Skip to main content
Didit Raises $7.5M to Build the Infrastructure for Identity and Fraud
Didit
Europe

Identity verification
built for Serbia Flag of Serbia

Lična karta, Pasoš, Vozačka dozvola on one session, EU candidate under SAA, NBS + USPN-aligned, MONEYVAL member. $0.33 full KYC, 500 free every month.

Start freeRead the docs
Backed by
Y CombinatorRobinhood Ventures
GBTC Finance
Bondex
Crnogorski Telekom
UCSF Neuroscape
Shiply
Adelantos

Trusted by 2,000+ organizations worldwide.

Country brief

How identity verification works in Serbia.

The fraud surface and the frameworks an engineering or compliance lead needs before scoping an integration.
Fraud landscape
Three pressures shape Serbian identity fraud: synthetic-identity attacks on the growing neobank and payment platform market, document forgery on the biometric Lična karta and legacy non-chip card formats, and Balkan cross-border mule networks exploiting Serbia's position as a financial hub between the EU and non-EU Western Balkans. Didit scores 200+ real-time fraud signals on every session, face morph, replay, injection, document tampering, device intelligence, IP geolocation.
Compliance frameworks
  • Law on Prevention of Money Laundering and Financing of Terrorism (2020)
  • Law on Personal Data Protection No. 87/2018
  • Law on Payment Services (2015, amended 2019)
  • Law on Banks (2005, amended 2021)
  • MONEYVAL Mutual Evaluation recommendations
  • FATF 40 Recommendations
Regulators

Who supervises identity verification in Serbia.

These are the supervisors a Serbia verification flow has to answer to. One Didit hosted flow + one audit log covers every one of them, no separate integration per agency.

  • NBS

    Narodna banka Srbije (National Bank of Serbia), central bank and prudential supervisor for banks, payment institutions, and insurance companies. Primary AML supervisor under the Law on Prevention of Money Laundering and Financing of Terrorism (2020).

  • KHoV

    Komisija za hartije od vrednosti (Serbian Securities Commission), supervises capital-markets participants, investment funds, and securities infrastructure.

  • USPN

    Uprava za sprečavanje pranja novca (Administration for the Prevention of Money Laundering), Serbia's Financial Intelligence Unit. Receives Suspicious Transaction Reports and maintains the Lists of Designated Persons under the 2020 AML Law.

  • Poverenik

    Poverenik za informacije od javnog značaja i zaštitu podataka o ličnosti (Commissioner for Data Protection), supervises the Law on Personal Data Protection No. 87/2018. Governs every identity verification on Serbian residents.

  • Poreska uprava

    Serbian Tax Administration, issues and manages the JMBG (unique citizen identification number) and PIB (tax-identification number) referenced in KYB and financial onboarding.

Verification flow · One API

Four modules. One verification.

ID, biometric, AML, and a Serbia database cross-check, composed on one workflow, billed per success, returned in one report.
Read the docsGet an API key
01 · ID

Capture and read the ID.

Captured on any phone, auto-classified, OCR-parsed, and template-verified.

  • the biometric Lična karta (chip-enabled), Pasoš (with the NFC chip read on e-Passports), Vozačka dozvola, Dozvola boravka for foreign nationals, and Izbegličke legitimacije.
  • Returns the name, JMBG (unique citizen identification number), date of birth, place of issue, and expiry.
Read the docs
Stage 01Capture and read the ID
  • Lična karta (chip) · Pasoš
  • Vozačka dozvola · Dozvola boravka
  • Izbegličke legitimacije
02 · Biometric

Match the face. Prove it's a real person..

Selfie confirmed live and matched against the ID portrait.

  • Duplicate check: 1:N face search across existing users. Free.
  • Active liveness ($0.15) for elevated-risk flows, user turns or blinks.
Read the docs
Stage 02Match the face. Prove it's a real person.
  • Selfie on any phone or laptop camera
  • Mobile-handoff QR when the user starts on desktop
03 · AML

Screen for sanctions, PEPs, and adverse media.

1,300+ global sanctions, PEP, and adverse-media lists, plus Serbian watchlists:

  • National Assembly of Serbia (Narodna skupština), PEP Level 1 elected officials.
  • Srbijašume (Company for Forests in Serbia), PEP Level 3 state-enterprise register.
  • APML (Administration for the Prevention of Money Laundering), Lists of Designated Persons, Serbian sanctions designations.
  • Serbia Securities and Exchange Commission, Public Censure, KHoV regulatory warning register.
  • EU Consolidated Financial Sanctions List, applies under EU alignment in Serbia.
  • OFAC Specially Designated Nationals (SDN), US Treasury designations.
  • MONEYVAL (Council of Europe), mutual evaluation and high-risk country findings.
  • UN Security Council Consolidated Sanctions List, global terrorism and proliferation designations.
  • FATF 40 Recommendations, high-risk and monitored jurisdiction register.
  • Basel AML Index, country-risk composite signals.
  • Europol, organised crime and terrorist organisation designations.
  • Council of Europe GRECO, anti-corruption and political integrity register.

Severity-scored. Ongoing monitoring ($0.07/user/yr) re-checks daily and fires a webhook on new hits.

Read the docs
Stage 03Screen for sanctions, PEPs, and adverse media

Screen for sanctions, PEPs, and adverse media , see the docs for the full module surface.

04 · Registry

Bind every check to one audited session.

  • Serbia does not currently expose a public government consumer API open to third-party integrators, the Ministarstvo unutrašnjih poslova identity registry and the JMBG system do not publish a standalone database-validation endpoint for commercial use.
Read the docs
Stage 04Bind every check to one audited session

Bind every check to one audited session , see the docs for the full module surface.

Documents covered

Every Serbia document Didit accepts.

One row per accepted credential, flag, document name, document type. Live from the Didit Business Console.
Authoritative datasets

Civil-registry and AML coverage for Serbia.

One card per dataset Didit cross-checks against, civil registries on the Database Validation API plus the global AML watchlist pool. Each card links to the technical docs.
aml-screening

AML lists screened in Serbia

1,300+ sanctions, Politically Exposed Persons (PEP), and adverse-media lists, plus the country's regulatory watchlists and PEP registries.

Read the AML coverage docs
Compliant by design

Open a new country in one click. We do the hard work.

We open the local subsidiaries, secure the licenses, run the penetration tests, earn the certifications, and align with every new regulation. To ship verifications in a new country, flip a toggle. 220+ countries live, audited and pen-tested every quarter, the only identity provider an EU member-state government has formally called safer than in-person verification.
Read the security & compliance dossier
EU financial sandbox
Tesoro · SEPBLAC · BdE
ISO/IEC 27001
Information security · 2026
SOC 2 · Type I
AICPA · 2026
iBeta Level 1 PAD
NIST / NIAP · 2026
GDPR
EU 2016/679
DORA
EU 2022/2554
MiCA
EU 2023/1114
AMLD6 · eIDAS 2.0
EU-aligned by design
FAQ

Common questions about Serbia.

What does Didit ship?

Didit is the infrastructure layer for identity and fraud. One Application Programming Interface (API), 25+ composable modules across four product lines:

  • User Verification (KYC, know your customer), Identity Document Verification, liveness, face match, Anti-Money Laundering (AML) screening, Internet Protocol (IP) analysis. $0.33 per full bundle.
  • Business Verification (KYB, know your business), registry, Ultimate Beneficial Owner (UBO), officers, entity AML, plus a linked KYC session per UBO.
  • Transaction Monitoring, real-time rule engine, case management, Suspicious Activity Report (SAR) workflow.
  • Wallet Screening (KYT, know your transaction), on-chain wallet risk at $0.15 per check, or bring your own screening provider and run it inside Didit.

Compose any module into a workflow with the visual no-code builder, ship in 5 minutes, 500 verifications free every month, forever.

How is Didit different from a single-product Know Your Customer (KYC) vendor?

Most identity vendors sell one slice, a KYC check, an Anti-Money Laundering (AML) list, a wallet screen. Didit ships the infrastructure underneath all of them, and the gap shows up on six axes:

  • Pricing. Public price on every module, $0.33 for a full KYC, 500 verifications free every month, no minimums, no contracts. Single-product vendors hide six-figure minimums behind a sales call.
  • Access. Sandbox in one click, self-serve from day one, production keys on signup. Single-product vendors gate the sandbox behind a contract, months to evaluate.
  • Developer experience. Public docs, a Model Context Protocol (MCP) server for Claude Code and Cursor, and native Software Development Kits (SDKs) for Web, iOS, Android, React Native, and Flutter. Integrate in 5 minutes with an AI agent or in a working afternoon by hand.
  • User experience. Highest pass rates in the market, sub-2-second end-to-end inference, country-specialised capture flows, 48+ languages out of the box.
  • Flexibility. One /v3/ Application Programming Interface (API) composes 25+ modules across KYC, Know Your Business (KYB), Transaction Monitoring, and Wallet Screening (KYT, know your transaction). A KYB session spawns a linked KYC for every Ultimate Beneficial Owner (UBO); a flagged transaction spawns a step-up KYC remediation, same session, same webhook contract, same audit trail. Single-product vendors sell one shape of KYC and stop there.
  • AI-era fraud. 200+ real-time fraud signals scored on every session, deepfake, injection, synthetic-ID, document forgery, face-morph, device intelligence, replay. Single-product vendors treat deepfake and injection detection as roadmap items, not defaults.

Common in fintech and crypto, the same architecture fits marketplaces, iGaming, mobility, and any vertical where you need to know who someone is and what they are doing.

What does it cost? Is anything actually free?

500 verifications free every month, forever, on every account. No credit card. No sales call. No expiry.

Above the free tier, every module has a public per-success price on didit.me/pricing, $0.33 per full KYC bundle, $0.15 per Identity Document Verification, $0.15 per Wallet Screening, $0.20 per Anti-Money Laundering (AML) Screening, $0.10 per liveness, $0.05 per face match, $0.03 per Internet Protocol (IP) analysis.

Pay-as-you-go, no minimums, no overage surprises. Volume discounts kick in automatically as you grow.

Which Serbian regulator covers identity verification on a digital onboarding?

Four sit on top of every Serbian identity-verification flow:

  • Narodna banka Srbije (NBS), central bank and prudential supervisor for banks, payment institutions, and insurance companies. Primary AML supervisor under the Law on Prevention of Money Laundering and Financing of Terrorism (2020).
  • Komisija za hartije od vrednosti (KHoV), Securities Commission supervising capital-markets participants, brokers, and investment funds.
  • Uprava za sprečavanje pranja novca (USPN), Serbia's Financial Intelligence Unit. Receives Suspicious Transaction Reports and maintains Lists of Designated Persons under the 2020 AML Law.
  • Poverenik za informacije od javnog značaja i zaštitu podataka o ličnosti, Commissioner supervising the Law on Personal Data Protection No. 87/2018. Governs how the verification data is captured, stored, and disclosed.

Didit ships the hosted flow + the audit log + the watchlist coverage to satisfy all four at the same time, same POST /v3/session/ workflow, same JSON report, same SOC 2 Type 1 + ISO/IEC 27001 evidence pack.

Is Serbia on the FATF or MONEYVAL monitoring list?

Serbia is a MONEYVAL member (Council of Europe's AML/CFT monitoring body) and is assessed under the FATF 40 Recommendations standard. MONEYVAL's mutual evaluations influence the supervisory expectations for every obliged entity, banks, payment institutions, and crypto platforms, operating in Serbia.

Didit addresses this directly:

  • AML screening includes the APML Lists of Designated Persons (Serbia's primary sanctions list), MONEYVAL high-risk jurisdiction signals, UN Security Council Consolidated Sanctions, OFAC SDN, and EU Consolidated Financial Sanctions.
  • Ongoing monitoring ($0.07 per user / year) fires a webhook the moment a user appears on any new list, no manual re-check required.
  • The full audit log satisfies the documentation obligations NBS supervisors expect under the Law on Prevention of Money Laundering and Financing of Terrorism (2020).
Is Didit ready for an NBS payment institution licence in Serbia?

Yes. The Narodna banka Srbije (NBS) licences every Payment Institution and Electronic-Money Institution operating in Serbia, and every entity must run full Customer Due Diligence under the Law on Prevention of Money Laundering and Financing of Terrorism (2020).

Didit covers the full stack on one workflow:

  • Identity Document Verification + Active Liveness + Face Match 1:1 for the tier-1 onboarding check.
  • AML Screening ($0.20 per check) against the global pool plus every Serbian regulatory watchlist (National Assembly PEPs, APML Designated Persons, KHoV Public Censure, EU Consolidated Sanctions, OFAC SDN, UN, MONEYVAL, Europol).
  • Ongoing AML monitoring ($0.07 per user / year) for the periodic-review obligation.

One audited session, one JSON report, one webhook contract, ready for the NBS + USPN dual-supervisor model.

How long does it take to integrate Didit in Serbia?

5 minutes to a working sandbox, a weekend to a production flow.

  • Sign up at business.didit.me, grab an API key, call POST /v3/session/ with a workflow_id that wires ID Verification + Active Liveness + Face Match + AML, done.
  • AI-agent path: paste the integration prompt at docs.didit.me/integration/integration-prompt into Claude Code, Cursor, Codex, Devin, Aider, or Replit Agent. The agent provisions the application, builds the workflow, wires the webhook, and runs a smoke test.
  • Five SDKs share the same session model: Web, iOS, Android, React Native, Flutter.

The first 500 verifications every month are free, forever, pilot the full Serbia stack at zero cost before flipping production traffic.

Which language does the hosted verification flow use for Serbian users?

Serbian, auto-detected from the user's browser / device locale. The hosted UI ships in 48+ languages; Serbian users land on the Serbian flow by default. English, Hungarian, Romanian, and Slovak are also live on the same flow for the national minorities and cross-border users.

The document-recognition layer is decoupled from the UI layer, capture works in any language, and the admin console can be set independently to whichever language your compliance team prefers.

What does the Serbia verification cost end-to-end?

Per-module public pricing, pay only for what runs on the session:

  • ID Verification, $0.15 per document check.
  • Passive Liveness, $0.10. Active Liveness, $0.15.
  • Face Match 1:1, $0.05. Face Search 1:N, free.
  • AML Screening, $0.20 per check. Ongoing AML, $0.07 per user / year.

The full KYC bundle (Identity + Passive Liveness + Face Match + IP Analysis) is `$0.33`, same anchor price worldwide, no Serbia surcharge. 500 verifications free every month, no credit card. Volume discounts auto-apply above the free tier; Enterprise adds a custom Master Services Agreement (MSA) and data-residency choice.

Related

Related coverage

Infrastructure for identity and fraud.

One API for KYC, KYB, Transaction Monitoring, and Wallet Screening. Integrate in 5 minutes.

Start freeTalk to us
Ask an AI to summarise this page