This section provides an overview of the classification of threats related to document authenticity and verification. It outlines the different types of threats, including those in scope and out of scope for the requirements document. The document covers various categories of threats, including counterfeit, forgery/tampering, digital tampering, physical tampering, expired or invalidated documents, similarity fraud, technical/security attacks, procedural attacks, facial liveness attacks, presentation attacks, injection attacks, deepfakes, face morphs, and document liveness. Let’s delve into each of these categories:

1. Counterfeit:

• Counterfeit documents refer to attempts, whether digital or physical, to reproduce genuine documents outside the issuing authority. This includes complete fabrications, fantasy or camouflage documents, specimen documents, and physical reproductions. Counterfeit detection testing is within scope.

2. Forgery/Tampering:

• Forged documents involve changes made to an existing genuine document. This includes alterations to variable information, insertion or replacement of applicant photos, and removal of information, whether digitally or physically. Photocopies and scanned images of tampered documents are considered fraudulent and within scope.

3. Digital Tampering:

• Digital tampering involves manipulating captured images of documents, such as changing text, images, portrait, or adding boxes and altering background printing. This form of tampering is in scope.

4. Physical Tampering:

• Physical tampering refers to physical alterations or reproductions of identity documents. Testing for identity documents that have undergone physical tampering is currently out of scope, pending legal constraints.

5. Expired or Invalidated Document:

• Fraudulent document tests may include genuine documents that have expired or been invalidated. This is within scope.

6. Similarity Fraud:

• Similarity fraud involves mismatching the user in front of the camera with the ID document. This type of fraud is within scope but will be covered in a separate requirements document.

7. Technical/Security Attack:

• Technical or security attacks, including those on encryption or backend systems, are out of scope for this document.

8. Procedural:

• Procedural attacks relate to the identification procedure itself, such as timing attacks or card swapping during the process. Testing for procedural attacks is out of scope.

9. Facial Liveness:

• Facial liveness attacks are focused on the liveness detection of the user and will be covered in a separate Face Verification Requirements Document.

10. Presentation Attack:

• Presentation attacks target the biometric data capture subsystem with the aim of interfering with the biometric system. This is in scope.

11. Injection Attack:

• Injection attacks involve inserting false data to bypass the biometric capture module and are covered in a separate Face Verification Requirements Document.

12. Deepfake:

• Deepfakes involve AI technologies like GANs or RNNs to create fraudulent media representations, which can be detected through presentation attack detection. Injection attacks that may involve deepfakes are addressed separately.

13. Face Morph:

• Face morphs involve creating a face image as a combination of two individuals, typically as part of identity document tampering.

14. Document Liveness:

• Document liveness refers to the presence of the original physical document, and this is currently out of scope.

The document emphasizes the importance of distinguishing between genuine documents and tampered or fraudulent ones and provides guidance on the testing procedures for each category of threat. The scope and coverage of threats are well-defined, ensuring a comprehensive approach to document authenticity verification.