Identity & Compliance

Proof of Presence

Why identity verification is incomplete without location integrity. Anchor your KYC process to physical reality.

The KYC Gap: Identity vs. Presence

In the digital age, Know Your Customer (KYC) has become a standard requirement for Fintech, Crypto, and Neobanking. Most institutions have perfected the "Identity" half of the equation—verifying passports, drivers' licenses, and performing biometric liveness checks.

However, a critical gap remains: Presence. Knowing who the user is does not tell you where they are or if the device they are using is legitimate. Fraudsters now use stolen identities combined with residential proxies and emulators to "onboard" from sanctioned or restricted regions, creating massive regulatory liabilities.

Proof of Presence is the new frontier of compliance. It is the cryptographic assurance that a verified identity is physically present at a specific location, using a verified piece of hardware.

1. The Rise of Remote Onboarding Fraud

As financial services go global, the methods used to bypass jurisdictional gates have become highly industrialized:

  • Synthetic Identities: Combining real and fake information to create "new" users that pass standard credit and ID checks.
  • Mule Networks: Paying individuals in legal jurisdictions to "rent" their identities for onboarding.
  • Virtualization Attacks: Running banking apps on server-side emulators to bypass mobile-only security features.
  • Deepfake Biometrics: Using AI-generated video to bypass liveness checks during the ID verification process.

Identity checks alone cannot stop these attacks if the attacker is operating from a remote, high-risk region.

2. Why Location is the Ultimate Anchor

Physical location is the hardest signal to spoof effectively because it is tied to the laws of physics. While a digital identity can be stolen or cloned, a physical device's radio environment (WiFi, Cellular) and GPS signals create a unique "fingerprint" of reality.

By binding a KYC session to a Verified Physical Location, you create a "Jurisdictional Moat." If the identity is real, but the location is Nigeria while the user claims to be in London, the onboarding session is a 100% fraud match.

3. The Peabody Strategy: Biometric + Location Binding

Peabody Compliance enables institutions to implement Multi-Factor Onboarding. We anchor the identity verification process to three non-negotiable signals:

1. Cryptographic Device Attestation

Using Apple App Attest and Google Play Integrity, we prove that the onboarding app is running on a genuine physical device. This eliminates 99% of virtualization and emulator-based fraud.

2. Verified Radio Environment

Instead of trusting a self-reported IP, we perform a BSSID/WiFi Triangulation. We scan the local WiFi environment to prove physical presence. A fraudster in a data center has no WiFi environment; a fraudster using a proxy has a WiFi environment that doesn't match their IP.

3. Geofencing Enforcement

Instantly block onboarding from sanctioned countries, high-risk jurisdictions, or specific exclusion zones (like tribal lands or sports venues). Our sub-second API ensures that if a user moves into a restricted zone during the KYC process, the session is instantly invalidated.

4. The Hardened KYC Workflow

Integrating Peabody into your existing KYC flow (e.g., Onfido, Jumio, Persona) creates a hardened trust layer:

  1. Initiation: User starts the KYC process in your app.
  2. Signal Collection: The Peabody SDK collects hardware-backed location signals (GPS, WiFi, Cell Tower).
  3. Integrity Check: Peabody verifies the device is not rooted, jailbroken, or running a VPN.
  4. Binding: The Peabody session_token is sent to your KYC provider as a "Metadata" field.
  5. Verdict: Your server checks the Peabody verdict. If compliant: true and risk_score: < 60, the identity verification proceeds. Otherwise, the session is terminated before you spend money on the ID check.

5. Satisfying the Highest Regulatory Standards

Proof of Presence directly addresses the requirements of:

  • OFAC/Sanctions Compliance: Proving with mathematical certainty that you are not onboarding users from prohibited regions.
  • AML 5th & 6th Directives: Strengthening "Customer Due Diligence" (CDD) with multi-layered verification.
  • Travel Rule (Crypto): Ensuring that the origin of a transaction is tied to a verified physical location.

Conclusion: Identity is Not Enough

In a world of deepfakes and stolen data, identity has become a commodity. Reality is the only thing that cannot be easily faked.

By implementing **Proof of Presence** with Peabody Compliance, you move your platform from a "Trust but Verify" model to a "Zero-Trust Physical Reality" model.

Anchor your trust. Secure your growth. Get started with Peabody.