Skip to main content
Didit Yakusanya $7.5M Kujenga Miundombinu ya Utambulisho na Udanganyifu
Didit
Uthibitisho wa Anwani

Makazi yaliyothibitishwa kutoka hati yoyote inayounga mkono.

Bili za huduma, taarifa za benki, barua za serikali, zinasomwa, kuchambuliwa, kulinganishwa na kitambulisho, kuthibitishwa dhidi ya rejista ya anwani ya nchi. $0.20 kwa kila ukaguzi. Uthibitishaji 500 bure kila mwezi.

Anza bureSoma nyaraka
Inaungwa mkono na
Y CombinatorRobinhood Ventures
GBTC Finance
Bondex
Crnogorski Telekom
UCSF Neuroscape
Shiply
Adelantos

Inaaminika na mashirika 2,000+ duniani kote.

Mchoro wa kisanii wa giza usioeleweka wa Uthibitisho wa Anwani, paneli nne za kioo zinazoelea, zinazopitisha mwanga kwenye nyeusi safi zilizounganishwa na mstari wa Didit Blue unaong'aa. Kila paneli ina motifu ndogo isiyo dhahiri (bahasha, bili ya huduma, pini ya ramani, silhouette ya nyumba).

Kile ambacho jukwaa lililodhibitiwa linadaiwa

Usiamini anwani iliyoandikwa. Soma bili, thibitisha usajili.

Anwani iliyoandikwa mwenyewe inashindwa ukaguzi. Bili ya huduma iliyochanganuliwa ambayo haijalinganishwa na kitambulisho inashindwa ukaguzi. Didit inatoa mapishi kamili ya Uthibitisho wa Anwani, kunasa, OCR, jina + anwani inalingana na kitambulisho, pamoja na uthibitishaji wa rejista ya nchi katika mamlaka 18+, kama kifurushi kimoja cha ushahidi kilichosainiwa kwa $0.20 kwa kila ukaguzi.

Jinsi inavyofanya kazi

Kutoka kujisajili hadi mtumiaji aliyethibitishwa kwa hatua nne.

  1. Hatua 01

    Unda mtiririko wa kazi

    Chagua ukaguzi unaotaka, ID, liveness, face match, vikwazo, anwani, umri, simu, barua pepe, maswali maalum. Ziburute kwenye mtiririko kwenye dashibodi, au tuma mtiririko huo huo kwenye API yetu. Panga masharti, fanya majaribio ya A/B, hakuna code inayohitajika.

  2. Hatua 02

    Unganisha

    Pachika moja kwa moja na SDK yetu ya Web, iOS, Android, React Native, au Flutter. Elekeza kwenye ukurasa uliopangishwa. Au tuma tu kiungo kwa mtumiaji wako, kwa barua pepe, SMS, WhatsApp, popote. Chagua kinachofaa stack yako.

  3. Hatua 03

    Mtumiaji anapitia mtiririko

    Didit huandaa kamera, ishara za mwanga, uhamishaji wa simu, na ufikiaji. Mtumiaji akiwa kwenye mtiririko, tunapima ishara 200+ za udanganyifu kwa wakati halisi na kuthibitisha kila sehemu dhidi ya vyanzo vya data vya kuaminika. Matokeo yanapatikana chini ya sekunde mbili.

  4. Hatua 04

    Unapokea matokeo

    Webhooks zilizotiwa saini kwa wakati halisi huweka database yako sawa mara tu mtumiaji anapoidhinishwa, kukataliwa, au kutumwa kwa ukaguzi. Uliza API inapohitajika. Au fungua console kukagua kila session, kila ishara, na kudhibiti kesi kwa njia yako.

Imejengwa kwa ajili ya kufuata sheria · Bei kama miundombinu

Ukaguzi sita. $0.20 kwa kila Uthibitisho wa Anwani.

Uthibitisho wa Anwani wa kiwango cha mdhibiti si tu OCR, ni mchanganyiko wa kukamata, kuchambua, kulinganisha, kuthibitisha usajili, na bahasha ya ukaguzi. Washa kila moduli kwa kila mtiririko wa kazi.
Soma nyarakaPata API key
01 · Kukamata hati

Kubali hati yoyote inayounga mkono.

Bili ya huduma, taarifa ya benki, barua ya serikali, mkataba wa kukodisha, rehani, mkataba wa simu / intaneti, zote ndani ya siku 90. Mtiririko uliopangishwa humwongoza mtumiaji kupitia kukamata; SDK huonyesha mtiririko huo ndani ya programu yako asili.
Moduli ya Uthibitisho wa Anwani
02 · Chambua + angalia udanganyifu

Chambua sehemu. Thibitisha hati.

OCR huchota anwani kwenye sehemu halisi, mstari wa 1, mstari wa 2, jiji, msimbo wa posta, nchi, issued_at, na kuiweka sawa kwenye bili ya huduma ya Kiingereza, taarifa ya benki ya Kihispania, Anmeldung ya Kijerumani. Wakati huo huo tunaangalia uhalisi: udanganyifu wa kiwango cha pikseli, nakala-bandika, uchezaji wa fonti / template, uchapishaji upya wa azimio la chini, na kutofautiana kwa EXIF. Hati iliyoghushiwa au iliyobadilishwa inashindwa ukaguzi kabla haijafika kwenye logi yako ya ukaguzi.
Moduli ya Uthibitisho wa Anwani
03 · Kulinganisha ID

Linganisha na ID husika.

Anwani iliyochambuliwa inalinganishwa na anwani kwenye ID husika, na jina kwenye uthibitisho linalinganishwa na jina kwenye ID. Hukamata bili ghushi, majina yasiyolingana, upakiaji uliopitwa na wakati, na bili za mtu mwingine kwenye anwani hiyo hiyo.
Moduli ya Uthibitishaji wa ID
04 · Uthibitishaji wa Usajili

Thibitisha dhidi ya chanzo rasmi cha nchi.

Ambapo nchi inaiunga mkono, UK Royal Mail PAF, Spain Catastro / Padrón, France BAN, Germany municipal Anmeldung, US USPS, na zaidi, anwani iliyochambuliwa inatafutwa moja kwa moja dhidi ya rejista rasmi.
Moduli ya Uthibitishaji wa Database
05 · Ufikiaji wa Kimataifa

Nchi 220+, lugha 48+.

Nyaraka zinazokubalika kwa kila eneo, Ulaya huelekea bili ya huduma / benki / barua ya baraza, Amerika Kusini huelekea rejista ya kodi, Marekani huelekea benki / huduma / kukodisha, APAC huelekea barua ya serikali. Mjenzi wa Mtiririko wa Kazi hukuruhusu kuzuia nyaraka zinazokubalika kwa kila sehemu ya nchi.
Moduli ya Uthibitishaji wa Database
06 · Kifurushi cha ukaguzi

Bahasha ya ukaguzi ya kiwango cha mdhibiti.

Kila uamuzi wa Uthibitisho wa Anwani umetiwa saini na kuwekewa muhuri wa muda, picha halisi ya hati, mzigo wa anwani iliyochambuliwa, maamuzi ya kulinganisha, na matokeo ya uthibitishaji wa rejista. Inaweza kusafirishwa inapohitajika kupitia Business Console au API. Vituo vya data vya EU kwa chaguo-msingi.
Inazingatia sheria kwa muundo
Unganisha

Session moja. Anwani halisi. Kifurushi kilichotiwa saini.

Fungua session. Soma anwani iliyochambuliwa. Weka bahasha ya ukaguzi ya kiwango cha mdhibiti.
POST /v3/session/POA
$ curl -X POST https://verification.didit.me/v3/session/ \
  -H "x-api-key: $DIDIT_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "workflow_id": "wf_proof_of_address",
    "vendor_data": "user-42",
    "expected_country": "ES"
  }'
201ImeundwaURL iliyopangishwa · mtumiaji anapakia kitambulisho + selfie + POA.
Kipindi cha siku 90 kinatekelezwa kwenye tarehe ya hati.nyaraka →
GET /v3/session/{id}/decision/Uamuzi
$ curl https://verification.didit.me/v3/session/$SESSION/decision/ \
  -H "x-api-key: $DIDIT_API_KEY"

# Decision payload (excerpted):
{ "proof_of_address": { "status": "Approved", "address": { ... } },
  "database_validation": { "service": "es_catastro_address", "result": { "registry_match": true } } }
200OKregistry_match kweli → uthibitisho wa makazi wenye uhakika mkubwa.
Ujumuishaji tayari kwa agent

Tuma Uthibitisho wa Anwani kwa amri moja.

Bandika kwenye Claude Code, Cursor, Codex, Devin, Aider, au Replit Agent. Jaza stack yako. Agent huunda workflow, huwasha session, huchanganua anwani katika sehemu rasmi, huendesha uthibitishaji wa rejista, na kuunganisha webhook.
didit-integration-prompt.md
You are integrating Didit's Proof of Address into a regulated onboarding flow (bank, fintech, lender, crypto exchange, EU payment institution). Regulators want a current address on every customer file; the legacy "ask the user to type it" approach fails audit because the typed address is unverified.

Four obligations on every Proof of Address:

  1. Capture an acceptable document — utility bill, bank statement, government letter, lease, mortgage, mobile / internet contract — dated within the last 90 days.
  2. Read the address fields with Optical Character Recognition (OCR) and parse them into the canonical address envelope (line 1, line 2, city, postal code, country).
  3. Cross-check the address against the address on the underlying ID document AND against the name on both — a mismatched address or a mismatched name fails the check.
  4. Where the country supports it, validate the parsed address against the authoritative address registry (UK Royal Mail PAF, Spain Catastro / Padrón, France BAN, Germany DATEV, US USPS).

Pricing (verified live):
  - Proof of Address: $0.20 per check
  - ID Verification (required as the cross-check anchor): $0.15 per check
  - Database Validation (per-country registry validation, optional): variable per service
  - Combined bundle (ID + Liveness + Face Match + Proof of Address): $0.55 per user
  - First 500 verifications free every month, forever

PRE-REQUISITES
  - Production API key from https://business.didit.me (sandbox key in 60s, no card).
  - Webhook endpoint with HMAC SHA-256 verification using the X-Signature-V2 header and your webhook secret.
  - A workflow_id from the Workflow Builder bundling ID Verification + Passive Liveness + Face Match 1:1 + Proof of Address. Add a Database Validation node for the country-specific address registry where available.

STEP 1 — Create the session

  POST https://verification.didit.me/v3/session/
  Headers:
    x-api-key: <your api key>
    Content-Type: application/json
  Body:
    {
      "workflow_id": "<your proof-of-address workflow id>",
      "vendor_data": "<your user id, max 256 chars>",
      "callback_url": "https://<your-app>/onboarding/poa/callback",
      "expected_country": "ES",
      "metadata": {
        "purpose": "regulatory_address_capture",
        "user_id": "<your internal id>"
      }
    }

  Response: 201 Created with the hosted session URL. SMS or email the URL to the user; they complete ID capture + selfie + Proof of Address upload on their phone in under five minutes.

STEP 2 — Read the signed webhook on completion

  Didit POSTs to your callback. Session statuses are Title Case With Spaces:

  Body (excerpted):
    {
      "session_id": "<uuid>",
      "vendor_data": "<your user id>",
      "status": "Approved",
      "id_verification": { "status": "Approved", "document_type": "passport", "country_code": "ES" },
      "liveness": { "status": "Approved" },
      "face": { "status": "Approved", "similarity_score": 0.94 },
      "proof_of_address": {
        "status": "Approved",
        "document_type": "utility_bill",
        "issuer": "Iberdrola",
        "issued_at": "2026-04-12",
        "address": {
          "line1": "C. Diagonal 612",
          "line2": "3a",
          "city": "Barcelona",
          "postal_code": "08021",
          "country": "ES"
        },
        "cross_check": {
          "name_match": true,
          "address_match_with_id": true,
          "within_90_day_window": true
        }
      },
      "database_validation": {
        "status": "Approved",
        "service": "es_catastro_address",
        "result": { "registry_match": true }
      }
    }

  Session status enum (exact case):
    Approved | Declined | In Review | Resubmitted | Expired | Not Finished | Kyc Expired | Abandoned

  Verify the X-Signature-V2 header BEFORE reading the body — HMAC SHA-256 of the raw bytes with your webhook secret.

STEP 3 — Decide

  Branch logic:
    Approved    → file the canonical address payload on the customer record.
    In Review   → hold the onboarding, wait for analyst webhook update.
    Declined    → refuse onboarding, log the decline reason (typically: document over 90 days old, name mismatch, address mismatch with the ID).
    Resubmitted → user updated the upload; re-read the decision.

  The Proof of Address sub-result is independent of the parent session — even if the parent session is Approved, the proof_of_address.status might be In Review if the cross-check flagged a different city. Switch on proof_of_address.status when you persist the address.

STEP 4 — Persist the canonical address envelope

  When proof_of_address.status === "Approved", save the entire address object to your customer record as the regulatory current address. Use the canonical fields (line1, line2, city, postal_code, country) — Didit normalises across document layouts so the same shape works for an English utility bill, a Spanish bank statement, and a German Anmeldung.

  Keep the issuer + issued_at fields for your audit log — they prove the document type and the recency window the regulator audited.

STEP 5 — Registry validation result

  When the workflow includes a Database Validation node, the database_validation block returns the per-country registry-validation outcome:
    - es_catastro_address — Spanish Catastro property registry
    - uk_royal_mail_paf — UK Postcode Address File
    - fr_ban — France Base Adresse Nationale
    - de_anmeldung — German municipal registration check
    - us_usps — US Postal Service address validation

  A registry-match-false result on a country that supports validation is a signal worth manual review even if the OCR pass succeeded — most fake addresses fail registry validation immediately.

STEP 6 — Refresh on a cadence (optional)

  Most regulators ask for the address on file to be re-confirmed every 1-3 years (longer for low-risk customers, shorter for high-risk). Add a periodic Proof of Address session to your account-refresh cadence — same workflow, same hosted URL flow.

WEBHOOK EVENT NAMES
  - status.updated — session status changed.
  - data.updated — session data changed (resubmission, document re-upload).

  Verify X-Signature-V2 on every payload. The webhook secret is per-environment — sandbox key is separate from production.

CONSTRAINTS
  - Session statuses use Title Case With Spaces (Approved, In Review).
  - Acceptable documents must be dated within the last 90 days by default; some workflows extend to 180 days for low-risk customer segments.
  - The address on the Proof of Address document MUST cross-check against the address on the underlying ID OR against a previously-Approved address on file. If neither match, the proof flips to In Review automatically.
  - Default record retention is 5 years post-relationship per the EU AML package.

Read the docs:
  - https://docs.didit.me/sessions-api/create-session
  - https://docs.didit.me/sessions-api/retrieve-session
  - https://docs.didit.me/core-technology/proof-of-address/overview
  - https://docs.didit.me/core-technology/database-validation/overview
  - https://docs.didit.me/integration/webhooks

Start free at https://business.didit.me — sandbox key in 60 seconds, 500 verifications free every month, no credit card.
Inatii kwa muundo

Fungua nchi mpya kwa kubofya mara moja. Tunafanya kazi ngumu.

Tunafungua kampuni tanzu za ndani, tunapata leseni, tunafanya majaribio ya kupenya, tunapata vyeti, na tunalingana na kila kanuni mpya. Ili kusafirisha uthibitishaji katika nchi mpya, geuza swichi. Nchi 220+ ziko hewani, zinakaguliwa na kupimwa kila robo mwaka, mtoa huduma pekee wa utambulisho ambaye serikali ya nchi mwanachama wa EU imemwita rasmi kuwa salama zaidi kuliko uthibitishaji wa ana kwa ana.
Soma faili ya usalama na utiifu
EU financial sandbox
Tesoro · SEPBLAC · BdE
ISO/IEC 27001
Usalama wa habari · 2026
SOC 2 · Type I
AICPA · 2026
iBeta Level 1 PAD
NIST / NIAP · 2026
GDPR
EU 2016/679
DORA
EU 2022/2554
MiCA
EU 2023/1114
AMLD6 · eIDAS 2.0
EU-aligned kwa muundo

Namba za uthibitisho

Namba za uthibitisho
  • $0.00
    Kwa Kila Uthibitisho wa Anwani, OCR + ukaguzi mtambuka + uthibitishaji wa rejista.
  • 0+
    Nchi zenye uthibitishaji wa rejista ya anwani yenye mamlaka iliyojengwa ndani.
  • 0+
    Nchi zinazoungwa mkono kwa ujumla, na hati zinazokubalika kwa kila eneo.
  • 0
    Uthibitishaji wa bure kila mwezi, kwenye kila akaunti.
Ngazi tatu, orodha moja ya bei

Anza bure. Lipa kulingana na matumizi. Panua hadi Enterprise.

Uthibitishaji 500 bila malipo kila mwezi, milele. Lipa kadri unavyotumia kwa uzalishaji. Mikataba maalum, uhifadhi wa data, na SLA (Service Level Agreements) kwenye Enterprise.
Bure

Bure

$0 / mwezi. Hakuna kadi ya mkopo inayohitajika.

  • Kifurushi cha bure cha KYC (Uthibitishaji wa Kitambulisho + Passive Liveness + Face Match + Uchambuzi wa Kifaa & IP), 500 / mwezi, kila mwezi
  • Watumiaji Waliozuiwa
  • Utambuzi wa Marudio
  • Ishara 200+ za udanganyifu kwenye kila session
  • KYC inayoweza kutumika tena kwenye mtandao wa Didit
  • Jukwaa la Usimamizi wa Kesi
  • Workflow Builder
  • Nyaraka za umma, sandbox, SDKs, server ya MCP (Model Context Protocol)
  • Usaidizi wa jamii
Anza bure
Maarufu zaidi
Lipa kulingana na matumizi

Kulingana na Matumizi

Lipa tu kwa unachotumia. Moduli 25+. Bei za umma kwa kila moduli, hakuna ada ya chini ya kila mwezi.

  • KYC kamili kwa $0.33 (Kitambulisho + Biometric + IP / Kifaa)
  • Data za AML 10,000+, vikwazo, PEPs, habari hasi
  • Vyanzo vya data vya serikali 1,000+ kwa Uthibitishaji wa Database
  • Ufuatiliaji wa Miamala kwa $0.02 kwa kila muamala
  • KYB ya moja kwa moja kwa $2.00 kwa kila biashara
  • Uchunguzi wa Wallet kwa $0.15 kwa kila ukaguzi
  • Mtiririko wa uthibitishaji wa Whitelabel, brand yako, miundombinu yetu
Tazama orodha kamili ya beiAnza bure
Biashara Kubwa

Biashara Kubwa

MSA & SLA maalum. Kwa idadi kubwa na programu zilizodhibitiwa.

  • Mikataba ya kila mwaka
  • MSA, DPA, na SLA maalum
  • Kituo maalum cha Slack na WhatsApp
  • Wakaguzi wa mikono wanapohitajika
  • Masharti ya muuzaji na white-label
  • Vipengele vya kipekee na ushirikiano wa washirika
  • CSM aliyetajwa, ukaguzi wa usalama, usaidizi wa kufuata
Wasiliana nasi

Anza bure → lipa tu wakati ukaguzi unafanyika → fungua Enterprise kwa mkataba maalum, SLA, au uhifadhi wa data.

FAQ

Maswali ya kawaida

What is Didit?

Didit is infrastructure for identity and fraud, the platform we wished existed when we were building products ourselves: open, flexible, and developer-friendly, so it works as a real part of your stack instead of a black box you integrate around.

One API covers verifying people (KYC, know your customer), verifying businesses (KYB, know your business), screening crypto wallets (KYT, know your transaction), and monitoring transactions in real time, on a stack built to be:

  • Fast, sub-2-second p99 on every session
  • Reliable, in production with 1,500+ companies across 220+ countries
  • Secure, SOC 2 Type 1, ISO 27001, GDPR-native, and formally attested by Spain's financial regulator as safer than verifying someone in person

The footprint underneath: 14,000+ document types in 48+ languages, 1,000+ data sources, and 200+ fraud signals on every session. The Didit infrastructure dynamically learns from every session and gets better every day.

What's a Proof of Address and why do regulators want one?

Proof of Address is exactly what it sounds like, evidence that the person you're onboarding actually lives at the address they claim. The conventional artefacts are:

  • Utility bill, electricity, gas, water, internet, mobile contract
  • Bank statement, from a regulated bank, with the user's name and address on it
  • Government letter, tax demand, council letter, voter registration
  • Lease or mortgage agreement, signed contract for the address

Why regulators care: an address on file is the anchor for anti-money-laundering record-keeping, tax-residency reporting (FATCA / CRS), and the legal jurisdiction of any future enforcement. A typed self-attested address is unverifiable; a Proof of Address backed by a recent document + a cross-check against the ID is the standard. Didit ships the full recipe for $0.20 per check.

Why isn't a typed address enough?

Three reasons regulators consistently reject self-attested addresses:

  • Fraud, anyone can type any address. Mules and synthetic identities use this routinely to spread the same address across many opened accounts.
  • No audit anchor, when the regulator audits the file, there's nothing to point to. A signed Proof of Address is the artefact you can put in the audit pack.
  • Tax-residency reporting, under FATCA and the OECD's Common Reporting Standard, banks have to report account-holders' tax residency based on documentary evidence. A typed address doesn't qualify as documentary.

The Proof of Address recipe, capture, OCR, cross-check, registry validation, produces a regulator-grade artefact in under five minutes on the user's phone. $0.20 per check end-to-end.

How fast is the verification for my end user?

The full flow normally takes under 30 seconds end-to-end, pick up the ID, snap the document, snap the selfie, done. That is the fastest in the market. Legacy KYC providers usually take more than 90 seconds for the same flow.

On the back end, Didit returns the result in under two seconds at p99, measured from the moment the user finishes the selfie to the moment your webhook fires. Mobile capture is tuned for slow phones and slow networks: progressive image compression, lazy software development kit load, and a one-tap hand-off from desktop to phone via QR code if the user starts on web.

What's wrong with just asking for a utility bill?

If you stop at "upload your utility bill", a determined attacker can:

  • Photoshop the address on a bill belonging to someone else
  • Reuse a bill from a previous tenant at the same address
  • Submit a bill from a different person at the same address
  • Submit an expired bill (from before they moved)

The Didit recipe catches all four by stacking three layers of validation on top of the OCR:

  • Name cross-check, the name on the bill has to match the name on the ID
  • Address cross-check, the address on the bill has to match the address on the ID (or the previous Approved address)
  • Registry validation, the address is looked up against the country's authoritative address registry (UK Royal Mail PAF, Spain Catastro, France BAN, Germany DATEV, US USPS, etc.)

All three run server-side. The agent never sees a raw upload, only the validated result.

What happens if a user fails, abandons, or expires?

Every session lands on one of seven clear statuses, so your code always knows what to do:

  • Approved, every check passed. Move the user forward.
  • Declined, one or more checks failed. You can allow the user to resubmit the specific failed step (for example, re-take the selfie) without re-running the whole flow.
  • In Review, flagged for compliance review. Open the case in the console, see every signal, decide approve or decline.
  • In Progress, user is mid-flow.
  • Not Started, link sent, user has not opened it yet. Send a reminder if it sits too long.
  • Abandoned, user opened the link but did not finish in time. Re-engage or expire.
  • Expired, the session link aged out. Create a new session.

A signed webhook fires on every status change, so your database always stays in sync. Abandoned and declined sessions are free.

Where does my customer data live and how is it protected?

Production data is processed and stored in the European Union by default, on Amazon Web Services. Enterprise contracts can request alternative regions for jurisdictions whose regulators require it.

Encryption everywhere. AES-256 at rest across every database, object store, and backup. Transport Layer Security 1.3 in transit on every API call, webhook, and Business Console session. Biometric data is encrypted under a separate Customer Master Key.

Retention is yours to control. Default retention is indefinite (unlimited) unless you configure shorter, between 30 days and 10 years per application, and you can delete any individual session at any time from the dashboard or the API.

Certifications: SOC 2 Type 1 (Type 2 audit in progress), ISO/IEC 27001:2022, iBeta Level 1 PAD, and a public attestation from Spain''s Tesoro / SEPBLAC / CNMV that Didit''s remote identity verification is safer than verifying someone in person. Full report at /security-compliance.

Is Didit compliant for my industry?

Didit ships compliant by default for the regulators that matter to identity infrastructure:

  • GDPR + UK GDPR, controller / processor split, full Data Processing Agreement published, lead supervisory authority named (Spain''s AEPD).
  • AMLD6 + EU AML Single Rulebook, 1,300+ sanctions, politically exposed person, and adverse-media lists screened in real time.
  • eIDAS 2.0, EU Digital Identity Wallet aligned; reusable-identity ready.
  • MiCA (Markets in Crypto-Assets), ready for crypto on-ramps, exchanges, and custodians.
  • DORA, Digital Operational Resilience Act, EU financial-services operational resilience.
  • BIPA, CUBI, Washington HB 1493, CCPA / CPRA, US biometric privacy (Illinois, Texas, Washington) and California consumer privacy.
  • UK Online Safety Act, age-gating and child-safety obligations.
  • FATF Travel Rule, originator and beneficiary data on crypto transfers, IVMS-101 interoperable.

Detailed memo, every certificate, every regulator letter: /security-compliance.

How fast can I integrate and start verifying users?
  • 60 seconds to a sandbox account at business.didit.me, no credit card.
  • 5 minutes to a working verification through Claude Code, Cursor, or any coding agent via our Model Context Protocol (MCP) server.
  • A weekend to a production-ready integration with signed-webhook verification, retries, and a remediation flow when a user is declined.

Three integration paths, pick whichever fits your stack:

  • Embed natively with our Web, iOS, Android, React Native, or Flutter SDK.
  • Redirect the user to the hosted verification page, zero SDK.
  • Send a link by email, SMS, WhatsApp, or any channel, zero front-end work.

Same dashboard, same billing, same pay-per-success price for all three. Step-by-step guide at docs.didit.me/integration/integration-prompt.

How does the 90-day window work?

Most regulators want the Proof of Address document to be dated within the last 90 days at the moment of verification, anything older is treated as stale on the assumption that the user might have moved since.

Didit's OCR reads the document date and checks it against the verification timestamp automatically:

  • Within 90 days within_90_day_window: true proof passes the recency check
  • Older than 90 days within_90_day_window: false session flips to In Review and the user is prompted to upload a more recent document

For low-risk customer segments you can configure the workflow to extend the window to 180 days, or drop it to 60 days for high-risk segments. The configuration is per workflow, not per session, so changes apply uniformly. UK Right to Rent uses 90 days; EU AML guidance generally accepts 90-180 days depending on the supervisor.

How does refresh work for long-tenured customers?

Most regulators ask for the address on file to be re-confirmed periodically:

  • Low-risk customers, every 3 years is typical
  • Standard customers, every 1-2 years
  • High-risk / EU-PEP customers, annually
  • On material event, significant transaction pattern change, address change reported by the customer, new product onboarded

Didit's refresh is the same POST /v3/session/ against your Proof-of-Address workflow with the existing customer's vendor_data. The new document supersedes the previous one in the customer file; both are kept in the audit trail. Schedule the refresh from your customer-data pipeline, Didit doesn't auto-trigger refreshes because the cadence belongs to your risk policy.

How does Didit compare on price?

Most KYC providers price Proof of Address between $0.50 and $2.00 per check, often as a separate line item on top of a higher KYC base, with per-country surcharges for any registry validation. The Onfido / Jumio / Veriff archetype.

Didit's published price is $0.20 per Proof of Address + $0.15 for the underlying ID Verification (required as the cross-check anchor) = $0.35 for the combined recipe. Database Validation adds variable per-country cost, typically $0.05-$0.20. No floor, no minimum, no per-country surcharge.

That's roughly 3-5× cheaper than the incumbent stack on the same regulatory output. At a 50,000-user month, the saving versus a $1.50-per-POA incumbent is around $65,000 per year. Full pricing at /pricing.

Related

Moduli zinazohusiana + workflows

Miundombinu ya utambulisho na udanganyifu.

API moja kwa KYC, KYB, Ufuatiliaji wa Miamala, na Uchunguzi wa Wallet. Unganisha ndani ya dakika 5.

Anza bila malipoZungumza nasi
Uliza AI ifupishe ukurasa huu