Platform

Our Platform

Tim Brown

Tim Brown

Email : tim.brown@prove.com
Slack : tbrown
Our Platform
Our vision, mission and valuesOur platform superpowersProve M/L (Prove Identity Network®)Market NeedsThe Prove TokenWhy create a Token?How is a token issued?How is a token revoked?Token CensusLexiconStandard ConfigurationPhone Fraud TableConsumer Control

Our vision, mission and values

Prove is the world’s largest network of reusable identities, with over 350M cryptographic keys bound to over 186M reusable identities under management as of Q2 2022. Businesses use Prove to modernize how they acquire and engage customers in order to enable the highest pass rates with the least amount of fraud. Consumers choose Prove to remove friction and secure their digital transactions.

Vision

  • Our vision is to accelerate digital trust and foster equitable inclusion in the digital economy
  • We believe that security, privacy and control do not need to be compromised to make digital transactions easy to use and accessible

Mission

  • To modernize how businesses acquire, engage and enable consumers in order to enable the highest pass rates, with the least amount of fraud.
  • To have 3 Billion+ reusable identity tokens under management by the end of 2024

Values

  • We are innovators that lead the industry
  • We have strong intellectual curiosity
  • We go above and beyond for ourselves and our clients
  • We win as a team
  • We demonstrate respect for all and lead with humility
  • We value empowerment

Our platform superpowers

  • World’s largest network of reusable identities
  • 186 Million reusable identities
  • 90% US adult coverage
  • One tenth of the fraud vs. legacy fraud platforms (3 bps vs. 30bps)
  • 20 Billion events ingested in 2021: continually improving accuracy
  • Passively authenticate with just a phone number
  • 90% user opt-in to Prove Pre-Fill® due to low friction - no doc scanning, app download required

Industry's most comprehensive and accurate trust engine

1

Lowest Friction

  • 90% of consumers opt-in to our friction-free experiences
  • 3 basis points of fraud delivered by ProveML allow us to pass 98% of all transactions

2

Broadest Coverage & Highest Accuracy

  • 90% of US adults can immediately be issued a high assurance identity token
  • 8+ countries covered in 2022
  • 3 billion tokens issued globally by 2025

3

The most complete platform

  • An identity graph that enables the ingestion of other risk platforms (RBAs) to be the industry's most comprehensive and accurate trust engine for people, places and devices
  • Eliminates the need for other vendors

Prove M/L (Prove Identity Network®)

Prove's Machine Learning Approach to Enable Cryptographic Authentication

Executive Summary

As the global shift to transact digitally accelerates, rates of fraud continue to rise to unprecedented levels. In 2020, $28.6 billion was lost to card fraud alone. Over the next ten years, it is estimated that the card and mobile payment industry will suffer fraud losses totaling $408.5 billion[1]. Rates of fraud continue to escalate despite an acute awareness of the issue across industries, substantial investments in fraud loss prevention, and a robust ecosystem of fraud prevention vendors.

While sub-optimal, industry players have had little choice but to accept fraud loss as a cost of doing business. Risk-Based Authentication (RBA) solutions currently employed have helped combat fraud losses, but their current efficacy is insufficient and will continue to degrade for three key reasons:

  • As more transactions become digital, there will be both a greater volume of transactions and a larger pool of money in aggregate that is at-risk. The shift toward digital transactions as the primary way of conducting business gives bad actors both more opportunities and greater incentives. After congress raced to make hundreds of billions of dollars worth of Pandemic Unemployment Assistance payments available, for example, fraudsters quickly followed suit and siphoned off an estimated $87 billion dollars[2].
  • Persistent data breaches and the ease of finding leaked PII records online makes it easier than ever for bad actors to assert victims’ correct information. From 2010-2020, there were more than 10,000 data breaches reported in the US with more than 1.4 billion records leaked[3].
  • Companies are competing heavily on user experience during customer onboarding and authentication and those that are not capable of minimizing friction while preventing fraud will lose out. According to a survey of 184 US financial institutions, new deposit account opening abandonment is over 50% and for lending products, it is even higher[4].

Prove’s solution to overcoming the inherent limitations of RBA is two-fold:

  • First, Prove incorporates cryptography as a key component to authentication. Leveraging cryptography as the source-of-truth allows financial institutions, companies, and governments to trust that the data asserted by users is actually true. Phone numbers provide a ubiquitous way of using cryptography via SIM-card authentication and the biometric sensors on the device.
  • Secondly, Prove uses machine learning and authenticated data to prove that the cryptographic key really belongs to the legitimate consumer and that the key is currently being held by the consumer - providing dynamic Assurance Levels and Trust Scores.

Prove’s solutions are able to increase pass rates by up to 20% while holding fraud rates steady when compared to pure data-based solutions. Companies that fail to adapt a system that leverages a strong cryptographic truth, combined with advanced machine learning techniques processing diverse signals will continue the trend of spending more on fraud while either experiencing higher fraud losses, being forced to introduce more friction or both.

Prove's Machine Learning Approach to Enable Cryptographic Authentication

Read the Document

Market Needs

Prove Solution

Market Need

Prove Pre-Fill (P1-P3)

Enabling 1-click customer onboarding

Prove Identity (i2)

Boosting auto-approval rates for KYC compliance by reducing false positives and synthetics

Prove Fonebook (F1-F4)

Reduce friction in high risk digital servicing transactions and receive real-time alerts for identity change events.

Prove Auth (A1, A2)

Reduce reliance on OTP and passwords

Prove Auth (FIDO)

Seamless 360 degree omni-channel authentication

Prove Payments (SRC)

Enabling 1-click checkout for merchant guest checkout

Prove Payments (PANs)

Passive payment credential verification

Prove Payments (AOA)

Passive DDA credential verification and chargeback prevention

M-Commerce Pre-Fill
and Presto

1-click merchant sign-up (PII + payment credentials)

KYB

Fast merchant onboarding

Our Reusable Identity - The Prove Token

Our reusable identities are called “Prove Tokens” (or Token for short). Prove is the issuing source and they are digital credentials that can be leveraged by verified consumers to prove their identity at participating relying parties (our customers). We currently allow consumers to do this via solutions like Prove Pre-Fill® and Prove Identity®.

Our tokens are issued to specific consumer identities using cryptographic keys such as those on SIM cards and FIDO keys.

This is powerful concept, as we are linking a high-quality consumer identity with a physical device that can be used to securely assert that identity as part of a digital user experience. Not only that, but because the Token is issued by Prove, we can confirm its authenticity as well as capture the transaction as behavior that allows us to deliver high assurance, privacy-first experiences for the consumer across the platform.

We’ll now describe the two immutable sides of the Token; the consumer identity and the cryptographic key.


The Consumer Identity

An identity represents a single individual and is created through a process called Entity Resolution. When a solution needs to leverage the PII behind an identity (for instance in order to Prove Pre-Fill® a form), we reach out to KYC-quality sources of data - this is exactly the type and quality of data used for onboarding new bank customers in regulated environments.

As of Q1 2022, PIN has over 178 million consumer identities under management.

As of Q1 2022, PIN has tracked over 346 million unique cryptographic keys.

Cryptographic keys

SIM MNO

A 'cryptographic key' refers to a unique key, the authenticity of which can be confirmed digitally using cryptographically secure methods.

Prove Tokens have two types of keys:

  • A single Issuing key
  • 0 or more Bound keys

An Issuing key is the key used when a token is first bound to a device (see "First Seen Phones" in our Standard Configuration) - currently the only issuing keys are SIM cards and eSIMs but eventually we could offer Tokens issued directly to more anonymous keys such as FIDO keys or even someone's Gait.

Bound keys are alternative keys that have been bound to the token in the same session that an issuing key has been presented. Bound keys can be used in place of the issuing key to remove friction from future user experiences. A FIDO key tied to a FaceID on the iPhone is a current example of a bound key.

Using a SIM card as the issuing key is especially powerful for the following reasons:

  1. The SIM card is tied to a phone number, which is a portable identifier that is taken from device to device and allows us to tie the same token to different devices.
  2. The phone number is a common language that allows us to cross-reference with third-party data sources to accelerate the assurance level of that token.

Read up on our binding process in the Standard Configuration presentation here.


Why a Token?

By issuing and maintaining a Token we can help consumers securely and frictionlessly prove their identity across our platform, in a privacy preserving manner. Allowing consumers to use the same Prove Token across the platform, at many different relying parties enables us to remove friction by adding other passive layers of authentication (see Assurance Level).

Our Prove Tokens sit within the context of their own local ecosystem of other tokens. It can be important to visualize this ecosystem so that we can understand how the certain insights are extracted from the network.

A credit bureau in the USA, keyed on the Social Security Number, logs the use of a credit file and the trade lines against it. The Prove Token is an anonymous version of this but the critical difference is that our data is consented and only included if the consumer has been part of the transaction - in practice this means that the consumer has presented their cryptographic key (i.e. the SIM-card or FIDO key) before the token is used.


Issuing a new token

When Prove first sees a phone number associated with an identity, we create and begin to persist a new Token. The Token becomes 'issued' as soon as Prove has seen the phone number bound to its associated SIM card as part of a cryptographic possession check.

For example; Prove may have seen an assertion (potentially verified by a third-party) that John Doe owns phone number +1 (555) 123-4567 in 2017. This would become the Token's creation date.

In 2019, that same token was bound to a phone device using the SIM card to cryptographically present the associated key (we do this using the ProveAuth® as part of the Standard Configuration). This event date becomes the Token's issue dateProven Tenure and the time since this date is the Proven Tenure.


Revoking a token

A token can be revoked for a number of reasons;

  • Prove sees that the primary SIM-based identity disconnected
  • The consumer identity connected to the token has been marked as deceased in our data sources
  • The token has been confirmed as a synthetic identity

A revoked token will have an Assurance Level of -1 (read more about this in the Assurance Level section).

Token Census

Lexicon

Assurance Levels (AL)

A measure applied to every token, representing how strongly connected an individual is with a cryptographic key. The Assurance Level is presented as an integer between -1 and 3. -1 represents a revoked token, whereas 3 is highly accurate. In documentation, Assurance Levels are often denoted as: AL-1, AL0, AL1, AL2, AL3.

An example of a question we can answer right now: is this the customer’s primary phone number?

Biometric sensors

Biometrics are the biological measurements or physical characteristics that can be used to identify individuals. Biometric sensors are the hardware that can capture and report on these measurements or characteristics.

Cryptographic Key

A cryptographic key is a string of characters used within an algorithm for altering data so that it appears random. Like a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it. The K or Ki key stored on a SIM card is one example of a key, the private key stored on the phone of a FIDO key/pair is another example.

Cryptographic keys are powerful because their authenticity can be confirmed remotely and quickly.

Data Partner

A data partner is a company that processes and stores consumer data. Prove accesses this data to enrich its algorithms like Trust Score® and Assurance Level. An example of a data partner would be a credit reporting agency/bureau, which Prove uses to access the underlying data required to perform a Prove Pre-Fill® transaction.

Over time, as our tokens are proven to be better sources of identity for most use cases, the need to source the underlying PII from our data partners will reduce.

In building PIN without the underlying PII, we avoid creating a honeypot of data for hackers.

Data Partner ID

The unique ID created at a Data Partner to represent a single consumer profile.

Device Binding

Binding is a process whereby our reusable identity tokens are securely associated with and stored on a physical device. Think about when you log in to your banking app and then enable FaceID for login, this is a binding process, of your bank account and the device.

Entity Resolution

The process of taking a disparate set of data points (such as PII) and using rules and logic to determine which groups of data points represent a single individual. We use our data partners to perform this process, storing their own output ID.

FIDO Key

Fast IDentity Online (FIDO) refers to a set of open authentication standards that enable a service provider to implement passwordless authentication. FIDO2 is the latest version of the standard.

First Look

Authentication will eventually proceed login, sign-up and settlement. Relying Parties of the Prove platform have the opportunity to offer service (or financing) first using our authenticated identity tokens.

Gait

An individual’s manner of walking can be described as their “gait”. Prove can use proprietary machine learning algorithms with the motion signals available from your phone to offer authentication that doesn’t require any explicit user action, with comparable biometric strength to an individual's fingerprint.

Identity Graph

A database that creates linkages between all attributes that are associated with an individual.

Usage: Prove’s identity graph (which we call PIN) drives iteratively better answers to who is represented by our reusable identities driven by signals such as phone number, IP and email address usage.
Each of Prove’s solutions are already driven by the data in PIN and as PIN evolves our solutions will become even more intelligent and powerful.

Issuing Source

The foundational provider of an identity. Prove is an issuing source of the Prove Token much like the DMV is the issuing source for a driver's license in the US. Much like the DMV will carry identity proofing before issuing a driver’s license, Prove also performs this process prior to issuance.

Line Types

Phone numbers are attached to devices; if you dial an active phone number a device somewhere will ring! There are various types of devices, the most common being a mobile phone, but there are others such as landlines (devices that are physically connected to the telephone network using copper wires) and Voice Over IP/VoIP (Google Voice or Skype are both vendors of these line types).

Machine Learning

Machine learning is the study of computer algorithms that can improve automatically through experience and by the use of data.

National ID

A unique ID issued to an individual by a governing authority (the ‘issuing source’) for the purposes of work, taxation, government benefits, health care, and other governmentally-related functions. An example of a National ID in the United States of America is the Social Security Number (SSN).

Phone Number 

Phone numbers provide a rich source of information about a consumer’s identity. The tenure of a phone line, event history, frequency of usage, location, and usage behavior provides comprehensive insights into the consumer’s digital footprint. Since these signals are generated over a long period, they lend credibility to a consumer’s identity. Attributes associated with the phone number can then be paired with device information and data from other authoritative sources to enhance the efficacy and accuracy of identity verification and authentication.

PII

Personally Identifiable Information refers generally to any data that can be used to identify an individual. This typically includes names, addresses, national IDs but different jurisdictions define this in different ways.

Privacy Preserving

When systems and processes are privacy preserving, they are designed in a way that shares only specific user-approved data to known relying parties.

Prove Identity® ID

Prove’s unique ID to represent a single consumer. Each Prove Identity® ID links to one or more Data Partner IDs. Storing more than one source of Data Partner ID for each persona ID gives our data graph resiliency as well as the ability to onboard new customers using their preferred vendor ID without sharing PII.

Proven Tenure 

The amount of time since a Prove Token first reached AL2+.  A token that has a longer Proven Tenure is less likely to be associated with a synthetic identity.

Prove Token

The Prove Token (or simply Token for short) is a tokenized identity credential representing a single consumer and presented using a cryptographic key (i.e. a SIM card). All data in the Prove Identity Network is related to a token.

Relying Party

An entity that relies on the validity of an issued identity credential. Prove customers are our relying parties.

Reusable Identity

Providing consumers with data mobility and control of their digital identity requires the creation and use of a single immutable token that is accepted wherever a user interacts digitally; this is a reusable identity.

The Prove Token is our reusable identity.

Risk-Based Authentication (RBA)

Risk-based Authentication is a method of applying varying levels of stringency to authentication processes based on the likelihood that access to a given system could result in its being compromised. As the level of risk increases, the authentication process becomes more comprehensive and restrictive.

SIM Card

A SIM (Subscriber Identity Module) card is a small physical card containing an integrated circuit that is issued by a mobile network operator and placed in a cell phone by the consumer. The purpose of the SIM is to identify the specific phone subscriber on the cellular network, allowing a user to receive phone calls and SMS. eSIMs are non-physical versions of SIM cards that can be downloaded to a device over-the-air.

Because every SIM/eSIM maintains a cryptographically secure connection to the issuing source (the MNO), they can serve as a powerful source-of-truth during the authentication process.

Tokenization

Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the critical information about the data without compromising its security. The vital part of this process is its ability to make any important data unreachable by use of the token alone.

Central to PIN is our persistent consumer identity token called the Prove Token.


Trust Score® 

Scorecard that measures the trustworthiness of a phone number utilizing velocity, tenure, and behavioral risk in the range of 0 to 1000. Trust Score® is offered as part of the Prove Identity® solution.

Trust Score+

Where available, Trust Score+ builds upon Trust Score®, incorporating additional signals such as SIM swap to evaluate the trustworthiness of the phone number.

Verified Attributes

Valuable attributes that Prove has verified are associated with the token based reusable identity (e.g. date of birth, email etc.). For example, once a token has been identified Prove can fetch a verified Vantage score for the individual.

Standard Configuration

The standard configuration is the optimal design for businesses to use Prove's products and solutions to verify their consumer. It is designed to reduce friction for the optimal consumer experience with the highest pass rates and lowest amount of fraud.

Phone Fraud Table

The Phone Fraud Table details Prove’s insights into some of the most common trends bad actors use across many industries and channels. While not all scenarios described in the Phone Fraud table are included in Prove’s Standard Configuration, the information is available for educational and risk-reducing purposes. Also included in the Phone Fraud table are the impacts to fraud as well as valid customers, which are updated bi-annually, so that clients may make informed decisions when considering implementing items from the Phone Fraud Table.

Consumer Control

Resources
Prove Identity Network®Standard ConfigurationChannel PartnersWhy Prove?Consumer Identity Is BrokenPhone Fraud TablePatents Compliance & SLAs
Privacy PolicyExercise Your RightsDo Not Sell My InformationStatement on Combating Modern Slavery
©Prove Identity, Inc. All Rights Reserved. Proprietary & Confidential.