They once identify you from your driver's license, government id card or passport. After that you for example link your smart phone to you, and you use their app when you identify.
You can also use mobile carriers, they send a push notification directly to you phone+sim. Not sure what protocol they use here, because it opens up an UI which is plain android, and asks pin.
Everything relays on chain of trust that since one service has identified you, the next can trust too. Plus there is MFA to verify that you actually made the identification request.