Socure ID Verification

Socure offers several modules AddressRisk, AlertList, EmailRisk, PhoneRisk, AddressRisk, Fraud, KYC, and Social` for identity verification purposes.

You can pick and choose these modules when running verification workflows or running verification for an entity on our dashboard:

16001600

Requirements

In order to use ID verification, you must:

Available modules:

The modules are described below:

Module Name

Information

Reponse Example

Fraud

The ID+ Sigma Fraud Score (fraud) is a number between 0 and 1 that helps predict the probability that the identity being presented is fraudulent.
*A complete SigmaFraud integration requires calling the Device Risk module.

"fraud": { 
        "reasonCodes": [ 
            "I705",
            "I553",
            "I127",
            "I555",
            "I707"
        ],
        "scores": [
            {
                "name": "sigma",
                "version": "1.0",
                "score": 0.327
            }
        ]
}

Synthetic

The ID+ Sigma Synthetic Fraud Score (synthetic) is a number between 0 and 1 that helps predict the probability that the combinations of PII provided at input correspond to a fictitious person.

"synthetic":{
      "reasonCodes":[
         "I705",
         "I553",
         "I127",
         "I555",
         "I707"
      ],
      "scores":[
         {
            "name":"sigma synthetic",
            "version":"1.0",
            "score":0.327
         }
      ]
}

Email Risk

An Email Risk Score (emailrisk) provides a risk analysis of the email address based on predictors.
The Email Correlation Score indicates the connection strength between the email address and the identity presented.

"emailRisk": {
        "reasonCodes": [
            "I520",
            "I553",
            "I555"
        ],
        "score": 0.135
}

Phone Risk

A Phone Risk Score (phonerisk) provides a risk analysis of a phone number based on Socure's proprietary predictors. The optional Phone Correlation Score predicts how strongly the identity presented belongs to the phone number supplied.

"phoneRisk": {
        "reasonCodes": [
            "I610",
            "I626",
            "I609",
            "I620",
            "I611",
            "I614",
            "I630",
            "I618",
            "I602"
        ],
        "score": 0.122
}

Address Risk

An Address Risk Score (addressrisk) is calculated by analyzing predictors such as single or multi-unit designation and suspended mail activity.
The Address Correlation Score provides a score indicating how strongly the identity presented belongs to the address supplied.

"addressRisk": {
        "reasonCodes": [
            "I705",
            "I720",
            "I708",
            "I707"
        ],
        "score": 0.364
}

KYC

KYC (kyc) searches are sourced from data that is compliant with standards defined in the Drivers' Privacy Protection Act (DPPA) and Gramm-Leach-Bliley Act (GLBA).

"kyc": {
       "reasonCodes": [
           "I919",
       ],
       "fieldValidations": {
           "firstName": 0.99,
           "surName": 0.99,
           "streetAddress": 0.99,
           "city": 0.99,
           "state": 0.99,
           "zip": 0.99,
           "dob": 0.99,
           "ssn": 0.99,
       }
}

Alert List

Socure maintains an Alert List (alertlist) of known fraudulent users and specific identifying traits, as reported by Socure and its customers.

"alertList": {
  "reasonCodes": [
    "R111"
  ],
  "matches": [
    {
      "element": "ssn",
      "datasetName": "consortium",
      "reason": "Identity Fraud",
      "industryName": "Banking",
      "lastReportedDate": "2019-12-01"
    }
  ]
}

Depending on the module you select, some user entity information is required:

Socure Property

Unit21 Fields

CSV Field

Required

firstName

user_data.first_name

first_name

fraud, synthetic, emailrisk, addressrisk, kyc, social

surName

user_data.last_name

last_name

fraud, synthetic, emailrisk, addressrisk, kyc, social

nationalId

user_data.ssn

ssn

alertlist, kyc*

dob

user_data.date_of_birth

date_of_birth

kyc*

ipAddress

digital_data.ip_addresses

ip_address

email

communication_data.email_addresses

email

fraud*, synthetic*, emailrisk, social, alertlist

mobileNumber

communication_data.phone_numbers

phone_number

fraud*, synthetic*, phonerisk, alertlist

country

location_data.country

country

fraud, synthetic, emailrisk, phonerisk, addressrisk, kyc

state

location_data.state

state

fraud*, synthetic*, addressrisk, kyc*

city

location_data.city

city

fraud*, synthetic*, addressrisk, kyc*

zip

location_data.zip_code

zip_code

fraud*, synthetic*, addressrisk, kyc*

physicalAddress

location_data.building_number, location_data.street_name

street_address

fraud*, synthetic*, addressrisk, kyc*

  • means at least of of the parameters is required.

If an alert is generated via the workflow, you will receive the Socure response in the alert.

Sample Socure Response (Successful):

A successful API request that includes the Document Verification module will return objects that contain information about the document and a result:

There are 4 possible results:

  • SOCURE_ACCEPT
  • SOCURE_REJECT
  • SOCURE_IDENTIFICATION_CHECK
  • SOCURE_RESUBMIT

The results will appear in the response as well as the header of the alert:

16001600

Understanding the Raw Response

You can view the raw response in the alert:

The returned JSON response includes all relevant objects associated with the selected Risk Score.

Each module will include two objects: reasonCodes and score. Of note:

There is no limit to the number of codes that may be returned.
Expect anywhere from eight to fifteen codes per module.
All codes are four characters: one letter and three numbers.
For Risk Scores, the higher the number, the greater the element of risk.

For correlation score, use the score in conjunction with the reason codes when determining correlation. A general rule of thumb: the higher the score, the stronger the correlation. In Correlation Scores:

0.80 – 1.00: Very strong correlation; link confirmed by multiple data sources.
0.65 – 0.79: Strong correlation. Confirmed by at least one data source.
0.50 – 0.64: Weak correlation. Name or part of name linked to either email, address, or phone.
0.20 – 0.49: Link cannot be determined. ID+ was unable to find information to indicate if the information is linked. Correlation status is unknown.
0 – 0.19: Disconnected identity elements. Data sources suggest the email, phone, or address is linked with a different name.

Email Risk Response

"nameEmailCorrelation": {
    "reasonCodes": [
        "I557",
        "I556",
        "I558"
    ],
    "score": 0.9959
},
"emailRisk": {
    "reasonCodes": [
        "I520",
        "I553",
        "I556",
        "I555"
    ],
    "score": 0.008
}

Synthetic and Fraud Response

The Synthetic Fraud Score (synthetic) is a number between 0 and 1 that helps predict the probability that the combinations of PII provided at input correspond to a fictitious person.

The Sigma Fraud Score (fraud) is a number between 0 and 1 that helps predict the probability that the identity being presented is fraudulent.

Larger scores indicate higher risk.

With standardized scores, Socure maps the Raw Score from the machine learning models to a three-decimal number (0.001 to 0.999). This number is directly equivalent to a percentile risk and can be easily interpreted without knowledge of current Raw Score thresholds. With Standardized Scores, 0.990 always represents the top 1% of the riskiest applicants (0.980 represents the top 2%, 0.950 the top 5%, etc.).

The JSON response for Fraud Score contains two nodes: reasonCodes and scores.

The reasonCodes node contains all reason codes associated with the score:

  • Socure recommends decisions based on score, not reason codes, as the reasons have already been factored into the score.
  • There is no set limit to the number of Reason Codes that may be returned.
  • In general, expect eight to fifteen codes per module.
  • All codes are four characters: one letter and three numbers.
  • Codes are designed to explain how the module reached the score.

The score node lists the name, version, and score. If using multiple models, each will have a node. Score contains:

  • name: The name of the model mapped to the account.
  • version: Version of the model.
  • score: The fraud score. Normalized scores are four digits with three decimal places. The value will be between 0.001 and 0.999.
"fraud": {
    "reasonCodes": [
        "I705",
        "I553",
        "I127",
        "I555",
        "I707"
    ],
    "scores": [
        {
            "name": "sigma",
            "version": "1.0",
            "score": 0.327
        }
    ]
},
"synthetic":{
    "reasonCodes":[
       "I705",
       "I553",
       "I127",
       "I555",
       "I707"
    ],
    "scores":[
       {
          "name":"sigma synthetic",
          "version":"1.0",
          "score":0.327
       }
    ]
}

KYC Response

KYC searches are sourced from data that is compliant with standards defined in the Drivers' Privacy Protection Act (DPPA) and Gramm-Leach-Bliley Act (GLBA). Summaries of results are presented in the reasonCodes object as explanatory variables of the identity.

The fieldValidation object contains the KYC element match results indicating a correlation between that element and the identity.

"kyc": {
    "reasonCodes": [
        "I919",
    ],
    "fieldValidations": {
        "firstName": 0.99,
        "surName": 0.99,
        "streetAddress": 0.99,
        "city": 0.99,
        "state": 0.99,
        "zip": 0.99,
        "dob": 0.99,
        "ssn": 0.99,
    }
}

Alert List Match Results

The alertlist module returns several JSON values with a successful match:

  • reasonCodes: This can be populated with one or more relevant reason codes for Alert List matches. If there is no match, this array will be empty.
  • matches: This array contains all matching elements, including related information, on all available Alert List datasets.
  • element: The specific submitted data parameter where a match was found.
  • datasetName: The name of the dataset used; consortium is Socure's proprietary data set. Others are available, and may be selected during integration.
  • reason: Reason for the inclusion on the Alert List. A reason can be one of the following: Chargeback Fraud or Identity Fraud.
  • industryName: The business or industry type performing the Alert Listing.
  • lastReportedDate: When the most recent Alert List entry was made for that matched element.
"alertList": {
    "reasonCodes": [
        "R111"
    ],
    "matches": [
        {
            "element": "ssn",
            "datasetName": "consortium",
            "reason": "Identity Fraud",
            "industryName": "Banking",
            "lastReportedDate": "2019-12-01"
        }
    ]
}

Did this page help you?