Treefort Technologies Incorporated

Jay Krushell

12306 109A Ave Edmonton, Alberta T5M 2H7

Service Details

Solution Provider (Regulatory Technology and Identity Technology)

Treefort is the most advanced identity verification technology in Canada for in-person and virtual identifications. Treefort’s turn-key portal solution is powered by a proprietary multi-factor authentication algorithm accessing more than 1750 data points that not only verifies identity, but also identifies fraud and anti-money laundering risks. Treefort is compliant with FINTRAC KYC and Anti-Money Laundering requirements and Law Society rules for identifying and meeting with individuals. Using their smartphone and Government issued ID, Treefort’s IDV process only takes individuals 5 minutes to complete and for a comprehensive Treefort report to be delivered to the initiator. The report addresses identity, fraud and anti-money laundering risks and includes copies of the government-issued ID and the picture of the client. Treefort also prides itself on offering bilingual customer support.

General Information: Website

Point of Contact: Jay Krushell

Testimonials

Partnering with Treefort has been a seamless and positive experience for both us and our customers! The agile and responsive Treefort team has made the integration process remarkably smooth, exceeding our expectations. The firms we serve love how user-friendly the IDV submission process is for their clients, and are enthusiastic to adopt the most secure identity verification solution on the market today.Harrison Kelly, Co-founder & CEO, Closer by LawLabs

It's sometimes hard to imagine what our practice was like before Treefort. Our practice has implemented Treefort into just about every file we do now. Our goal in adopting Treefort was to limit the risk of fraud, create efficiencies for our staff and clients, and to leverage technology that aligns with our values and vision – mission accomplished! Treefort does all that and more... Treefort is literally a game changer for our firm, our clients, lenders and others that rely on accuracy and certainty in ID Verification.Darren L. Richards, Barrister & Solicitor

I love Treefort. It's now a requirement on our files and also on new investors that want to sign up with the Brokerage. I think that everyone should be on this. It's much better than the other verifications I have been using and very user friendly.Daniel K. Akowuah, Broker, Amansad Direct Lending Group

Role(s)

Audit
Broker
Consulting
Service Integrator
Service Provider
Other - Specify

Capability(ies)

Attribute Broker
Attribute Provider
Audit IAM
Audit InfoSec
Audit QA
Audit Risk
Authentication
Authorization
Client Identity Verification
Consulting IAM
Consulting InfoSec
Consulting QA
Consulting Risk
Credential Issuer or Provider
Federated Attributes
Federation Operator
Identity Proofing
Identity Provider
Integration
Managed Hosting
Network Operator
Relying Party or Verifier
Validating Identity Claims
Wallet Provider
Other - specify

Client Identity Verification Methods

Government-issued photo identification method
Credit file method
Dual process methodology

Audiences

Public Sector Individuals (G2C)
Public Sector Organizations (G2B)
Public Sector Internal Services (G2)
Private Sector Businesses (B2B)
Private Sector Consumers (B2C)
International and NGO
Other - specify

Sectors and Use Cases

Academia and Research
Agriculture
Construction
Financial Services
Healthcare & Social Services
Legal / Law
Manufacturing
Natural Resources
Property Services
Public Sector
Retail & Wholesale Trade
Technology & Innovation
Tourism & Hospitality
Transportation & Logistics
Other - specify

Adoption Communities

Public sector
Large organizations
Small organizations
Consumer direct
Other - specify

Jurisdiction(s)

Canada
Asia Pacific
Europe
Indo Pacific
North America
Latin America
Caribbean
Global
Other - specify

Operational Language(s)

English
Canadian French
Other - specify

Technical Support Language(s)

English
Canadian French
Other - specify

Platform(s) Availability

Apple app store
Google app store
Embedded in client app
Microsoft app
In-person scanner (hardware)
Other - specify
None

Other: Web-based portal

Cost Model

Time period flat fee
Pay per use
Mixed flat and use
Other - specify
Not Applicable

Service Design Principles

Accessibility
Auditability
Combats fraud
Creates efficiencies
Diversity, equitability, and inclusion
Personal data choice and control
Privacy protection and enhancement
Transparent governance and operations
User-friendly
Not applicable

Service Design Tools & Auditability

Design Tools

Assurance and risk management framework(s)
Codes of practice
Community practice guides
Industry, National, International Standards
Open source code
Regulatory guidance
Third-party assessment services
Other - specify
Not applicable

Protocols Supported

API
DIDCom (decentralized identifiers)
FIDO
Hyperledger Indy Aires
Oauth
OpenID
SAML
UDAP
UMA
Other - specify
Not applicable

Image Standards Supported

GIF
JPEG
PNG
TIFF
ISO IEC19794-5 (Passport Image Standard)
Proprietary Standards
Other - specify
Not applicable

Process Standards Considered

AODA
ETSI EN 301 549
HIPAA
GSA Section 50
ISO/IEC 27001
ISO/IEC 27018
ISO 30107-3
ISO 90001
NIST 800-63
SOC 2 Type 1
SOC 2 Type 2
WCAG
WCAG 2.0 (ISO/IEC40500)
WCAG 2.1
Other - specify
not applicable

Accreditations and Certifications

AODA tested
FIDO® Certified
ETSI EN 301 549
GIAC GSNA
GSA Section 508
HIPAA self-attest
Institute of Internal Auditors, Certified Internal Auditor
ISACA CISA
ISO/IEC 27001 ISMS
ISO/IEC 27001 ISMS Lead Auditor
ISO/IEC 27018
ISO 30107-3
ISO 90001
IRCA ISMS Auditor
NIST 800-63
OpentID Certified
SOC 2 Type 1
SOC 2 Type 2
WCAG
WCAG 2.0 (ISO/IEC40500)
WCAG 2.1
Other - specify
Not applicable

Pan-Canadian Trust Framework (PCTF)

Jurisdictional Privacy Law Compliance

Canada
Asia Pacific
Indo Pacific
Europe
North America
South America

Client Identity Verification Methods

Government-Issued Photo Identification Method

Validation Letter

No file uploaded

Our service captures and returns to the relying party the following data points from the government-issued photo identification: person's name, the date on which the person's identity was verified, type of document used (e.g., driver's licence, passport), unique identifying number of the document used, address (if available), jurisdiction (province or state) and country of issue of the document, expiry date of the document, if available (if this information appears on the document or card, it must be recorded).)

In addition to Canadian passports and driver’s licenses issued by provinces, territories and the Canadian Department of Defence, our service supports the following documents. (Note: Canadian citizenship card and the laminated certificate Indian Status card not listed due to limited applicability and security features.)

Ontario Health card (only to be used for health purposes)
Quebec Health card
Provincial Photo ID cards (Alberta, Manitoba, New Brunswick, Newfoundland, Labrador, Nova Scotia, Ontario, Prince Edward Island, British Columbia, and Saskatchewan)
Canada/US Nexus (Trusted Traveller)
Canadian Permanent Resident card
Secure Indian Status card
In process

Our service verifies documents that are authentic, valid, and current.

Globally, our service can assess Passports from the following number of countries or regions.

Approximately 200 countries and territories

Globally, our service can assess National Identity cards from the following number of countries or regions.

None currently

Globally, our service can assess Driver's Licenses in the following number of countries or regions. If a jurisdiction has more than 1 version of the same Driver's License, that jurisdiction is counted only once.

None currently

Globally, our service can assess the following number of identification records.

None currently

Our service compares the following known characteristics of the government-issued photo identification document against the following to satisfy that it is an authentic document issued by the competent authority (federal, provincial, or territorial government).

Character spacing
Document size
Document modification (e.g., cut corner)
Document shape
Font position
Font size
Other - specify
Not applicable

Our service compares the following security features of the government-issued photo identification document against the following to satisfy that it is an authentic document issued by the competent authority (federal, provincial, or territorial government).

Holograms
Image frequency
Image positioning
Image size
Position and size of magnetic stripe
Ultraviolet images
Other - specify
Not applicable

Our service compares the following maker features of the government-issued photo identification document against the following markers to satisfy that it is an authentic document issued by the competent authority (federal, provincial, or territorial government).

Markers (logos, symbols or watermarks) positioning
Markers (logos, symbols or watermarks) size
Raised lettering
Other - specify
Not applicable

Our service compares the machine-readable contents of the MRZ/barcode with the font of the OCR-extracted data and highlights mismatches.

Our service performs issuer database lookups for international (non-Canadian) verification purposes.

Our service can be configured to allow the following regarding capturing government-issued photo identification document(s).

Real-time government-issued photo identification document(s)
Uploading an existing image file
Both real-time and uploading existing image
No

Our service reads the machine-readable portion of the photo identification documents as applicable.

Our service confirms the document's expiry date is not before the date of the validation session (as required in Canadian Anti-Money Laundering regulations).

Our service tests the algorithm (if applicable) for the unique identifiers against the ones used by the identification document provider (e.g., the last six number of a driver's license matches the DOB of the individual being verified.)

Our service's ability to read machine-readable passports' facial biometric (ICAO 9303) NFC chip is as follows.

Android ready now
Android ready in 3 months
Apple ready now
Apple ready in 3 months
Not at this time
Not applicable

Our service verifies that a chipped identity document has been authenticated (e.g., Country signer, Active Authentication).

For international verification, our service supports or is investigating mobile driver's license connectivity.

Investigating
Android ready now
Android ready in 3 months
Apple ready now
Apple ready in 3 months
Not at this time

An independent 3rd-party evaluated the performance of our service's face recognition algorithm in a one-to-one matching scenario using NIST (National Institute of Standards and Technology) FRVT 1:1 (Face Recognition Vendor Test) or the most recent NIST Face Technology Evaluations - FRTE/FATE.

Our service performs a 'selfie' liveness check.

Our service’s liveness check is:

Certified by a NIST (National Institute of Standards and Technology) certified testing company to NIST Level 2 ISO 30107-3 for Presentation Attack Detection
Certified to detect and reject presentation attacks
Certified to detect and reject digital injection attacks
Not certified

Our service’s liveness check captures the person's image via:

Computer webcam picture
Computer webcam video
Computer webcam interactive video
Mobile device picture
Mobile device video
Mobile device interactive video

Our service’s liveness detection or genuine presence is verified by:

Active check (person performs actions)
Passive check (live video capture and/or motion detection)
Computer webcam interactive video
Session may be reviewed by human checker
Other - specify
Not at this time

The identification information our service verifies is ultimately stored:

By the person being identified (e.g., stored digital identity on their device)
By the vendor on behalf of the subject (e.g., Identity network stores the encrypted access of the digital identity for the person being identified)
By the vendor as directed by the entity receiving the identification information (e.g., financial institution)
By the entity receiving the identification information (e.g., financial institution)
Other - specify
Not sure
Not applicable

Information stays within Canada for the entire session for Canadian government-issued photo identification (i.e., in transit not related to storage).

Our service uses an identity verification network that encrypts all information in a mobile application in transit.

Our service uses an identity verification network that stores information with the following selections.

Major cloud providers with Canadian server locations
Major cloud providers with International server locations
Private clouds
Other - specify
Not sure
Not applicable

Our service uses an identity verification network that delivers services via the following.

Major cloud providers (SaaS) with Canadian server locations
Major cloud providers with International server locations
Private clouds
On premise with customer’s data center
Mobile Integrations (Customer within their own app via SDK)
Mobile Integrations (Vendor application)
Web Integrations (Customer within their own app via SDK)
Web Integrations (Vendor application)
Other - specify
Not sure
Not applicable

Credit File Method

Validation Letter

No file uploaded

Our service receives data from a Canadian Credit Bureau when an individual's identity is verified.

Our service confirms the data extracted from the credit file contains information derived from more than one tradeline (i.e., two financial institutions which do not include your customer as one of the tradelines.)

Our service receives credit file information directly from a Canadian Credit Bureau (or through a third-party vendor authorized by a Canadian Credit Bureau).

Our service confirms the data extracted from the credit file has existed for at least 3 (three) years.

Our service matches the name, address, and DOB of an individual whose identity is being verified with the name, address, and DOB contained in the records of a Canadian Credit Bureau.

Our service accepts the following match type when matching the individual's first name.

Allows partial matches
Only accepts exact matches

Our service accepts the following match type when matching the individual's last name.

Allows partial matches
Only accepts exact matches

Our service accepts the following DOB match types.

Year is an exact match, and the day and month are switched (e.g., 02/10/1980 vs. 10/02/1980).
Year is +/- 1 (one) year, day, and month are exact matches (e.g., 02/10/1980 vs. 02/10/1979).
Other - specify

Our service accepts the following match type when matching the address.

Allows partial matches
Only accepts exact matches

Our service implements and interprets fraud indicator signals.

Our service considers address change date, name change date, DOB change date related to a risk profile.

Dual Source Method

Validation Letter

No file uploaded

Our service is connected to the following Reliable Source(s).

Government-issued or crown-corporation record
Canadian credit bureau that is at least six (6) months old
Canadian financial institution
Canadian utility company
Canadian telecommunications company
Other - specify other connected reliable sources

Globally, our service can assess Passports from the following number of countries or regions.

Approximately 200 countries and territories are covered, the total number is often changing due to decommissioning of identification records and new ones added.

Globally, our service can assess National Identity cards from the following number of countries or regions.

Canada only at this time

Globally, our service can assess Driver's Licenses in the following number of countries or regions. If a jurisdiction has more than 1 version of the same Driver's License, that jurisdiction is counted only once.

Canada only at this time

Globally, our service can assess the following number of identification records.

Globally, the following number of validated records are accessible in your library.

Our service uses the following Reliable Source(s) as evidence to verify the name and address or name and DOB of the individual whose identity is being verified.

Government-issued or crown-corporation record
Canadian credit bureau that is at least six (6) months old
Canadian financial institution
Canadian utility bill company
Canadian telecommunications company
Other - specify other connected reliable sources

Our service, your agent, nor the individual being verified is a Reliable Source from which you draw information.

Our service uses the following capabilities to confirm the individual has a deposit account, credit card, or other loans with a financial institution.

Interac Verified
Other - specify other connected services

Other: flinks

The capability(ies) our service uses, referenced in the previous question, can query the following number of Canadian financial institutions.

1-50
10-50
50-100
100+

Our service uses a Canadian Credit Bureau as one of the Reliable Sources used to satisfy the Dual Process Method requirements, our service confirms the extracted data from the credit file has existed for at least six (6) months.

When our service uses a Canadian Credit Bureau as one of the Reliable Sources used to satisfy the Dual Process Method requirements, the Credit Bureau acts as an aggregator.

The Canadian Credit Bureau provides our service with two (2) independent tradelines originating from different sources that are not our own, where each tradeline confirms one of the two categories of information required to verify the individual's identity under the Dual Process Method.

An explanation of why each Reliable Source your service is connected with is considered well-known and reputable is provided below.

flinks, Enstream, Equifax, Interac are all originators or issuers of information that are trusted, well known and reputable. flinks is owned by National Bank and has been the preeminent provider of banking verification in Canada for the past 8 years. Enstream is owned by Bell Mobility, Rogers and TELUS. Equifax is a large, international publicly traded company. Interac serves as the Canadian debit card system and the predominant funds transfer network via its e-Transfer service

Our service receives information from two (2) different Reliable Sources and is ensured as valid and current.

The information our service collects from Reliable Sources is found in documents.

The following statements apply to the information our service collects from Reliable Sources found in documents.

Documents originate from or are issued by Reliable Sources
Documents are provided directly to your service through communications with an official c
You are viewing a valid, original, authentic, and current paper or electronic document, not a photocopy or electronic image
You are confirming the document is valid and unaltered

Our service allows partial first and last name matches.

Our service accepts the following match type when matching the address.

Only accepts exact matches
Accepts partial matches

Our service tests the metadata of uploaded, scanned records.

Our service has the ability to do “dark web” searches.

Our service has tools to detect potential fraudulent records (image compares, logo validation, AI).

Our service can test records in the following approaches.

Waterfall only
In parallel

Our service has supportive controls of device validation or telco capabilities validation.

Our service makes a dated record of the information obtained available to end users and allows end users to download and retain copies of the documents or records used.