Integrate AwareID’s Identity Verification plugin into your WordPress environment for robust, multi-layered security. Our solution verifies user identities using AI-powered facial biometrics and document authentication, ensuring compliance and fraud prevention from login to checkout. Tailored to meet your specific business requirements, AwareID provides account protection while maintaining a seamless, frictionless experience for your users.
Designed for WooCommerce implementations that demand high-security identity verification, this plugin uses biometric technology to ensure that only verified individuals can complete purchases.
AwareID (https://www.aware.com/biometric-identity-management-as-a-service/) integrates seamlessly with WooCommerce, offering:
Create customizable workflows, intuitive point-and-click configuration, and advanced biometric security settings. This plugin empowers you to tailor verification processes to align with your specific business needs, ensuring safe and compliant transactions.
Trusted by Industry Leaders: Our technology safeguards critical systems for clients such as NASA, government agencies, and over 150 law enforcement agencies worldwide.
30 Years of Trusted Innovation: Established over three decades ago, Aware has been a trusted leader in biometric security, relied upon by top organizations globally.
In-House Expertise, Developed in the USA: All solutions are developed by Aware’s expert team in the United States, ensuring the highest standards of quality, security, and innovation.
Before installing the plugin, ensure you meet the following requirements:
– An active WooCommerce installation on your WordPress site.
– An active AwareID account with appropriate credentials.
Please reach out to Aware or email us (sales@aware.com) if you have not registered with our organization for biometric authentication. This is crucial as the plugin will not be able to operate without an AwareID login.
To set up the plugin, configure it with your AwareID account details to enable authentication requests.
Note: This section will detail configuration of AwareID into WooCommerce only and will serve to make sure your WordPress site can connect to AwareID to authenticate consumers when configured. When you become an Aware customer, your Customer Onboarding includes configuration of the AwareID product to meet your use case and business objectives. This is a critical step to receiving successful authentication results and should be done prior to configuring AwareID on your WordPress site.
Once you are logged into your AwareID Admin Account, navigate to the AwareID Settings Panel, then to the WordPress Admin section. On this menu page, please input the following details:
Through the AwareID Settings panel, you can configure:
This section provides specific details about the integration points where our plugin communicates with external services, particularly the AwareID SaaS platform. Understanding these points will help users ensure compliance with relevant legal and data protection standards.
Purpose: Utilizes OpenID Connect protocol to authenticate users securely by generating JSON Web Tokens (JWTs). This method verifies user identities with high integrity.
Endpoint Usage: The plugin constructs $openid_url for token generation, essential for user sessions:
Examples:
$openid_url = $awareIDConfig[‘domain’] . ‘auth/realms/’ . $awareIDConfig[‘realm’] . ‘/protocol/openid-connect/token’
$openid_url = $domain . ‘auth/realms/’ . $realm . ‘/protocol/openid-connect/token’;
Security Note: URLs and realm identifiers are set during configuration to ensure custom, secure environments per customer.
This plugin uses a hybrid architecture, combining WordPress functionality with external services and client-side components for enhanced security and performance. It relies on the following third-party services and libraries:
Server-Side Processing:
AwareID (Managed by Final Customers)
This plugin utilizes AwareID, a SaaS platform developed by Aware, Inc., which facilitates bbiometric verification. Below, you’ll find general details about Aware, Inc. and a note on the AwareID platform’s specific usage.
Purpose: AwareID is used to accurately and securely process biometrics including face, document, voice, and device profiling.
General Website: https://aware.com/
General Terms of Service: https://www.aware.com/terms-and-conditions/
General Privacy Policy: https://www.aware.com/dataprivacy/
– Note: The specific terms of service and privacy policies for AwareID services are managed and provided by each Aware Business Client. Users of this plugin must consult the specific AwareID environment managed by the service provider they are interacting with to review applicable terms and privacy policies.
GeoCode Earth
Purpose: Used for geofencing functionality to determine user location.
Website: https://geocode.earth/
Terms of Service: https://geocode.earth/terms/
Privacy Policy: https://geocode.earth/privacy/
IPInfo.io
Purpose: Used as a fallback for geolocation when HTML5 geolocation is unavailable or denied.
Website: https://ipinfo.io/
Terms of Service: https://ipinfo.io/terms-of-service
Privacy Policy: https://ipinfo.io/privacy-policy
Client-Side Components:
KnomiWeb (Non-GPL)
Purpose: Used for face capture during the biometric verification process.
Hosting: Hosted on Aware Inc.’s CDN
License: Proprietary (non-GPL)
Note: This library is loaded from our CDN and is not included in the plugin files.
Regula Document Reader SDK (Non-GPL)
Purpose: Used for document capture and verification during the authentication process.
License: Proprietary (non-GPL)
Website: https://regulaforensics.com/products/document-reader-sdk/
This architecture allows us to leverage secure cloud processing while maintaining the responsiveness needed for biometric capture and initial verification.
We are committed to transparency in our use of biometric authentication:
Consent: Clear user consent is required before any biometric data is collected in most jurisdictions. The Aware Business Client is required to obtain these consents from consumers in advance of biometric data collection and ensure users are fully informed about the data collection process before they proceed.
Core Functionality: Biometric verification is an integral part of this plugin’s security measures. Users who do not wish to use biometric verification should not install or should uninstall this plugin.
Data Deletion: Users can request complete deletion of their biometric data by contacting the site administrator.
Transparency: We provide clear information about data collection, processing, and storage practices in our privacy policy.
For technical support or further assistance, please contact support@aware.com.
Our plugin facilitates the secure authentication process by connecting your WordPress site with AwareID’s backend services. It’s important to note that this plugin does not store sensitive data itself:
Important Note: Important Note: As the site administrator and as the Aware Business Client, you are responsible for ensuring that your use of AwareID services, including data handling and retention policies, complies with relevant regulations such as GDPR and CCPA. Please review your internal policies and procedures to ensure appropriate consult with your specific AwareID service provider for details on their data handling practices and to set up appropriate privacy policies for your users.