무료
무료
월 $0. 신용카드 정보가 필요 없습니다.
- 무료 KYC 번들 (신분증 확인 + 패시브 라이브니스 + 얼굴 매칭 + 기기 및 IP 분석), 매월 500건 제공
- 차단된 사용자
- 중복 감지
- 모든 세션에서 200개 이상의 사기 신호 감지
- Didit 네트워크 전반에 걸쳐 재사용 가능한 KYC
- 사례 관리 플랫폼
- 워크플로 빌더
- 공개 문서, 샌드박스, SDK, MCP(Model Context Protocol) 서버
- 커뮤니티 지원
전 세계 2,000개 이상의 기관에서 신뢰합니다.
마켓플레이스의 의무
회사를 파악하고, 소유주를 확인하세요. 리스팅이 시작되기 전에.
EU 디지털 서비스법과 새로운 AML 패키지는 판매자 확인을 법적 의무로 규정합니다. Didit은 등록 조회, 소유자 추출, 모든 소유자에 대한 KYC, 문서 OCR 등 모든 과정을 동일한 판매자 기록에 연결하여 하나의 워크플로우로 제공합니다. 판매자당 $2.00, 소유자당 $0.33이며, 매월 500건의 확인은 무료입니다.
작동 방식
가입부터 인증된 사용자까지, 4단계로 완료하세요.
- 단계 01
워크플로우 생성
ID, 본인 확인, 얼굴 매칭, 제재 목록, 주소, 연령, 전화번호, 이메일, 맞춤 질문 등 필요한 검사를 선택하세요. 대시보드에서 드래그 앤 드롭으로 플로우를 만들거나, 동일한 플로우를 API에 게시할 수 있습니다. 조건에 따라 분기하고 A/B 테스트를 실행할 수 있으며, 코딩은 필요 없습니다.
- 단계 02
연동
Web, iOS, Android, React Native, Flutter SDK를 사용하여 네이티브로 임베드하거나, 호스팅된 페이지로 리디렉션할 수 있습니다. 또는 이메일, SMS, WhatsApp 등 어디든 사용자에게 링크를 보내기만 하면 됩니다. 스택에 맞는 방식을 선택하세요.
- 단계 03
사용자 플로우 진행
Didit은 카메라, 조명 안내, 모바일 핸드오프, 접근성을 호스팅합니다. 사용자가 플로우를 진행하는 동안 200개 이상의 사기 신호를 실시간으로 분석하고 모든 필드를 신뢰할 수 있는 데이터 소스와 대조하여 확인합니다. 2초 이내에 결과를 받아보세요.
- 단계 04
결과 확인
실시간 서명된 웹훅은 사용자가 승인, 거부 또는 검토 대기 상태가 되는 즉시 데이터베이스를 동기화합니다. 필요할 때 API를 폴링하거나, 콘솔을 열어 모든 세션과 신호를 검사하고 케이스를 직접 관리할 수 있습니다.
01 · 등록 조회
판매자의 법적 기록. 실시간으로 확인하세요.
영국 Companies House, 스페인 Mercantil, 독일 Handelsregister, 브라질 Junta Comercial 등 200개 이상의 국가 공신력 있는 등록 기관에서 직접 데이터를 가져옵니다. 법인명, 등록 번호, 상태, 설립일 등을 확인할 수 있습니다. 스크래핑이나 오래된 데이터는 사용하지 않습니다.
사업자 확인 모듈Didit · KYB · kyb_registry
Pull the seller's registry record live.
Maker Goods Ltd.Active
- Reg. numberGB · 1029847
- Incorporated2021-04-18
- Legal formPrivate LTD
- Registry sourceCompanies House
Government registries direct, no scraping.$2.00 per KYB
02 · 실소유자 추출
지분 25% 이상 모든 소유주를 확인합니다.
실소유자(UBO) 추출은 판매자의 25% 이상을 소유한 모든 개인을 식별하여 폐쇄 루프 KYC를 준비합니다. 등록 기관에서 이사 및 주주 정보를 가져오므로 목록이 증명 가능하며, 자가 증명 방식이 아닙니다.
사업자 확인 모듈Didit · KYB · kyb_key_people
Find every beneficial owner above 25%.
Beneficial ownerRoleShareKYC
- Sara OrtegaDirector · UBO60%Pass
- Niels JanssenUBO30%Pass
- Maker Holdings BVCorp. shareholder10%Pass
Each UBO gets a linked /v3/session/ for KYC at $0.33.
03 · 소유자별 KYC
모든 소유주에 대한 폐쇄 루프 신원 확인.
각 실소유자는 ID 확인, 수동 본인 확인, 1:1 얼굴 매칭, 기기 + IP 분석, AML 등 호스팅된 KYC 세션을 소유자당 $0.33에 받습니다. 결과는 상위 KYB 기록에 다시 연결되어 단일 승인으로 전체 판매자를 승인할 수 있습니다.
사용자 확인 모듈Didit · Linked KYC
Closed-loop KYC for each UBO.
UBO 2 / 3
Hosted flow on the owner's phone
- ID Verification$0.15
- Passive Liveness$0.10
- Face Match 1:1$0.05
- AML Screening$0.20
- IP Analysis$0.03
04 · 법인 AML
1,300개 이상의 목록에서 회사를 심사합니다.
제재 목록, 정치적 주요 인물(PEP), 부정적 미디어 목록은 매일 14개 언어로 업데이트됩니다. 위반 사항이 발견되면 자동으로 케이스가 생성되어 승인 전에 판매자를 차단합니다. 회사와 모든 소유자에게 적용됩니다.
AML 심사 모듈Didit · KYB · kyb_company_aml
Screen the company on 1,300+ lists.
HitSource listStatus
- Maker Goods Ltd. · cleanOFAC SDNPass
- Sara Ortega · cleanEU consolidatedPass
- Niels Janssen · PEP reviewDow Jones PEPReview
14 languages · daily delta refresh$0.20 / individual
05 · 문서 수집 + OCR
하나의 증빙 자료 팩, 서명 완료.
법인 설립 증명서, 세금 등록, 사업장 주소 증명 등은 호스팅된 플로우를 통해 수집되고 OCR로 판독됩니다. 등록 기록과 교차 확인하여 위조된 업로드는 감사 로그에 기록되기 전에 차단됩니다.
데이터베이스 검증 모듈Didit · KYB · kyb_documents
Collect and read the corporate evidence.
- Certificate of incorporationAuto-OCR · registry match
- Tax / VAT registrationNumber validated against authority
- Proof of business addressUtility, bank, registry letter
- Bank statement (last 90d)Optional · owner verification
One evidence pack, signed and timestamped.
06 · 지속적인 모니터링
온보딩 후에도 계속해서 인증 상태를 유지합니다.
판매자 및 모든 소유자에 대한 일일 AML 지속 모니터링(사용자당 연간 $0.07), 해산 여부 확인을 위한 등록 상태 감시, 소유자 변경 시(25% 초과) 알림, 문서 만료 알림 등 판매자가 판매하는 동안 규정을 준수하도록 돕습니다.
워크플로우 오케스트레이터Didit · Ongoing monitoring
Stay verified after onboarding.
SignalCadenceOn hit
- Ongoing AML (entity + UBO)Daily deltaOpen case
- Registry status (dissolved)DailySuspend
- UBO change >25%On detectRe-KYB
- Document expiry (T-30 days)CalendarNotify
Ongoing AML included at $0.07/user/year on linked UBO KYCs.
연동
하나의 세션. 하나의 웹훅. 모든 판매자.
KYB 세션을 시작하고, 서명된 결과를 확인한 후, 판매자를 활성화하세요.
POST /v3/session/KYB
$ curl -X POST https://verification.didit.me/v3/session/ \
-H "x-api-key: $DIDIT_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"workflow_id": "wf_kyb_marketplace",
"vendor_data": "seller-42",
"expected_country": "GB"
}'201생성됨{ "url": "verify.didit.me/..." }
판매자에게 URL을 이메일로 보냅니다. 상태 업데이트는 웹훅을 통해 전달됩니다.문서 →
GET /v3/session/{id}/decision/결정
$ curl https://verification.didit.me/v3/session/$SESSION/decision/ \
-H "x-api-key: $DIDIT_API_KEY"
# Decision payload (excerpted):
{ "session_kind": "business", "status": "APPROVED",
"decision": { "company": { "legal_name": "Maker Goods Ltd.", "registry_status": "ACTIVE" },
"key_people": [ ... kyc_session_url per owner ... ]
} }200OK상태 APPROVED · IN_REVIEW · DECLINED · AWAITING_USER
각 소유주의
kyc_session_url은 상위 KYB로 연결됩니다.문서 →에이전트 연동 준비 완료
단 한 번의 프롬프트로 마켓플레이스 판매자 KYB를 출시하세요.
Claude Code, Cursor, Codex, Devin, Aider 또는 Replit Agent에 붙여넣으세요. 스택 정보를 입력하면, 에이전트가 워크플로우를 구축하고, 판매자별 세션을 실행하며, 소유자별로 연결된 KYC를 처리하고, 웹훅을 연결합니다.
didit-integration-prompt.md
You are integrating Didit into a marketplace that lists third-party sellers (Etsy, Shopify, Faire, Amazon Handmade, OnBuy archetype). EU Digital Services Act Article 30 and the new EU Anti-Money Laundering (AML) package require you to verify the seller (KYB) before any listing goes live, and to keep that verification fresh while they sell.
Four obligations on every seller:
1. Pull the company's registry record (legal name, registration number, status, incorporation date) from the authoritative government source.
2. Extract every Ultimate Beneficial Owner (UBO) — anyone owning 25% or more — and run a closed-loop KYC on each one.
3. Screen the company AND every UBO against sanctions, Politically Exposed Persons (PEP), and adverse-media lists.
4. Collect the corporate evidence (certificate of incorporation, tax registration, proof of business address) and watch the seller continuously for status changes, UBO turnover, AML hits, and document expiry.
Pricing (verified live):
- KYB session (registry + company AML + documents + key-people flow): $2.00 per seller, pay-per-call
- Linked KYC per UBO: $0.33 per UBO (ID + Passive Liveness + Face Match + IP + AML)
- Ongoing AML monitoring: $0.07 per user per year
- First 500 KYC verifications free every month, forever
PRE-REQUISITES
- Production API key from https://business.didit.me (sandbox key in 60s, no card).
- Webhook endpoint with HMAC SHA-256 verification using the X-Signature-V2 header and your webhook secret.
- A workflow_id for KYB from the Workflow Builder. The workflow's type (KYC or KYB) drives the session shape — no explicit business flag is needed on the request.
- A workflow_id for KYC bundled with ID + Passive Liveness + Face Match + IP + AML, used for the linked UBO sessions.
STEP 1 — Create the KYB session
POST https://verification.didit.me/v3/session/
Headers:
x-api-key: <your api key>
Content-Type: application/json
Body:
{
"workflow_id": "<your KYB workflow id>",
"vendor_data": "<your seller id, max 256 chars>",
"callback_url": "https://<your-app>/sellers/kyb/callback",
"expected_country": "GB",
"metadata": {
"seller_id": "<your internal seller id>",
"marketplace_segment": "handmade"
}
}
Response: 201 Created with the hosted session URL. Email it to the seller or embed it in your onboarding UI. Behind the scenes, Didit runs:
- kyb_registry — live registry lookup against the country's authoritative source
- kyb_company_aml — sanctions / PEP / adverse media on the company
- kyb_documents — document collection + Optical Character Recognition (OCR) (incorporation, TIN, proof of address)
- kyb_key_people — UBO + director extraction with linked-KYC sessions
STEP 2 — Read the signed webhook on KYB completion
Didit POSTs to your callback. KYB SESSION statuses are UPPER_SNAKE_CASE:
Body (excerpted):
{
"session_id": "<uuid>",
"session_kind": "business",
"vendor_data": "<your seller id>",
"status": "APPROVED",
"decision": {
"company": {
"legal_name": "Maker Goods Ltd.",
"registration_number": "1029847",
"country_code": "GB",
"registry_status": "ACTIVE"
},
"features": [
{ "node_id": "kyb_registry", "status": "APPROVED" },
{ "node_id": "kyb_company_aml", "status": "APPROVED", "total_hits": 0 },
{ "node_id": "kyb_documents", "status": "APPROVED" },
{ "node_id": "kyb_key_people", "status": "APPROVED",
"key_people": [
{ "uuid": "<uuid>", "name": "Sara Ortega", "role": "director", "is_ubo": true, "ownership_percentage": 60, "kyc_status": "Approved", "kyc_session_url": "https://verify.didit.me/..." },
{ "uuid": "<uuid>", "name": "Niels Janssen", "role": "shareholder", "is_ubo": true, "ownership_percentage": 30, "kyc_status": "Approved", "kyc_session_url": "https://verify.didit.me/..." }
]
}
]
}
}
SESSION status enum (KYB · UPPER_SNAKE_CASE):
NOT_STARTED | IN_PROGRESS | AWAITING_USER | APPROVED | DECLINED | IN_REVIEW | RESUBMITTED | ABANDONED | EXPIRED
FEATURE status enum (inside decision.features[].status · UPPER_SNAKE_CASE):
NOT_FINISHED | APPROVED | DECLINED | IN_REVIEW | RESUB_REQUESTED | AWAITING_USER
Note: kyc_status on key_people IS Title Case ("Approved" / "Declined" / "Pending") — those are KYC sessions linked from inside the KYB feature, not KYB features themselves.
Verify the X-Signature-V2 header BEFORE reading the body — HMAC SHA-256 of the raw bytes with your webhook secret.
STEP 3 — Linked KYC on each UBO is automatic
When the seller completes the hosted KYB flow and submits the UBO list, Didit spawns a child KYC session per UBO using the KYC workflow you configured on the KYB workflow. Each child session has its own session_id and its own hosted URL on the kyc_session_url field inside the key-people block.
You don't need to call POST /v3/session/ again for the UBOs — they're stitched to the parent KYB session automatically. You DO need to drive each UBO through their hosted KYC URL (email it, SMS it, embed it in your seller dashboard).
Per-UBO KYC session status is Title Case With Spaces (KYC convention):
Approved | Declined | In Review | Resubmitted | Expired | Not Finished | Kyc Expired | Abandoned
Linked-KYC pricing: $0.33 per UBO.
STEP 4 — Retrieve the decision
GET https://verification.didit.me/v3/session/{sessionId}/decision/
Headers:
x-api-key: <your api key>
Returns the full KYB decision payload — company block, AML hits, document OCR, every UBO with their kyc_status and kyc_session_url. Use this for audit-pack export and for re-rendering the seller status in your admin UI.
STEP 5 — Decide
Branch logic:
APPROVED → activate the seller, allow listings.
IN_REVIEW → keep listings off, wait for analyst webhook update.
DECLINED → refuse onboarding, log the decision_reason_code.
AWAITING_USER → nudge the seller to complete the pending step (typically UBO list submission).
Pre-DSA Article 30: store the trader information (legal name, registration number, address, contact) in your trader-information record alongside the decision payload.
STEP 6 — Ongoing monitoring is automatic when enabled
Enable Ongoing AML on the seller and on each UBO ($0.07/user/year). The session status updates automatically as new sanctions hits land, dissolutions are filed in the registry, or document expirations approach. Your webhook fires on every state change.
No separate endpoint to call — the same workflow drives it.
WEBHOOK EVENT NAMES
- status.updated — session status changed (filter on data.session_kind === "business" for KYB).
- data.updated — session data changed (registry refresh, key-people submission, document upload, ongoing AML hit).
- business.status.updated — the linked Business entity changed.
- business.data.updated — Business entity data changed.
Verify X-Signature-V2 on every payload. The webhook secret is per-environment — sandbox key is separate from production.
CONSTRAINTS
- KYB session statuses use UPPER_SNAKE_CASE (APPROVED, IN_REVIEW, DECLINED). KYC session statuses use Title Case (Approved, In Review, Declined). They live in different APIs — don't mix them in the same code path.
- Default record retention is 5 years post-relationship per the EU AML package; some jurisdictions go higher.
- You cannot replace the registry lookup with a self-attested form — DSA Article 30 requires the data to come from an authoritative source.
Read the docs:
- https://docs.didit.me/business-verification/integration-guide
- https://docs.didit.me/business-verification/statuses
- https://docs.didit.me/business-verification/webhooks
- https://docs.didit.me/sessions-api/create-session
- https://docs.didit.me/sessions-api/retrieve-session
- https://docs.didit.me/integration/webhooks
Start free at https://business.didit.me — sandbox key in 60 seconds, 500 KYC verifications free every month, no credit card.더 많은 정보가 필요하신가요? 전체 모듈 문서를 확인해 보세요.docs.didit.me →
설계부터 규정 준수
클릭 한 번으로 새로운 국가에 진출하세요. 어려운 일은 저희가 처리합니다.
저희는 현지 자회사를 설립하고, 라이선스를 확보하며, 침투 테스트를 실행하고, 인증을 획득하며, 모든 새로운 규정을 준수합니다. 새로운 국가에서 인증을 배포하려면 토글만 켜면 됩니다. 220개 이상의 국가에서 서비스 중이며, 매 분기마다 감사 및 침투 테스트를 거칩니다. EU 회원국 정부가 대면 인증보다 더 안전하다고 공식적으로 인정한 유일한 신원 확인 제공업체입니다.
보안 및 규정 준수 문서 읽기EU 금융 샌드박스
Tesoro · SEPBLAC · BdE
ISO/IEC 27001
정보 보안 · 2026
SOC 2 · Type I
AICPA · 2026
iBeta Level 1 PAD
NIST / NIAP · 2026
GDPR
EU 2016/679
DORA
EU 2022/2554
MiCA
EU 2023/1114
AMLD6 · eIDAS 2.0
설계부터 EU 규정 준수
검증된 수치
검증된 수치
- $0.00KYB 세션당, 등록, AML, 문서, 주요 인물 흐름.
- $0.00지분 25% 이상 모든 실소유주에 대한 연결된 KYC당.
- 0+정부 등록 데이터가 실시간으로 연동되는 국가 수.
- 0매월 계정당 무료 KYC 인증 건수.
세 가지 티어, 하나의 가격표
무료로 시작하고, 사용량에 따라 지불하며, 엔터프라이즈로 확장하세요.
매월 500건의 무료 본인 확인을 영구적으로 제공합니다. 프로덕션 환경에서는 사용한 만큼만 지불하세요. 엔터프라이즈 고객에게는 맞춤형 계약, 데이터 상주 및 SLA(서비스 수준 협약)를 제공합니다.
가장 인기
사용한 만큼 지불
사용량 기반 요금제
사용한 만큼만 지불하세요. 25개 이상의 모듈. 모듈별 공개 가격, 월 최소 요금 없음.
- 전체 KYC $0.33 (신분증 + 생체 인식 + IP / 기기)
- 10,000개 이상의 AML 데이터셋, 제재, PEP, 부정적 미디어
- 데이터베이스 검증을 위한 1,000개 이상의 정부 데이터 소스
- 거래당 $0.02의 거래 모니터링
- 기업당 $2.00의 실시간 KYB
- 검사당 $0.15의 지갑 스크리닝
- 화이트 라벨 검증 플로우, 귀사의 브랜드, Didit의 인프라
엔터프라이즈
엔터프라이즈
맞춤형 MSA 및 SLA. 대규모 볼륨 및 규제 프로그램에 적합합니다.
- 연간 계약
- 맞춤형 MSA, DPA, SLA
- 전용 Slack 및 WhatsApp 채널
- 주문형 수동 검토자
- 리셀러 및 화이트 라벨 조건
- 독점 기능 및 파트너 통합
- 전담 CSM, 보안 검토, 규정 준수 지원
무료로 시작 → 확인 실행 시에만 지불 → 맞춤형 계약, SLA 또는 데이터 상주를 위해 엔터프라이즈 잠금 해제.
FAQ
자주 묻는 질문
What is Didit?
Didit is infrastructure for identity and fraud, the platform we wished existed when we were building products ourselves: open, flexible, and developer-friendly, so it works as a real part of your stack instead of a black box you integrate around.
One API covers verifying people (KYC, know your customer), verifying businesses (KYB, know your business), screening crypto wallets (KYT, know your transaction), and monitoring transactions in real time, on a stack built to be:
- Fast, sub-2-second p99 on every session
- Reliable, in production with 1,500+ companies across 220+ countries
- Secure, SOC 2 Type 1, ISO 27001, GDPR-native, and formally attested by Spain's financial regulator as safer than verifying someone in person
The footprint underneath: 14,000+ document types in 48+ languages, 1,000+ data sources, and 200+ fraud signals on every session. The Didit infrastructure dynamically learns from every session and gets better every day.
What does KYB actually mean for a marketplace?
Know Your Business (KYB) is the process of verifying that a company is real, that it's still trading, and that you know who actually owns and controls it. For a marketplace it has three pieces:
- Verify the company, name, registration number, status, and incorporation date pulled from the country's official registry
- Find the beneficial owners, every person owning 25% or more of the company
- Run KYC on each owner, same identity check you'd run on a consumer signup, just multiplied by the number of owners
It's the business-side equivalent of KYC (Know Your Customer). On a marketplace that lists third-party sellers, you owe it before any listing goes live. Didit ships the whole recipe as one workflow for $2.00 per seller + $0.33 per owner.
Who actually has to do this?
Any marketplace that lets a third party offer goods or services to consumers and takes payment for it. That covers:
- Goods marketplaces, Etsy, Shopify, Faire, Amazon Handmade, OnBuy archetype
- Service marketplaces, Fiverr, Upwork, Bark, ClassPass for studios
- Travel and stays, Booking, Airbnb hosts who operate as businesses
- Food and delivery, restaurant partners on Uber Eats, DoorDash, Deliveroo
- Mobility, drivers and operators on Uber, Bolt, Cabify
In the European Union the Digital Services Act (the EU's online-platform rulebook) makes seller verification a hard requirement, with material fines for non-compliance. The UK, US, and most of Latin America have parallel obligations under their own consumer-protection and anti-money-laundering rules.
How fast is the verification for my end user?
The full flow normally takes under 30 seconds end-to-end, pick up the ID, snap the document, snap the selfie, done. That is the fastest in the market. Legacy KYC providers usually take more than 90 seconds for the same flow.
On the back end, Didit returns the result in under two seconds at p99, measured from the moment the user finishes the selfie to the moment your webhook fires. Mobile capture is tuned for slow phones and slow networks: progressive image compression, lazy software development kit load, and a one-tap hand-off from desktop to phone via QR code if the user starts on web.
What goes wrong if I skip KYB?
Three things, in order of how often they bite a marketplace:
- Fraud sellers, fake businesses listing real goods they don't have, collecting payment, vanishing. The marketplace eats the chargebacks and the brand damage.
- Sanctioned counterparties, selling on behalf of a designated entity or person. In the EU and US this is strict liability; the marketplace owes the fines regardless of intent.
- Regulator enforcement, under the EU Digital Services Act the European Commission can fine a very-large online platform up to 6% of global turnover. National regulators have parallel enforcement under consumer-protection law.
The historical record on this is unforgiving. Almost every major marketplace has been fined for letting unverified sellers operate. KYB is the standard control.
What happens if a user fails, abandons, or expires?
Every session lands on one of seven clear statuses, so your code always knows what to do:
Approved, every check passed. Move the user forward.Declined, one or more checks failed. You can allow the user to resubmit the specific failed step (for example, re-take the selfie) without re-running the whole flow.In Review, flagged for compliance review. Open the case in the console, see every signal, decide approve or decline.In Progress, user is mid-flow.Not Started, link sent, user has not opened it yet. Send a reminder if it sits too long.Abandoned, user opened the link but did not finish in time. Re-engage or expire.Expired, the session link aged out. Create a new session.
A signed webhook fires on every status change, so your database always stays in sync. Abandoned and declined sessions are free.
Where does my customer data live and how is it protected?
Production data is processed and stored in the European Union by default, on Amazon Web Services. Enterprise contracts can request alternative regions for jurisdictions whose regulators require it.
Encryption everywhere. AES-256 at rest across every database, object store, and backup. Transport Layer Security 1.3 in transit on every API call, webhook, and Business Console session. Biometric data is encrypted under a separate Customer Master Key.
Retention is yours to control. Default retention is indefinite (unlimited) unless you configure shorter, between 30 days and 10 years per application, and you can delete any individual session at any time from the dashboard or the API.
Certifications: SOC 2 Type 1 (Type 2 audit in progress), ISO/IEC 27001:2022, iBeta Level 1 PAD, and a public attestation from Spain''s Tesoro / SEPBLAC / CNMV that Didit''s remote identity verification is safer than verifying someone in person. Full report at /security-compliance.
Is Didit compliant for my industry?
Didit ships compliant by default for the regulators that matter to identity infrastructure:
- GDPR + UK GDPR, controller / processor split, full Data Processing Agreement published, lead supervisory authority named (Spain''s AEPD).
- AMLD6 + EU AML Single Rulebook, 1,300+ sanctions, politically exposed person, and adverse-media lists screened in real time.
- eIDAS 2.0, EU Digital Identity Wallet aligned; reusable-identity ready.
- MiCA (Markets in Crypto-Assets), ready for crypto on-ramps, exchanges, and custodians.
- DORA, Digital Operational Resilience Act, EU financial-services operational resilience.
- BIPA, CUBI, Washington HB 1493, CCPA / CPRA, US biometric privacy (Illinois, Texas, Washington) and California consumer privacy.
- UK Online Safety Act, age-gating and child-safety obligations.
- FATF Travel Rule, originator and beneficiary data on crypto transfers, IVMS-101 interoperable.
Detailed memo, every certificate, every regulator letter: /security-compliance.
How fast can I integrate and start verifying users?
- 60 seconds to a sandbox account at business.didit.me, no credit card.
- 5 minutes to a working verification through Claude Code, Cursor, or any coding agent via our Model Context Protocol (MCP) server.
- A weekend to a production-ready integration with signed-webhook verification, retries, and a remediation flow when a user is declined.
Three integration paths, pick whichever fits your stack:
- Embed natively with our Web, iOS, Android, React Native, or Flutter SDK.
- Redirect the user to the hosted verification page, zero SDK.
- Send a link by email, SMS, WhatsApp, or any channel, zero front-end work.
Same dashboard, same billing, same pay-per-success price for all three. Step-by-step guide at docs.didit.me/integration/integration-prompt.
How do statuses work?
Two enum sets, one per session kind:
- KYB session, APPROVED, IN_REVIEW, DECLINED, AWAITING_USER, plus the resubmitted / abandoned / expired states the docs cover
- Linked KYC session per owner, Approved, In Review, Declined, Resubmitted, Expired, Not Finished, Kyc Expired, Abandoned
The casing difference is deliberate, UPPER_SNAKE for the KYB session, Title Case for the KYC session. They sit in different APIs; don't mix them in the same code branch.
For a webhook handler, switch on the parent KYB status. AWAITING_USER is the most common interim state, it usually means the seller still has to submit the owner list or re-upload a document. The state transitions to IN_REVIEW or APPROVED automatically once they do.
What does ongoing monitoring look like?
Verification at signup is necessary but not sufficient, sellers change over time, owners move in and out, and sanctions lists update daily. Didit's ongoing monitoring catches all of it:
- Ongoing AML on the company and every owner, daily delta refresh at $0.07 per user per year
- Registry status watch, dissolutions, strike-offs, and adverse filings trigger a webhook the day they hit the source
- Ownership change detection, if a new UBO crosses the 25% threshold, the seller is automatically queued for re-KYB
- Document expiry, passport, ID card, and address proof expirations fire a 30-day-out reminder
Everything flows through the same status.updated webhook you already wired for onboarding. No new endpoint, no extra integration.
How does Didit compare on price?
Most KYB providers price between $8 and $50 per check, often with floor commits in the thousands of dollars per month and per-country surcharges. The Middesk / Persona KYB / Onfido Business archetype.
Didit's published price is $2.00 per KYB session + $0.33 per linked KYC. No floor, no commit, no per-country surcharge, no hidden registry fees. Pay only for what runs.
That's 3–5× cheaper than the incumbent stack on the same regulatory output. The economics matter because seller verification is a per-listing cost, at scale the difference between $2 and $25 is the difference between accepting a seller and refusing them. Full pricing at /pricing.