Identity verification in United States
The United States is the largest, most lucrative, and most punitive KYC/AML market on the planet. It has no national ID card and no centralized identity database, yet it imposes the strictest enforcement regime in the world. Identity verification here is governed by the Bank Secrecy Act, layered with the USA PATRIOT Act's Customer Identification Program rule, the FinCEN CDD rule, federal banking a
Documents supported
(Government IDs from 220+ countries)
Average verification time
Countries covered
(Government-issued IDs validated)
Market overview
The US has ~335 million people, the world's largest fintech ecosystem, ~94% banked population, and a uniquely fragmented identity infrastructure. There is no national ID card. The Social Security Number (SSN) — created in 1936 as a retirement-tracking number, never intended as a national identifier — is the de facto backbone of financial identity. Driver's licenses issued by 51 state/territory DMVs (coordinated through AAMVA) are the de facto physical ID; only ~48% of US adults hold a passport. The consumer market: - ~4,500 FDIC-insured banks, ~4,600 credit unions, and tens of thousands of registered MSBs and state-licensed money transmitters. - Neobank penetration accelerated post-2019 (Chime, Current, Varo, Cash App, SoFi, etc.). - The crypto sector is the most contested regulatory front
Supported documents
Didit templates cover national IDs, passports, residence permits and regional documents — plus 14,000+ documents globally for cross-border flows.
Regulators
administered by Treasury's Office of Foreign Assets Control
every state except Montana (49 + DC + PR
SEC pursues token issuers under the Howey test; CFTC treats Bitcoin and Ether as commodities
regulated by state gaming commissions: NJ DGE (Division of Gaming Enforcement
740 ILCS 14
Business and Commerce Code §503
California
Gramm-Leach-Bliley safeguards for financial institutions
Social Security Administration
regulated
SSN verification via SSNVS (Social Security Number Verification Service). No single government database exists for commercial KYC; verification relies on regulated private intermediaries.
State-level DMVs / AAMVA
regulated
Driver's license verification via AAMVA (American Association of Motor Vehicle Administrators). Access through state-level DMV databases aggregated by AAMVA.
USCIS (U.S. Citizenship and Immigration Services)
restricted
Immigration status verification. E-Verify for employment eligibility; SAVE (Systematic Alien Verification for Entitlements) for benefits eligibility.
Internal Revenue Service
regulated
Tax ID verification for TIN (Taxpayer Identification Number) and EIN (Employer Identification Number).
Government & regulated databases
Compliance framework
AML framework
Supervised by OFAC sanctions
Bank Secrecy Act (BSA) — 31 USC §5311 et seq., implemented at 31 CFR Chapter X. The foundational US AML statute. Requires financial institutions to file Currency Transaction Reports (>$10k), Suspicious Activity Reports (SARs), maintain records, and operate AML programs. Enforced by FinCEN with examination by OCC, FDIC, FRB, NCUA, SEC, CFTC, and IRS.
Data protection
Supervised by National DPA
- No federal data-residency rule. US-origin personal data may move freely to third countries, and foreign data may freely enter the US — subject to: - CCPA/CPRA (California) — sensitive PI opt-outs, including biometric identifiers. - BIPA, CUBI, and the newer state privacy laws (VA CDPA, CO CPA, CT
Penalties for non-compliance
The US issues the largest AML fines in the world. A partial list of the last decade:
Use cases
Neobanks, EMIs, payment institutions, lenders, brokerages.
The baseline US neobank or payments fintech flow:
Exchanges, custodians, wallets, on/off-ramps.
Crypto is the most regulatorily exposed vertical in the country. A US-facing crypto exchange must:
Sports betting, online casinos, age-gated platforms.
State-by-state. NJ DGE is the template followed (with variations) by MI, PA, WV, CT, RI, ME, and Delaware, plus all online-sportsbook states:
Gig platforms, delivery, creator economy, e-commerce.
Marketplaces in the US sit outside direct BSA coverage unless they run a payment rail. Key obligations:
Biometric liveness
NIST SP 800-63-3 (and the draft 800-63-4 revision circulated 2023-2024) is the federal identity-assurance framework: - IAL1 — self-asserted, minimal verification. - IAL2 — remote or in-person proofing with strong evidence (e.g., a driver's license) plus biometric comparison; liveness / presentation attack detection required. This is the target level for mainstream fintech and crypto KYC. - IAL3 — supervised in-person / supervised remote, strongest evidence, biometric collection to credential-lev
CERTIFICATIONS
Our platform meets the highest international standards for information security, data privacy, and biometric accuracy.
Full EU data protection compliance
Information security management
PAD (liveness + face match)
TRUSTED WORLDWIDE
Join thousands of companies that trust Didit for their verification needs
Didit’s NFC + active biometrics technology blocks the most advanced fraud scenarios, offering a level of security equivalent to or superior to in-person verification.
Spanish Financial Sandbox
CNMV, SEPBLAC & Spanish Treasury — Conclusions Report
Didit is an exceptionally valuable partner, delivering a stable and highly adaptable solution”.
Vuk Adžić
Head of the E-Business Department at Crnogorski Telekom
Didit offered us a robust technology with a simple implementation and adaptability to different markets”.
Fernando Pinto
CEO & CoFounder at TucanPay
Thanks to Didit we have been able to reduce manual processes and improve data extraction accuracy”.
Diana Garcia
Trust & Safety Executive at Shiply
Didit’s integration slashed verification times and costs, freeing resources for other projects”.
Guillem Medina
COO at GBTC Finance
Didit removed KYC costs, enabling faster scaling with high verification standards and less fraud.”
Paul Martin
VP Marketing & Growth at Bondex
Didit’s secure, user-friendly verification boosts customer trust and optimizes our process.”
Cristofer Montenegro
Executive assistant to the CEO at Adelantos
Didit ensures a precise, secure digital onboarding without slowing negotiations or client time.”
Ernesto Betancourth
Gerente de riesgos at CrediDemo
FAQ
Yes. United States permits remote KYC onboarding under its national AML framework, including document verification, biometric liveness and video identification where required by regulation.
Didit verifies all major national IDs, passports and residence permits issued in United States, plus 14,000+ document types globally for cross-border flows.
Didit charges $0.30 per verification with 500 free checks per month. No contracts, no minimums. Competitors typically charge $1.00–$2.50+ per verification.
Yes. Didit screens against 1,000+ global watchlists including PEP databases, sanctions lists (EU, UN, OFAC, OFSI), and adverse media — covering all AML obligations in United States.
Most regulated sectors in United States require or strongly recommend biometric liveness detection for remote onboarding. Didit provides ISO 30107-3 PAD Level 2 certified liveness.
Yes. Didit supports document verification, liveness, AML screening and ongoing monitoring aligned with United States’s crypto regulatory framework, including EU Travel Rule compliance where applicable.
Yes. Didit provides document-based age verification and identity confirmation suitable for United States’s iGaming regulatory requirements.
500 free verifications per month. No contracts, no minimums. $0.30 per verification after the free tier.
