Skip to main content
Didit Raises $2M and Joins Y Combinator (W26)
Didit
Transaction Monitoring

Real-time fraud rules.
Fiat. Crypto. One engine.

Score every transaction in real time against 150+ preset rules — sanctions, structuring, velocity, high-risk jurisdiction, crypto wallet risk. Case queue and SAR (suspicious activity report) workflow included. $0.02 per transaction, 500 free/month.

Start freeRead the docs
Backed by
Y Combinator
GBTC Finance
Bondex
Crnogorski Telekom
UCSF Neuroscape
Shiply
Adelantos

Trusted by 2,000+ organizations worldwide.

11 seeded bundles

Real-time rule engine.
Fiat + crypto.

Velocity, structuring, sanctioned counterparty, high-risk jurisdiction. Case queue, SAR-ready workflow, Travel Rule. Auto-pause and re-verify the user when a soft rule fires.

How it works

From sign-up to verified user in four steps.

  1. Step 01

    Create the workflow

    Pick the checks you want — ID, liveness, face match, sanctions, address, age, phone, email, custom questions. Drag them into a flow in the dashboard, or post the same flow to our API. Branch on conditions, run A/B tests, no code required.

  2. Step 02

    Integrate

    Embed natively with our Web, iOS, Android, React Native, or Flutter SDK. Redirect to a hosted page. Or just send your user a link — by email, SMS, WhatsApp, anywhere. Pick what fits your stack.

  3. Step 03

    User goes through the flow

    Didit hosts the camera, the lighting cues, the mobile hand-off, and accessibility. While the user is in the flow, we score 200+ fraud signals in real time and verify every field against authoritative data sources. Result in under two seconds.

  4. Step 04

    You receive the results

    Real-time signed webhooks keep your database in sync the moment a user is approved, declined, or sent to review. Poll the API on demand. Or open the console to inspect every session, every signal, and manage cases your way.

Built for compliance · Built for developers · Open by design

Six capabilities. One product line. Transaction Monitoring.

Every capability is part of the same module — one endpoint, one JSON shape, one price. Switch bundles on per application, tune any threshold without losing the preset, or compose custom rules with the same operators.
Read the docsGet an API key
01 · Real-time engine

Sub-second decisioning on every transaction.

Send a transaction, get the verdict in the response — typically 150–350 ms for a fiat transfer against twelve active rules. Four statuses (approved, in review, declined, awaiting user) plus the cumulative score and the rules that matched. No polling.
DecisionPOST /v3/transactions/ · 238 ms
txn_finance0001EUR 1,200 · OUTBOUND
Rules · 12 activescore 42
APPROVED
IN_REVIEW
DECLINED
AWAITING_USER
02 · 11 seeded bundles

150+ preset rules. Production-ready on day one.

Eleven bundles auto-created on every application — finance, AML + CTF (counter-terrorism financing), FATF (Financial Action Task Force), crypto monitoring, Travel Rule, device intelligence, fraud prevention, anomaly detection, responsible gaming, e-commerce, BNPL (buy-now-pay-later). Tune thresholds or disable, presets stay intact for the regulator baseline.
Rule bundles150+ presets
  • finance28 rules
  • aml_ctf6 rules
  • crypto_monitoring15 rules
  • travel_rule51 rules
  • device_intelligence11 rules
  • responsible_gaming11 rules
+ 5 more: fatf, fraud, e_commerce, check_fraud, bnpl
03 · Velocity windows

Aggregations that single-transaction checks miss.

Velocity rules aggregate history over windows from one hour to 30 days. Three metrics — count, sum, or distinct count — scoped per subject, counterparty, device, or direction. Pre-indexed, so window size doesn't blow up latency.
Velocity rulewindow: 7d
count
inbound >= 20
sum
outbound >= $50,000
distinct
counterparties >= 6
evaluated per subject · per device · per counterparty
04 · Cases + SAR

Every alert lands in one queue. SAR-ready.

Every in-review or declined transaction generates an alert in Case Management with matched rules, score contribution, and linked transactions. Analysts triage through a state machine, then generate a filing-ready SAR (suspicious activity report) PDF plus structured metadata for your financial intelligence unit.
Alert · case_8f3assigned: m.lopez
  1. OPENrule: rapid-in-and-out
  2. INVESTIGATINGevidence attached · 3 txns
  3. PENDING_SARreviewer: m.lopez
  4. SAR_FILEDFinCEN ref pending
Generate SAR → sar_8f3.pdf + structured_metadata.json
05 · Auto-remediation

The happy path takes zero analyst time.

When a soft rule fires — think rapid-in-and-out movement on an otherwise-clean account — we hold the transaction and email the user a one-tap re-verification link. If they pass, the transaction approves; if they fail or abandon, it declines. No analyst opens the case.
Auto-remediationanalyst time: 0s
Rule trips
rapid-in-and-out · +60 score · AWAITING_USER
Remediation KYC sent
one-tap link · selfie + liveness · user's phone
User passes
txn auto-resolves → APPROVED
06 · Fiat + crypto

One engine for both halves of the transfer.

Mark a transfer as fiat or crypto on the same endpoint. Crypto transfers auto-run on-chain wallet screening at $0.15 per check (or bring your own screening provider) — enriching the response with risk score, source-of-funds breakdown, and a network graph. 12 regional Travel Rule regimes ship out of the box.
One enginefiat + crypto
fiat · EUR
velocity 7d
structuring detection
PEP · sanctions
device fingerprint
crypto · BTC
velocity 7d
mixer / darknet exposure
on-chain wallet risk
Travel Rule · FATF R.16
Integrate

One endpoint to ingest. One webhook to react.

Send transactions to the ingest endpoint for real-time screening, and subscribe to events on the webhook so your app reacts when an analyst resolves a case or auto-remediation completes. Rules themselves are tuned in the Business Console by design.
POST /v3/transactions/Server to server
$ curl -X POST https://verification.didit.me/v3/transactions/ \
  -H "x-api-key: $DIDIT_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "txn_id": "finance0001",
    "direction": "OUTBOUND",
    "amount": "1200.00",
    "currency": "EUR"
  }'
201Created{ "status": "IN_REVIEW", "score": 62 }
Verdict returned synchronously with the matched rule_runs.docs →
POST /v3/webhook/destinations/Async events
$ curl -X POST https://verification.didit.me/v3/webhook/destinations/ \
  -H "x-api-key: $DIDIT_API_KEY" \
  -d '{
    "url": "https://api.you.com/hook",
    "subscribed_events": [
      "transaction.status.changed",
      "transaction.alert.generated"
    ]
  }'
201Created{ "secret_shared_key": "whsec_..." }
Verify the X-Signature-V2 header before trusting any payload.docs →
Agent-ready integration

Ship Transaction Monitoring in one prompt.

Paste the block below into Claude Code, Cursor, Codex, Devin, Aider, or Replit Agent. Fill in your stack. The agent provisions Didit, wires the transaction ingest endpoint, subscribes to the resolution webhooks, and ships.
didit-integration-prompt.md
# Didit Transaction Monitoring — integrate in 5 minutes

You are integrating Didit's Transaction Monitoring into the my_stack codebase.
Follow these steps exactly. Every URL, header, and enum value below is
canonical — do not paraphrase or "improve" them.

## 1. Provision an account
- Sign up: https://business.didit.me (no credit card required).
- Enable Transaction Monitoring on an application from
  Console -> Applications -> [app] -> Transactions.
- The moment you enable it, the 150+ preset rule library is auto-created on
  the application. You can tune thresholds in the console — there is no
  public rule-CRUD API by design (compliance teams own rule config).

## 2. Submit transactions
Every transaction is screened in real time. One POST, one verdict.

POST https://verification.didit.me/v3/transactions/
Headers:
  x-api-key: YOUR_API_KEY
  Content-Type: application/json

Body (minimum viable shape — see docs for full schema):
{
  "txn_id": "finance0001",
  "transaction_category": "finance",
  "transaction_details": {
    "direction": "OUTBOUND",
    "amount": "1200.00",
    "currency": "EUR",
    "currency_kind": "fiat"
  },
  "subject": {
    "role": "applicant",
    "entity_type": "individual",
    "vendor_data": "user-123"
  },
  "counterparty": {
    "role": "counterparty",
    "entity_type": "individual",
    "full_name": "Jane Doe",
    "country_code": "DE"
  }
}

Response (synchronous): JSON with the computed risk score, the matched
rules, and the verdict status (see step 3).

## 3. Read the verdict
Every transaction lands on one of four statuses (UPPERCASE, strict enum):
- APPROVED       — below all thresholds
- IN_REVIEW      — score >= review threshold (default 60) OR a rule
                   set change_status to IN_REVIEW
- DECLINED       — score >= decline threshold (default 85) OR a rule
                   set change_status to DECLINED, OR an entity matched
                   a blocklist (blocklist always wins, evaluated first)
- AWAITING_USER  — a rule fired with change_status AWAITING_USER; Didit
                   created a remediation Know Your Customer (KYC) session automatically and
                   the verification_url is included in the response

The response also includes:
- score (number)              — cumulative risk score
- rule_runs[]                 — every rule evaluated, with match/no-match
- screening_results           — Anti-Money Laundering (AML), wallet, and IP enrichment outcomes
- decision_reason             — short string when DECLINED
- remediation_session_url     — only when status is AWAITING_USER

## 4. Crypto + Travel Rule
For crypto transfers, set currency_kind to "crypto" and put the wallet
addresses in payment_method.account_id. Didit screens on-chain wallet
risk automatically — no extra API call.

For VASP transfers requiring FATF R.16 (Travel Rule), set
transaction_category to "travel_rule" and include travel_rule_details
with status, protocol (TRISA / TRP / OpenVASP), originator_data, and
beneficiary_data. 12 regional regimes ship with their own rule sets
(EU, UK, Singapore, Hong Kong, Japan, etc.).

## 5. Webhooks
Register one webhook destination once (you can reuse the same destination
for KYC, AML, and Transaction Monitoring events):
POST https://verification.didit.me/v3/webhook/destinations/
Body: url, subscribed_events: [
  "transaction.created",
  "transaction.updated",
  "transaction.status.changed",
  "transaction.alert.generated"
]

Every webhook delivery carries an X-Signature-V2 header you MUST verify
before trusting the payload.  HMAC-SHA256 verification MUST run against the raw body bytes (the raw payload as Didit sent it) BEFORE any JSON parsing — re-serialising the parsed body changes whitespace and key order, which invalidates the signature.Algorithm:
  1. sortKeys(payload) recursively
  2. shortenFloats (truncate trailing zeros after the decimal point)
  3. JSON.stringify the result
  4. HMAC-SHA256 with secret_shared_key
  5. Hex-encode, compare to X-Signature-V2.

## 6. Hard rules — do not change
- Base URL for /v3/* endpoints is verification.didit.me (NOT apx.didit.me).
- Auth header is x-api-key (lowercase, hyphenated).
- Status enums are UPPERCASE: APPROVED, IN_REVIEW, DECLINED, AWAITING_USER.
- Webhook signature header is X-Signature-V2 (NOT X-Signature).
- Always verify webhook signatures before trusting payload data.
- Do NOT create rules via API — rules are configured in the Business
  Console only. This is a design choice: compliance teams own rule config.

## 7. Pricing reference (public)
- Transaction Monitoring: $0.02 per transaction monitored.
- AML screening fired by a Transaction Monitoring rule: billed at
  $0.20 per AML check (separate line item).
- Wallet Screening (KYT) fired by a crypto rule: $0.15 per screening —
  or bring your own screening provider and run it inside Didit.
- 500 free verifications every month, forever, on every account.
- No minimums, no contracts, no overage surprises.

## 8. Verify your integration
- Send a sandbox transaction with amount 9500 EUR — this trips the
  single-transaction-just-below-threshold preset (+25 score) so you can
  confirm the response carries rule_runs and a non-zero score.
- Trip a structuring pattern by submitting 20 sandbox transfers under
  10,000 EUR for the same vendor_data within 30 days — the
  structuring-outbound preset returns IN_REVIEW.
- Check the Business Console -> Transactions -> Cases tab to confirm an
  alert was generated for every IN_REVIEW.

When in doubt: https://docs.didit.me/transaction-monitoring/overview
Need more context? See the full module docs.docs.didit.me →
Compliant by design

Open a new country in one click. We do the hard work.

We open the local subsidiaries, secure the licenses, run the penetration tests, earn the certifications, and align with every new regulation. To ship verifications in a new country, flip a toggle. 220+ countries live, audited and pen-tested every quarter — the only identity provider an EU member-state government has formally called safer than in-person verification.
Read the security & compliance dossier
EU financial sandbox
Tesoro · SEPBLAC · BdE
ISO/IEC 27001
Information security · 2026
SOC 2 · Type I
AICPA · 2026
iBeta Level 1 PAD
NIST / NIAP · 2026
GDPR
EU 2016/679
DORA
EU 2022/2554
MiCA
EU 2023/1114
AMLD6 · eIDAS 2.0
EU-aligned by design

Proof numbers

Proof numbers
  • 0+
    Preset rules auto-created on every application.
  • 0
    Seeded bundles across finance, AML, crypto, FATF, fraud, gaming.
  • <0ms
    Median end-to-end decisioning latency per transaction.
  • $0.00
    Per transaction. 500 free every month, forever.
Three tiers, one price list

Start free. Pay per usage. Scale to Enterprise.

500 free verifications every month, forever. Pay-as-you-go for production. Custom contracts, data residency, and SLAs (Service Level Agreements) on Enterprise.
Free

Free

$0 / month. No credit card required.

  • Free KYC bundle (ID Verification + Passive Liveness + Face Match + Device & IP Analysis) — 500 / month, every month
  • Blocklisted Users
  • Duplicate Detection
  • 200+ fraud signals on every session
  • Reusable KYC across the Didit network
  • Case Management Platform
  • Workflow Builder
  • Public docs, sandbox, SDKs, MCP (Model Context Protocol) server
  • Community support
Start free
Most popular
Pay per usage

Usage Based

Pay only for what you use. 25+ modules. Public per-module pricing, no monthly minimum fee.

  • Full KYC at $0.33 (ID + Biometric + IP / Device)
  • 10,000+ AML datasets — sanctions, PEPs, adverse media
  • 1,000+ government data sources for Database Validation
  • Transaction Monitoring at $0.02 per transaction
  • Live KYB at $2.00 per business
  • Wallet Screening at $0.15 per check
  • Whitelabel verification flow — your brand, our infrastructure
See full list of pricesStart free
Enterprise

Enterprise

Custom MSA & SLA. For large volumes and regulated programs.

  • Annual contracts
  • Custom MSA, DPA, and SLA
  • Dedicated Slack and WhatsApp channel
  • Manual reviewers on demand
  • Reseller and white-label terms
  • Exclusive features and partner integrations
  • Named CSM, security review, compliance support
Talk to us

Start free → pay only when a check runs → unlock Enterprise for a custom contract, SLA, or data residency.

FAQ

Common questions

Related

Related modules

Infrastructure for identity and fraud.

One API for KYC, KYB, Transaction Monitoring, and Wallet Screening. Integrate in 5 minutes.

Start freeTalk to us
Ask an AI to summarise this page