It depends, but I'd say not usually. Many financial service applications, which have strict KYC requirements, just correlate different data sources to ensure everything matches up, and tries to determine some level of risk about the client making the application (i.e. match applicant name with DOB with SSN with known addresses, etc.) FWIW, given the huge number of data breaches I'm not sure why that info is sufficient, but it usually is. It's only when some backend risk engine determines "This data doesn't match up, or this client looks sketchy" is a photo ID requested.
It depends, but I'd say not usually. Many financial service applications, which have strict KYC requirements, just correlate different data sources to ensure everything matches up, and tries to determine some level of risk about the client making the application (i.e. match applicant name with DOB with SSN with known addresses, etc.) FWIW, given the huge number of data breaches I'm not sure why that info is sufficient, but it usually is. It's only when some backend risk engine determines "This data doesn't match up, or this client looks sketchy" is a photo ID requested.