All blog articles
Business January 15, 2026

How we build our AI models

profile picture Matt Prendergast 5 min read
An image of a woman holding a driving licence in one hand and her mobile phone in another.

At Yoti, AI is not a general-purpose experiment. Instead, it is a set of purpose-built tools embedded directly into our identity, authentication and age verification products, designed to deliver secure decisions quickly while not collecting or processing unnecessary data.

Rather than using large, general-purpose AI systems, we build and deploy small, specialised models that each solve a clearly defined problem. This approach gives our customers stronger security, better privacy outcomes, faster performance and greater confidence in how decisions are made.

 

How do our AI-based checks work?

At Yoti, our approach is to use multiple models to perform very specific tasks, accurately. For example, an identity verification check would typically consist of four distinct steps, each powered by its own dedicated model:

  1. Data extraction – reading data from the identity document or an NFC chip read
  2. Document authentication – checking the identity document is not tampered with or a fake
  3. Face matching – confirming the user’s face matches that of the document owner
  4. Liveness detection – ensuring the user is a real person, not a bot, deepfake or presentation attack

Together, these four steps run in seconds to produce a report and recommended outcome depending on a customer’s risk appetite, without collecting or processing more data than necessary.

Similarly, a facial age estimation check consists of three checks:

  1. Age estimation – assessing the user’s age
  2. Liveness detection – ensuring the user is a real person, not a bot, presentation attack or deepfake
  3. Secure Image Capture (SICAP) – detecting injection attacks (ensuring the image used is genuine and captured live from the device camera)

These checks typically happen in under a second and return a simple yes/no outcome about whether the user is above or below a particular age threshold (like ‘over 18’) – with no personal information shared.

 

What are the benefits to this approach?

Since our solutions are modular, businesses have the option to use only the steps relevant to their specific use case:

  • A dating platform may only have a requirement for face matching to match users’ faces to their profile pictures.
  • A bank may only require liveness checks as part of a wider multi-factor authentication (MFA) flow for high-value transactions.

Even within a single check, multiple models often run in parallel. For example, a Yoti MyFace Liveness detection – also known as Presentation Attack Detection (PAD) – check can use over 10 individual models, each analysing different elements of an image to build an overall confidence score.

This layered approach helps avoid reliance on any single model. If one signal is inconclusive, others can still provide strong evidence. For instance, where one model may return a negative result, the rest can return a positive one. This leads to greater resilience against spoofing, bots and deepfakes. Examples of these checks include:

  • Light refraction analysis – helping to detect masks or printed images
  • 3D background inference from 2D imagery – helping identify uploaded or printed images

From extensive internal testing, independent evaluations and real-world deployment, this approach consistently improves the accuracy and robustness of checks.

 

Why use this approach to AI?

This modular approach means we can rapidly update, optimise or replace individual models when we identify new attack vectors. This means we can respond quickly, allowing for continuous improvement to our models. It’s a flexible framework that scales across industries, from retail terminals to financial online systems.

We process millions of checks every week, operate independent testing programmes and run an ethical hacker bounty scheme. This creates a real-world feedback loop. When new threats appear, we see them early and can develop and deploy technology to combat those threats.  

Finally, it means our models are efficient. Processing time is extremely quick – typically under a second. The processing power required is very low and, importantly, model size can be configured to be small enough to run entirely on-device. That could be a mobile phone, self-checkout terminal or a vending machine. This means checks can work offline and can ensure that personal data doesn’t need to leave the device. Yoti face matching and liveness detection is already used on device for Yoti Digital ID to enable offline capability.

Every model we deploy undergoes bias, fairness and accessibility testing. Across all of our products, we focus on minimising personal data processing and collecting only what’s necessary for the check being performed.

In short, our approach to AI is about building the right models, for the right checks, in the right products. This helps to deliver secure, privacy-preserving checks for you and your users – protecting you and your customers from fraud.

— Matt, B2B Marketing Director

Keep reading

One phone scanning the qr code on the screen of another
Articles February 26, 2026

Digital ID for proof of age is coming. Here’s how to check it properly.

Millions of people are already using digital IDs to prove their age and identity, share their verified details with others or take more control over their personal data, all without needing a physical document.  Soon, they’ll also be able to use them as proof of age when buying alcohol in licensed premises in the UK (once the mandatory licensing conditions are updated). This includes pubs, bars, restaurants, nightclubs and supermarkets. That’s a big shift in how age-restricted sales work and it’s why having a fast, reliable and low-friction way to check IDs matters for your business.    How businesses

#digital id #business
Amba Karsondas Amba Karsondas
8 min read
person using phone
Articles February 26, 2026

Updates to the UK MLRs have just changed the game for digital identity

For years, the UK has talked about digital identity as the key to faster onboarding, reduced fraud, better customer experiences, and stronger compliance. And yet, in much of regulated industry, the day-to-day reality has barely shifted. Why? Because compliance culture doesn’t move on optimism. It moves on defensible certainty. Until now, most compliance officers have been understandably risk-averse. Not because they dislike digital identity, but because they know what happens when a control fails: remediation programmes, supervisory challenge, awkward audit findings and reputational consequences.  Even when the Joint Money Laundering Steering Group (JMLSG) referenced digital identity in June 2020,

#digital id #business
Julie Dawson Julie Dawson
8 min read
An image showing that Yoti is certified as an Identity Service Provider (IDSP), Attribute Service Provider (ASP), Orchestration Service Provider (OSP) and Holding Service Provider (HSP).
Articles February 23, 2026

More ways to use and accept Digital IDs in the UK

We’ve hit an important milestone in our journey to make our trusted and accessible digital IDs easier to use in the UK.  Yoti has achieved Gamma (v0.4) certification under the UK Digital Identity and Attributes Trust Framework (UKDIATF). In practice, that means we’re now certified across four key roles: Identity Service Provider (IDSP) Attribute Service Provider (ASP) Holding Service Provider (HSP) Orchestration Service Provider (OSP) It confirms that Yoti meets the UK Government’s highest standards for secure, trusted digital identity services. It also means that we’re ready to support everyday use cases, like accessing age-restricted services and buying alcohol,

#digital id #business
Yoti Yoti
6 min read