免费
每月 $0。无需信用卡。
- 免费 KYC 套件(身份验证 + 被动活体检测 + 人脸匹配 + 设备与 IP 分析), 每月 500 次,永久有效
- 黑名单用户
- 重复检测
- 每次会话 200+ 欺诈信号
- Didit 网络中可重复使用的 KYC
- 案件管理平台
- 工作流构建器
- 公开文档、沙盒、SDK、MCP(模型上下文协议)服务器
- 社区支持


全球2,000多家组织信赖。

平台应尽的责任
欧盟数字服务法案和新的AML(反洗钱)一揽子计划,使卖家验证成为一项法律义务。Didit将其整合为一个工作流:注册信息查询、所有者提取、对每个所有者进行KYC(了解您的客户)以及文档OCR(光学字符识别), 所有这些都与同一卖家记录关联。每个卖家$2.00,每个所有者$0.33。每月免费提供500次验证。
选择您需要的验证项, 身份、活体检测、人脸比对、制裁名单、地址、年龄、电话、邮箱、自定义问题。在控制面板中拖拽即可创建流程,或通过API发布相同流程。支持条件分支和A/B测试,无需代码。
通过我们的Web、iOS、Android、React Native或Flutter SDK进行原生嵌入。也可重定向到托管页面。或者直接通过邮件、短信、WhatsApp等方式向用户发送链接。选择最适合您技术栈的方案。
Didit负责托管摄像头、光线提示、移动端切换和无障碍功能。在用户进行流程时,我们实时评估200多项欺诈信号,并根据权威数据源验证每个字段。两秒内即可获得结果。
实时签名的webhook确保用户通过、拒绝或需要审核时,您的数据库即时同步。可按需轮询API。或打开控制台,检查每个会话、每个信号,并按您的方式管理案例。
Didit · KYB · kyb_registry
Didit · KYB · kyb_key_people
Didit · 关联 KYC
UBO 2 / 3
在所有者手机上托管流程
Didit · KYB · kyb_company_aml
Didit · KYB · kyb_documents
Didit · 持续监控
$ curl -X POST https://verification.didit.me/v3/session/ \
-H "x-api-key: $DIDIT_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"workflow_id": "wf_kyb_marketplace",
"vendor_data": "seller-42",
"expected_country": "GB"
}'{ "url": "verify.didit.me/..." }$ curl https://verification.didit.me/v3/session/$SESSION/decision/ \
-H "x-api-key: $DIDIT_API_KEY"
# Decision payload (excerpted):
{ "session_kind": "business", "status": "APPROVED",
"decision": { "company": { "legal_name": "Maker Goods Ltd.", "registry_status": "ACTIVE" },
"key_people": [ ... kyc_session_url per owner ... ]
} }状态 APPROVED · IN_REVIEW · DECLINED · AWAITING_USERYou are integrating Didit into a marketplace that lists third-party sellers (Etsy, Shopify, Faire, Amazon Handmade, OnBuy archetype). EU Digital Services Act Article 30 and the new EU Anti-Money Laundering (AML) package require you to verify the seller (KYB) before any listing goes live, and to keep that verification fresh while they sell.
Four obligations on every seller:
1. Pull the company's registry record (legal name, registration number, status, incorporation date) from the authoritative government source.
2. Extract every Ultimate Beneficial Owner (UBO) — anyone owning 25% or more — and run a closed-loop KYC on each one.
3. Screen the company AND every UBO against sanctions, Politically Exposed Persons (PEP), and adverse-media lists.
4. Collect the corporate evidence (certificate of incorporation, tax registration, proof of business address) and watch the seller continuously for status changes, UBO turnover, AML hits, and document expiry.
Pricing (verified live):
- KYB session (registry + company AML + documents + key-people flow): $2.00 per seller, pay-per-call
- Linked KYC per UBO: $0.33 per UBO (ID + Passive Liveness + Face Match + IP + AML)
- Ongoing AML monitoring: $0.07 per user per year
- First 500 KYC verifications free every month, forever
PRE-REQUISITES
- Production API key from https://business.didit.me (sandbox key in 60s, no card).
- Webhook endpoint with HMAC SHA-256 verification using the X-Signature-V2 header and your webhook secret.
- A workflow_id for KYB from the Workflow Builder. The workflow's type (KYC or KYB) drives the session shape — no explicit business flag is needed on the request.
- A workflow_id for KYC bundled with ID + Passive Liveness + Face Match + IP + AML, used for the linked UBO sessions.
STEP 1 — Create the KYB session
POST https://verification.didit.me/v3/session/
Headers:
x-api-key: <your api key>
Content-Type: application/json
Body:
{
"workflow_id": "<your KYB workflow id>",
"vendor_data": "<your seller id, max 256 chars>",
"callback_url": "https://<your-app>/sellers/kyb/callback",
"expected_country": "GB",
"metadata": {
"seller_id": "<your internal seller id>",
"marketplace_segment": "handmade"
}
}
Response: 201 Created with the hosted session URL. Email it to the seller or embed it in your onboarding UI. Behind the scenes, Didit runs:
- kyb_registry — live registry lookup against the country's authoritative source
- kyb_company_aml — sanctions / PEP / adverse media on the company
- kyb_documents — document collection + Optical Character Recognition (OCR) (incorporation, TIN, proof of address)
- kyb_key_people — UBO + director extraction with linked-KYC sessions
STEP 2 — Read the signed webhook on KYB completion
Didit POSTs to your callback. KYB SESSION statuses are UPPER_SNAKE_CASE:
Body (excerpted):
{
"session_id": "<uuid>",
"session_kind": "business",
"vendor_data": "<your seller id>",
"status": "APPROVED",
"decision": {
"company": {
"legal_name": "Maker Goods Ltd.",
"registration_number": "1029847",
"country_code": "GB",
"registry_status": "ACTIVE"
},
"features": [
{ "node_id": "kyb_registry", "status": "APPROVED" },
{ "node_id": "kyb_company_aml", "status": "APPROVED", "total_hits": 0 },
{ "node_id": "kyb_documents", "status": "APPROVED" },
{ "node_id": "kyb_key_people", "status": "APPROVED",
"key_people": [
{ "uuid": "<uuid>", "name": "Sara Ortega", "role": "director", "is_ubo": true, "ownership_percentage": 60, "kyc_status": "Approved", "kyc_session_url": "https://verify.didit.me/..." },
{ "uuid": "<uuid>", "name": "Niels Janssen", "role": "shareholder", "is_ubo": true, "ownership_percentage": 30, "kyc_status": "Approved", "kyc_session_url": "https://verify.didit.me/..." }
]
}
]
}
}
SESSION status enum (KYB · UPPER_SNAKE_CASE):
NOT_STARTED | IN_PROGRESS | AWAITING_USER | APPROVED | DECLINED | IN_REVIEW | RESUBMITTED | ABANDONED | EXPIRED
FEATURE status enum (inside decision.features[].status · UPPER_SNAKE_CASE):
NOT_FINISHED | APPROVED | DECLINED | IN_REVIEW | RESUB_REQUESTED | AWAITING_USER
Note: kyc_status on key_people IS Title Case ("Approved" / "Declined" / "Pending") — those are KYC sessions linked from inside the KYB feature, not KYB features themselves.
Verify the X-Signature-V2 header BEFORE reading the body — HMAC SHA-256 of the raw bytes with your webhook secret.
STEP 3 — Linked KYC on each UBO is automatic
When the seller completes the hosted KYB flow and submits the UBO list, Didit spawns a child KYC session per UBO using the KYC workflow you configured on the KYB workflow. Each child session has its own session_id and its own hosted URL on the kyc_session_url field inside the key-people block.
You don't need to call POST /v3/session/ again for the UBOs — they're stitched to the parent KYB session automatically. You DO need to drive each UBO through their hosted KYC URL (email it, SMS it, embed it in your seller dashboard).
Per-UBO KYC session status is Title Case With Spaces (KYC convention):
Approved | Declined | In Review | Resubmitted | Expired | Not Finished | Kyc Expired | Abandoned
Linked-KYC pricing: $0.33 per UBO.
STEP 4 — Retrieve the decision
GET https://verification.didit.me/v3/session/{sessionId}/decision/
Headers:
x-api-key: <your api key>
Returns the full KYB decision payload — company block, AML hits, document OCR, every UBO with their kyc_status and kyc_session_url. Use this for audit-pack export and for re-rendering the seller status in your admin UI.
STEP 5 — Decide
Branch logic:
APPROVED → activate the seller, allow listings.
IN_REVIEW → keep listings off, wait for analyst webhook update.
DECLINED → refuse onboarding, log the decision_reason_code.
AWAITING_USER → nudge the seller to complete the pending step (typically UBO list submission).
Pre-DSA Article 30: store the trader information (legal name, registration number, address, contact) in your trader-information record alongside the decision payload.
STEP 6 — Ongoing monitoring is automatic when enabled
Enable Ongoing AML on the seller and on each UBO ($0.07/user/year). The session status updates automatically as new sanctions hits land, dissolutions are filed in the registry, or document expirations approach. Your webhook fires on every state change.
No separate endpoint to call — the same workflow drives it.
WEBHOOK EVENT NAMES
- status.updated — session status changed (filter on data.session_kind === "business" for KYB).
- data.updated — session data changed (registry refresh, key-people submission, document upload, ongoing AML hit).
- business.status.updated — the linked Business entity changed.
- business.data.updated — Business entity data changed.
Verify X-Signature-V2 on every payload. The webhook secret is per-environment — sandbox key is separate from production.
CONSTRAINTS
- KYB session statuses use UPPER_SNAKE_CASE (APPROVED, IN_REVIEW, DECLINED). KYC session statuses use Title Case (Approved, In Review, Declined). They live in different APIs — don't mix them in the same code path.
- Default record retention is 5 years post-relationship per the EU AML package; some jurisdictions go higher.
- You cannot replace the registry lookup with a self-attested form — DSA Article 30 requires the data to come from an authoritative source.
Read the docs:
- https://docs.didit.me/business-verification/integration-guide
- https://docs.didit.me/business-verification/statuses
- https://docs.didit.me/business-verification/webhooks
- https://docs.didit.me/sessions-api/create-session
- https://docs.didit.me/sessions-api/retrieve-session
- https://docs.didit.me/integration/webhooks
Start free at https://business.didit.me — sandbox key in 60 seconds, 500 KYC verifications free every month, no credit card.每月 $0。无需信用卡。
按实际用量付费。25+模块。公开的模块定价,无每月最低费用。
定制MSA和SLA。适用于大批量和受监管项目。
免费开始 → 仅在检查运行时付费 → 解锁企业版以获取定制合约、SLA 或数据驻留。
Didit 是身份和欺诈基础设施, 一个我们自己在构建产品时希望存在的平台:开放、灵活且对开发者友好,因此它能真正融入您的技术栈,而不是一个需要您围绕其进行集成的黑盒。
一个 API 涵盖了个人验证(KYC,了解您的客户)、企业验证(KYB,了解您的业务)、加密钱包筛选(KYT,了解您的交易)以及实时交易监控, 所有这些都建立在一个旨在实现以下目标的堆栈上:
其底层支持:14,000 多种文档类型,支持 48 种以上语言,1,000 多个数据源,以及每次会话的 200 多个欺诈信号。Didit 基础设施通过每次会话动态学习,并日益完善。
了解您的业务 (KYB) 是验证公司真实性、仍在运营以及了解实际所有者和控制者的过程。对于市场平台而言,它包含三个部分:
这是 KYC(了解您的客户)在业务方面的对应。对于列出第三方卖家的市场平台,在任何商品上线之前,您都必须进行此项验证。Didit 将整个流程打包成一个工作流,每位卖家 $2.00 + 每位受益所有人 $0.33。
任何允许第三方向消费者提供商品或服务并收取费用的市场平台。这包括:
在欧盟,数字服务法案(欧盟的在线平台规则手册)将卖家验证作为一项硬性要求,不遵守将面临巨额罚款。英国、美国和拉丁美洲大部分地区根据其消费者保护和反洗钱规则也有类似的义务。
整个流程通常在 30 秒内完成, 拿起身份证,拍下证件,拍下自拍,完成。这是市场上最快的速度。传统的 KYC 提供商通常需要超过 90 秒才能完成相同的流程。
在后端,Didit 在p99 情况下两秒内返回结果,从用户完成自拍到您的 webhook 触发的那一刻开始计算。移动端捕获针对慢速手机和慢速网络进行了优化:渐进式图像压缩、延迟加载软件开发工具包,以及如果用户从网页端开始,通过二维码从桌面端到手机端的一键切换。
三件事,按它们对市场平台造成影响的频率排序:
这方面的历史记录是无情的。几乎所有主要市场平台都曾因允许未经核实的卖家运营而被罚款。KYB 是标准控制措施。
每个会话都会落入七种明确状态之一,因此您的代码始终知道该怎么做:
Approved, 所有检查通过。让用户继续。Declined, 一个或多个检查失败。您可以允许用户重新提交特定的失败步骤(例如,重新自拍),而无需重新运行整个流程。In Review, 标记为合规审查。在控制台中打开案例,查看所有信号,决定批准或拒绝。In Progress, 用户正在进行中。Not Started, 链接已发送,用户尚未打开。如果时间过长,发送提醒。Abandoned, 用户打开了链接但未及时完成。重新激活或使其过期。Expired, 会话链接已过期。创建新会话。每次状态更改都会触发一个已签名的 webhook,因此您的数据库始终保持同步。放弃和拒绝的会话是免费的。
生产数据默认在欧盟的 Amazon Web Services 上处理和存储。企业合同可以根据监管机构要求,申请其他区域。
全面加密。 所有数据库、对象存储和备份中的静态数据均采用 AES-256 加密。所有 API 调用、webhook 和业务控制台会话中的传输数据均采用传输层安全协议 1.3。生物识别数据在单独的客户主密钥下加密。
保留期限由您控制。 默认保留期限为无限期(无限制),除非您配置更短的期限, 每个应用程序 30 天到 10 年之间, 您可以随时通过仪表板或 API 删除任何单个会话。
认证:SOC 2 Type 1(Type 2 审计进行中)、ISO/IEC 27001:2022、iBeta Level 1 PAD,以及来自西班牙 Tesoro / SEPBLAC / CNMV 的公开证明,表明 Didit 的远程身份验证比亲自验证更安全。完整报告请访问 /security-compliance。
Didit 默认符合对身份基础设施至关重要的监管机构要求:
详细备忘录、所有证书、所有监管机构函件:/security-compliance。
三种集成路径, 选择最适合您技术栈的方式:
相同的仪表板、相同的计费、相同的按成功付费价格,适用于所有三种方式。分步指南请访问 docs.didit.me/integration/integration-prompt。
两组枚举,每种会话类型一组:
大小写差异是故意的, KYB 会话使用 UPPER_SNAKE,KYC 会话使用 Title Case。它们位于不同的 API 中;不要在同一个代码分支中混用。
对于 webhook 处理程序,请根据父 KYB 状态进行切换。AWAITING_USER 是最常见的中间状态, 它通常意味着卖家仍需提交所有者列表或重新上传文档。一旦他们完成,状态将自动转换为 IN_REVIEW 或 APPROVED。
注册时的验证是必要但不充分的, 卖家会随时间变化,所有者会进出,制裁名单每天都在更新。Didit 的持续监控能捕捉到所有这些情况:
所有这些都通过您已为入职流程连接的相同 status.updated webhook 流动。无需新端点,无需额外集成。
大多数 KYB 提供商的价格在每次检查 $8 到 $50 之间,通常每月有数千美元的最低承诺和按国家/地区收取的附加费。例如 Middesk / Persona KYB / Onfido Business 等类型。
Didit 的公布价格是每次 KYB 会话 $2.00 + 每次关联 KYC $0.33。没有最低消费,没有承诺,没有按国家/地区收取的附加费,也没有隐藏的注册费。只为您实际运行的付费。
这比现有堆栈在相同监管输出下的价格便宜 3-5 倍。经济效益很重要,因为卖家验证是按列表收费的, 在大规模情况下,$2 和 $25 的差异决定了是接受卖家还是拒绝他们。完整定价请访问 /pricing。