Session Intelligence in Identity Verification: The New Reality?
Biometric authentication is widely considered a mature technology, yet real-world deployments still face hidden operational issues that standard metrics often miss.
In this interview, Anton Sinkov, Head of R&D at 3DiVi BAF, discusses why conventional evaluation approaches are insufficient and how session-level analysis can reveal system behavior that remains invisible in typical metric-based monitoring.
Facial biometric authentication has been widely deployed for more than a decade. It appears to be a mature technology. Why does implementation still present challenges?
ANTON SINKOV: The maturity of a technology is not the same as the maturity of its operation. Face matching algorithms and anti-spoofing mechanisms (detection of cases when a photo, video, or mask is used instead of a live face to pass identity verification) have indeed become very accurate.
But when it comes to how systems work in real customer environments – how they are monitored and how their behavior is tracked over time – little has changed in recent years.
Today, most digital identity systems are structured similarly. They make a decision based on biometrics and provide a set of metrics used to evaluate that decision.
For example, APCER – when the system allows a photo, video, or mask instead of a real person; BPCER – when the system makes a mistake and rejects a genuine user.
Sometimes conversion is also added – the percentage of people who successfully pass verification.
If metric indicators remain within expected values, the system is considered to be functioning correctly. But this is a very simplified representation of reality.
Why do metrics within normal ranges not guarantee that a biometric authentication system works correctly?
ANTON SINKOV: Metrics show only what the system already knows how to measure. They do not show where it makes systematic errors, how its behavior changes over time, or what risks accumulate during operation.
Everything outside this measurement snapshot remains unobserved. Such an approach creates a sense of control without providing true operational visibility.
As a result, almost all implementations lack a separate layer – a monitoring layer that analyzes the system after pass / fail decisions have been made.
For example, during a specific period the primary risk may be unrelated to attacks but instead caused by a high level of false rejections due to facial image quality issues.
At the same time, anti-spoofing metrics remain normal. From the perspective of standard evaluation, the system appears to function correctly, while in reality it is losing users.
Another common scenario involves subtle changes in capture conditions –for example, at a single device within a large network of KYC terminals.
Installing a bright advertising screen in the background may cause captured faces to appear darker and fail quality assessment.
Although the system requires recalibration, aggregated metrics show only a slight increase in BPCER and do not signal a local problem.
This sounds like an issue specific to certain implementations rather than the industry as a whole.
ANTON SINKOV: I would disagree. This is a structural feature of how the market operates. The vendor supplies the algorithm and its metrics.
The customer observes dashboards. The integrator configures registration and authorization flows.
None of them, by default, performs regular analysis of how the system behaves dynamically over time. It is not anyone’s fault – this function simply does not exist as a separate layer in the market.
What does it actually take to close this gap in real deployments?
ANTON SINKOV: We formalized this approach within our biometric authentication platform for KYC and digital onboarding by introducing a dedicated analytical layer, which we conditionally call Session Intelligence.
The idea is to analyze not only aggregated metrics but also user sessions.
Within this approach, regular post-analysis of samples of real user registration and authentication attempts is conducted.
We examine rejection reasons, evaluate the operation of individual modules, identify attacks, and record changes in system behavior.
It is precisely at this level that phenomena begin to appear that are completely absent from standard telemetry.
What does session-level analysis expose that standard metrics consistently miss?
ANTON SINKOV: It becomes possible to detect systematic errors in the algorithms used that affect conversion and user experience. For example, in certain cases, specific image quality checks (such as detecting glasses on a face) may reject valid data.
Another category includes errors without an obvious cause, which is normal for such systems if they remain within expected quality indicators.
These cases should be analyzed separately, common error patterns identified, and adjustments made to the system or algorithms.
There are also situations where an image contains no visible problems, yet the system still rejects the photo. Such cases indicate internal instability.
Attacks also manifest differently compared to aggregated indicators. They may be present and successfully blocked, but without post-analysis their frequency, recurrence, and pattern evolution remain invisible.
A separate layer involves environmental impact. Lighting, camera positioning, and configuration of individual checks directly affect results.
These factors are not included in standard evaluation but often determine overall system behavior.
All these observations share one characteristic — they exist only at the session level.
Session Intelligence formalizes this level into a regular monitoring process.
What does the output of this monitoring layer look like for an enterprise client?
ANTON SINKOV: Formally, this takes the form of a monthly report. It documents current metrics, identified risks, examples of attacks, error analysis, and recommendations.
But the main value is not the report itself as a document — it is the ability to observe the system dynamically.
Importantly, this layer does not affect the user journey: it does not require manual verification, does not increase onboarding time, and does not involve operational resources on the customer’s side.
The analysis is performed asynchronously on already accumulated data and complements the decision-making system.
To summarize: What fundamentally changes for organizations once this layer is introduced?
ANTON SINKOV: The very nature of interaction with the system changes. Without this layer, the system is a black box with “good” metrics.
With it, organizations gain the ability to analyze behavior over time and identify risks that are not visible at the dashboard level.
This represents a transition from evaluating a system by individual indicators to observing its real behavior during operation.
Build secure digital identity with 3DiVi BAF — biometric identity verification platform for banks, fintechs, and government services.