Trusted by +1000 companies worldwide
Recovery Time
Fraud Blocked
Free Checks/Month
Attackers don’t hack passwords — they exploit recovery flows. Didit replaces legacy reset mechanisms with biometric verification that’s faster for users and impossible to spoof.
Current Methods — Vulnerable
Email links — phishable and interceptable
SMS codes — vulnerable to SIM-swap attacks
Security questions — easily researched online
Biometric Recovery — Secure
Face match — can’t be phished or stolen
Liveness detection — blocks deepfakes and spoofing
Full audit trail — every attempt logged
WHO NEEDS THIS
SaaS
B2B platforms, productivity tools, and cloud services
Fintech
Neobanks, payment apps, and lending platforms
Crypto
Exchanges, wallets, and DeFi platforms
E-Commerce
Marketplaces, retail, and subscription services
Healthcare
Patient portals, telehealth, and health records
Gaming
Game platforms, betting sites, and virtual economies
HOW IT WORKS
User clicks “forgot password.” Your app creates a Didit session via API and redirects them to the verification flow. One API call, fully automated.
Didit’s passive liveness confirms the user is physically present. Blocks deepfakes, face swaps, printed photos, and screen replays. iBeta Level 1 certified, 99.9% accuracy.
Live selfie is compared against the biometric template from original onboarding. Confirms the person requesting recovery is the real account holder.
For high-security accounts, add document re-verification. User re-scans their government ID — Didit verifies it matches the original onboarding record.
Didit sends a webhook with the result. Your app authorizes the password reset. Full audit trail logged — biometric scores, IP, device, timestamp.
RECOVERY METHODS
YOUR CONSOLE
Track biometric recovery attempts, success rates, and fraud blocks from the Didit Business Console. See which users recovered access, review flagged sessions, and export audit logs for compliance reporting — all from one dashboard.
Drop-in SDKs for web, iOS, and Android. Three lines of code to replace your entire password recovery flow. Works with any auth system — OAuth, SAML, custom. No biometric expertise needed. Sandbox available for testing.
import { DiditSdk } from '@didit-protocol/sdk-web';
// Handle verification results
DiditSdk.shared.onComplete = (result) => {
if (result.type === 'completed') {
// Identity verified — restore access
restoreAccountAccess(result.session.sessionId);
}
};
// Start biometric re-verification
DiditSdk.shared.startVerification({
url: sessionUrl // from POST /v3/sessions/
});CERTIFICATIONS
Our platform meets the highest international standards for information security, data privacy, and biometric accuracy.
Full EU data protection compliance
Information security management
PAD (liveness + face match)
PASSWORD RECOVERY FAQ
When a user clicks "forgot password," your app creates a Didit verification session via API and redirects them. Didit runs passive liveness detection (confirms a real person, blocks deepfakes) and face match (compares the live selfie against the biometric template from original onboarding). If it matches, Didit sends a webhook to your backend — you authorize the password reset. Everything is automated end-to-end — no support agents, no manual review, no waiting. Every recovery attempt is logged with biometric scores, timestamps, IP address, and device info for complete audit trails.
Start with 500 free checks per month. No contracts, no minimums. Replace your weakest security link with biometric verification.