Orchestrating Adaptive Friction with Didit & Temporal.io

Dynamic Verification FlowImplement adaptive identity verification by dynamically adjusting friction based on real-time risk assessments, ensuring a balanced approach to security and user experience.

Temporal.io for State ManagementUtilize Temporal.io's durable execution to manage complex, long-running identity verification workflows, handling retries, timeouts, and human intervention seamlessly across distributed systems.

Didit's API for Core Identity ChecksIntegrate Didit's comprehensive suite of identity verification products, including ID Verification, Liveness, and AML Screening, through clean APIs to power the core components of your adaptive workflows.

Modular & AI-Native AdvantageDidit's modular, AI-native architecture and no-code Business Console enable rapid deployment and customization of workflows, offering Free Core KYC and no setup fees for scalable identity solutions.

The Challenge of Adaptive Friction in Identity Verification

In today's digital landscape, balancing user experience with robust security is paramount. Traditional, static identity verification processes often fail to adapt to varying risk profiles, leading to either excessive friction for low-risk users or insufficient security for high-risk ones. The ideal solution involves an adaptive friction model, where the level of verification effort dynamically adjusts based on contextual factors and real-time risk assessments. This requires sophisticated orchestration, managing multi-step processes, potential human reviews, and asynchronous data flows.

Building such a system from scratch presents significant challenges, especially for TypeScript developers working within distributed environments. You need to manage state across long-running processes, handle failures gracefully, implement retries, and integrate various identity checks seamlessly. This is where the powerful combination of Didit's AI-native identity platform and Temporal.io's durable execution comes into play.

Temporal.io: The Orchestration Layer for Complex Workflows

Temporal.io is a powerful open-source platform for building and operating fault-tolerant, scalable distributed applications. For identity verification, it acts as the perfect orchestration layer, allowing developers to define complex, long-running workflows as code. Imagine a user onboarding journey that might involve:

1. Initial ID Verification (Didit's OCR, MRZ, barcodes)
2. Passive & Active Liveness checks for fraud prevention
3. 1:1 Face Match against the document photo
4. Conditional AML Screening based on initial risk scores
5. Optional Proof of Address or Phone & Email Verification
6. Potential manual review by an agent if automated checks flag anomalies

Each of these steps can be an activity in a Temporal workflow. Temporal ensures that even if your services crash, network requests fail, or external APIs are temporarily unavailable, the workflow state is preserved, and execution resumes exactly where it left off. This is critical for maintaining a smooth user journey and ensuring compliance, especially for processes that might span minutes, hours, or even days due to human intervention.

With TypeScript, you can define your Temporal workflows and activities with strong typing, improving code quality and maintainability. This allows you to model your adaptive friction logic directly within your workflow definitions, making it easier to implement conditional branching and dynamic adjustments to verification steps.

Integrating Didit's API for Core Identity Checks

Didit provides the foundational building blocks for all your identity verification needs, delivered via clean APIs. Integrating Didit into your Temporal workflows is straightforward. For instance, when a user initiates a verification session, your Temporal workflow can call Didit's API to create a session for a specific workflow ID. Didit's Business Console allows you to create these workflows easily, combining features like ID Verification, Passive & Active Liveness, and AML Screening & Monitoring. You can even use Didit's Age Estimation for age-gated services or NFC Verification for enhanced security.

Didit's API offers a workflow_id parameter when creating a session, allowing you to trigger pre-configured verification flows. Your Temporal workflow can then listen for webhooks from Didit, which notify your system about the status and results of each verification step or the overall session completion. This asynchronous communication is perfectly handled by Temporal's event-driven architecture, eliminating the need for complex polling logic.

For example, a Temporal activity could be responsible for initiating a Didit session and waiting for a specific webhook event. If the webhook indicates a successful ID verification but a low-confidence liveness score, your workflow could then conditionally trigger an additional step, such as a manual review activity or a request for more evidence, demonstrating true adaptive friction.

Building Adaptive Friction Workflows with TypeScript

Let's consider a practical example. A new user signs up for a financial service. Instead of a one-size-fits-all KYC process, we want to adapt. Low-risk users (e.g., from trusted IP addresses, low transaction value) might only require basic ID Verification and Passive Liveness. High-risk users (e.g., from suspicious IPs, high transaction value, or previous fraud flags) might require NFC Verification, Active Liveness, AML Screening, and a mandatory manual review.

Using Temporal with TypeScript, you can define a main workflow that takes user context as input. This workflow can then use conditional logic to select different Didit workflow IDs or chain multiple Didit API calls based on the risk assessment. For instance:

// Example Temporal Workflow snippet
import { proxyActivities } from '@temporalio/workflow';
import type * as activities from './activities';

const { initiateDiditSession, waitForDiditWebhook, performManualReview } = proxyActivities({ startToCloseTimeout: '5 minutes' });

export async function onboardingWorkflow(userId: string, riskScore: number): Promise<string> {
  let diditWorkflowId: string;

  if (riskScore < 30) {
    // Low risk: Basic KYC with passive liveness
    diditWorkflowId = 'uuid-for-basic-kyc-workflow';
  } else if (riskScore < 70) {
    // Medium risk: Standard KYC with active liveness and face match
    diditWorkflowId = 'uuid-for-standard-kyc-workflow';
  } else {
    // High risk: Enhanced KYC with NFC, AML, and manual review
    diditWorkflowId = 'uuid-for-enhanced-kyc-workflow';
  }

  const sessionId = await initiateDiditSession(userId, diditWorkflowId);
  const verificationResult = await waitForDiditWebhook(sessionId);

  if (verificationResult.status === 'PENDING_MANUAL_REVIEW') {
    await performManualReview(sessionId);
  }

  return `Verification for user ${userId} completed with status: ${verificationResult.status}`;
}

This snippet illustrates how Temporal orchestrates the flow, with Didit handling the actual identity checks. The initiateDiditSession and waitForDiditWebhook would be Temporal activities wrapping Didit API calls and webhook listener logic. The performManualReview activity could trigger an internal tool for your support team, and Temporal would wait for its completion, ensuring the entire process is robust and traceable.

How Didit Helps

Didit is the AI-native, developer-first identity platform that provides the powerful building blocks for orchestrating adaptive friction workflows. Our modular architecture allows you to plug-and-play identity checks like ID Verification (OCR, MRZ, barcodes), Passive & Active Liveness, 1:1 Face Match & Face Search, and AML Screening & Monitoring into your Temporal workflows with ease. Didit's no-code Business Console enables you to design comprehensive workflows, combining various features and defining thresholds, without writing a single line of code. These pre-configured workflows can then be triggered via our clean APIs, simplifying integration.

Didit's advantages include Free Core KYC, a flexible pay-per-successful-check model, and no setup fees, making it accessible for businesses of all sizes. Our AI-native approach ensures high accuracy and fraud detection capabilities, while our global design supports verification across numerous countries and document types. By leveraging Didit, you can focus on your core business logic within Temporal, confident that the underlying identity verification is handled by a leading, robust platform.

Ready to Get Started?

Ready to see Didit in action? Get a free demo today.

Start verifying identities for free with Didit's free tier.