Verifique o utilizador, rastreie a carteira, arquive a evidência — numa só chamada. $0.33 por verificação. 500 gratuitas todos os meses. Profundidade de verificação atestada pela UE.
Confiado por mais de 2.000 organizações em todo o mundo.
O que o MiCA exige
Todas as plataformas de cripto da UE têm de fazer as três coisas — em cada cliente, em escala. A Didit as envia como um fluxo de trabalho por $0.33 por verificação, com 500 gratuitas todos os meses.
Escolha as verificações que deseja — ID, prova de vida, correspondência facial, sanções, endereço, idade, telefone, e-mail, perguntas personalizadas. Arraste-as para um fluxo no painel de controlo, ou publique o mesmo fluxo na nossa API. Ramifique em condições, execute testes A/B, sem necessidade de código.
Incorpore nativamente com o nosso SDK Web, iOS, Android, React Native ou Flutter. Redirecione para uma página alojada. Ou simplesmente envie ao seu utilizador um link — por e-mail, SMS, WhatsApp, em qualquer lugar. Escolha o que melhor se adapta à sua pilha.
A Didit aloja a câmara, as indicações de iluminação, a entrega móvel e a acessibilidade. Enquanto o utilizador está no fluxo, pontuamos mais de 200 sinais de fraude em tempo real e verificamos cada campo contra fontes de dados autorizadas. Resultado em menos de dois segundos.
Webhooks assinados em tempo real mantêm a sua base de dados sincronizada no momento em que um utilizador é aprovado, recusado ou enviado para revisão. Consulte a API sob demanda. Ou abra a consola para inspecionar cada sessão, cada sinal e gerir os casos à sua maneira.
Didit · Pacote MiCA
Passo 3 / 5
Mantenha-se imóvel para a prova de vida
Didit · AML
Didit · Rastreio de carteira
$0.07 / user / year
Espanha · Tesouro / Banco de España / SEPBLAC
A única plataforma KYC (Know Your Customer) formalmente atestada por um estado-membro da UE como mais segura do que a verificação presencial.
Prestadores de Serviços de Criptoativos da UE
$ curl -X POST https://verification.didit.me/v3/session/ \
-H "x-api-key: $DIDIT_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"workflow_id": "wf_mica_user_verification",
"vendor_data": "user-42",
"metadata": { "purpose": "mica_onboarding" }
}'status: Approved.docs →// X-Signature-V2 verified upstream
if (payload.status === "Aprovado") {
unlockDeposits(payload.vendor_data);
enrollOngoingAml(payload.id_verification);
} else if (payload.status === "Recusado") {
logHits(payload.aml.hits);
blockAndReview(payload.vendor_data);
}X-Signature-V2 antes de ler o payload.docs →You are integrating Didit's MiCA-aligned crypto user-verification workflow. MiCA is the EU's crypto rulebook; a regulated Crypto-Asset Service Provider (CASP) owes three things on every new customer:
1. Customer Due Diligence (CDD) — verify identity, screen for sanctions, file the evidence.
2. Ongoing monitoring — re-screen approved users as watchlists update.
3. Wallet screening for any crypto outflow — score the destination address before the transfer.
Didit ships all three on one workflow:
- KYC bundle at $0.33 per user (Sessions API)
- Continuous AML monitoring at $0.07 per user per year (automatic on any session with AML enabled)
- Wallet screening at $0.17 per crypto transaction managed, or $0.04 BYOK (Transactions API)
- First 500 verifications free every month, forever
PRE-REQUISITES
- Production API key from https://business.didit.me (sandbox key in 60s, no card).
- Webhook endpoint with HMAC SHA-256 verification using the X-Signature-V2 header and your webhook secret.
- A workflow_id from the Workflow Builder bundling ID Verification + Passive Liveness + Face Match 1:1 + Device & IP Analysis + AML Screening.
- Transaction Monitoring enabled in the Business Console (Transactions > Settings) with crypto screening on, if you handle crypto outflows.
STEP 1 — Verify the user with the Sessions API
POST https://verification.didit.me/v3/session/
Headers:
x-api-key: <your api key>
Content-Type: application/json
Body:
{
"workflow_id": "<wf id with KYC + AML modules>",
"vendor_data": "<your user id>",
"callback": "https://<your-app>/casp/kyc/callback",
"metadata": {
"purpose": "mica_onboarding",
"casp_reference": "<your internal reference>"
}
}
Response: 201 Created with a hosted-flow URL. Redirect the user. Sub-2-second median verdict.
STEP 2 — Read the signed webhook on KYC completion
Didit POSTs to your callback. Session statuses are Title Case With Spaces.
Body (excerpted):
{
"session_id": "<uuid>",
"vendor_data": "<your user id>",
"status": "Approved",
"id_verification": { "status": "Approved" },
"liveness": { "status": "Approved" },
"face": { "status": "Approved", "similarity_score": 0.94 },
"ip_analysis": { "status": "Approved" },
"aml": { "status": "Approved", "hits": [] }
}
Status enum (exact case): Approved | Declined | In Review | Resubmitted | Expired | Not Finished | Kyc Expired | Abandoned.
Verify the X-Signature-V2 header BEFORE reading the body — HMAC SHA-256 of the raw bytes with your webhook secret.
STEP 3 — Continuous AML monitoring is automatic
Every approved user is re-screened daily against the same 1,300+ sanctions, PEP, and adverse-media lists used at onboarding. There is NO separate endpoint to call.
When a previously-clean user crosses a threshold, the session status updates to "In Review" or "Declined" and your webhook fires the same payload shape as the original onboarding event with the new AML hits. A case opens automatically in the Business Console.
STEP 4 — Wallet screening on crypto outflows (Transactions API)
Required only if you transfer crypto on behalf of the user. Run BEFORE the crypto leaves.
POST https://verification.didit.me/v3/transactions/
Headers:
x-api-key: <your api key>
Content-Type: application/json
Body (required fields verified live):
{
"transaction_id": "<your internal reference>",
"transaction_category": "finance",
"include_crypto_screening": true,
"transaction_details": {
"direction": "OUTBOUND",
"amount": "0.25",
"currency": "ETH",
"currency_kind": "crypto",
"action_type": "withdrawal"
},
"subject": {
"entity_type": "individual",
"vendor_data": "<your user id>",
"full_name": "<user full name>"
},
"counterparty": {
"entity_type": "unhosted_wallet",
"full_name": "<destination wallet label>",
"payment_method": {
"method_type": "crypto_wallet",
"account_id": "<destination wallet address>"
}
}
}
REQUIRED fields the API rejects if missing:
- subject.vendor_data + subject.full_name
- counterparty.full_name
- transaction_details.direction + currency + currency_kind + amount
- For crypto: wallet address on counterparty.payment_method.account_id (OUTBOUND) or subject.payment_method.account_id (INBOUND post-transfer)
Wallet screening runs server-side when currency_kind = "crypto" and there is a wallet address in the right participant. No separate endpoint.
Transaction status enum (exact case, UPPER_SNAKE_CASE): APPROVED | IN_REVIEW | DECLINED | AWAITING_USER.
When a transaction enters AWAITING_USER, Didit creates a linked remediation session automatically and returns a verification URL on the response.
Branch logic:
APPROVED → ship the crypto.
IN_REVIEW → hold, route to analyst queue.
DECLINED → block, refund, log.
AWAITING_USER → redirect the user to the remediation session URL.
WEBHOOK EVENT NAMES
- Sessions: status changes flow through the standard session webhook.
- Transactions: transaction.created · transaction.updated · transaction.status.changed · transaction.alert.generated.
Verify X-Signature-V2 on every payload.
EVIDENCE + RECORD RETENTION
Every approved user comes with a signed evidence pack (document, biometric match, AML hits, device + IP) stored in the EU. Default retention 5 years post-relationship; configurable per workflow.
Didit holds the only formal EU-government attestation for a KYC platform — issued jointly by Spain's Tesoro, Banco de España, and SEPBLAC. The report files directly into the MiCA evidence pack.
CONSTRAINTS
- Session statuses use Title Case With Spaces (Approved, In Review). Transaction statuses use UPPER_SNAKE_CASE (APPROVED, IN_REVIEW). Don't mix them in the same code path.
- Default record retention is 5 years post-relationship; extend per your supervisor's guidance.
- 200+ fraud signals are evaluated on every KYC session at no extra cost — surface the score via the session decision payload.
Read the docs:
- https://docs.didit.me/sessions-api/create-session
- https://docs.didit.me/core-technology/aml-screening/overview
- https://docs.didit.me/transaction-monitoring/aml-screening
- https://docs.didit.me/integration/webhooks
Start free at https://business.didit.me — sandbox key in 60 seconds, 500 verifications free every month, no credit card.$0 / mês. Não é necessário cartão de crédito.
Pague apenas pelo que usa. Mais de 25 módulos. Preços públicos por módulo, sem taxa mínima mensal.
MSA e SLA personalizados. Para grandes volumes e programas regulados.
Comece gratuitamente → pague apenas quando uma verificação for executada → desbloqueie o Enterprise para um contrato personalizado, SLA ou residência de dados.
Uma API para KYC, KYB, Monitorização de Transações e Rastreio de Carteiras. Integre em 5 minutos.