免费
每月 $0。无需信用卡。
- 免费 KYC 套件(身份验证 + 被动活体检测 + 人脸匹配 + 设备与 IP 分析), 每月 500 次,永久有效
- 黑名单用户
- 重复检测
- 每次会话 200+ 欺诈信号
- Didit 网络中可重复使用的 KYC
- 案件管理平台
- 工作流构建器
- 公开文档、沙盒、SDK、MCP(模型上下文协议)服务器
- 社区支持


全球2,000多家组织信赖。

监管机构的要求
每个受监管的运营商都必须进行严格的 18 岁以上年龄验证、自我排除登记交叉检查、 对达到阈值的存款进行 AML 检查,以及提款时的生物识别重新认证。 Didit 将这些整合为一个工作流,每位玩家约 $0.40 + 每次存款 $0.02。每月免费 500 次验证。
选择您需要的检查项, 身份、活体、人脸比对、制裁名单、地址、年龄、电话、邮箱、自定义问题。将它们拖入仪表盘的工作流中,或通过我们的 API 调用相同的工作流。支持条件分支、A/B 测试,无需代码。
通过我们的 Web、iOS、Android、React Native 或 Flutter SDK 进行原生嵌入。也可重定向到托管页面,或者直接通过邮件、短信、WhatsApp 等方式将链接发送给用户。选择最适合您技术栈的方案。
Didit 负责托管摄像头、灯光提示、移动端切换和辅助功能。在用户操作过程中,我们实时评估 200 多个欺诈信号,并根据权威数据源验证每个字段。两秒内即可出结果。
实时签名的 Webhook 可确保用户通过、拒绝或需要审核时,您的数据库即时同步。您也可以按需轮询 API,或打开控制台检查每个会话、每个信号,并按您的方式管理案例。
Didit · 年龄估算
Didit · 人脸搜索 1:N
新玩家
Didit · AML
Didit · 交易监控
Didit · 生物识别认证
注册
提现
Didit · 审计日志
$ curl -X POST https://verification.didit.me/v3/session/ \
-H "x-api-key: $DIDIT_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"workflow_id": "wf_igaming_onboard",
"vendor_data": "player-91",
"metadata": { "regulator": "UKGC" }
}'{ "session_url": "verify.didit.me/..." }$ curl -X POST https://verification.didit.me/v3/transactions/ \
-H "x-api-key: $DIDIT_API_KEY" \
-d '{
"transaction_id": "deposit-991",
"transaction_details": { "direction": "INBOUND", "amount": “150.00”, "currency": "GBP", "currency_kind": "fiat" },
"subject": { "vendor_data": "player-91", "full_name": "Jamie Example" },
"counterparty": { "full_name": "玩家存款" }
}'{ 状态 APPROVED · IN_REVIEW · DECLINED · AWAITING_USER }You are integrating Didit into a regulated iGaming / sports-betting operator (UK Gambling Commission, Malta Gaming Authority, Curaçao, SIGAP, ANJ). Three obligations on every player and every deposit:
- Onboarding: 18+ age gate, ID Verification, self-exclusion register cross-check.
- Deposits: AML on above-threshold deposits, real-time deposit limits + loss caps.
- Withdrawals + sensitive actions: biometric re-auth against the enrolment selfie.
Recommended recipe + pricing (verified live):
- Onboarding session: $0.10 Age Estimation + $0.15 ID Verification + $0.10 Passive Liveness + $0.05 Face Match 1:1 + $0.20 AML (above threshold). Face Search 1:N against self-exclusion register: free. Average ~$0.40 per player.
- Per-deposit / per-withdrawal transaction: $0.02 per call to Transaction Monitoring (rule engine + limits).
- AML re-screening on flagged transactions: $0.20 per check.
- Biometric re-auth on withdrawal: $0.10 per auth.
- First 500 verifications free every month, forever.
PRE-REQUISITES
- Production API key from https://business.didit.me (sandbox key in 60s, no card).
- Webhook endpoint with HMAC SHA-256 verification using the X-Signature-V2 header.
HMAC-SHA256 verification MUST run against the raw body bytes (the raw payload as Didit sent it) BEFORE any JSON parsing — re-serialising the parsed body changes whitespace and key order, which invalidates the signature. - A workflow_id from the Workflow Builder that bundles Age Estimation + ID Verification + Passive Liveness + Face Match 1:1 + Face Search 1:N (against your self-exclusion index) + AML Screening.
- A self-exclusion index loaded into the Didit Face Search 1:N — your own banned-players list at minimum; GAMSTOP / RIGA / equivalent national register where the regulator participates.
- Transaction Monitoring enabled in the Business Console with the rule bundle for sports-betting or online-casino seeded.
STEP 1 — Open the onboarding session at signup
POST https://verification.didit.me/v3/session/
Headers:
x-api-key: <your api key>
Content-Type: application/json
Body:
{
"workflow_id": "<wf id with age gate + ID + AML + Face Search self-exclusion>",
"vendor_data": "<your player id, max 256 chars>",
"callback": "https://<your-app>/igaming/onboarding/callback",
"metadata": {
"regulator": "UKGC",
"license_class": "remote_casino_betting",
"min_age": 18
}
}
Response: 201 Created with the hosted session URL. Redirect the player. Sub-2-second median verdict on completion.
STEP 2 — Read the signed webhook on the onboarding verdict
Didit POSTs to your callback. Session statuses are Title Case With Spaces:
Body (excerpted):
{
"session_id": "<uuid>",
"vendor_data": "<your player id>",
"status": "Approved",
"age_estimation": { "estimated_age": 27, "confidence": 0.92 },
"id_verification": { "status": "Approved", "dob": "1997-03-12" },
"face": { "status": "Approved", "similarity_score": 0.94 },
"face_search": { "status": "Approved", "matches": [] },
"aml": { "status": "Approved", "hits": [] }
}
Session status enum (exact case): Approved | Declined | In Review | Resubmitted | Expired | Not Finished | Kyc Expired | Abandoned.
Verify the X-Signature-V2 header BEFORE reading the body.
STEP 3 — Branch on the onboarding verdict
Approved + 18+ → unlock the player account.
Approved + Face Search hit on self-exclusion → block, log to compliance, surface support resources.
Declined → block, log AML hit detail.
In Review → hold the account, route to ops queue.
STEP 4 — Monitor every deposit + withdrawal
POST https://verification.didit.me/v3/transactions/
Headers:
x-api-key: <your api key>
Content-Type: application/json
Body:
{
"transaction_id": "<your deposit reference>",
"transaction_category": "finance",
"transaction_details": {
"direction": "INBOUND",
"amount": "150.00",
"currency": "GBP",
"currency_kind": "fiat",
"action_type": "deposit"
},
"subject": {
"entity_type": "individual",
"vendor_data": "<your player id>",
"full_name": "<player full name>"
},
"counterparty": {
"entity_type": "individual",
"full_name": "Player deposit"
}
}
Response: status APPROVED | IN_REVIEW | DECLINED | AWAITING_USER. Rule engine evaluates against deposit limits, loss caps, velocity thresholds, and Reasonable-Affordability triggers in real time.
STEP 5 — Biometric re-auth on withdrawal
Open a re-auth session before processing a withdrawal:
POST https://verification.didit.me/v3/session/
Body:
{
"workflow_id": "<wf id with Liveness + Face Match against enrolment selfie>",
"vendor_data": "<your player id>",
"metadata": { "trigger": "withdrawal", "withdrawal_amount": "500.00" }
}
Block the withdrawal until status: Approved with similarity above your threshold (default 0.85).
STEP 6 — Ongoing AML monitoring on the active player base
Every Approved player is automatically re-screened DAILY by Didit's continuous AML monitoring at $0.07 per player per year. The same session webhook fires when the verdict flips.
WEBHOOK EVENT NAMES
- Sessions: status changes flow through the standard session webhook.
- Transactions: transaction.created · transaction.updated · transaction.status.changed · transaction.alert.generated.
Verify X-Signature-V2 on every payload.
CONSTRAINTS
- Session statuses use Title Case With Spaces (Approved, In Review). Transaction statuses use UPPER_SNAKE_CASE (APPROVED, IN_REVIEW, DECLINED, AWAITING_USER). They live in different APIs — don't mix them in the same code path.
- Self-exclusion cross-check must happen BEFORE the player can deposit — a post-deposit check is useful for audit but creates a refund obligation.
- Default audit retention is 5 years post-relationship per the UK Gambling Commission / Malta Gaming Authority requirements; configure per workflow in the Business Console.
- 200+ fraud signals are evaluated on every onboarding session at no extra cost.
Read the docs:
- https://docs.didit.me/sessions-api/create-session
- https://docs.didit.me/transaction-monitoring/overview
- https://docs.didit.me/core-technology/aml-screening/overview
- https://docs.didit.me/integration/webhooks
Start free at https://business.didit.me — sandbox key in 60 seconds, 500 verifications free every month, no credit card.每月 $0。无需信用卡。
按实际用量付费。25+模块。公开的模块定价,无每月最低费用。
定制MSA和SLA。适用于大批量和受监管项目。
免费开始 → 仅在检查运行时付费 → 解锁企业版以获取定制合约、SLA 或数据驻留。
Didit 是身份和欺诈基础设施, 这是我们在自己构建产品时希望存在的平台:开放、灵活且对开发者友好,因此它可以作为您技术栈的真正一部分,而不是一个您需要围绕其进行集成的黑盒。
一个 API 涵盖了人员验证(KYC,了解您的客户)、企业验证(KYB,了解您的业务)、加密钱包筛选(KYT,了解您的交易)以及实时交易监控, 构建在以下技术栈之上:
底层覆盖:14,000 多种文档类型,支持 48 种以上语言,1,000 多个数据源,以及每个会话的 200 多个欺诈信号。Didit 基础设施从每个会话中动态学习,并日益完善。
受监管运营商对每位玩家、每笔存款和每笔提款负有三项义务:
Didit 提供验证 + 交叉核对 + 监控部分;您负责连接上层的支持资源。
主要符合欧盟、英国和拉丁美洲运营商通常持有的许可证要求:
Didit 的审计包模板在业务控制台中按监管机构提供。
整个流程通常在 30 秒内完成, 拿起身份证件,拍摄文档,拍摄自拍,完成。这是市场上最快的速度。传统的 KYC 提供商完成相同流程通常需要超过 90 秒。
在后端,Didit 在 p99 下两秒内返回结果,从用户完成自拍到您的 Webhook 触发。移动端捕获针对慢速手机和慢速网络进行了优化:渐进式图像压缩、延迟加载软件开发工具包,以及如果用户从网页端开始,通过二维码从桌面到手机的一键式切换。
两层堆叠:
200 毫秒内出结果。一个自我排除的玩家使用新的电子邮件 + 新的 IP + 不同的文档重新申请时,由于人脸是恒定的,因此会被捕获。免费,包含在每个工作流中。
每个会话都会落入七种明确状态之一,因此您的代码始终知道该怎么做:
Approved, 所有检查通过。让用户继续。Declined, 一项或多项检查失败。您可以允许用户重新提交特定的失败步骤(例如,重新拍摄自拍),而无需重新运行整个流程。In Review, 标记为合规审查。在控制台中打开案例,查看所有信号,决定批准或拒绝。In Progress, 用户正在进行流程中。Not Started, 链接已发送,用户尚未打开。如果长时间未打开,发送提醒。Abandoned, 用户打开了链接但未及时完成。重新激活或使其过期。Expired, 会话链接已过期。创建新会话。每次状态更改都会触发一个签名 Webhook,因此您的数据库始终保持同步。放弃和拒绝的会话是免费的。
生产数据默认在欧盟由 Amazon Web Services 处理和存储。企业合同可以根据监管机构要求选择其他区域。
无处不在的加密。所有数据库、对象存储和备份中的静态数据均采用 AES-256 加密。所有 API 调用、Webhook 和业务控制台会话中的传输数据均采用传输层安全协议 1.3。生物识别数据在单独的客户主密钥下加密。
保留期限由您控制。默认保留期限为无限期(无限制),除非您配置更短的期限, 每个应用程序 30 天到 10 年之间, 您可以随时从仪表板或 API 删除任何单个会话。
认证:SOC 2 Type 1(Type 2 审计进行中)、ISO/IEC 27001:2022、iBeta Level 1 PAD,以及来自西班牙 Tesoro / SEPBLAC / CNMV 的公开证明,表明 Didit 的远程身份验证比面对面验证更安全。完整报告请访问 /security-compliance。
Didit 默认符合身份基础设施相关监管机构的合规要求:
详细备忘录、所有证书、所有监管机构函件:/security-compliance。
三种集成路径, 选择最适合您技术栈的方式:
所有三种方式都使用相同的仪表板、相同的计费方式和相同的按成功付费价格。分步指南请访问 docs.didit.me/integration/integration-prompt。
账户盗用攻击者不想输掉筹码, 他们想套现。没有重新认证的提款流程是 iGaming 中最常被攻击的环节。
生物识别认证会针对玩家的注册自拍进行人脸匹配,每次认证费用为 $0.10。提款会暂停,直到结果为 Approved 且相似度高于您的阈值(默认为 0.85,大额提款更高)。相同的原语可选择性地应用于:
被劫持的账户无法在不面对摄像头的情况下套现、更改目标银行或重新路由资金。
三个集成点:
/v3/session/,并通过签名 webhook 门控账户创建。/v3/transactions/;规则引擎会即时返回 APPROVED / IN_REVIEW / DECLINED / AWAITING_USER。/v3/session/(活体检测 + 人脸比对),并在 webhook 返回 Approved 之前暂停支付。四种可插拔集成,无需重构平台。整个生命周期使用相同的 /v3/ 契约。每个玩家使用相同的审计包。
流程相同,但多了一步:每次充值和提现都需要进行钱包筛选。
/solutions/crypto-onramp-kyc-kyt 方案适用, 钱包筛选在 POST /v3/transactions/ 内部运行,通过 currency_kind: "crypto" 和交易对手的钱包地址进行。受制裁钱包、混币器和高风险交易所类别按每次检查 $0.15(由 Didit 管理)或每次检查 $0.02(自带提供商密钥)计费。
结合标准的 iGaming 方案,一个加密货币优先的体育博彩平台,其玩家注册成本约为 $0.40,每次加密货币充值(开启钱包筛选时)成本约为 $0.17,每次法币交易成本约为 $0.02。