The Security Operations Agent for ID Verification leverages the advanced reasoning capabilities of the Qwen large model to provide offline in-depth risk analysis and high-risk device handling for face attack defense scenarios. This feature improves your risk identification and security.
Group risk: Identifies potential fraud rings in ID Verification face authentication.
Device risk: Identifies high-risk devices used in ID Verification face authentication.
Applicability
The Security Operations Agent applies to the following product solutions for face attack defense scenarios. Only App (SDK) integration is supported, and the Device Guard module must be fully integrated.
Product code
Description
Integration method
Supported regions
Provides a complete eKYC workflow, including global ID document OCR, liveness detection, and face-to-ID comparison to confirm the user's identity.
NoteSupports document types from multiple countries and regions worldwide.
Due to regional model limitations, the supported document types vary by region.
Singapore: Supports the document types in the Document Type List.
Indonesia (Jakarta): Supports only Indonesian ID cards and global passports (document type codes
IDN01001andGLB03002).Malaysia (Kuala Lumpur): Supports only Malaysian ID cards and global passports (document type codes
MYS01001andGLB03002).
App (SDK) + server-side
China (Hong Kong), Singapore, Indonesia (Jakarta), Malaysia (Kuala Lumpur)
Provides a complete eKYC workflow, including document OCR, liveness detection, and face-to-ID comparison to confirm the user's identity.
NoteSupports various document types from China, including the China (Hong Kong), Macao, and Taiwan regions.
App (SDK) + server-side
China (Hong Kong)
For document types verifiable against authoritative data sources, this solution lets users verify their identity with a face scan, eliminating the need to upload an ID document.
NoteApplicable to users in the Chinese mainland.
App (SDK) + server-side
China (Hong Kong)
Captures and analyzes the user's face and movements in real time. It uses the Qwen-VL model for in-depth analysis of spoofing risks to determine if the user is a real person.
App (SDK) + server-side
China (Hong Kong), Singapore, Indonesia (Jakarta), Malaysia (Kuala Lumpur)
Verifies that a user is a real person by analyzing their face and movements in real time. It compares the face against a database to confirm identity or prevent duplicates. If the verification is successful, the face is automatically added to a specified face database.
App (SDK) + server-side
China (Hong Kong)、Singapore, Indonesia (Jakarta), Malaysia (Kuala Lumpur)
Verifies that the user is a real person and compares their face against existing data to confirm their identity. This solution is ideal for secondary verification scenarios.
App (SDK) + server-side
China (Hong Kong)
Collects and reports device characteristics to the server for risk analysis.
App (SDK) + server-side
China (Hong Kong)
Collects characteristics of the device used for face scanning and performs in-depth analysis based on the Qwen large language model to detect device risks.
App (SDK) + server-side
China (Hong Kong), Singapore, Indonesia (Jakarta), US (Silicon Valley), Germany (Frankfurt), Malaysia (Kuala Lumpur)
The Security Operations Agent is only supported in the Singapore region. You can enable this feature by authorizing data synchronization to the Singapore region.
Procedure
Before you begin, ensure that you have activated the ID Verification service and have completed authentication records in the supported product solutions.
Go to the ID Verification console. In the left-side navigation pane, choose .
After you turn on the Auto Detection feature, you can filter records by conditions such as Scene ID or Verification Status.
Due to model task execution performance, we recommend that you check the Detailed Records tab the next day to identify potential risks. Evaluate these records against your business data to validate the risks. If a risk is confirmed, click Add to Blacklist in the Operating column for the target risk record to block the associated devices.