eKYC and remote identity proofing: what do IAM teams need to know?

TL;DR: eKYC replaces paper-heavy customer verification with digital checks using biometrics, AI, OCR, and liveness detection, cutting onboarding from days to minutes while improving fraud detection and compliance, according to 1Kosmos. The governance challenge is not speed alone but whether identity proofing, privacy, and review controls keep pace with remote verification risk.

NHIMG editorial — based on content published by 1Kosmos: Key Lessons on eKYC identity verification and fraud prevention

By the numbers:

• 1Kosmos says its Verify capability supports over 150, countries.
• 1Kosmos says it detects spoofing or counterfeit credentials, with more than 99% accuracy.

Questions worth separating out

Q: How should organisations balance eKYC speed with identity assurance?

A: Treat speed as a service outcome, not the control objective.

Q: Why do remote identity proofing systems create privacy risk?

A: Because they often centralise sensitive identity artefacts such as document images, biometric templates, and validation logs.

Q: What breaks when eKYC is treated as a standalone onboarding tool?

A: Lifecycle governance breaks down.

Practitioner guidance

• Map proofing outputs to downstream assurance levels Define which eKYC outcomes allow account creation, which require additional review, and which only permit limited access until more evidence is collected.
• Test liveness and spoofing controls against realistic attack paths Validate facial replay, deepfake, document forgery, and synthetic identity scenarios in the same way you would test other identity attack paths.
• Minimise retention of proofing evidence Store only the identity artefacts needed for the required assurance level, separate proofing evidence from reusable identity records, and set deletion schedules that match regulatory need rather than convenience.

What's in the full article

1Kosmos's full article covers the operational detail this post intentionally leaves for the source:

• Step-by-step explanation of the four eKYC types and where each is typically used.
• Specific examples of document, biometric, video, and Aadhaar-based verification flows.
• Operational description of how OCR, liveness detection, and AI-driven checks fit into the onboarding sequence.
• The product discussion on privacy-by-design controls, including blockchain and zero-knowledge proof language.

👉 Read 1Kosmos's guide to eKYC identity proofing and fraud controls →

eKYC and remote identity proofing: what do IAM teams need to know?

Explore further

View Full Forum →  |  NHI Foundation Course →