Endesha kitambulisho, uhai wa selfie, kulinganisha uso, na ishara za hatari katika mtiririko mmoja — zikiwa zimeunganishwa kwa $0.33. Matokeo chini ya sekunde mbili. 500 za kwanza kila mwezi ni bure, milele.
Robinhood Ventures
Inaaminika na mashirika 2,000+ duniani kote.
$0.33 kifurushi kamili
Hundi nne ambazo kila mchakato wa Know-Your-Customer unahitaji, zikiwa zimeunganishwa kwa bei moja — mara tatu hadi tano nafuu kuliko mtoa huduma wako wa sasa. Nchi 220+. Nyaraka 14,000+. Lugha 48+. Matokeo chini ya sekunde mbili.
Chagua hundi unazotaka — ID, liveness, face match, vikwazo, anwani, umri, simu, barua pepe, maswali maalum. Ziburute kwenye mtiririko katika dashibodi, au tuma mtiririko huo huo kwa API yetu. Panga masharti, endesha majaribio ya A/B, hakuna code inayohitajika.
Pachika asili na SDK yetu ya Web, iOS, Android, React Native, au Flutter. Elekeza kwa ukurasa uliopangishwa. Au tuma tu mtumiaji wako kiungo — kwa barua pepe, SMS, WhatsApp, popote. Chagua kinachofaa stack yako.
Didit huandaa kamera, ishara za mwanga, uhamishaji wa simu, na ufikiaji. Wakati mtumiaji yuko kwenye mtiririko, tunapima ishara 200+ za ulaghai kwa wakati halisi na kuthibitisha kila sehemu dhidi ya vyanzo vya data vya mamlaka. Matokeo chini ya sekunde mbili.
Webhooks zilizotiwa saini kwa wakati halisi huweka database yako sawa mara tu mtumiaji anapoidhinishwa, kukataliwa, au kutumwa kwa ukaguzi. Piga API inapohitajika. Au fungua console kukagua kila session, kila ishara, na kudhibiti kesi kwa njia yako.
OCR · MRZ · Barcode
Nchi
Aina za hati
P99 inference
Standalone
iBeta Level 1 · ISO/IEC 30107-3
Picha ya hati dhidi ya selfie ya moja kwa moja
Orodha 1,300+ · inaendelea $0.07/yr
Ishara 200+ za udanganyifu · kwa kila kipindi
Ishara za udanganyifu
Standalone
Utafutaji wa IP
Buruta-na-dondosha · matawi · A/B
$ curl -X POST https://verification.didit.me/v3/session/ \
-H "x-api-key: $DIDIT_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"workflow_id": "wf_full_kyc",
"vendor_data": "user-42"
}'// Your endpoint receives a signed payload
app.post("/webhooks/didit", (req, res) => {
const sig = req.headers["x-signature-v2"];
const expected = crypto.createHmac("sha256", SECRET)
.update(req.rawBody).digest("hex");
if (sig !== expected) return res.sendStatus(401);
const { status, decision, vendor_data } = req.body;
// status: Approved · Declined · In Review · ...
res.sendStatus(200);
});# Didit User Verification — integrate KYC in 5 minutes
You are integrating Didit's User Verification product line (KYC) into the_my_stack_block. Follow these steps exactly. Every URL, header, and enum value below is canonical — do not paraphrase or "improve" them.
## 1. Provision an account
- Sign up: https://business.didit.me (no credit card required).
- Or provision programmatically: POST https://apx.didit.me/auth/v2/programmatic/register/
(returns an API key bound to the workspace + application).
## 2. Compose the workflow
A workflow is an ordered list of features the user runs through in a single hosted session. The canonical full-KYC bundle is four features:
- ID_VERIFICATION — document capture, OCR, MRZ, barcode, authenticity, liveness
- LIVENESS — Passive Liveness (iBeta Level 1 PAD certified)
- FACE_MATCH — 1:1 match between the document portrait and the live selfie
- IP_ANALYSIS — VPN / proxy / Tor / hosting / ASN / abuse-score signals
This bundle bills at $0.33 per completed session (was $0.30 pre-2026-05).
To compose a custom workflow, add or remove features from the array. Every feature in the catalog is independently priced — see Section 5.
POST https://verification.didit.me/v3/workflows/
Headers:
x-api-key: <your-api-key>
Content-Type: application/json
Body:
{
"workflow_label": "Full KYC",
"features": [
{ "feature": "ID_VERIFICATION" },
{ "feature": "LIVENESS" },
{ "feature": "FACE_MATCH" },
{ "feature": "IP_ANALYSIS" }
]
}
Response: { "workflow_id": "wf_..." }
Feature enums are UPPERCASE_SNAKE_CASE — strict. Available enums:
ID_VERIFICATION, NFC, LIVENESS, FACE_MATCH, FACE_SEARCH, AGE_ESTIMATION,
BIOMETRIC_AUTHENTICATION, AML, ONGOING_AML, IP_ANALYSIS, PROOF_OF_ADDRESS,
DATABASE_VALIDATION, PHONE_VERIFICATION, EMAIL_VERIFICATION,
QUESTIONNAIRES, REUSABLE_KYC, WHITE_LABEL.
You can also build the workflow visually in the Business Console — the Console emits the same workflow_id and the same payload shape.
## 3. Create a session for an end user
POST https://verification.didit.me/v3/session/
Headers:
x-api-key: <your-api-key>
Content-Type: application/json
Body:
{
"workflow_id": "wf_...",
"vendor_data": "<your-own-stable-user-id>",
"callback": "https://your-app.example/callback"
}
Response 201:
{
"session_id": "ses_...",
"session_url": "https://verify.didit.me/...",
"expires_at": "..."
}
Redirect the user to session_url. Didit handles capture (camera, lighting cues, mobile handoff, accessibility) and runs every feature in the workflow.
## 4. Webhooks
Register a destination once per workspace:
POST https://verification.didit.me/v3/webhook/destinations/
Body:
{
"url": "https://your-app.example/webhooks/didit",
"subscribed_events": [
"session.verified",
"session.review_started",
"session.declined",
"kyc_expired"
]
}
Response: { ..., "secret_shared_key": "wsk_..." }
Every delivery carries an X-Signature-V2 header you MUST verify before trusting the payload. HMAC-SHA256 verification MUST run against the raw body bytes (the raw payload as Didit sent it) BEFORE any JSON parsing — re-serialising the parsed body changes whitespace and key order, which invalidates the signature.Algorithm:
1. sortKeys(payload) recursively
2. shortenFloats (truncate trailing zeros after the decimal point)
3. JSON.stringify the result
4. HMAC-SHA256 with the secret_shared_key
5. Hex-encode, compare to the X-Signature-V2 header
## 5. Reading the report
Fetch the full session report after the webhook fires:
GET https://verification.didit.me/v3/session/<session_id>/decision/
Header: x-api-key: <your-api-key>
The response carries one sub-object per feature in the workflow. Top-level status is one of:
"Approved" | "Declined" | "In Review" | "Expired" | "Not Finished"
Sub-objects you will see on the full-KYC bundle:
- id_verification: document_type, document_number, full_name,
first_name, last_name, date_of_birth (YYYY-MM-DD),
age, expiration_date, date_of_issue, issuing_state
(ISO 3166-1 alpha-3), nationality, gender, address,
parsed_address (street, city, region, postal_code,
geometry coordinates), image quality scores, warnings
- liveness: score (0-100), method (Passive/Flash/Active), warnings
- face_match: match (true/false), score (0-100), warnings
- ip_analysis: vpn, proxy, tor, hosting, asn, abuse_score, country
If you add more features to the workflow you get more sub-objects in the report — same JSON shape, same warning catalog, same risk-policy hooks.
## 6. Pricing reference (public, per success)
- Full KYC bundle (ID + LIVENESS + FACE_MATCH + IP_ANALYSIS) — $0.33 per session
- 500 sessions free every month, forever, on every workspace
- Standalone module prices on https://didit.me/pricing
- ID Verification $0.15
- Passive Liveness $0.10
- Active Liveness $0.15
- Face Match 1:1 $0.05
- Face Search 1:N Free
- AML Screening $0.20
- Ongoing AML Monitoring $0.07 per user / year
- NFC Reading $0.15
- Device & IP Analysis $0.03
- Proof of Address $0.20
- Phone Verification From $0.03
- Email Verification $0.03
- Custom Questionnaires $0.10
- Age Estimation $0.10
- Biometric Authentication $0.10
- Database Validation Variable
- White Label $0.20
- Reusable KYC Free
Every module bills only on successful completion — abandoned and rejected sessions are free.
## 7. Hard rules — do not change
- Base URL for /v3/* endpoints is verification.didit.me (NOT apx.didit.me).
- Feature enum is UPPERCASE_SNAKE_CASE.
- Auth header is x-api-key (lowercase, hyphenated).
- Webhook signature header is X-Signature-V2 (NOT X-Signature).
- Always verify webhook signatures before trusting payload data.
- Status casing matches exactly: "Approved", "Declined", "In Review",
"Expired", "Not Finished" (title-cased, space-separated).
## 8. Verify your integration
- Sandbox starts on signup at https://business.didit.me — no separate flag.
- Test docs: deterministic synthetic IDs returned in sandbox.
- Switch to live: flip the application's environment toggle in console.
When in doubt: https://docs.didit.me/sessions-api/create-session
$0 / mwezi. Hakuna kadi ya mkopo inayohitajika.
Lipa tu kwa unachotumia. Moduli 25+. Bei za umma kwa kila moduli, hakuna ada ya chini ya kila mwezi.
MSA & SLA maalum. Kwa idadi kubwa na programu zilizodhibitiwa.
Anza bure → lipa tu wakati ukaguzi unafanyika → fungua Enterprise kwa mkataba maalum, SLA, au uhifadhi wa data.
Didit ni miundombinu ya utambulisho na udanganyifu — jukwaa ambalo tulitamani lingekuwepo tulipokuwa tukijenga bidhaa sisi wenyewe: wazi, rahisi, na rafiki kwa wasanidi, ili lifanye kazi kama sehemu halisi ya stack yako badala ya sanduku jeusi unalounganisha kuzunguka.
API moja inashughulikia kuthibitisha watu (KYC, know your customer), kuthibitisha biashara (KYB, know your business), kuchunguza pochi za crypto (KYT, know your transaction), na kufuatilia miamala kwa wakati halisi — kwenye stack iliyojengwa kuwa:
Alama ya miguu chini: aina 14,000+ za hati katika lugha 48+, vyanzo vya data 1,000+, na ishara za udanganyifu 200+ kwenye kila kipindi. Miundombinu ya Didit hujifunza kwa nguvu kutoka kwa kila kipindi na inakuwa bora kila siku.
Ukaguzi nne hufanywa katika kipindi kimoja kwa bei ya kifurushi cha $0.33:
Zote nne hufanya kazi sambamba. Matokeo chini ya sekunde mbili. 500 za kwanza kila mwezi ni bure, milele. Unalipa tu kwa uthibitishaji uliofanikiwa — vipindi vilivyoachwa na vilivyokataliwa ni bure.
Nchi na maeneo 220+. Hati za utambulisho 14,000+. Lugha 48+ zinazotumiwa na watumiaji. Pasipoti, vitambulisho vya kitaifa, leseni za udereva, vibali vya makazi, hati za wakimbizi, na kadi za kupigia kura — zinasomwa katika lugha 130+ za hati na maandishi 50+ ikiwemo Kilatini, Kiarabu, Kisirili, CJK, Devanagari, Kiebrania, Kithai, na Kijojiajia.
Unahitaji kuthibitisha hati au nchi maalum? Vinjari katalogi inayoweza kutafutwa kwenye didit.me/supported-documents.
Unapowasha Database Validation kama ukaguzi wa ziada katika mtiririko wako, Didit inalinganisha mtumiaji na miunganisho ya moja kwa moja ya rejista za serikali katika nchi 18+ — DNI ya Uhispania, CPF ya Brazil, CURP ya Mexico, Aadhaar ya India, MyInfo ya Singapore, na zaidi.
Mtiririko kamili kwa kawaida huchukua chini ya sekunde 30 kuanzia mwanzo hadi mwisho — chukua kitambulisho, piga picha hati, piga selfie, umemaliza. Hiyo ndiyo kasi zaidi sokoni. Watoa huduma wa zamani wa KYC kwa kawaida huchukua zaidi ya sekunde 90 kwa mtiririko huo huo.
Kwa upande wa nyuma, Didit inarudisha matokeo katika chini ya sekunde mbili kwa p99, ikipimwa kutoka wakati mtumiaji anamaliza selfie hadi wakati webhook yako inawaka. Upigaji picha wa simu umeundwa kwa simu za polepole na mitandao ya polepole: ukandamizaji wa picha unaoendelea, upakiaji wa polepole wa SDK, na uhamishaji wa kugusa mara moja kutoka kompyuta hadi simu kupitia msimbo wa QR ikiwa mtumiaji anaanza kwenye wavuti.
Ishara za udanganyifu 200+ kwenye kila kipindi, zikifanya kazi sambamba na ukaguzi wa hati na selfie:
Kila kipindi kinaishia kwenye mojawapo ya hali saba zilizo wazi, kwa hivyo msimbo wako unajua nini cha kufanya kila wakati:
Approved — kila ukaguzi umepita. Endeleza mtumiaji.Declined — ukaguzi mmoja au zaidi umeshindwa. Unaweza kumruhusu mtumiaji kutuma tena hatua maalum iliyoshindwa (kwa mfano, piga tena selfie) bila kurudia mtiririko mzima.In Review — imewekwa alama kwa ukaguzi wa kufuata. Fungua kesi kwenye console, angalia kila ishara, amua kuidhinisha au kukataa.In Progress — mtumiaji yuko katikati ya mtiririko.Not Started — kiungo kimetumwa, mtumiaji bado hajafungua. Tuma ukumbusho ikiwa itakaa muda mrefu sana.Abandoned — mtumiaji alifungua kiungo lakini hakumaliza kwa wakati. Shirikisha tena au muda wake uishe.Expired — muda wa kiungo cha kipindi umeisha. Unda kipindi kipya.Webhook iliyosainiwa inawaka kwenye kila mabadiliko ya hali, kwa hivyo database yako inabaki sawa kila wakati. Vipindi vilivyoachwa na vilivyokataliwa ni bure.
Data ya uzalishaji inachakatwa na kuhifadhiwa katika Umoja wa Ulaya kwa chaguo-msingi, kwenye Amazon Web Services. Mikataba ya biashara inaweza kuomba maeneo mbadala kwa mamlaka ambazo wadhibiti wao wanahitaji.
Usimbaji fiche kila mahali. AES-256 wakati wa kupumzika kwenye kila database, hifadhi ya kitu, na chelezo. Transport Layer Security 1.3 wakati wa usafiri kwenye kila simu ya API, webhook, na kipindi cha Business Console. Data ya kibayometriki imesimbwa chini ya Customer Master Key tofauti.
Uhifadhi ni wako kudhibiti. Uhifadhi chaguomsingi ni usio na kikomo (unlimited) isipokuwa ukisanidi mfupi zaidi — kati ya siku 30 na miaka 10 kwa kila programu — na unaweza kufuta kipindi chochote cha kibinafsi wakati wowote kutoka kwenye dashibodi au API.
Vyeti: SOC 2 Type 1 (ukaguzi wa Type 2 unaendelea), ISO/IEC 27001:2022, iBeta Level 1 PAD, na uthibitisho wa umma kutoka Tesoro / SEPBLAC / CNMV ya Uhispania kwamba uthibitishaji wa utambulisho wa mbali wa Didit ni salama zaidi kuliko kumthibitisha mtu ana kwa ana. Ripoti kamili kwenye /security-compliance.
Didit inatii sheria kwa chaguo-msingi kwa wadhibiti muhimu kwa miundombinu ya utambulisho:
Memo ya kina, kila cheti, kila barua ya mdhibiti: /security-compliance.
Njia tatu za kuunganisha — chagua inayolingana na stack yako:
Dashibodi sawa, bili sawa, bei sawa ya kulipa kwa mafanikio kwa zote tatu. Mwongozo wa hatua kwa hatua kwenye docs.didit.me/integration/integration-prompt.
API moja kwa KYC, KYB, Ufuatiliaji wa Miamala, na Uchunguzi wa Wallet. Unganisha ndani ya dakika 5.