Skip to main content
Didit Raises $7.5M to Build the Infrastructure for Identity and Fraud
Didit
Back to blog
Blog · March 6, 2026

Adaptive Friction in Microservices: Envoy & Didit for Trust

Learn how to implement adaptive friction in microservices architectures using Envoy Proxy and Didit's identity verification platform. This approach enhances security, optimizes user experience, and combats fraud by dynamically.

By DiditUpdated
adaptive-friction-in-microservices-envoy-didit-for-trust.png

Dynamic Security ImplementationLeverage Envoy's powerful traffic management capabilities to inject identity verification steps dynamically, ensuring that friction is applied only when necessary based on contextual risk factors within your microservices.

Enhanced User Experience through OptimizationBy making security adaptive, you can reduce unnecessary friction for legitimate users, leading to smoother onboarding and transaction flows while still providing robust protection against malicious actors.

Fraud Prevention at the EdgeIntegrate Didit's AI-native identity verification components, such as Passive & Active Liveness and ID Verification, directly into your Envoy-managed traffic to detect and prevent fraud attempts in real-time, safeguarding your services.

Didit's Modular & AI-Native ApproachDidit provides a flexible, API-driven platform with Free Core KYC, allowing developers to easily orchestrate complex identity workflows and adapt security measures to specific microservice needs without high setup costs.

The Challenge of Friction in Microservices Security

In the world of microservices, managing security often feels like a tightrope walk between robust protection and seamless user experience. Overly stringent security measures can introduce unnecessary friction, leading to user abandonment and frustrating legitimate customers. Conversely, lax security opens the door to fraud, compliance breaches, and reputational damage. The ideal solution is adaptive friction: a system that intelligently applies security checks based on real-time risk assessment, user behavior, and transaction context. This dynamic approach ensures that high-risk activities receive thorough scrutiny, while low-risk interactions remain smooth and unimpeded. Achieving this balance requires sophisticated tools and a thoughtful architecture.

Envoy Proxy: The Intelligent Traffic Cop for Adaptive Friction

Envoy Proxy stands out as a critical component in building an adaptive friction architecture. As a high-performance edge and service proxy, Envoy sits at the heart of your microservices network, managing all inbound and outbound traffic. Its extensible filter chain architecture makes it incredibly powerful for injecting custom logic into the request/response flow. This is where adaptive friction comes into play. By configuring Envoy filters, you can inspect requests, evaluate headers, IP addresses, device intelligence, and even integrate with external risk engines to make real-time decisions about the level of identity verification required. For instance, a user attempting to log in from an unfamiliar device or location might be subjected to an additional liveness check, whereas a routine login from a trusted device would proceed without extra steps. This granular control allows for precise application of security measures exactly where and when they are needed.

Integrating Didit for Robust Identity Verification

To effectively implement adaptive friction, you need a powerful and flexible identity verification platform. This is where Didit shines. Didit offers an AI-native, developer-first identity platform with modular building blocks that can be seamlessly integrated into your microservices architecture via clean APIs or a no-code Business Console. When Envoy identifies a high-risk scenario, it can trigger a call to Didit's services to initiate the appropriate verification step. For example:

  • If a transaction exceeds a certain monetary threshold, Envoy could redirect the user to complete a Didit ID Verification process, including OCR, MRZ, and barcode analysis, combined with Passive & Active Liveness to confirm the user's presence.
  • For age-restricted content or purchases, Envoy can trigger Didit's Age Estimation, a privacy-preserving method to verify user age from selfies with high accuracy.
  • If an IP address indicates a high fraud risk, Envoy could enforce a mandatory 1:1 Face Match against a previously verified identity.
  • For compliance-sensitive operations, Didit's AML Screening & Monitoring can be invoked to check against sanctions lists and PEP databases.

This integration allows you to dynamically adjust the "friction level" based on real-time assessments, enhancing security without compromising the user journey for low-risk interactions.

Designing Adaptive Workflows with Didit's Orchestration

Didit's modular architecture and orchestrated workflows are perfectly suited for adaptive friction. Instead of hardcoding complex verification sequences, you can define flexible rules within Didit's no-code engine. This allows you to create dynamic KYC (Know Your Customer) policies that respond to various signals. For instance, a new user from a high-risk country might be routed through a multi-step verification process involving ID Verification, Passive Liveness, and Proof of Address. In contrast, a returning user with a strong trust score might only require a quick Phone & Email Verification or even a Reusable KYC check, which significantly reduces friction by allowing users to verify their identity once and securely share that verification across multiple applications. The power lies in orchestrating these checks based on the context provided by Envoy and your own risk engine, ensuring a truly adaptive and intelligent security posture.

How Didit Helps

Didit is engineered to be the open, modular identity layer for the internet, making it the ideal partner for implementing adaptive friction in microservices. Our platform provides the necessary building blocks for comprehensive identity verification, including ID Verification (OCR, MRZ, barcodes), Passive & Active Liveness, 1:1 Face Match & Face Search, AML Screening & Monitoring, Proof of Address, and Age Estimation. What sets Didit apart is our AI-native approach, ensuring high accuracy and fraud detection capabilities. Our modular architecture means you can plug and play identity checks as needed, orchestrating complex workflows with our no-code engine. We empower developers with an instant sandbox, public documentation, and clean APIs, facilitating rapid integration. Furthermore, Didit offers Free Core KYC and a pay-per-successful check model with no setup fees, making advanced identity verification accessible and cost-effective for businesses of all sizes. By automating trust and orchestrating risk, Didit allows you to implement adaptive friction seamlessly, enhancing security and optimizing user experience globally and at scale.

Ready to Get Started?

Ready to see Didit in action? Get a free demo today.

Start verifying identities for free with Didit's free tier.

Infrastructure for identity and fraud.

One API for KYC, KYB, Transaction Monitoring, and Wallet Screening. Integrate in 5 minutes.

Start freeTalk to us
Ask an AI to summarise this page
Adaptive Friction: Envoy & Didit for Microservices Security.