DSA's Impact on Online Identity Verification

Increased AccountabilityThe DSA mandates greater transparency and accountability from online platforms, requiring them to know their business users and, in some cases, individual users, to combat illegal content and disinformation effectively.

New Verification DemandsPlatforms must implement reliable identity verification processes, especially for traders and certain types of content creators, to comply with DSA articles like Article 30 and Article 28(1).

Privacy-Preserving SolutionsCompliance requires balancing robust verification with user privacy, pushing platforms towards solutions that minimize data collection while maximizing accuracy, such as Didit's Age Estimation and secure ID Verification.

Didit's Modular ApproachDidit provides an AI-native, modular identity verification platform with Free Core KYC, enabling platforms to easily integrate DSA-compliant checks like ID Verification, Passive & Active Liveness, and AML Screening without setup fees.

Understanding the Digital Services Act (DSA)

The European Union's Digital Services Act (DSA) is a landmark piece of legislation designed to create a safer, more transparent, and accountable online environment. Applicable to all online platforms offering services in the EU, regardless of where they are established, the DSA introduces a wide range of obligations. A significant aspect of these obligations revolves around user identity and the need for platforms to verify who they are interacting with. This is particularly crucial for platforms hosting user-generated content, e-commerce marketplaces, and social media.

The primary goal of the DSA is to combat illegal content, disinformation, and illicit goods online. To achieve this, platforms are now required to implement due diligence processes for their business users (traders) and, in certain contexts, for individual users. For instance, Article 30 of the DSA specifically addresses the need for online marketplaces to verify the identity of traders selling goods or services to consumers. This includes collecting and verifying information such as name, address, telephone number, and payment account details. While not always requiring full identity verification for every end-user, the DSA's emphasis on transparency and accountability inevitably pushes platforms towards more sophisticated and reliable identity verification mechanisms.

The Mandate for Identity Verification

The DSA doesn't explicitly state that all online platforms must verify the identity of every single user. However, its core principles and specific articles create a strong incentive and, in many cases, a direct mandate for robust identity verification. For example, for very large online platforms (VLOPs) and very large online search engines (VLOSEs), Article 28(1) requires them to 'identify and take measures to mitigate systemic risks,' which often involves understanding the true identity behind accounts engaging in harmful activities.

Consider the implications for platforms dealing with age-restricted content or services. While the DSA doesn't introduce a universal age verification mandate, it empowers Member States to impose such requirements. Platforms operating in sectors like gambling, adult content, or even certain social media features, will need reliable Age Estimation solutions to comply with national laws that are influenced by the DSA's broader goals of protecting minors. Didit's Age Estimation product offers a privacy-preserving way to address this, without requiring full identity document submission.

Furthermore, the DSA's push to remove illegal content and identify bad actors means that platforms need effective tools to link online behavior to real-world identities when necessary. This is where solutions like Didit's ID Verification (OCR, MRZ, barcodes) and Passive & Active Liveness detection become indispensable. These tools help platforms accurately verify the authenticity of identity documents and ensure the person presenting them is real and present, preventing synthetic identity fraud and account takeovers.

Challenges and Best Practices for Compliance

Complying with the DSA's identity verification demands presents several challenges. Platforms must navigate a complex regulatory landscape while ensuring a smooth user experience. Overly burdensome verification processes can lead to user abandonment, while insufficient processes risk regulatory fines and reputational damage. Key challenges include:

• Data Privacy: The DSA operates alongside GDPR, meaning any identity verification process must be privacy-by-design, collecting only necessary data and protecting it rigorously.
• Accuracy and Reliability: Verification methods must be highly accurate to prevent fraudulent accounts while minimizing false positives for legitimate users.
• Scalability: Solutions need to scale efficiently to handle potentially millions of verification requests across diverse user bases.
• Global Reach: Platforms serving users across the EU need solutions that support a wide array of identity documents and languages.

Best practices for platforms include adopting a risk-based approach to identity verification, where the level of verification is commensurate with the risks associated with a user's activity. This might mean basic email verification for content consumption but robust ID Verification, 1:1 Face Match, and AML Screening for business users or those engaging in high-risk transactions. Leveraging AI-native solutions like Didit allows for automated, real-time verification, reducing manual review and improving efficiency.

The Role of AI-Native Identity Verification in DSA Compliance

The DSA's comprehensive requirements necessitate advanced, flexible identity verification solutions. AI-native platforms are uniquely positioned to address these needs by offering unparalleled accuracy, speed, and adaptability. Traditional, rule-based systems often struggle with the nuances of global identity documents and the evolving tactics of fraudsters. AI, particularly machine learning and computer vision, excels at these tasks.

For instance, Didit's ID Verification, powered by AI, can process a vast array of global identity documents, extracting data with high precision and detecting sophisticated forgeries. Its Passive & Active Liveness detection modules use AI to distinguish real users from deepfakes or spoofing attempts, which is critical for preventing fraudulent accounts. Furthermore, for platforms requiring compliance checks, Didit’s AML Screening & Monitoring capabilities ensure that users are not on sanctions lists or involved in financial crime, directly contributing to the DSA's goal of a safer online environment.

The ability to orchestrate complex verification workflows using a no-code editor, as offered by Didit, is also a game-changer. Platforms can design custom verification journeys that meet specific DSA requirements for different user types or risk levels, without needing extensive development resources. This modularity and developer-first approach ensure that platforms can quickly adapt to new regulatory interpretations or additional requirements.

How Didit Helps

Didit is uniquely positioned to help online platforms navigate the complexities of identity verification under the EU's Digital Services Act. Our AI-native, modular identity platform provides the tools necessary to meet DSA requirements efficiently and effectively.

• Comprehensive ID Verification: Didit's ID Verification, including OCR, MRZ, and barcode scanning, accurately verifies a wide range of global identity documents, essential for Article 30 compliance for traders.
• Robust Fraud Prevention: Our Passive & Active Liveness detection, combined with 1:1 Face Match, ensures that users are real and present, combating synthetic identity fraud and deepfakes.
• Compliance and Risk Management: With AML Screening & Monitoring, platforms can screen users against watchlists and sanctions lists, fulfilling due diligence requirements and mitigating financial crime risks.
• Privacy-Preserving Age Verification: For age-restricted content or services, Didit's Age Estimation offers a privacy-preserving solution to comply with national age verification laws influenced by the DSA.
• Flexible and Cost-Effective: Didit's modular architecture allows platforms to integrate only the checks they need. We offer Free Core KYC and a pay-per-successful check model with no setup fees, making advanced identity verification accessible to platforms of all sizes. Our developer-first approach with clean APIs and an instant sandbox ensures rapid integration and deployment.

Ready to Get Started?

Ready to see Didit in action? Get a free demo today.

Start verifying identities for free with Didit's free tier.