Real-time KYC with AWS Kinesis and Didit Webhooks

Streamlined ComplianceIntegrate real-time identity verification results from Didit directly into your compliance workflows using secure webhooks, ensuring immediate action on verification outcomes.

Scalable Event ProcessingUtilize AWS Kinesis to build a highly scalable and fault-tolerant data streaming pipeline capable of ingesting and processing millions of KYC events per second.

Dynamic Risk DecisioningCombine Didit's comprehensive verification data with your internal risk models within a Kinesis-driven architecture to make instantaneous, data-driven decisions on user onboarding and transactions.

Modular & AI-Native IdentityDidit provides an AI-native, modular identity platform with free Core KYC, offering flexible APIs and secure webhooks to power your real-time KYC engine without setup fees.

The Need for Real-time KYC Decisioning

In today's fast-paced digital economy, traditional Know Your Customer (KYC) processes that involve manual reviews and delayed decisions are no longer sufficient. Businesses, especially in finance, e-commerce, and gaming, require instantaneous identity verification to onboard users quickly, prevent fraud, and maintain compliance with regulations like AML (Anti-Money Laundering). A real-time KYC decisioning engine allows companies to assess risk and make decisions within seconds, significantly improving user experience and operational efficiency. This shift from batch processing to real-time operations demands a robust, scalable, and asynchronous architecture.

Building such an engine requires a seamless flow of data from identity verification providers to your internal systems. This is where the combination of powerful streaming services like AWS Kinesis and event-driven notifications like Didit's webhooks becomes invaluable. By integrating these technologies, businesses can create a proactive and highly responsive compliance framework, moving beyond reactive measures to truly anticipate and mitigate risks.

Leveraging AWS Kinesis for Scalable Event Processing

AWS Kinesis is a powerful suite of services for processing large streams of data in real time. For a real-time KYC engine, Kinesis Data Streams is the ideal component. It acts as a highly scalable and durable data pipeline, capable of ingesting gigabytes of data per second from hundreds of thousands of sources. When Didit sends a webhook notification about a completed identity verification, this event can be immediately published to a Kinesis Data Stream.

Here's how it works:

1. Data Ingestion: Your webhook endpoint receives the verification result from Didit. Instead of directly processing it, the endpoint acts as a producer, publishing the raw event data to a Kinesis Data Stream. This decouples the webhook receiver from the downstream processing logic, ensuring that your system can handle spikes in verification requests without dropping events.
2. Stream Processing: Kinesis Data Analytics or AWS Lambda functions can then act as consumers, reading from the stream. These consumers can perform various tasks: enrich the data with internal customer information, run fraud detection algorithms using Didit's Passive & Active Liveness data, or trigger further checks like Didit's AML Screening.
3. Storage and Action: Processed data can be stored in real-time databases (e.g., DynamoDB) or data warehouses, and critical decisions (e.g., 'approve', 'deny', 'review') can trigger subsequent actions, such as account activation or flagging for manual review. This architecture ensures that every verification event is captured, processed, and acted upon without delay.

Integrating Didit's Secure Webhooks for Instant Notifications

Didit's webhooks are the cornerstone of receiving real-time identity verification results. When a user completes an ID Verification, Liveness check, or any other step in a Didit workflow, a notification is immediately sent to your configured endpoint. This push-based mechanism eliminates the need for constant polling, reducing latency and resource consumption.

Key features of Didit's webhooks for a real-time engine:

• Real-time Updates: Receive instant notifications on the status of identity verification sessions, including success, failure, or a need for review. This allows your Kinesis stream to be populated with the most current verification outcomes.
• Secure Communication: Didit employs HMAC-SHA256 signature verification for all webhooks (V3 API webhook format is recommended). This is crucial for ensuring the integrity and authenticity of the data you receive. Your webhook endpoint must validate this signature before processing the payload to prevent spoofing or tampering. Didit provides the secret_shared_key through its API for this purpose, and you can even rotate this key via the Management API for enhanced security.
• Configurable Payload Versions: Didit allows you to specify the webhook payload version, ensuring compatibility with your system. The v3 version is recommended for its comprehensive data structure.
• Orchestrated Workflows: Didit's Business Console allows you to build complex, multi-step identity verification flows (workflows). When a workflow completes, the webhook provides a consolidated result, simplifying your decisioning logic. For example, a single webhook can confirm a successful ID Verification combined with a passed Liveness check, and a clear AML Screening result.

By integrating Didit's webhooks with AWS Kinesis, you create a robust, event-driven architecture that can scale to meet the demands of any business, ensuring compliance and fraud prevention are handled in real-time.

Building Your Real-time Decisioning Logic

With Didit's verification results flowing into your Kinesis stream, the next step is to build the decisioning logic that determines the outcome of each KYC event. This logic can reside within your Kinesis consumers (e.g., Lambda functions) and should be designed to be modular and adaptable.

Consider the following components for your decisioning logic:

• Data Aggregation: Combine Didit's verification data (e.g., ID Verification score, Liveness confidence, AML watchlists status) with other internal data points like user behavior, transaction history, and IP analysis.
• Rule Engine: Implement a rules engine that evaluates the aggregated data against predefined compliance and risk policies. For instance, if Didit's ID Verification returns a low confidence score or a mismatch, and the user's IP address is from a high-risk region, the rules engine might automatically flag the user for manual review.
• Machine Learning Models: For more sophisticated scenarios, integrate machine learning models that can predict fraud risk based on the combined data. These models can continuously learn and adapt, improving the accuracy of your real-time decisions.
• Dynamic Workflows: Leverage Didit's Orchestrated Workflows to define conditional logic directly within the identity verification process. If an initial ID Verification passes, the workflow might proceed to an AML check. If it fails, it might automatically redirect the user to a different verification path or block them.

The goal is to automate as many decisions as possible while providing clear pathways for exceptions and manual reviews. This ensures that your system remains compliant, secure, and efficient, handling a high volume of verification requests without human intervention for routine cases.

How Didit Helps

Didit provides the essential building blocks for creating a cutting-edge, real-time KYC decisioning engine. Our AI-native, developer-first identity platform offers a modular architecture that easily integrates with your existing infrastructure, including AWS Kinesis.

Here's how Didit empowers your real-time KYC:

• ID Verification: Our robust ID Verification (OCR, MRZ, barcodes) provides accurate document verification, feeding high-quality data into your Kinesis streams for immediate processing.
• Passive & Active Liveness: Combat deepfakes and presentation attacks with our advanced liveness detection, ensuring the person presenting the ID is real and present. These results are instantly available via webhooks.
• AML Screening & Monitoring: Integrate real-time checks against global watchlists and sanctions lists directly into your workflows, with results pushed to your system for instant compliance decisions.
• Orchestrated Workflows: Design complex, multi-step verification journeys using our no-code Business Console. These workflows can include various Didit products and custom logic, with the final outcome delivered via a single, comprehensive webhook.
• Developer-First Approach: With an instant sandbox, public documentation, and clean APIs, integrating Didit's webhooks and other services into your Kinesis-powered architecture is straightforward and efficient.
• Free Core KYC & No Setup Fees: Didit's commitment to accessibility means you can start building your real-time KYC engine today with our Free Core KYC offering, scaling your operations without upfront costs. Our pay-per-successful check model ensures cost-effectiveness.

Didit's platform is designed to be the open, modular identity layer of the internet, allowing you to compose verification, orchestrate risk, and automate trust globally and at scale, all powered by real-time data flows.

Ready to Get Started?

Ready to see Didit in action? Get a free demo today.

Start verifying identities for free with Didit's free tier.