Skip to main content
FACE AUTH is an add-on service that immediately verifies whether a user is the same person by comparing the selfie (Reference) from a Submission ID obtained from existing eKYC with the user’s latest selfie (Target). You can complete re-authentication with just one selfie without a separate complex process.

Representative Use Cases

Since identity can be re-verified with just one selfie without a password or authentication code, you can enhance security while reducing user friction.

Device Change

Used by financial institutions as a re-authentication means to reduce account theft risk during device change·number change.

Re-authentication on Anomaly Detection

ATO Prevention - Apply access block/release policies with additional face authentication when high-risk login, overseas access, or bulk attempts are detected.

Regular Identity Re-verification

Periodic KYC Refresh - Used as a periodic same-person verification procedure in high-value services·regulated industries.

Password Loss/Information Change

Insert as identity verification step before important account changes such as password reset, payment method·contact change.

Operation Method (3-Step)

1

Prerequisite

An approved Submission from eKYC must exist. (Reference)
2

Process

Call Add-On URL (including pid + Submission ID) → Take selfie
When entering from desktop, QR is displayed → Continue shooting on mobile.
3

Judgment/Storage

Automatic comparison of registered vs verified → Results are stored in dashboard as Auth ID (submission).
Key Checks
  • Approved Submission ID must exist. (Reference)
  • FACE AUTH URL must be encrypted for security when used.
  • Threshold·liveness·occlusion (mask/helmet/hat, etc.) policies can be controlled through project options.

Benefits of FACE AUTH

BenefitDescription
Fast Re-authenticationComplete with just one selfie without re-shooting ID
Security EnhancementProtect accounts as an additional factor alongside password·OTP
Policy FlexibilityDetailed settings by situation such as face match threshold, liveness, occlusion blocking
Simple IntegrationOperates as an add-on dependent on existing eKYC project, maintaining operational consistency

Project Creation and Settings

To use FACE AUTH, first create an Add-On project in the dashboard and set policies (threshold·liveness·occlusion).

Step 1: Create Add-On Project

Select Add-On menu → ‘Create Project’ in the dashboard to create a new FACE AUTH project. Dependency connection with eKYC project is formed immediately upon creation, and Add-On URL and API key are automatically mapped. 
Path: Dashboard > Add-On > Create Project
Add-On project creation screen

Screen before project creation

Add-On project creation screen

Screen after project creation

Step 2: Project Information Settings

Specify project name·logo in the settings screen, and set button/URL to move to after authentication submission completion.
Add-On project creation screen

Project information settings screen

Setting ItemDescription
Project NameDisplayed as title on authentication start screen
Project StatusService (Normal Operation) / Closed (Authentication Disabled)
Add on LogoDisplayed at top of first authentication screen (ARGOS logo displayed if not set)
Return URLURL where user is redirected after authentication completion

Step 3: Policy (Threshold) Settings

Thresholds are more lenient when lower, stricter when higher. Adjust step by step to match service risk·UX goals.
Add-On project creation screen

Project policy settings screen

Policy ItemDescriptionRecommended Value
Face Authentication ThresholdCriteria for judging if same person as eKYC approved user’s face98 points
LivenessDetermines if shot selfie is of an actual living person (Passive/Active)70 points
Face OcclusionChecks if face is not occluded by other objects during authentication-
Face occlusion and face occlusion threshold cannot be used simultaneously.
Special Environment Options:
  • Head Occlusion Threshold: Environments requiring safety helmet (bike, construction site, etc.)
  • Face Occlusion Threshold: Environments requiring mask (hospital, construction site, etc.)

Step 4: Add-On URL Parameters and Encryption Settings

Required parameters must be registered to use FACE AUTH URL. Required Parameters:
ParameterDescription
pidAdd-On project ID (included in URL path/parameters)
sideKYC Submission ID (Add-On authentication possible only in approved status, encryption required)
URL Pattern Example: 
...?pid={ADDON_PID}&encrypted={encrypted}
In the encrypted statement, use Submission ID as sid and Token ID as token.

Token Expiration Condition Settings

You can configure limited access control through Token ID.
Add-On project creation screen

Project token settings screen

Expiration ConditionDescription
Usage-based ExpirationExpire the Token ID when token is used once
Time-based ExpirationMeasure time from when token is used once and expire Token ID
Expiration triggering condition is when “Start” button is clicked on the first FACE AUTH screen.

Providing to Users

FACE AUTH can be provided in two ways.

Operation Verification (Smoke Test)

  • Whether authentication screen appears when Add-On URL is called with approved submissionId
  • Whether QR display and mobile transition are natural when entering from PC
  • Whether results are stored·queried as Add-On submission (Auth ID) after shooting
Add-On project creation screen

Normal authentication screen and error screen when sid is used incorrectly

AUTH ID - Authentication Result Verification

Auth ID refers to one result (submission) of FACE AUTH (add-on). Same-person judgment comparing registered copy (face approved from eKYC previously) with this selfie (verified copy), applied policy snapshot, and processing timeline are recorded together.

View Results in Dashboard

Dashboard > Add-On (FACE AUTH) Project > Submission (Auth ID) List > Detail View
Information viewable in list screen:
  • Time
  • AUTH ID (TARGET)
  • Submission ID (Reference)
  • Status
Information viewable in detail screen:
  • Policy snapshot
  • Score/threshold
  • Liveness·occlusion results
  • Comparison images
  • Logs
Auth ID dashboard of Add-On project

Auth ID dashboard of Add-On project

Auth ID Detail Information

FieldDescription
Authentication IDUnique identifier for the submission
Submission IDPreviously approved submission referenced as comparison target during submission
StatusDisplays authentication result as Approved, Rejected
PolicyProject options applied when the submission was processed
FACE SimilaritySimilarity between selfie images measured during authentication
LivenessLiveness score of submitted selfie
Face OccludedResult judging if face is occluded as Pass / Fail
Reference information prioritizes Selfie comparison, and if Selfie is not available, calls ID portrait as secondary for comparison.
Auth ID dashboard of Add-On project

Auth ID detail screen of Add-On project

Real-time Integration via Webhook

When FACE AUTH is completed and final results are available, results are automatically sent to the Webhook URL registered in the existing ID Check project. Trigger type: "faceAuth" 
{
  "webhook_trigger": "faceAuth",
  "Authentication_id": "AUTH_...",
  "data": {
    "Submission_id": "SUB_...",
    "Auth_Status": "approved | rejected",
    "Create_Time": "UTC+0",
    "User_id": "optional",
    "cf1": "optional",
    "cf2": "optional",
    "cf3": "optional",
    "reference": {
      "userid": "optional",
      "email": "optional",
      "cf": { "cf1": "optional", "cf2": "optional", "cf3": "optional" }
    }
  }
}
Implementation Checklist
  • ✅ Register Webhook URL (project unit) and confirm receipt with 2xx response
  • ✅ Duplicate receipt prevention: Check duplicates based on Authentication_id
  • ✅ Timezone processing: Create_Time(UTC+0) → Convert to internal standard time if needed
  • ✅ Key mapping: Map to internal users/requests with Submission_id, User_id, cf1~3
  • ✅ Audit logging: Store original payload and routing results together
Administrators can read operation-friendly through dashboard, and development teams can automate systems via webhook simultaneously. Consistently view status·score·policy·timeline by Auth ID unit, and immediately connect to internal system flow using Authentication_id/Submission_id from webhook.

Checklist for Quick Adoption

1

Create Project

Create FACE AUTH project in Dashboard → Add-On.
2

Set Policy Values

Set face match threshold / liveness / occlusion blocking (ON/OFF).
3

Obtain eKYC Approved Submission

Approved eKYC Submission to use as Reference is required.
4

Design Call

Include pid + Submission ID in Add-On URL (consider desktop→QR→mobile flow)
5

Result Verification Routine

Monitor Auth ID (submission) status·policy·comparison results in dashboard.

Operation Tips

  • Start policy initial values somewhat conservatively → Gradually tune thresholds while viewing actual service data
  • Monitoring Metrics: Re-authentication success rate, drop-off rate, average authentication time, risk event blocking rate, reset/change completion rate
  • UX Design: If desktop entry rate is high, clearly guide QR transition flow, and provide minimal text authentication guide for mobile users

Add-On API Overview

View complete overview of Add-On service.

POST/Face Auth API

Learn how to integrate FACE AUTH via API.

FACE AUTH Webhook

Learn how to receive FACE AUTH results via webhook.

Encryption Guide

Learn URL encryption methods.