOCFO Magazine and Bob Geiman, co-founder and chairman of Confirm.io, Published – April 18, 2016: http://www.ceocfointerviews.com/interviews/Confirm16.htm
CEOCFO: Mr. Geiman, would you tell us about Confirm.io?
We are in the business of authenticating government issued documents and then performing multifactor authentication on identity. Our main focus is solving problems in and around digital enrollment. Today there are numerous internet-based services, shared economy services that are enrolling people online, sometimes connecting those people who ultimately meet in their real world. Then there are a slew of traditional industries that are trying to move all of their business processes to a digital environment. Many of those business processes require identity authentication or identity confirmation, usually through the presentation of a physical government issued ID, to comply with either a corporate business requirement or to meet a regulatory or legal / government mandated requirement. These customers would like to move those business processes to a digital service but they need to figure out a way to incorporate a physical document into their businesses processes, and that is where we come in.
“So much of our life has moved to the Internet, and corporations and individuals and now individuals and individuals, facilitated by the Shared Economy, are interacting online and often meeting in person facilitated by an online interaction. What we are all about is making sure that people are who they say they are when they enroll and participate in these services.”
- Bob Geiman, Confirm Cofounder and Chairman
CEOCFO: What are the specfic challenges?
There are a couple of challenges. We are using the camera phone as the image capture device. In order to authenticate documents, you need to get a good image. Some of that we can deal with that through software--image correction and some other techniques around making sure that we are getting the best image and ultimately presenting the best image to our authentication engines. Many of those challenges come down to the user; as an example, if you put your thumb over the hologram when you take a picture of the ID, it is going to make it a great deal more challenging for us to authenticate the document. Therefore, improving the image capture process is one of the big challenges. The second challenge is that not all IDs are created equal. There are many different kinds of security techniques such as watermarks, holograms, the use of fonts and positioning of fonts and we need to continue to improve our authentication techniques to take advantage of the various security techniques.
CEOCFO: How are you able to handle the diverse situations and do it quickly and correctly?
When we started Confirm in July of 2015, we actually bought an existing company called Advanced ID Detection, which has been in business for more than five years. One of the founders of Advanced ID Detection, Ted Kuklinski, a PhD in image processing from MIT, has spent basically the last 25 years building imaging processing based solutions to authenticate documents. He has a knowledge base about these documents that very few people have; in fact, he was one of the architects and patent holders for a lot of the technology being used by one of our partners MorphoTrust USA, which, among other things, is the market leader in document authentication systems targeting federal and state governments including administering the Passport Agency and TSA Pre-check’s document authentication systems and actually makes the government issues IDs for about 40 states. One of our big weapons here is that Ted and the members of our team have been doing document authentication for a long time. The second piece is because we bought a business with five years of operating history, where they built a large image library of documents that we are able to use to tune the system against the various documents that we need to authenticate. We maintain relationships with various government entities, where we get access to documents so we can incorporate document characteristics into our solution. The last thing is we have multiple authentication engines running inside the product. Those authentication engines are image processing based solutions where we have a massive development effort against developing specific authentication techniques that deal with all the different kinds of security features that are possible inside a document. We have our own authentication engine and we recently incorporated some technology into our product from MorphoTrust, a software company owned by a large, public French holding company called Safran. Because MorphoTrust makes the documents for about 40 states, they have intimate knowledge about the documents themselves and the blueprints behind those documents. In the states where MorphoTrust makes those documents, Confirm.io will run our engine and MorphoTrust’s engines simultaneously in order to deliver the best results.
CEOCFO: What is the business model?
You can access the product in two ways, either through an API or an SDK. Our customers are ultimately internet services or banks or any entity that has to enroll or authenticate a person online. We provide an SDK so our customer can incorporate our solution right into their product and build it right into their user experience—our authentication engine runs locally on our customer’s installed application. Or we have an API where somebody can send an image of a government issues ID through our API to our cloud service hosted on Amazon—our cloud service authenticates the document and then sends the decision back to our customer’s application. That is how somebody would use our technology. In either case, the image of the document is captured when our customer’s application requests a user to take a picture of their ID using their camera phone. The founders of Confirm.io are all internet folks so we built an internet-developer friendly set of tools that enable customers to quickly onboard what we do. The business model is some combination of SaaS plus a transactional model. In addition, there are a number of business processes that naturally follow after authenticating the document. For example, you might want to authenticate that the person whose mobile phone took the picture of the document is the same person on the document. In order to authenticate identity after authenticating the document, we have incorporated facial recognition technology MorphoTrust. We are also incorporating some technology from another party that does a device ID check--basically mapping the information that is located in your mobile phone that is unique to you and matching that to the name and address on the document. We are also in conversations around incorporating right into our API and SDK other business processes such as background checks and archiving. With our customer in mind, Confirm.io wants to enable as many critical business processes that naturally flow from document authentication right into our product so a customer only has to do one integration. Confirm.io will work with premium partners for these applications to give our customers the best solution for each application.
CEOCFO: What is the competitive landscape?
There are a few things that we do differently. First, there is a slew of folks out there whose historical business is building on-premise solutions; where they have some technology running locally on a PC sitting next to a dedicated document scanner where you insert your ID into that scanner for image capture and the solution would render a decision. Some of those folks have tried to launch mobile applications but these traditional document authentication solution providers do not understand how to build scalable software for a mobile cloud environment. It is nontrivial. Unlike Confirm where our people come from internet companies like Paypal, many of these traditional on-premise solution providers are not equipped to handle that kind of transactional volume. The other big difference is a lot of our competitors that are out there today are using the word authentication in a way that that we would not call true authentication. They may do optical character recognition (OCR) on a given person’s ID and then compare to the barcode on the back—and if they match, they claim that document has been authenticated. The reality is you can go order fake IDs from a number of internet services based in China where these services will send you back a document with a picture of yourself and a named/address on the front of the document that will match the barcode on the back of the document; a document that would be authenticated by most of our competitors. We obviously do not see this as true authentication. In addition, there are a few companies out there that are incorporating human beings into their process which has a couple of different problems. These solutions require a person to take a picture of themselves and of their government ID and upload the two documents that are sent digitally, often to a foreign company, where human beings compare the two images and decide whether the two pictures are the same person. First, this takes longer, a lot longer than the six seconds are solution takes—providing a less than compelling user experience for an individual trying to enroll for a service. Second, this process creates a privacy problem—an individual’s Personally Identifiable Information (PII) is now sitting on a server somewhere, again, often in a foreign country.
CEOCFO: What is your plan for the upcoming year?
You will see a number of announcements coming up. We started the company in July of 2015 and immediately completed the acquisition of Advanced ID Detection. We then had to repurpose AIDD’s image processing technology into a scalable mobile cloud solution—the API / SDK solution that we launched earlier this year and have been onboarding customers on. We have a robust pipeline right now and our first objective is to close more customers. The second objective is that we have this notion of expanding what we do beyond just document and multifactor identity authentication; more specifically, we are working with partners to incorporate additional methods of identity authentication; background checks, credit checks, archiving and digital signatures into our product. Those are the two big objectives. One of the largest competitors in the space, JUMIO, filed for bankruptcy a few weeks back. That is a big opportunity for us and we are getting a lot of calls right now from JUMIO customers.
CEOCFO: Final thoughts?
All of us today are doing more and more online than ever before. We are all frequently engaging in new kinds of relationships with people on the other side of a digital transaction that we do not know. The big takeaway here is our identity online is an asset and part of our personal currency. The companies that are out there providing these digital services / shared economy services to consumers need to take a greater level of responsibility in ensuring that their user base is protected and a big piece of that is authenticating identity. For these corporations, the heart of the matter is about protecting their brand and protecting their user base. There is growing evidence in the marketplace that there is substantial liability for internet services who do not follow best practices to protect their consumers.
For press inquiries please contact: