What does Identy.io do?
Identy.io provides mobile biometric authentication, for secure and user-friendly identity verification, enabling government and corporate customers to grow operations with cost-effective solutions.
Every day, organizations face two critical questions about the people they serve:
- Who are you? — For the billion-plus people worldwide who lack any form of legal identity and can’t open a bank account, access healthcare, or prove who they are.
- Are you really you? — For the billions more who already have an identity but need protection from account takeovers, synthetic identity fraud, and deepfake attacks.
Traditional solutions fail both groups. Biometric systems require expensive hardware, constant connectivity, and centralized databases—infrastructure that doesn’t exist in most of the world. Meanwhile, digital fraud has become sophisticated enough to bypass passwords, OTPs, and even basic facial recognition.
We built Identy.io to solve both problems with the same technology—turning any smartphone into a trusted identity terminal.
Mission
To guarantee identity with mobile touchless biometrics. We believe your identity should be verifiable anywhere—and fraud-proof everywhere. In a bank branch in São Paulo, a refugee camp in Mauritania, or a border crossing with no internet. Using only a standard smartphone camera, we make that possible.
Vision
A world where secure, privacy-preserving identity verification is accessible to everyone, everywhere—while keeping digital fraud at bay.
No special hardware. No constant connectivity. No centralized databases holding your most sensitive data. Just your face, your fingerprint, and the phone in your pocket—working to both prove who you are and protect you from those who would pretend to be you.
Our Core Values
Privacy by Design
Biometric data never leaves the user’s device. We process everything on-device because you shouldn’t have to choose between security and privacy.
Uncompromised Accuracy
Our technology maintains the same performance standards whether running in the cloud or entirely offline. NIST-validated, lab-certified, field-proven.
Biometrics for Good
From helping banks onboard the unbanked to supporting NGOs combating human trafficking—and protecting existing customers from deepfake attacks—we measure success by the lives we help protect and the fraud we help prevent.
Relentless Innovation
Over 200 patents. More than 25 biometric innovations from our CTO alone. We don’t license technology—we build it from scratch.
What we do
Identy.io offers a one-stop solution for end-to-end identity verification using mobile biometrics. Our platform is built on three pillars that define how we approach every product and every deployment:
1. Mobile capture
Everything captured from the smartphone.
Our mobile SDKs transform any standard smartphone into a biometric capture device—no specialized hardware required. Face, fingerprint, and palm biometrics are captured using only the device camera, with AI-powered quality controls ensuring interoperability with government and enterprise systems.
- Face SDK: Passive liveness detection with deepfake and injection attack protection. Zero attack acceptance in DHS RIVR evaluation.
- Finger SDK: 10-finger touchless capture without scanner hardware. NIST PFT III evaluated.
- Palm SDK: Touchless palmprint recognition for high-accuracy scenarios and latent analysis.
- Document verification: OCR with NFC chip reading for secure identity document processing.
On-device matching keeps biometric data on the user’s phone. Quality and interoperability controls ensure captured images work with any third-party matcher or government database.
2. Match & identify
Deduplicate. Verify. Scale.
Identy.io ABIS is a face, fingerprint, and iris platform for fast and accurate biometric identification at scale. Built for applications like national ID issuance, KYC, border control, and criminal investigations.
Face + fingerprint deduplication across millions of records 1:1 verification and 1:N identification Latent matching for forensic and law enforcement applications Civil and criminal applications with full lifecycle management NIST FRVT, MINEX III, and PFT III evaluated
3. Issue & reuse
Issue once. Verify anywhere.
Identy.io Digital Wallet allows for the issuance, storage, and verification of digital verifiable credentials with on-device identification, ensuring privacy.
- ID Wallet: Stores government IDs, educational certificates, loyalty cards. Supports W3C Verifiable Credentials and ISO/IEC 18013-5 (mDL) standards. Selective disclosure lets users share only necessary attributes.
- BioCode: PKI-encrypted digital ID container with multimodal facial and fingerprint biometrics. Works offline. Can be embedded in QR codes, smartcards, or transmitted via NFC/Bluetooth — even printed on documents while remaining secure.
Our Story
Identy.io was founded in 2017 by Jesús Aragón and Antony Vendhan in Delaware, with engineering operations in Bengaluru, India.
Jesús had spent two decades in mobile technology and cybersecurity—including co-founding the FIDO Alliance with Agnitio and taking Audience Inc. through an IPO. Antony came from 20 years building engineering teams in Silicon Valley, including early infrastructure work at Netflix and Hadoop development at Yahoo.
They saw the same problem from different angles: traditional identity verification was failing billions of people who needed it, while failing to protect billions more from increasingly sophisticated fraud.
The first years focused on R&D. By 2019, Identy.io earned FIDO UAF certification for touchless fingerprint capture—a first for the industry. In 2021, NIST selected our technology as the winner of Phase 1 of their Mobile Fingerprint Innovation Challenge.
What followed was steady expansion: banking deployments in Latin America, partnerships with humanitarian organizations, inclusion in the MOSIP digital ID marketplace, and in 2025, top performance in the DHS RIVR evaluation with zero attack acceptance across all presentation attack classes.
Today, our technology has processed over 1 billion verifications. We operate across five continents, with offices in the US, Spain, Brazil, Mexico, Colombia, Bolivia, Dominican Republic, India, Kenya, and Nigeria.
Defense-in-depth architecture
Traditional liveness detection worked. Until AI learned to lie.
Liveness detection alone is not enough anymore. Deepfakes respond to liveness challenges—they blink, turn, follow instructions—because there’s a live attacker behind them controlling the synthetic face in real-time. Identy.io’s architecture assumes any single layer can be bypassed, so we built three independent defenses:
- Passive PAD (Presentation Attack Detection): Stops physical spoofs—printed photos, screens, silicone masks, 3D-printed faces. Sub-second verification, invisible to users.
- Injection attack prevention: Validates camera, device, and code integrity. Ensures video originates from a genuine device camera, not emulators or virtual cameras.
- AI-driven deepfake detection: Visual and temporal analysis identifies artifacts humans miss—skin texture gradients, lighting anomalies, micro-expression timing inconsistencies.
If one defense fails, the others catch it. This is the architecture that achieved zero attack acceptance in the DHS RIVR 2025 evaluation across all presentation attack classes.
Digital Public Infrastructure
The flexibility to start centralized, go decentralized, or stay hybrid—without replacing your authentication layer.
Most DPI vendors force governments into a false choice: centralized systems (strong fraud prevention, but privacy concerns) or decentralized systems (strong privacy, but weak deduplication). We eliminate this false choice.
Identy.io’s hybrid architecture delivers both simultaneously. Daily authentication (1:1 matching) happens entirely on-device—templates never leave the citizen’s smartphone, works completely offline. For high-risk scenarios like initial enrollment or fraud pattern detection, citizens explicitly authorize comparison against central ABIS (1:N matching).
Our component architecture ensures no vendor lock-in. Governments choose their DPI platform (MOSIP, proprietary, or any other), their wallet (Identy.io, third-party, or custom), and their timeline.
We provide the biometric authentication layer—capture, matching, and presentation attack detection—that works with any identity ecosystem.
Standards compliance: FIDO Alliance member, MOSIP Marketplace certified partner, W3C VC & DIDs compatible, ISO/IEC 30107-3 Level 2 PAD certified.
Certifications & validations
Our technology is validated by the world’s most rigorous testing bodies. We distinguish between independently audited certifications, government evaluations, and design conformity standards:
Certifications
Independently audited by accredited third parties.
| Certification | Issuing Body | Status |
|---|---|---|
| ISO 9001:2015 | Bureau Veritas | ES-QU-0068/2024 – Jul 2027 |
| ISO/IEC 27001:2022 | Bureau Veritas | ES-SI-0068/2024 – Jul 2027 |
| ISO/IEC 30107-3 L1 & L2 PAD (Face SDK) | iBeta (NIST/NVLAP) | 0 penetrations – Oct 2025 |
| ISO/IEC 30107-3 L1 & L2 PAD (Finger SDK) | IDIAP Research Institute | 0% FA / 0% FR |
| FIDO UAF Level 1 | FIDO Alliance | Certified – Android & iOS |
| MOSIP Marketplace | MOSIP | Certified partner |
Government & independent evaluations
Comparative benchmarks administered by government agencies. Not certifications—performance rankings that update continuously.
| Evaluation | Administering Body | Result |
|---|---|---|
| DHS RIVR 2025 Track 3 | DHS S&T / NIST | Top performer – All PAD classes |
| NIST PFT III (Fingerprint) | NIST | Active – Top 10 all categories |
| NIST FRVT / FRTE (Face) | NIST | Active evaluation |
| NIST MINEX III (Fingerprint) | NIST | Active evaluation |
Regulatory compliance by design: GDPR (privacy by design with on-device processing), PSD2 SCA (Strong Customer Authentication), KYC/AML financial compliance frameworks.
Industries we serve
Our technology protects identities across sectors where accuracy, privacy, and accessibility matter most
Government & Public Sector
National ID programs, voter registration, border security, law enforcement, and eGovernment services.
Banking & Financial Services
Digital onboarding, KYC compliance, transaction authentication, and fraud prevention.
Telecommunications
SIM registration, subscriber verification, and mobile account security.
Humanitarian Organizations
Identity verification for refugee assistance, aid distribution, and anti-trafficking operations.
Law enforcement
Criminal investigations, latent fingerprint matching, suspect identification, and border security operations.
Healthcare
Patient identification, medical records access, and pharmaceutical authentication.
Leadership Team
Jesús Aragón
CEO & Co-Founder
Deep-tech entrepreneur with 20+ years scaling technology ventures through IPOs and acquisitions.
Antony Vendhan
Co-FounderSilicon Valley engineer who built scalable infrastructure at Netflix and Yahoo; over 1B verifications processed.
Linkedin profile
Marta García Gomar
CTO
20+ years in biometrics; 25+ patents; Women in Biometrics Award 2021.
Andrés Alvargonzález
Chief Marketing OfficerStrategic marketing leader driving Identy.io’s global brand positioning and market expansion.
Linkedin profile
Javier Castaño
Chief Financial Officer
Serial deep-tech entrepreneur and co-founder with two successful exits to Nasdaq-listed companies.
Matus Kapusta
Product Director
Product leader overseeing Identy.io’s ABIS product development and roadmap.
