前言介紹
- 這款 WordPress 外掛「AwareID – Biometric Identity Authentication」是 2024-08-29 上架。
- 目前有 10 個安裝啟用數。
- 上一次更新是 2025-04-15,距離現在已有 17 天。
- 外掛最低要求 WordPress 5.0 以上版本才可以安裝。
- 尚未有人給過這款外掛評分。
- 還沒有人在論壇上發問,可能目前使用數不多,還沒有什麼大問題。
外掛協作開發者
外掛標籤
awareid | biometrics | enrollment | authentication | Document Verification |
內容簡介
```html
- 將 AwareID 的身份驗證外掛整合到您的 WordPress 環境中,提供堅固、多層次的安全性。
- 我們的解決方案使用 AI 驅動的面部生物識別和文件驗證來驗證用戶身份,確保從登入到結帳的合規性和防範欺詐。
- 定制以滿足您的特定業務需求,AwareID 提供帳戶保護,同時為用戶提供無縫、無摩擦的體驗。
強化安全性和合規性
- 設計用於需要高安全性身份驗證的 WooCommerce 實現,該外掛使用生物識別技術確保只有經過驗證的個人才能完成購買。
- AwareID (https://www.aware.com/biometric-identity-management-as-a-service/) 與 WooCommerce 無縫集成,提供:
- KYC 合規性
- 身份文件驗證
- 多模式生物識別認證
- 生物面部匹配和面部活性度
- 地理圍欄、設備風險和防範欺詐
- 創建可定制化的工作流程、直觀的點擊配置以及高級生物識別安全設置。此外掛讓您能夠調整驗證流程以符合您的特定業務需求,確保安全和合規交易。
為什麼選擇 AwareID?
- 受業界領先廠商信任:我們的技術為 NASA、政府機構以及全球 150 多個執法機構的重要系統提供保護。
- 30 年的值得信賴創新:成立三十多年來,Aware 一直是生物識別安全領域的值得信賴的領導者,全球頂尖組織信賴使用。
- 內部專業知識,美國開發:所有解決方案均由 Aware 在美國的專家團隊開發,確保最高標準的品質、安全性和創新。
先決條件
- 在安裝外掛之前,請確保您滿足以下要求:
- - 您的 WordPress 網站上有活躍的 WooCommerce 安裝。
- - 擁有一個具有適當憑據的活躍 AwareID 帳戶。
請聯繫 Aware 以獲取更多資訊。
```
原文外掛簡介
Secure More Revenue with Seamless Biometric Enrollment & Authentication
For robust, multi-layered security for all users, integrate AwareID’s Identity Verification plugin for biometric enrollment & authentication. Verify user identities using advanced facial biometrics and document verification, helping ensure compliance and fraud prevention from login to checkout. Protect your app and profits and give users an experience they’ll love!
Note: Please reach out to Aware or email us if you have not yet registered with our organization for biometric authentication. This is crucial as the plugin will not be able to operate without an AwareID login.
Strengthen Security and Compliance
Designed for WooCommerce implementations that demand high-security identity verification, this plugin ensures only enrolled, verified individuals can complete purchases.
AwareID (https://www.aware.com/biometric-identity-management-as-a-service/) integrates seamlessly with WooCommerce, offering:
Support for KYC Compliance
ID Document Verification
Multi-Modal Biometric Authentication
Biometric Face Matching & Face Liveness
Geofencing, Device Risk, and Fraud Prevention
Create customizable workflows, intuitive point-and-click configuration, and advanced biometric security settings. This plugin empowers you to tailor verification processes to align with your specific business needs, ensuring safe and compliant transactions.
Features
Secure Customer Enrollment and Authentication: Integrates with the WooCommerce cart or checkout flow to add an enhanced layer of security.
Seamless Checkout: Enable identity verification via face and document for both guests and registered users.
Age Restriction & ID Document Verification: Set age restrictions to prevent access to the site with sophisticated document reading capabilities.
Location-based Security: Set states from which the customer will be denied access to checkout and logging in depending on geographic location.
User Workflow
Guest Checkout: Guests are prompted to verify their identity via face and document recognition during their first checkout. This verification may not be required on subsequent visits, depending on the settings.
Registered User Checkout: Users logged in but not verified are required to verify their identity before proceeding with checkout. Restrictions based on age and geographic location are enforced.
Why Aware?
30 Years of Innovation: Established over three decades ago, Aware holds over 80 patents in biometric technologies and a proven track record of excellence.
Trusted by Industry Leaders: Our technology safeguards critical systems for clients such as NASA, government agencies, and over 150 law enforcement agencies worldwide.
In-House Expertise, Developed in the USA: All solutions are developed by Aware’s expert team in the United States, ensuring the highest standards of quality, security, and innovation.
Inclusive Biometric Solutions: Aware trains all biometric systems with diverse data sets to minimize racial bias. We also empower users to have control over identities through clear, easy opt-in and opt-out features, helping them feel secure and improving their lives.
Whether you require white-labeled apps, native SDKs, or API integrations, AwareID offers flexible deployment options, including low-code and OpenID Connect integration. This adaptability guarantees robust protection without compromising on ease of use or customer satisfaction.
How to Get Started:
Before installing the plugin, ensure you meet the following requirements:
– An active WooCommerce installation on your WordPress site.
– An active AwareID account with appropriate credentials.
Please reach out to Aware or email us if you have not registered with our organization for biometric authentication. This is crucial as the plugin will not be able to operate without an AwareID login.
Configuring AwareID into WooCommerce
To set up the plugin, configure it with your AwareID account details to enable authentication requests.
Note: This section will detail configuration of AwareID into WooCommerce only and will serve to make sure your WordPress site can connect to AwareID to authenticate consumers when configured. When you become an Aware customer, your Customer Onboarding includes configuration of the AwareID product to meet your use case and business objectives. This is a critical step to receiving successful authentication results and should be done prior to configuring AwareID on your WordPress site.
Once you are logged into your WordPress Admin Account, navigate to the Aware Verification Settings Panel. On this menu page, please input the following details:
AwareID Domain: Input the base URL for your AwareID service.
Example: https://awareid-yourdomain.aware-apis.com
Realm Name: Specify the account name associated with your AwareID environment.
Client Secret: Enter the client secret key provided by AwareID. Note: This key is unique to your configuration and a vital component of securing your instance and the sensitive personal information of your customers. Please keep it confidential.
API Key: Enter the API key which is another critical credential for connecting with AwareID. Note: This key is unique to your configuration and a vital component of securing your instance and the sensitive personal information of your customers. Please keep it confidential.
GeoCode Earth API Key: If your configuration will be utilizing Aware’s GeoFencing feature, you need to have a GeoCode earth API key. This will be supplied to you by our Customer Onboarding Team if you are using this functionality.
IP Info API Key: If your configuration will be utilizing Aware’s GeoFencing feature, and you wish to utilize the geolocation functionality, you need to have a IpInfo API Key. This will be supplied to you by our Customer Onboarding Team if you are utilizing this functionality.
Update Public Key: Press update public key button to update public key for encrypted face capture.
Admin Functionality
Through the AwareID Settings panel, you can configure:
GeoFencing Settings: Define states or regions where access should be restricted.
Age Restrictions: Set a minimum age requirement for checkout.
Document Authentication: Verify document authenticity using OCR and security checks to prevent fraud.
ReValidation Settings: Choose intervals at which users must revalidate their identity.
Identity Verification: Confirm user identities through multimodal biometrics or document checks.
Biometric Authentication: Secure access with biometrics reducing the risk of breaches and improving user experience.
Detailed Service Integration Points
This section provides specific details about the integration points where our plugin communicates with external services, particularly the AwareID SaaS platform. Understanding these points will help users ensure compliance with relevant legal and data protection standards.
Authentication with AwareID using OpenID Connect
Purpose: Utilizes OpenID Connect protocol to authenticate users securely by generating JSON Web Tokens (JWTs). This method verifies user identities with high integrity.
Endpoint Usage: The plugin constructs $openid_url for token generation, essential for user sessions:
Examples:
$openid_url = $awareIDConfig[‘domain’] . ‘auth/realms/’ . $awareIDConfig[‘realm’] . ‘/protocol/openid-connect/token’
$openid_url = $domain . ‘auth/realms/’ . $realm . ‘/protocol/openid-connect/token’;
Security Note: URLs and realm identifiers are set during configuration to ensure custom, secure environments per customer.
Third-Party Services and Libraries
This plugin uses a hybrid architecture, combining WordPress functionality with external services and client-side components for enhanced security and performance. It relies on the following third-party services and libraries:
Server-Side Processing:
AwareID (Managed by Final Customers)
This plugin utilizes AwareID, a SaaS platform developed by Aware, Inc., which facilitates biometric verification. Below, you’ll find general details about Aware, Inc. and a note on the AwareID platform’s specific usage.
Purpose: AwareID is used to accurately and securely process biometrics including face, document, voice, and device profiling.
General Website: https://aware.com/
General Terms of Service: https://www.aware.com/terms-and-conditions/
General Privacy Policy: https://www.aware.com/dataprivacy/
– Note: The specific terms of service and privacy policies for AwareID services are managed and provided by each Aware Business Client. Users of this plugin must consult the specific AwareID environment managed by the service provider they are interacting with to review applicable terms and privacy policies.
GeoCode Earth
Purpose: Used for geofencing functionality to determine user location.
Website: https://geocode.earth/
Terms of Service: https://geocode.earth/terms/
Privacy Policy: https://geocode.earth/privacy/
IPInfo.io
Purpose: Used as a fallback for geolocation when HTML5 geolocation is unavailable or denied.
Website: https://ipinfo.io/
Terms of Service: https://ipinfo.io/terms-of-service
Privacy Policy: https://ipinfo.io/privacy-policy
Client-Side Components:
KnomiWeb (Non-GPL)
Purpose: Used for face capture during the biometric verification process.
Hosting: Hosted on Aware Inc.’s CDN
License: Proprietary (non-GPL)
Note: This library is loaded from our CDN and is not included in the plugin files.
Regula Document Reader SDK (Non-GPL)
Purpose: Used for document capture and verification during the authentication process.
License: Proprietary (non-GPL)
Website: https://regulaforensics.com/products/document-reader-sdk/
This architecture allows us to leverage secure cloud processing while maintaining the responsiveness needed for biometric capture and initial verification.
User Consent and Control
We are committed to transparency in our use of biometric authentication:
Consent: Clear user consent is required before any biometric data is collected in most jurisdictions. The Aware Business Client is required to obtain these consents from consumers in advance of biometric data collection and ensure users are fully informed about the data collection process before they proceed.
Core Functionality: Biometric verification is an integral part of this plugin’s security measures. Users who do not wish to use biometric verification should not install or should uninstall this plugin.
Data Deletion: Users can request complete deletion of their biometric data by contacting the site administrator.
Transparency: We provide clear information about data collection, processing, and storage practices in our privacy policy. For questions or concerns regarding our privacy policy, please contact us at [email protected]
Support
For technical support or further assistance, please contact [email protected].
Data Handling and Privacy
Our plugin facilitates the secure authentication process by connecting your WordPress site with AwareID’s backend services. It’s important to note that this plugin does not store sensitive data itself:
Data Processed: The plugin helps collect facial biometrics, document images, and geolocation data for verification purposes.
Data Transmission: Collected data is securely transmitted to AwareID’s servers for processing.
Backend Processing and Storage: All data processing and storage occur on AwareID’s secure servers, not within WordPress or this plugin.
Data Policies: Retention periods, user rights, and compliance measures are managed by the individual AwareID service provider (your company or contracted service).
Plugin’s Role: This plugin acts as a facilitator, enabling the connection between your WordPress site and the AwareID backend. It does not store or manage the sensitive data itself.
Important Note: Important Note: As the site administrator and as the Aware Business Client, you are responsible for ensuring that your use of AwareID services, including data handling and retention policies, complies with relevant regulations such as GDPR and CCPA. Please review your internal policies and procedures to ensure appropriate consult with your specific AwareID service provider for details on their data handling practices and to set up appropriate privacy policies for your users.
各版本下載點
- 方法一:點下方版本號的連結下載 ZIP 檔案後,登入網站後台左側選單「外掛」的「安裝外掛」,然後選擇上方的「上傳外掛」,把下載回去的 ZIP 外掛打包檔案上傳上去安裝與啟用。
- 方法二:透過「安裝外掛」的畫面右方搜尋功能,搜尋外掛名稱「AwareID – Biometric Identity Authentication」來進行安裝。
(建議使用方法二,確保安裝的版本符合當前運作的 WordPress 環境。
延伸相關外掛(你可能也想知道)
Limit Login Attempts 》此外掛可限制正常登入及使用驗證 cookies 登入的次數。, WordPress 預設允許使用者無限次數嘗試登入,無論是透過登入頁面或是傳送特殊 cookies 皆可。這讓密...。
InfiniteWP Client 》InfiniteWP 可讓使用者從自己的伺服器管理無限數量的 WordPress 網站。, 主要功能:, , 自行託管系統:位於您自己的伺服器上,完全受您控制, 一鍵更新所有網站...。
WPS Limit Login 》繁體中文, 限制通過登錄頁面和使用權限Cookie可能的登錄嘗試次數。, WordPress 默認情況下允許通過登錄頁面或發送特殊 Cookie 的方式進行無限制的登錄嘗試。...。
Two-Factor 》在「使用者」→「您的個人檔案」下的「雙因素認證選項」部分,啟用和設定一個或多個雙因素認證提供者:, , 電子郵件代碼, 時間同步一次性密碼(TOTP), FIDO通...。
WP-Members Membership Plugin 》8211; allows you to restrict file downloads to registered users only, with customizable download links., MailChimp Integration – integrates W...。
Google Authenticator 》WordPress 的 Google Authenticator 外掛使用 Google Authenticator App 為 Android/iPhone/Blackberry 手機提供雙因素驗證。, 如果您有安全意識,您可能已經...。
Login by Auth0 》這個外掛會以 Auth0 為基礎,取代標準 WordPress 登入表單,具有以下功能:, , 通用身分驗證, , 超過 30 個社交登入提供者, 企業連接 (ADFS、Active Director...。
WP Limit Login Attempts 》Limit Login Attempts 是一款可保護登錄安全,防止暴力破解攻擊的 WordPress 插件。暴力破解攻擊通常採用最簡單的方式來獲得網站控制權:一遍遍地嘗試輸入帳...。
Login for Google Apps 》Google應用登錄允許現有的WordPress使用者使用Google進行帳戶驗證來登錄您的網站以實現安全認證。這意味著,如果他們已經登入Gmail,他們可以通過WordPress登...。
Application Passwords 》⚠️ 重要提示:此外掛已合併至 WordPress 5.6 核心,不需要單獨安裝。 查看整合指南→, 使用應用程式密碼進行身份驗證,而不必直接提供用戶的密碼。相反,為每...。
WP SAML Auth 》 , 使用打包的 OneLogin SAML library 或者可选的安装 SimpleSAMLphp,WP SAML Auth 插件提供 WordPress 的 SAML 身份验证。OneLogin 提供了一个 SAML 身份验...。
Email Login 》使用電子郵件地址作為登入 WordPress 的識別名稱,代替使用者名稱。, 因為 WordPress 規定電子郵件地址必須在系統中唯一,所以使用它作為登入識別名稱是個好...。
Log in with Google 》這是一個極簡化的外掛,讓您的使用者可以使用他們的 Google 帳戶登入 WordPress 應用程式,不再需要記住笨重的密碼!, 初始設置, , , 如果尚未存在,請從 Goo...。
Active Directory Integration / LDAP Integration 》展示 | 文檔 | 特性 | 插件 | 聯繫我們, Active Directory 整合 / LDAP 整合 Intranet 登入的外掛程式 可以讓您使用其 Active Directory/LDAP 憑證身分驗證您...。
Duo Two-Factor Authentication 》Duo Security 提供雙因素認證服務,以保護帳戶免受劫持和資料竊取。使用 Duo 外掛,您可以在幾分鐘內輕鬆地將 Duo 雙因素認證添加到您的 WordPress 網站中!,...。