Identity verified.
Biometrics off our books.
Codility’s identity check runs on a dedicated partner platform. We receive the verification result. Biometric data and ID images never enter Codility’s storage.
Used by regulated and security-led organizations worldwide
The answers
The questions we get most often in security questionnaires, with the short answers first. Detail and rationale follow below.
| Question | Answer |
|---|---|
| How is the candidate notified? | In the default invitation email and on a dedicated intro page before the assessment. The page shows the verification options, what the candidate needs, and links to the partner’s terms of service. |
| Which verification options does the candidate see? | A QR code or text-message link to verify on mobile, or a link to verify in the desktop environment. |
| Automated or live proctor? | Automated by default. The face match and document check are performed by the partner’s system. |
| What does the partner capture? Partner | An image of the ID document, a face match against that document, and standard ID fields such as name, date of birth, document number, expiration date, and country of issue. |
| Where does that data live? Partner | On the identity verification partner’s infrastructure. None of it is transmitted to or stored by Codility. |
| What does Codility store? Codility | The verification result only: a pass or fail status. When verification fails, a description of why the candidate did not pass is included. No ID images. No biometric templates. No identity field data. |
| Default partner retention | 90 days available for review, then 3 years in archive, then permanent deletion. |
| Customizable retention? | Yes. The partner can be instructed to align retention with your data policy, including shorter review and archive windows. |
How candidates verify themselves
Three steps, all driven by the candidate, all with the same data flow.
Notified
The default invitation email and a dedicated intro page introduce the verification step. The page lists what the candidate needs, the available verification options, and the partner’s terms of service.
Verified
The candidate completes the check on the partner’s platform, either by mobile via QR code or text-message link, or in the desktop environment. The face-to-document match and document validity checks run automatically.
Returned
Codility receives the verification result. The ID image, the biometric face match, and the identity fields stay on the partner’s infrastructure.
The sub-processor model
We treat the identity verification partner as a black-box service. Candidates verify on the partner’s platform, the partner runs the document and face match, and Codility receives only the result. Customers can ask the partner to align retention with their own policy through the standard sub-processor agreement.
Why this design
Three reasons it is built this way, each one written for a reviewer who has to defend the choice internally.
Defensibility
Identity is independently verified before any assessment data is generated. The chain of custody is unambiguous if a hire is ever questioned.
Minimal exposure
Biometric data and ID scans never enter Codility’s systems. Your data exposure surface is narrower, and your DPIA is shorter.
GDPR right-to-erasure is straightforward
One sub-processor, one documented retention policy, one place to send a deletion request. Customer-defined retention is supported.
Compared to common alternatives
Many assessment platforms either skip identity verification entirely or store ID images on their own infrastructure. Codility’s design routes biometric data to a dedicated, audited partner with retention you can shape to your policy. The result is a smaller blast radius if either side is compromised.
Regulated industries such as financial services, healthcare, and government. EU and UK hiring under GDPR. Executive and security-cleared roles where identity disputes carry real consequences.
codility.com