Ruka hadi maudhui makuu
Didit Yakusanya $7.5M Kujenga Miundombinu ya Utambulisho na Udanganyifu
Didit
KYC Inayoweza Kutumika Tena ya B2B

Shiriki utambulisho uliothibitishwa na washirika wako.
Server-to-server.

Thibitisha mtumiaji au biashara mara moja. Shiriki matokeo na mshirika, wanamuingiza mtu huyo huyo papo hapo. Hakuna mchakato wa pili, hakuna selfie ya pili. Inafanya kazi kwa KYC na KYB. Imeundwa kwa ajili ya Banking-as-a-Service, makundi ya chapa nyingi, fedha zilizopachikwa, na masoko yenye majukwaa madogo.

Inaungwa mkono na
Y CombinatorRobinhood Ventures
Didit B2B Reusable KYC, kushiriki KYC ya mshirika server-to-server kupitia tokeni ya kushiriki ya muda mfupi.

Imeundwa kwa ajili ya mifumo ikolojia ya washirika

Thibitisha mara moja.
Ingiza kwenye kila mshirika.

Mtumiaji wako anathibitisha mara moja kwenye programu yako. Mshirika wako, mfadhili wako wa BaaS, chapa dada yako, soko lako la chini, anahitaji rekodi hiyo hiyo. Mtumie tokeni ya kushiriki ya mara moja. Anaipokea na kuingiza uthibitisho kamili. Mtumiaji haoni mchakato wa pili kamwe.

Jinsi inavyofanya kazi

Kutoka programu yako hadi kwa mshirika wako kwa hatua nne.

  1. Hatua 01

    Chagua kipindi kilichothibitishwa

    Chagua uthibitisho wowote uliomalizika, uliokubaliwa, uliokataliwa, au unaopitiwa, na uombe Didit tokeni ya kushiriki. Tokeni huisha muda wake baada ya saa moja kwa chaguo-msingi; unaweza kuongeza muda wake kutoka dakika moja hadi siku nzima.

  2. Hatua 02

    Tuma tokeni kwa mshirika wako

    Mpe mshirika wako tokeni kupitia backend yako mwenyewe, webhook, foleni, REST call. Tokeni inafanya kazi tu kwa mshirika uliyemtaja ulipoitengeneza. Hakuna mwingine anayeweza kuipokea.

  3. Hatua 03

    Mshirika wako anaingiza rekodi

    Mshirika wako anapokea tokeni na kuchagua jinsi ya kumuingiza mtumiaji, amini uamuzi wako na ukubali papo hapo, au ingiza data ghafi na uache timu yao ya kufuata sheria ifanye uamuzi.

  4. Hatua 04

    Kipindi kamili kinaingia kwenye programu yao

    Didit inakili rekodi nzima, nyaraka, selfie, kulinganisha uso, AML, data ya rejista, UBOs, kwenye nafasi ya kazi ya mshirika wako. Sura sawa na uthibitisho mpya, na rekodi safi ya ukaguzi kurudi kwenye asili.

Imeundwa kwa BaaS · fedha zilizopachikwa · makundi ya chapa nyingi

Uthibitisho mmoja. Kila jukwaa la mshirika.

Tengeneza tokeni. Itume. Iingize. Chagua kasi ya kuingiza. Sehemu sita zinazohamia zinashughulikia kila aina ya mfumo ikolojia wa washirika, wito sawa kwa KYC na KYB.
01 · Tengeneza tokeni ya kushiriki

Tengeneza tokeni ya mara moja kwa mshirika wako.

Chagua uthibitisho uliomalizika na uombe Didit tokeni iliyoelekezwa kwa mshirika mmoja. Muda wa maisha chaguomsingi ni saa moja; unaweza kuongeza muda wake kutoka dakika moja hadi siku nzima. Tokeni inafanya kazi tu kwa mshirika uliyemtaja, hakuna mwingine anayeweza kuipokea kamwe.
Shiriki API ya Kipindi
02 · Ingiza kipindi

Mshirika wako anavuta rekodi kamili.

Mshirika wako anapokea tokeni na Didit inakili uthibitisho mzima kwenye nafasi yao ya kazi, kipindi kipya, data sawa, rekodi kamili ya ukaguzi kurudi kwenye asili. Wanaweka lebo kwa kitambulisho chao cha ndani cha mtumiaji na kuchagua mtiririko wa kazi unaoingia.
Leta API ya Kipindi Kilichoshirikiwa
03 · Amini au kagua upya

Sajili papo hapo, au angalia upya kwa uzingatiaji.

Amini uamuzi wako na umruhusu mshirika wako amkubali mtumiaji mara tu tokeni inapoingia. Au wape data ghafi na uache timu yao ya kufuata sheria ifanye uamuzi. Badilisha kwa kila mshirika, wito sawa, kasi mbili za kuingiza.
Mwongozo wa KYC Inayoweza Kutumika Tena
04 · KYC + KYB · njia zote mbili

Shiriki mtu au biashara nzima.

Wito sawa unafanya kazi kwa aina zote mbili. Shiriki mtu aliyethibitishwa na mshirika wako anapata hati, selfie, kulinganisha, na kila hit ya AML. Shiriki biashara iliyothibitishwa na wanapata rekodi ya rejista, kila Mmiliki wa Manufaa wa Mwisho, kila KYC ya afisa, kila hati, kila uchunguzi.
Uthibitishaji wa Biashara (KYB)
05 · Inafaa kwa mfumo ikolojia wa washirika

Imejengwa kwa biashara ambapo uthibitishaji mmoja unatumika kwa wengi.

Wafadhili wa Banking-as-a-Service. Makundi ya chapa nyingi, neobank pamoja na broker, on-ramp pamoja na exchange. Fedha zilizopachikwa zinazopitia benki washirika. Masoko yenye majukwaa madogo ya kikanda. Wauzaji wa white-label. Mitandao ya wakopeshaji. Popote ambapo mtumiaji mmoja, au biashara moja, anaingizwa mara moja na kuhudumia wengi.
Mratibu wa Mtiririko wa Kazi
06 · Uzingatiaji sheria kwa muundo

Kiwango cha ukaguzi kwa chaguo-msingi.

Didit inatengeneza tokeni tu kwa uthibitisho uliomalizika, hakuna mtiririko uliokamatwa nusu unaovuja kati ya washirika. Tokeni hiyo hiyo haiwezi kuingizwa mara mbili. Pande zote mbili zinasaini makubaliano ya kushiriki data ya GDPR; Didit inasambaza nusu ya kiufundi.
Usalama + uzingatiaji
Unganisha

Wito mbili. Makabidhiano moja.

Unatengeneza tokeni upande wako. Mshirika wako anaiingiza upande wao. Mkataba sawa pande zote mbili, inafanya kazi kwa KYC na KYB.
POST /v3/session/{id}/share/Huduma X · Mint
$ curl -X POST https://verification.didit.me/v3/session/$SID/share/ \
  -H "x-api-key: $DIDIT_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "for_application_id": "partner-app-uuid",
    "ttl_in_seconds": 3600
  }'
201Imeundwa{ "share_token": "eyJhbGciOi…" }
Mpe tokeni Huduma Y kupitia chaneli ya backend iliyopangwa mapema.nyaraka →
POST /v3/session/import-shared/Huduma Y · Leta
$ curl -X POST https://verification.didit.me/v3/session/import-shared/ \
  -H "x-api-key: $DIDIT_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "share_token": "eyJhbGciOi…",
    "workflow_id": "wf_partner_kyc",
    "vendor_data": "partner-user-42",
    "trust_review": true
  }'
201Imeundwa{ "status": "Imeidhinishwa", "aina_ya_sesheni": "mtumiaji" }
Weka trust_review: false ili kuweka sesheni katika In Review.nyaraka →
Ujumuishaji tayari kwa agent

Weka KYC ya kushirikiana na washirika kwa amri moja.

Bandika kizuizi kilicho hapa chini kwenye Claude Code, Cursor, Codex, Devin, Aider, au Replit Agent. Agent itaunganisha Didit, kuandaa pande zote mbili za makabidhiano, na kuweka mambo sawa.
didit-integration-prompt.md
# Didit B2B Reusable KYC — partner-to-partner KYC sharing

You are integrating Didit's B2B Reusable Know Your Customer (KYC) into <my_stack>. The recipe is server-to-server: one Didit application (Service X) mints a short-lived JSON Web Token (JWT) share token for a finished session; a partner Didit application (Service Y) imports the token and Didit clones the full verified session into Service Y. Works for both KYC and Know Your Business (KYB) sessions.

Built for Banking-as-a-Service (BaaS) sponsor banks, multi-brand financial groups, embedded finance through partner banks, marketplaces with regional or vertical sub-platforms, on-ramp + exchange ecosystems, white-label resellers, and B2B KYB consortia where the same legal entity onboards once and serves many. Every URL, header, and enum value below is canonical — do not paraphrase or "improve" them.

## 1. Provision both applications
- Sign up: https://business.didit.me (no credit card required).
- Or provision programmatically: POST https://apx.didit.me/auth/v2/programmatic/register/
- Create TWO applications in your Didit organisation. One acts as Service X (mints share tokens), the other as Service Y (imports them). In production these will usually live in different organisations — one per partner.
- Each application has its own `x-api-key`. Service X uses its own key to mint; Service Y uses its own key to import.

## 2. Service X — mint a share token

Service X picks a finished session it owns and posts to the share endpoint:

  POST https://verification.didit.me/v3/session/{sessionId}/share/
  Headers:
    x-api-key: <Service X api key>
    Content-Type: application/json
  Body:
    {
      "for_application_id": "<partner-application-uuid>",
      "ttl_in_seconds": 3600
    }

Bounds on `ttl_in_seconds`: min 60, max 86400, default 3600.

Requirements:
  - The session must be in a FINISHED status: "Approved", "Declined", or "In Review".
  - The API key must hold the `write:sessions` privilege.
  - `for_application_id` must be a real Didit application uuid — usually the partner's app.

Response: 201 Created with the JWT in the `share_token` field plus `for_application_id` and `session_kind` ("user" or "business" — Didit detects this from the source session and embeds it in the token):

  {
    "share_token": "eyJhbGciOiJIUzI1NiJ9...",
    "for_application_id": "partner-app-uuid",
    "session_kind": "user"
  }

## 3. Transmit the token to Service Y

Service X transmits the `share_token` to Service Y over a pre-arranged backend channel — REST, message queue, signed webhook, anything you control. The token is scoped to Service Y's application and useless to any other application.

## 4. Service Y — import the shared session

Service Y posts the token to the import endpoint:

  POST https://verification.didit.me/v3/session/import-shared/
  Headers:
    x-api-key: <Service Y api key>
    Content-Type: application/json
  Body:
    {
      "share_token": "<jwt from step 2>",
      "workflow_id": "<Service Y's own workflow id>",
      "vendor_data": "<Service Y's internal user id>",
      "trust_review": true
    }

`trust_review`:
  - `true`  → the imported session preserves the original status ("Approved" / "Declined" / "In Review"). Service Y onboards the user instantly. Use when Service Y fully trusts Service X's decision (sister brand, regulated partner with a signed data-sharing agreement).
  - `false` → the imported session lands in "In Review" so Service Y's compliance team makes its own call. Safe default for new partner relationships.

Response: 201 Created with a brand-new session in Service Y's application:

  {
    "session_id": "<new uuid>",
    "session_number": <int>,
    "session_kind": "user" | "business",
    "status": "Approved" | "In Review" | "Declined",
    "shared_from_session": "<original session uuid in Service X>",
    "vendor_data": "<Service Y's internal user id>",
    "id_verifications": [...],
    "liveness_checks": [...],
    "face_matches": [...],
    "aml_screenings": [...],
    "database_validations": [...],
    "proof_of_address": [...],
    "phone_verifications": [...],
    "email_verifications": [...]
  }

For a `session_kind: "business"` token Didit clones the KYB shape instead. KYB session statuses are UPPER_SNAKE_CASE (not Title Case like KYC):

  {
    "session_id": "<new uuid>",
    "session_kind": "business",
    "status": "APPROVED",
    "shared_from_session": "<original business session uuid>",
    "vendor_data": "<Service Y's internal business id>",
    "registry_checks": [...],
    "key_people_checks": [...],
    "document_verifications": [...],
    "aml_screenings": [...],
    "questionnaires": [...]
  }

A new User or Business entity is auto-created in Service Y if one with the supplied `vendor_data` doesn't already exist.

## 5. Idempotency, expiration, errors

| Status | Reason |
|--------|--------|
| 401 | Share token invalid or past `exp` — request a new one. |
| 403 | Token not intended for your application, OR session already imported into your app. |
| 404 | Original session no longer exists. |
| 404 | `workflow_id` not found in your application. |

The duplicate-import check is enforced against the (share_token, partner application) pair.

## 6. Webhooks (optional, only when Service Y wants async updates)

Service Y can register a webhook destination once via:

  POST https://verification.didit.me/v3/webhook/destinations/
  Body: url, subscribed_events: ["status.updated"]

Every webhook delivery carries an `X-Signature-V2` header you MUST verify before trusting the payload. HMAC-SHA256 verification MUST run against the raw body bytes (the raw payload as Didit sent it) BEFORE any JSON parsing — re-serialising the parsed body changes whitespace and key order, which invalidates the signature.

Algorithm:
  1. sortKeys(payload) recursively
  2. shortenFloats (truncate trailing zeros after the decimal point)
  3. JSON.stringify the result
  4. HMAC-SHA256 with the secret_shared_key
  5. Hex-encode, compare to the X-Signature-V2 header.

## 7. Hard rules — do not change
- Base URL for /v3/* endpoints is verification.didit.me (NOT apx.didit.me).
- Auth header is x-api-key (lowercase, hyphenated).
- Webhook signature header is X-Signature-V2 (NOT X-Signature).
- Status casing matches exactly: "Approved", "Declined", "In Review", "Not Finished" (Title Case With Spaces — KYC convention).
- session_kind is lowercase: "user" or "business".
- The share API is BUSINESS-to-BUSINESS sharing. Service X and Service Y are responsible for the data-sharing legal basis under General Data Protection Regulation (GDPR), UK GDPR, and any cross-border transfer rules. Didit ships the technical capability; you ship the data-sharing agreement.

## 8. Pricing reference (public)
- Service X already paid for the original verification (full KYC bundle is $0.30 or KYB session starts at $2.00; see didit.me/pricing).
- Service Y pays nothing on the import side — `POST /v3/session/import-shared/` is included with every plan.
- 500 free verifications every month on every account (applies to fresh captures, not imports).

## 9. Verify your integration
- Sandbox starts on signup at https://business.didit.me — no separate flag.
- Create two sandbox applications: one as Service X (issuer), the other as Service Y (importer). Use Service X's API key to mint a token for a finished sandbox session, hand the token off, use Service Y's API key to import.
- Switch to live: flip each application's environment toggle in console.

When in doubt:
- https://docs.didit.me/sessions-api/share-session/overview
- https://docs.didit.me/sessions-api/share-session/share
- https://docs.didit.me/sessions-api/share-session/import
- https://docs.didit.me/core-technology/reusable-kyc/share-kyc-via-api
Inatii kwa muundo

Fungua nchi mpya kwa kubofya mara moja. Tunafanya kazi ngumu.

Tunafungua kampuni tanzu za ndani, tunapata leseni, tunafanya majaribio ya kupenya, tunapata vyeti, na tunalingana na kila kanuni mpya. Ili kusafirisha uthibitishaji katika nchi mpya, geuza swichi. Nchi 220+ ziko hewani, zinakaguliwa na kupimwa kila robo mwaka, mtoa huduma pekee wa utambulisho ambaye serikali ya nchi mwanachama wa EU imemwita rasmi kuwa salama zaidi kuliko uthibitishaji wa ana kwa ana.
Soma faili ya usalama na utiifu
EU financial sandbox
Tesoro · SEPBLAC · BdE
Jugendschutz geprüft
FSM · JMStV §4(2) · 2026
ISO/IEC 27001
Usalama wa habari · 2026
SOC 2 · Type I
AICPA · 2026
iBeta Level 1 PAD
NIST / NIAP · 2026
GDPR
EU 2016/679
DORA
EU 2022/2554
MiCA
EU 2023/1114
AMLD6 · eIDAS 2.0
EU-aligned kwa muundo

Namba za uthibitisho

Namba za uthibitisho
  • 60s–24h
    Weka muda wa tokeni kuanzia dakika moja hadi siku nzima.
  • KYC + KYB
    Shiriki mtu binafsi au biashara nzima, simu moja, aina zote mbili.
  • $0.00
    Mshirika wako halipi chochote kuingiza uthibitisho unaoshiriki.
  • 0
    Uthibitishaji wa bure kila mwezi kwenye kila akaunti.
Ngazi tatu, orodha moja ya bei

Anza bure. Lipa kulingana na matumizi. Panua hadi Enterprise.

Uthibitishaji 500 bila malipo kila mwezi, milele. Lipa kadri unavyotumia kwa uzalishaji. Mikataba maalum, uhifadhi wa data, na SLA (Service Level Agreements) kwenye Enterprise.
Bure

Bure

$0 / mwezi. Hakuna kadi ya mkopo inayohitajika.

  • Kifurushi cha bure cha KYC (Uthibitishaji wa Kitambulisho + Passive Liveness + Face Match + Uchambuzi wa Kifaa & IP), 500 / mwezi, kila mwezi
  • Watumiaji Waliozuiwa
  • Utambuzi wa Marudio
  • Ishara 200+ za udanganyifu kwenye kila session
  • KYC inayoweza kutumika tena kwenye mtandao wa Didit
  • Jukwaa la Usimamizi wa Kesi
  • Workflow Builder
  • Nyaraka za umma, sandbox, SDKs, server ya MCP (Model Context Protocol)
  • Usaidizi wa jamii
Maarufu zaidi
Lipa kulingana na matumizi

Kulingana na Matumizi

Lipa tu kwa unachotumia. Moduli 25+. Bei za umma kwa kila moduli, hakuna ada ya chini ya kila mwezi.

  • KYC kamili kwa $0.33 (Kitambulisho + Biometric + IP / Kifaa)
  • Data za AML 10,000+, vikwazo, PEPs, habari hasi
  • Vyanzo vya data vya serikali 1,000+ kwa Uthibitishaji wa Database
  • Ufuatiliaji wa Miamala kwa $0.02 kwa kila muamala
  • KYB ya moja kwa moja kwa $2.00 kwa kila biashara
  • Uchunguzi wa Wallet kwa $0.15 kwa kila ukaguzi
  • Mtiririko wa uthibitishaji wa Whitelabel, brand yako, miundombinu yetu
Biashara Kubwa

Biashara Kubwa

MSA & SLA maalum. Kwa idadi kubwa na programu zilizodhibitiwa.

  • Mikataba ya kila mwaka
  • MSA, DPA, na SLA maalum
  • Kituo maalum cha Slack na WhatsApp
  • Wakaguzi wa mikono wanapohitajika
  • Masharti ya muuzaji na white-label
  • Vipengele vya kipekee na ushirikiano wa washirika
  • CSM aliyetajwa, ukaguzi wa usalama, usaidizi wa kufuata

Anza bure → lipa tu wakati ukaguzi unafanyika → fungua Enterprise kwa mkataba maalum, SLA, au uhifadhi wa data.

FAQ

Maswali ya kawaida

Didit ni nini?

Didit ni miundombinu ya utambulisho na udanganyifu, jukwaa ambalo tulitamani lingekuwepo tulipokuwa tukijenga bidhaa sisi wenyewe: wazi, rahisi, na rafiki kwa watengenezaji, ili lifanye kazi kama sehemu halisi ya stack yako badala ya sanduku jeusi unalounganisha.

API moja inashughulikia kuthibitisha watu (KYC, mjue mteja wako), kuthibitisha biashara (KYB, mjue biashara yako), kuchunguza pochi za crypto (KYT, mjue muamala wako), na kufuatilia miamala kwa wakati halisi, kwenye stack iliyojengwa kuwa:

  • Haraka, chini ya sekunde 2 p99 kwenye kila kikao
  • Inaaminika, inatumika na kampuni 1,500+ katika nchi 220+
  • Salama, SOC 2 Type 1, ISO 27001, GDPR-native, na kuthibitishwa rasmi na mdhibiti wa kifedha wa Uhispania kuwa salama zaidi kuliko kumthibitisha mtu ana kwa ana

Alama ya chini: aina 14,000+ za hati katika lugha 48+, vyanzo vya data 1,000+, na ishara 200+ za udanganyifu kwenye kila kikao. Miundombinu ya Didit hujifunza kwa nguvu kutoka kila kikao na inaboresha kila siku.

KYC Inayoweza Kutumika Tena kwa B2B ni nini?

KYC Inayoweza Kutumika Tena kwa B2B inaruhusu biashara moja kumpa mtumiaji au kampuni iliyothibitishwa kwa biashara nyingine, ili mshirika amuingize mtu yuleyule bila kufanya uthibitishaji tena.

Inafanya kazi kwa hatua mbili:

  • Tengeneza tokeni ya kushiriki. Chagua uthibitishaji uliokamilika katika programu yako, omba Didit ikupe tokeni ya mara moja iliyounganishwa na mshirika mmoja aliyetajwa. Muda wa maisha chaguomsingi ni saa moja; unaweza kuupanua kutoka dakika moja hadi siku nzima. Hakuna mwingine anayeweza kuikomboa.
  • Mshirika wako anaingiza kikao. Anakomboa tokeni na Didit inanakili rekodi kamili kwenye nafasi yao ya kazi, hati, selfie, mechi ya uso, matokeo ya AML, data ya usajili, Wamiliki Wanufaika wa Mwisho (UBOs). Sura sawa na uthibitishaji mpya, na njia safi ya ukaguzi kurudi kwenye asili.

Mshirika wako anachagua kasi ya kuingiza. Amini uamuzi wako na uidhinishe mtumiaji mara moja, au vuta data ghafi na uache timu yao ya kufuata sheria ifanye uamuzi.

Inafanya kazi kwa Know Your Customer (KYC) na Know Your Business (KYB), simu ileile, sura zote mbili.

Marejeleo kamili: docs.didit.me/sessions-api/share-session.

Hii ni kwa ajili ya nani?

Mfumo wowote wa biashara ambapo jukwaa moja linaingiza mtumiaji mara moja na majukwaa kadhaa ya washirika yanahitaji uthibitishaji huo huo:

  • Banking-as-a-Service (BaaS), benki yako mdhamini au mdhamini wa BIN anahitaji data ileile ya Know Your Customer (KYC) uliyokusanya tayari. Tengeneza tokeni ya kushiriki kutoka kwa programu yako, mdhamini anaingiza.
  • Vikundi vya kifedha vya chapa nyingi, mtumiaji mmoja anaingia kwenye Chapa A na kikundi hicho hicho kinamhitaji kwenye Chapa B (neobank + broker, fintech + mkopo, e-money + crypto on-ramp).
  • Fedha zilizopachikwa / Masoko ya Software-as-a-Service (SaaS), Software-as-a-Service ya wima inatoa malipo au mikopo kupitia benki washirika; shiriki uthibitishaji na benki yoyote inayoelekeza mtumiaji.
  • Masoko yenye majukwaa madogo, soko kuu linathibitisha wauzaji mara moja na masoko ya kikanda / wima yanarithi uthibitishaji.
  • On-ramps na exchanges, fiat on-ramp inashiriki mtumiaji aliyethibitishwa na exchange inayoorodhesha mali; hakuna picha ya pili ya selfie.
  • Mifumo ya B2B Know Your Business (KYB), thibitisha biashara mara moja (usajili + UBOs + AML + hati) na ushiriki rekodi hiyo kwa kila mshirika anayeingiza chombo hicho hicho cha kisheria.

Ikiwa unaweza kuandika makubaliano ya kushiriki data na mshirika wako, API hii inatoa nusu ya kiufundi.

Uthibitishaji ni wa haraka kiasi gani kwa mtumiaji wangu wa mwisho?

Mtiririko kamili kwa kawaida huchukua chini ya sekunde 30 kuanzia mwanzo hadi mwisho, chukua kitambulisho, piga picha hati, piga picha selfie, umemaliza. Hiyo ndiyo kasi zaidi sokoni. Watoa huduma wa zamani wa KYC kwa kawaida huchukua zaidi ya sekunde 90 kwa mtiririko huo huo.

Kwenye back end, Didit inarudisha matokeo kwa chini ya sekunde mbili kwa p99, ikipimwa kutoka wakati mtumiaji anamaliza selfie hadi wakati webhook yako inawaka. Upigaji picha wa simu umeundwa kwa simu za polepole na mitandao ya polepole: ukandamizaji wa picha unaoendelea, upakiaji wa polepole wa software development kit, na uhamishaji wa kugusa mara moja kutoka desktop kwenda simu kupitia msimbo wa QR ikiwa mtumiaji anaanza kwenye wavuti.

Jinsi gani jibu la kuingiza linaonekana?

POST /v3/session/import-shared/ inarudisha 201 Created na kikao kipya kabisa katika programu yako, session_id na session_number mpya, payload kamili iliyonakiliwa kutoka chanzo.

Sehemu muhimu:

  • status, Approved / Declined / In Review (imehifadhiwa wakati trust_review: true, inalazimishwa kuwa In Review wakati trust_review: false).
  • session_kind, user (KYC) au business (KYB).
  • shared_from_session, inaelekeza kwenye kikao asili katika programu chanzo. Ishara halisi kwamba kikao hiki kiliingizwa, si kukamatwa upya.
  • vendor_data, kitambulisho cha ndani cha mtumiaji / biashara ULICHOPITISHA kwenye simu ya kuingiza.
  • Mahusiano ya KYC yaliyonakiliwa: id_verifications, liveness_checks, face_matches, aml_screenings, database_validations, proof_of_address, location_checks, phone_verifications, email_verifications.
  • Mahusiano ya KYB yaliyonakiliwa: registry_checks, key_people_checks (na KYC zao zilizopachikwa), document_verifications, aml_screenings, questionnaires.

Sura inayofanana na kikao kipya, kishughulikiaji chako cha webhook kilichopo kinakisoma kwa njia ileile.

Nini kinatokea ikiwa mtumiaji atashindwa, kuacha, au muda wake kuisha?

Kila kikao kinaishia kwenye mojawapo ya hali saba zilizo wazi, hivyo code yako inajua nini cha kufanya kila wakati:

  • Approved, kila ukaguzi umepita. Endeleza mtumiaji.
  • Declined, ukaguzi mmoja au zaidi umeshindwa. Unaweza kumruhusu mtumiaji kutuma tena hatua maalum iliyoshindwa (kwa mfano, kupiga tena selfie) bila kurudia mtiririko mzima.
  • In Review, imewekwa alama kwa ukaguzi wa kufuata sheria. Fungua kesi kwenye console, angalia kila ishara, amua kuidhinisha au kukataa.
  • In Progress, mtumiaji yuko katikati ya mtiririko.
  • Not Started, kiungo kimetumwa, mtumiaji bado hajafungua. Tuma ukumbusho ikiwa inakaa muda mrefu sana.
  • Abandoned, mtumiaji alifungua kiungo lakini hakumaliza kwa wakati. Mshirikishe tena au muda wake uishe.
  • Expired, muda wa kiungo cha kikao umeisha. Unda kikao kipya.

Webhook iliyosainiwa inawaka kwenye kila mabadiliko ya hali, hivyo database yako inabaki sawa kila wakati. Vikao vilivyoachwa na vilivyokataliwa ni bure.

Data ya mteja wangu inakaa wapi na inalindwa vipi?

Data ya uzalishaji inachakatwa na kuhifadhiwa katika Umoja wa Ulaya kwa chaguo-msingi, kwenye Amazon Web Services. Mikataba ya biashara inaweza kuomba maeneo mbadala kwa mamlaka ambazo wadhibiti wao wanahitaji.

Usimbaji fiche kila mahali. AES-256 ikiwa imetulia kwenye kila database, hifadhi ya vitu, na backup. Transport Layer Security 1.3 ikiwa inasafiri kwenye kila simu ya API, webhook, na kikao cha Business Console. Data ya kibayometriki imesimbwa kwa kutumia Customer Master Key tofauti.

Uhifadhi ni wako kudhibiti. Uhifadhi chaguomsingi ni usio na kikomo (unlimited) isipokuwa ukisanidi muda mfupi zaidi, kati ya siku 30 na miaka 10 kwa kila programu, na unaweza kufuta kikao chochote cha kibinafsi wakati wowote kutoka kwenye dashibodi au API.

Vyeti: SOC 2 Type 1 (Ukaguzi wa Aina ya 2 unaendelea), ISO/IEC 27001:2022, iBeta Level 1 PAD, na uthibitisho wa umma kutoka Tesoro / SEPBLAC / CNMV ya Uhispania kwamba uthibitishaji wa utambulisho wa mbali wa Didit ni salama zaidi kuliko kumthibitisha mtu ana kwa ana. Ripoti kamili inapatikana kwenye /security-compliance.

Je, Didit inatii kanuni za sekta yangu?

Didit inatii kanuni za udhibiti muhimu kwa miundombinu ya utambulisho:

  • GDPR + UK GDPR, mgawanyo wa mtawala / mchakato, Mkataba kamili wa Uchakataji Data ulichapishwa, mamlaka kuu ya usimamizi ilitajwa (AEPD ya Uhispania).
  • AMLD6 + EU AML Single Rulebook, vikwazo 1,300+, mtu mashuhuri kisiasa, na orodha za habari hasi huchunguzwa kwa wakati halisi.
  • eIDAS 2.0, Imeunganishwa na EU Digital Identity Wallet; tayari kwa utambulisho unaoweza kutumika tena.
  • MiCA (Markets in Crypto-Assets), tayari kwa crypto on-ramps, exchanges, na custodians.
  • DORA, Sheria ya Ustahimilivu wa Uendeshaji wa Dijitali, ustahimilivu wa uendeshaji wa huduma za kifedha za EU.
  • BIPA, CUBI, Washington HB 1493, CCPA / CPRA, faragha ya kibayometriki ya Marekani (Illinois, Texas, Washington) na faragha ya watumiaji wa California.
  • UK Online Safety Act, majukumu ya kudhibiti umri na usalama wa watoto.
  • FATF Travel Rule, data ya mwanzilishi na mnufaika kwenye uhamishaji wa crypto, IVMS-101 inayoendana.

Memo ya kina, kila cheti, kila barua ya mdhibiti: /security-compliance.

Ninaweza kuunganisha na kuanza kuthibitisha watumiaji haraka kiasi gani?
  • Sekunde 60 kupata akaunti ya sandbox kwenye business.didit.me, hakuna kadi ya mkopo.
  • Dakika 5 kupata uthibitishaji unaofanya kazi kupitia Claude Code, Cursor, au wakala yeyote wa kuweka code kupitia seva yetu ya Model Context Protocol (MCP).
  • Wikiendi moja kupata muunganisho tayari kwa uzalishaji na uthibitishaji wa webhook uliosainiwa, majaribio upya, na mtiririko wa kurekebisha pale mtumiaji anapokataliwa.

Njia tatu za kuunganisha, chagua inayofaa stack yako:

  • Pachika moja kwa moja na Web, iOS, Android, React Native, au Flutter SDK yetu.
  • Elekeza mtumiaji kwenye ukurasa wa uthibitishaji uliopangishwa, hakuna SDK.
  • Tuma kiungo kwa barua pepe, SMS, WhatsApp, au chaneli yoyote, hakuna kazi ya front-end.

Dashibodi ileile, bili ileile, bei ileile ya kulipa-kwa-mafanikio kwa zote tatu. Mwongozo wa hatua kwa hatua unapatikana kwenye docs.didit.me/integration/integration-prompt.

Miundombinu ya utambulisho na udanganyifu.

API moja kwa KYC, KYB, Ufuatiliaji wa Miamala, na Uchunguzi wa Wallet. Unganisha ndani ya dakika 5.

Uliza AI ifupishe ukurasa huu