We get an applicant ID from Onfido, an Entrust company. We can parse that back and say: "Do a selfie check against this previous verification ID"

This will then prompt a "re-auth" on the account. The user will then have to do another selfie check, which Entrust check against the original, and post back to us "yes" or "no" again. We never share the PlaySafe ID to Entrust, so they can never match the verification data to a user.