<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1611884&amp;fmt=gif">

Credential Policy

Effective January 1, 2026

1. Overview

This Credential Policy (CrP) outlines the policies for operating Vouched's IAL2-compliant system.

1.1 Company Background

Vouched is an AI-driven Identity Verification technology platform. We are headquartered in Seattle, Washington. We are a 100% remote workforce with employees and talent worldwide.

1.1.1 Services Provided

Vouched provides identity verification services from visual reviews of face and documents to data checks for various industries from consumer medicine to financial services to automotive. Our technology ensures that all identities are verified using authoritative sources, from government-issued documents to official databases.

In addition, Vouched offers a social security number validation for financial institutions, taxpayer identification number validation, anti-money laundering checks and re-verification service.

Vouched offers only unsupervised identity proofing services, meaning that all proofing is completed remotely.


1.2 Service Administration

This report is administered by Vouched, and has been reviewed by Vouched’s Product and Finance teams to ensure accuracy.

1.3 Terminology

In this document, we will refer to the following terminology:

      • The Customer: The direct client of Vouched that integrates the identity verification flow into their onboarding process
      • The Applicant: The end user who is asked to prove their identity
      • VIDV: Visual Identity Verification - Vouched’s process for verifying the identity of the applicant
      • Authoritative Source: The recognized, accurate, and current source of truth against which applicant data is verified.

2. Responsibilities Toward Publication

Vouched SHALL publish this CrP such that it is available to members of the intended consumer community before they are required to commit to signing-up to being a subject of the policy.

3. Enrollment and Identity Proofing Policies

3.1 Enrollment Policies

3.1.1 Enrollment

Applicants MUST utilize an electronic device, such as a smartphone or computer, to complete an unsupervised enrollment with Vouched. An enrollment link will be sent to a validated phone number and the Applicant will use this link to begin the IDV process. Vouched’s IDV workflow requires the submission of all requisite evidence via the electronic device to achieve successful IDV verification.

3.1.2. Applicant Responsibilities

          1. Applicants SHALL agree to the End User Privacy Statement and Biometric Privacy Notice  prior to entering the identity verification workflow.

          2. Applicants SHALL agree to provide Vouched access to their device camera upon beginning verification.


3.1.3 CSP Enrollment Responsibilities

          1. Vouched IDV shall operate with an FMR [ISO/IEC 2382-37] of 1 in 1000 or better.

          2. This FMR SHALL be achieved under conditions of a conformant attack (i.e., zero-effort impostor attempt) as defined in ISO/IEC 30107-1.

          3. Testing of presentation attack resistance SHALL be in accordance with Clause 12 of ISO/IEC 30107-3.

          4. The biometric system shall not allow repeated attempts following an IDV failure.

          5. Vouched IDV MUST NOT be utilized to assess the suitability or entitlement of the Applicant for any benefits or services. Vouched’s responsibility is strictly limited to providing the Customer (Vouched's client) with a determination regarding the Applicant’s asserted identity.

3.1.4 Enrollment Failures

Applicants are limited to a single identity verification attempt; if rejected, no second attempt will be granted. However, Customers retain the right to override the decisions made by our models.

3.2 Identity Proofing Policies

3.2.1 Children Under 18

Vouched complies with CCPA and GDPR, which prohibit processing of personal data of a child without parental/guardian consent.

3.2.2 Minimum Collection of PII

Vouched SHALL limit the collection of PII to the minimum necessary to verify the claimed identity of the Applicant. The information directly provided by the Applicant may include:

 

          • Full Name
          • Email Address
          • Date of Birth
          • Physical Address
          • Phone Number
          • Government ID
          • Social Security Number
          • Taxpayer Identification Number

Vouched may also use standard tracking technologies to collect device information and frequency of interaction with our Services and may also collect facial or video images.

Vouched SHALL retain the collected information unless otherwise specified by the Customer’s retention policy or applicable legislation.

3.2.3 Evidence Collected from Applicants

Vouched SHALL verify the applicant’s identity by collecting one of the following government-issued documents:

          • US Driver’s License or State ID (from state covered by Driver's License Verification)
          • Mobile Drivers License
          • Passport Card or Passport