MobbScan, our innovative tool for digital onboarding through remote video identification, has successfully established itself as a market leader by being accredited and included in the Catalogue of Products and Services for Information and Communication Technology Security (CPSTIC). This recognition confirms that MobbScan meets the highest security requirements demanded by the National Cryptologic Centre (CCN) in the HIGH category of the National Security Framework (ENS).
The evaluation and certification of a security product or service in the IT sector are the only objective means to assess and accredit its ability to handle information securely. The tests conducted on our identity verification technology demonstrate that the security mechanisms implemented in the product are appropriate for safeguarding our clients’ information without compromising usability and user experience.
Our solution has revolutionized the way user identities are authenticated and verified online. Its capability to collect and validate personal information through the analysis of identity documents and subsequent biometric facial verification has proven to be a secure and reliable solution in different sectors, ranging from financial services to government and telecommunications.
Process of online video identification approved by the National Identification Center (CNN)
The remote video identification process begins with a thorough analysis of the user’s identity document. By using artificial intelligence technologies, MobbScan can determine the integrity of the presented data and detect possible fraud attempts, such as the use of copies or digital reproductions of the document. This provides a robust layer of security from the very beginning of the process.
Once the document has been verified, the technology comes into action with its advanced biometric engine. Facial recognition has become a fundamental tool to ensure that the person conducting the procedure is the legitimate owner of the document.
MobbScan’s biometric engine goes beyond simple facial feature comparison; it incorporates advanced technologies that detect and prevent impersonation attacks, such as the use of masks, screens, disguises, or deepfakes. This ensures that users cannot impersonate others during the video identification process.
Throughout the process, samples and evidences are securely stored temporarily. This allows an authorized agent to review and validate the information at a later time through a web portal. This assisted and asynchronous approach streamlines decision-making and provides greater flexibility for conducting verifications.
The technology has been validated by an internationally prestigious independent laboratory in the technology world, DEKRA. The laboratory conducted a detailed analysis to ensure the effectiveness and safety of our tool through active and passive PAD (Presentation Attack Detection) tests to assess our liveness detection technology (detecting identity impersonation attempts), automatic reading of data from both sides of the document, and analyzing the reliability and security of OCR to detect attacks.
If you still have doubts about the maze of certifications, requirements, and organizations mentioned so far, don’t worry! I encourage you to keep reading because in the following sections, we’ll break down all the details of the acronyms we’ve mentioned up to this point.
What is the National Security Scheme (ENS)?
In the current digital environment, information security is a critical aspect to ensure trust and protect data both for citizens and organizations. It is in this context that the National Security Scheme (ENS) emerges, a government initiative aimed at establishing a regulatory framework to guarantee information security in the scope of public administrations in Spain.
The ENS is configured as a fundamental tool to strengthen cybersecurity in the public sector, promoting the adoption of best practices and protective measures to help prevent and effectively respond to security incidents that may impact the confidentiality, integrity, and availability of information.
This scheme, defined in Royal Decree 311/2022, of May 3, which regulates the National Security Scheme in the scope of Electronic Administration, has as its main objective the protection of information systems used by public administrations and the entities that provide services to them. The ENS establishes the minimum security requirements that systems and services must meet to ensure the adequate protection of sensitive and confidential information.
One of the main characteristics of the National Security Scheme is its comprehensive approach, covering technical, organizational, and legal aspects. This implies that it not only focuses on technological measures but also considers risk management, staff training, contingency planning, and coordination among different entities.
Compliance with the ENS is mandatory for all entities in the public sector, including public bodies, autonomous and local administrations, as well as private entities that provide services to the Public Administration. These entities must adapt their systems and processes to ensure compliance with the requirements established in the scheme.
The fundamental security requirements (FSR) demanded for Video Identification Tools represent the minimum security capabilities that any product within this family must implement for a specific use case, regardless of the manufacturer and technology, in order to provide a minimum level of confidence and be objectively qualified, from a security perspective, to be used in the information systems of the public sector that fall under the scope of the National Security Scheme (ENS), for the HIGH and VERY HIGH security categories.
What is the National Cryptologic Center (CNN)?
The National Cryptologic Center (CCN), as the entity responsible for cybersecurity matters in Spain, plays a key role in the implementation and supervision of the National Security Scheme (ENS). This organization is in charge of providing advice and issuing recommendations on information security, as well as evaluating and certifying the solutions and products used within the scope of the ENS.
The National Security Scheme is periodically reviewed to adapt to new threats and challenges that arise in the field of cybersecurity. In this way, the goal is to maintain an optimal level of security and protection of information in the constantly evolving digital environment.
What is the CPSTIC and what is its purpose?
The Catalog of Products and Services of Information and Communication Technologies Security (CPSTIC) is a tool managed by the National Cryptologic Center (CCN) whose main purpose is to facilitate the identification, selection, and acquisition of solutions and products that meet the highest security standards in the field of Information and Communication Technologies (ICT).
The catalog contains an extensive list of cybersecurity products and services that have undergone rigorous testing and evaluations by the CCN.
What is LINCE certification?
LINCE certification is a recognition awarded to a product after undergoing a comprehensive security evaluation authorized by the National Cryptologic Center (CCN) in Spain. The CCN acts as an organization that verifies and endorses the security of the product. When a product receives the LINCE certification, it means that it has demonstrated to be secure and reliable in terms of protecting information and data. This certification is very important because it allows the product to be included in the Spanish STIC Products Catalog (Catálogo de Productos STIC), making it eligible for use in government and public sector information systems in Spain.
Mobbscan: Remote Video Identification with technology based on AI
The inclusion of MobbScan in the Catalog of Products and Services of Information and Communication Technologies Security (CPSTIC) is a recognition of its rigorous compliance with security and quality standards. The compliance with the HIGH category of the National Security Scheme (ENS) guarantees that MobbScan has undergone exhaustive testing and has successfully met the highest levels of cybersecurity requirements.
The benefits of MobbScan go beyond the security and reliability it provides. Implementing this tool also implies a significant improvement in the user experience, as individuals can complete procedures remotely and without complications. Additionally, organizations that adopt MobbScan enjoy increased operational efficiency by eliminating the need for in-person authentication processes and associated paperwork.
In fact, Trusted Qualified Service Providers (QTSPs) are required to use video identification tools included in CPSTIC that comply with the security requirements of the HIGH category of ENS for remote identification of individuals seeking to obtain an electronic certificate.
The future of remote video identification is closely linked to technologies like those offered by MobbScan. The continuous evolution of artificial intelligence and biometrics ensures that authentication tools remain robust and reliable against new security challenges and threats. MobbScan is at the forefront of this evolution, committed to innovation and excellence in protecting digital identities.
In conclusion, MobbScan has proven to be a leading solution in remote video identification that meets the highest security standards. Its inclusion in CPSTIC under the HIGH category of ENS supports its effectiveness and reliability.
Write to us if you want us to help you avoid fraud in your digital onboarding processes with MobbScan!
I am a Computer Engineer who loves Marketing, Communication and companies’ internationalization, tasks I’m developing as CMO at Mobbeel. I am loads of things, some good, many bad… I’m perfectly imperfect.
Download Mobbscan's Dossier for Digital Onboarding
- AML / KYC compliant.
- Improves user experience.
- Reduces abandonment rate during registration.
- Automates user verification.
- Prevents document and identity fraud.