.png)
The U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T) recently announced the results of its Remote Identity Validation Technology Demonstration (RIVR) Track 2, and Incode met multiple government-defined goals, including those related to liveness detection, document verification, and injection attack resistance.
RIVR is a multi-year DHS program designed to evaluate how well commercial identity verification (IDV) vendors can defend against the most sophisticated threats facing government and enterprise digital services today. Track 2 focused specifically on three high-priority challenges: deepfake-based presentation attacks, fraudulent document submissions, and injection attack methods that attempt to bypass capture systems entirely.

Across each evaluation area, Incode’s platform met the government’s defined performance thresholds:
Liveness detection: The evaluation tested our system against a range of presentation attack types, including 2D spoofs, 3D artifacts, and video replays. Our liveness detection algorithm maintained performance within the program’s required bounds.
Document verification: RIVR Track 2 introduced synthetic and tampered documents into the evaluation pipeline. Our document verification system successfully identified fraudulent submissions at the rates required by the program goals.
Injection attack resistance: Injection attacks—where adversaries attempt to insert fraudulent imagery directly into the capture stream rather than physically presenting a spoof—represent one of the fastest-growing attack vectors in the field. Incode’s system demonstrated resistance to these methods within RIVR’s evaluation framework.
RIVR is not a vendor certification or a marketing program. It is a controlled, government-designed evaluation conducted by independent testing organizations with defined performance targets. Meeting the program’s goals means Incode’s platform passed an objective technical test in areas where the government has determined it needs reliable assurance.
For organizations operating in regulated sectors, and for public sector agencies considering commercial IDV solutions, RIVR Track 2 results provide a meaningful signal. They represent tested performance against current threat conditions, not modeled projections or vendor-supplied claims.
DHS launched RIVR because the threats facing digital identity infrastructure have shifted significantly. Freely available generative AI tools have lowered the barrier for creating convincing synthetic faces and documents. Injection attack tooling has made it possible for actors to bypass physical capture channels entirely. And traditional liveness and document checks, designed for older threat models, often struggle with these newer techniques.
The program was structured to test against this current threat environment, not a theoretical one. Incode met the goals set against it.
Meeting RIVR Track 2 goals is evidence that Incode’s platform is operating at a level the U.S. government considers sufficient for high-stakes identity verification use cases. It is also consistent with Incode’s ongoing approach to external validation: we submit to rigorous third-party evaluations because they provide a clear, objective measure of where our system performs and where the industry standard is moving.
We’ll continue to engage with programs like RIVR as the threat environment evolves and as new evaluation frameworks emerge.

Incode was named a Leader in the 2025 Gartner® Magic Quadrant™ for Identity Verification. Download the report.