identity-hub | Devpost

Inspiration The idea for Identity Hub came from a simple but frustrating reality: our financial identity is scattered. Every new bank account means submitting the same documents. Every login means creating another password. Every lost card means worrying about fraud. For millions of people in emerging markets, the problem is even worse — they have no formal identity at all.

We asked ourselves: what if your face was your identity? One face that works everywhere — logging into banks, opening accounts, and authorizing payments. No paperwork. No passwords. Just you.

That question became Identity Hub.

What it does Identity Hub is a universal digital identity system that uses your face as the key. Here's what it does:

Enroll Once — Upload your ID and take a selfie. Our AI verifies you're real with liveness detection and creates a unique digital identity.

Open Accounts Instantly — Share your verified KYC with new institutions with one click and your face — no document re-submission.

Pay Securely — Link your Visa or Mastercard to your identity. Every transaction requires your face, so stolen cards are useless.

Stay Protected — Our AI scores every transaction for risk. Low-risk transactions are seamless; high-risk ones trigger step-up authentication.

One identity. One face. Anywhere.

How we built it We built Identity Hub as a modular, API-first system with five core components:

Component What It Does Technology AI Biometrics Face recognition, liveness detection, risk scoring InsightFace, MediaPipe, Python eKYC Orchestration Document OCR, fraud detection, synthetic identity checks EasyOCR, custom validation rules Digital Identity DID creation, verifiable credentials, encrypted storage JWT, W3C VC standards, MongoDB Federated SSO One login across multiple banks OAuth2, OpenID Connect, JWT Card Integration Tokenization, transaction simulation, step-up MFA Custom simulation, Flask API Tech Stack:

Backend: Python (Flask), Node.js

Frontend: React, WebRTC for webcam capture

AI/ML: InsightFace, EasyOCR, MediaPipe

Database: MongoDB, JSON for embeddings

Auth: JWT, OAuth2, OpenID Connect

We structured our work across five team members:

AI Engineer: Face recognition, liveness, risk scoring

Backend Developer: APIs, OAuth2, identity storage

Card Developer: Tokenization, transaction simulation

Frontend Developer: Web interface, demo flows

Documentation Lead: Architecture, compliance, business model

Challenges we ran into

Liveness Detection Without Special Hardware Detecting a real person using just a webcam was harder than expected. Photos, videos, and even printed faces could fool basic detection. We solved this by combining blink detection with multi-frame analysis — requiring users to blink naturally during authentication while analyzing eye aspect ratio (EAR) across multiple frames.
Face Recognition Across Diverse Conditions Our model struggled with varying lighting conditions, angles, and skin tones. We implemented adaptive thresholds that adjust based on detected conditions and tested across diverse datasets to reduce bias.
Balancing Security and User Experience Full multi-factor authentication for every action creates friction. We solved this with risk-based step-up authentication — low-risk actions require only face matching, while high-risk actions trigger additional checks.
Creating Portable KYC Making a credential that one institution can issue and another can trust required deep work with Verifiable Credentials and digital signatures. We built a simplified but standards-aligned system that demonstrates the concept.
Simulating Card Networks Without access to actual Visa/Mastercard APIs, we built a simulation environment that mimics the complete transaction flow — card tap → token lookup → biometric authentication → approval decision.
Real-Time Performance Running AI models in real-time while maintaining a smooth user experience required optimization. We moved face detection to the browser with Face-api.js for initial capture, while keeping heavier recognition on the backend.

Accomplishments that we're proud of ✅ Complete End-to-End System We built a working prototype that handles the entire user journey — from enrollment to authentication to card payment — all backed by AI.

✅ Built-in Liveness Detection We successfully implemented blink detection that prevents photo and video replay attacks, making our biometric authentication truly secure.

✅ Risk-Based Step-Up Authentication Our AI risk scoring engine dynamically adjusts authentication requirements based on transaction risk — seamless for low risk, secure for high risk.

✅ Portable KYC Demo We demonstrated a user enrolling once and opening accounts at two different "banks" without re-submitting documents — just consent and face verification.

✅ Federated SSO Working Users can log into multiple mock banking dashboards with a single face authentication — no separate credentials needed.

✅ Card-Linked Identity We simulated card tokenization and biometric-authorized payments, proving our system can integrate with Visa and Mastercard.

✅ Financial Inclusion Features Our system supports SIM-based enrollment and offline authentication — making it viable for emerging markets.

✅ Fairness and Bias Mitigation We tested our models across diverse datasets and implemented adaptive thresholds to ensure equitable performance across skin tones and genders.

What we learned

Trust Requires Multiple Layers Face recognition alone isn't enough. True security needs liveness detection, risk scoring, step-up authentication, and encrypted storage working together.
Standards Are Not Optional We started building everything from scratch, but quickly realized real-world adoption requires standards like OAuth2, OpenID Connect, and W3C Verifiable Credentials. Interoperability is how systems scale.
Simplicity Is the Hardest Part The most complex part of our system is also the simplest for users: looking at a camera. Great technology disappears. Users shouldn't think about security — it should just work.
Bias Is Real and Must Be Addressed Our models initially performed differently across skin tones. We learned that fairness isn't an afterthought — it must be designed from the start with diverse test data and adaptive thresholds.
Financial Inclusion Requires Real Solutions For emerging markets, offline capability and SIM-based enrollment aren't bonuses — they're requirements. We learned to design for the hardest conditions first.
Teamwork Makes Complex Systems Possible Building an identity system requires AI, backend, frontend, security, and business expertise. Regular standups, clear API contracts, and modular architecture kept us aligned.

What's next for Identity Hub 🚀 Pilot with Kifiya in Ethiopia We're exploring a pilot deployment with Kifiya to onboard unbanked users using SIM-based enrollment and offline authentication. This would bring financial services to millions who currently lack formal identity.

💳 Integrate with Visa and Mastercard We plan to work with payment networks to replace SMS OTP with biometric authentication for card transactions — reducing fraud while improving user experience.

🔊 Add Voice Biometrics Multi-modal authentication (face + voice) would add an extra layer of security and accessibility for users with visual impairments.

🌍 Expand to Government Services Beyond financial services, Identity Hub could serve as a universal identity for healthcare, voting, and social services — one identity for all government interactions.

📱 Develop Native Mobile Apps Our web prototype works, but native iOS and Android apps would enable better camera integration, secure enclave storage, and offline capabilities.

🔐 Achieve Formal Security Certification We aim to pursue SOC2 and ISO 27001 certification to demonstrate our commitment to security and compliance for enterprise adoption.

🤝 Open Source Our Core Components We plan to open-source our face recognition, liveness detection, and risk scoring modules to help other developers build secure identity systems.