Signicat PictureID
Signicat PictureID is Signicat's own eIDV service for secure online customer onboarding. This service enables you to verify your user identity through an identity document check and a likeness verification.
This documentation is currently a work in progress as the service is still under development.
Supported features
PictureID supports the following features:
- ID document check
- Face match between ID document and selfie
The PictureID service is available as a provider
in the Assure API.
User flow
With the PictureID service, your end-users can identify themselves by taking a photo of their ID document and a selfie. Once the image data is analysed and approved, they can access your service.
The selfie step is optional. You can either request a photo of the ID document only, or both the ID document and a selfie.
With a default configuration, the end-user goes through the following steps:
- Read tips before they start (have ID document ready, good lighting, stable internet and camera/microphone access).
- Select device, either phone or desktop. Phone is recommended, since it gives a better user experience when capturing images of the ID document.
- Scan QR code with their mobile (if "Use phone" is selected).
- Select the issuing country for the ID document.
- Select the ID document type (passport, identity card, driving license).
- Choose to take a photo or upload a photo.
- Take a photo of the ID document. This is usually the photo ID page. Some ID documents also have a backside and the end-user might be asked to take a photo of the backside as well.
- Take a selfie (if you require this).
- Verify the quality of the photo(s).
In the following screen example, the end-user starts on a desktop and switches to their mobile. Also, they are only asked to take a photo of their ID document (no selfie):
Integration use case (web only)
I want to allow an end-user to verify their identity using the PictureID service in my website.
I want the required ID images to be captured and uploaded using the Assure Capture flow.
I also want to be able to retrieve the information of the verification process.
In the end, I want to see all the information regarding the verification process. Afterwards, I want to delete the dossier (including all the end-user information).
Note: This use case only fits web applications.
In this use case, you integrate only with the Assure API. The Web SDK is embedded in the Assure API Start capture flow service.
Integration steps
The guide assumes you already have done the initial integration steps with the Assure API, see Set up an API integration.
Here is an overview of the main integration steps:
Create a dossier
Use the Create dossier endpoint to create a placeholder for all of your end-user's data:
curl -X POST \
<ENVIRONMENT>/assure/dossiers \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <OIDC_ACCESS_TOKEN>' \
-H 'Content-Type: application/json' \
Save the dossierId
from the response body to use in the next requests.
After creating a dossier, you can see all of its contents anytime you want to. To do that, use the Get dossier endpoint giving it the dossierId
.
Start Capture flow
Use the Start Capture flow service to create an identity verification process in a web context. From the end-user's perspective, this service helps them capture and upload ID images.
Request
To start the flow, send a POST request to https://api.signicat.com/assure/dossiers/{dossierId}/capture
In the Start capture flow request, ensure you:
- Use the
dossierId
from the "Create dossier" response. - Specify the
redirectUrl
to redirect the user to the required page after the verification is finished.
Here is an example of a basic request:
curl --location 'https://api.signicat.com/assure/dossiers/<DOSSIER_ID>/capture' \
--header 'Authorization: Bearer <OIDC_TOKEN>' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"providers":
[
{
"provider": "signicatpictureid",
"processType": "document"
}
],
"redirectUrl": "<REDIRECT_URL>"
}'
This example is for the "document only" case. If you require the end-user to take a picture of both their ID document and a selfie, processType
should contain documentSelfie
instead.
For other optional parameters in this request, see the OpenAPI documentation > Start capture flow.
Redirect the end-user to the identity verification
In the "Start capture flow" response, you will receive a URL, for example:
{
"url": "https://assure-demo.sandbox.signicat.com/capture/#/artifact=4f24sdq2pcs1m5dymx8zfvdft8g1ns3getdx41ar222e3smkoh"
}
- You must use this URL to redirect the end-user to the identity verification UI (on desktop or mobile), where they can perform their identification.
- After the end-user has identified themselves, they will be redirected to the specified
redirectURL
you sent in the request. - Then wait for the notification to arrive before you proceed to the Get the result step (see below).
It is recommended to subscribe to Assure Events to be notified when the result is available (either successfully or not). For more information, see Assure Events.
User experience tips to improve the onboarding
Consider to include the following tips in the UI before the end-user starts the identity verification. They should have the following ready:
- Their identity document.
- Their mobile phone. It is recommended to switch from desktop to mobile to ensure better image quality and a smoother user experience.
- A stable and good internet connection.
- Good lighting to capture the images.
- Allow camera and microphone access.
Get the result
After the user has finished all the necessary steps in the identity verification UI, the images/videos will be analysed and the result sent back to the Assure API.
When the verification result is ready, you can call the Get process endpoint to see the detailed result information:
curl -X GET \
<ENVIRONMENT>/assure/dossiers/<DOSSIER_ID>/processes/<PROCESS_ID> \
-H 'Authorization: Bearer <OIDC_ACCESS_TOKEN>' \
-H 'Accept: application/json' \
You will get all the process and result information in the response body.
Example result
This is a response example of an accepted
process:
{
"processId": "46385ffb-4485-44ce-be71-b0aaef466338",
"provider": "signicatpictureid",
"processType": "document",
"status": "accepted",
"finalResult": {
"firstName": "MARIA PAULA",
"lastName": "SANTOS MENDES",
"dateOfExpiry": "2030-07-08",
"dateOfBirth": "2002-04-29",
"gender": "F",
"nationality": "PRT",
"documentNumber": "1234567890",
"issuingCountry": "PRT",
"personalIdentificationNumber": "99999999"
},
"providerSpecific": {
"document": {
"issuingCountry": "PRT",
"dateOfExpiry": "2030-07-08",
"documentNumber": "1234567890",
"subject": {
"firstName": "MARIA PAULA",
"lastName": "SANTOS MENDES",
"dateOfBirth": "2002-04-29",
"gender": "F",
"nationality": "PRT",
"personalIdentificationNumber": "99999999",
"photo": {
"x": 295,
"y": 764,
"width": 629,
"height": 868
},
"signature": {
"x": 2660,
"y": 1562,
"width": 610,
"height": 118
}
},
"securityChecks": {
"notTamperedDocument": {
"name": "Not tampered document",
"passed": true
},
"nonExpired": {
"name": "Document not expired",
"passed": true
},
"notUnderage": {
"name": "Not underage",
"passed": true
},
"notBlackAndWhite": {
"name": "Not black & white copy",
"passed": true
},
"dataIntegrity": {
"name": "Data integrity",
"passed": true
}
}
}
},
"createdAt": "2024-11-14T12:27:01Z",
"updatedAt": "2024-11-14T12:27:28Z"
}
For more details about response statuses, see the Final result status section.
Delete dossier
After you have finished the end-user verification, you can delete the dossier with the Delete dossier endpoint.
SDKs
The PictureID service is only available via a web browser. There are no native SDKs available. If needed, please contact us by creating a support ticket in the Signicat Dashboard.
Service details
This section goes more into detail about some useful endpoints when integrating with PictureID:
Get process
This section describes the final result status
that you receive in the Get process response for PictureID.
Final result status
PictureID always performs security checks of the captured ID document (“processType”:”document”
). If you also require a selfie (“processType”:”documentSelfie”
), the service will perform a face match between the photo in the ID document and the selfie.
Based on the security check results, the Assure API returns the following final statuses for the two process types:
Status | “processType”:”document” | “processType”:”documentSelfie |
---|---|---|
rejected | If the ID document owner is underage or the photo quality is bad | Same as for document and also if the facial similarity score is low or very low. |
inconclusive | If a security check ("underage" not included) failed, for example notTamperedDocument . | Same as for document and also if the facial similarity score is medium. |
accepted | Successful identity verification, meaning none of the “rejected” or “inconclusive” cases are detected | Same as for document and also if the facial similarity score is high. |
failed | If it was impossible to perform the verification, for example the transaction time expired or the service is down. | |
canceled | Capture flow was cancelled by the end-user. |
accepted
The status is accepted
when all underlying verification checks have passed. This means there are no
indications the document is fraudulent.
This is a response example of an accepted process for “processType”:”document”
:
{
"processId": "46385ffb-4485-44ce-be71-b0aaef466338",
"provider": "signicatpictureid",
"processType": "document",
"status": "accepted",
"finalResult": {
"firstName": "MARIA PAULA",
"lastName": "SANTOS MENDES",
"dateOfExpiry": "2030-07-08",
"dateOfBirth": "2002-04-29",
"gender": "F",
"nationality": "PRT",
"documentNumber": "1234567890",
"issuingCountry": "PRT",
"personalIdentificationNumber": "99999999"
},
"providerSpecific": {
"document": {
"issuingCountry": "PRT",
"dateOfExpiry": "2030-07-08",
"documentNumber": "1234567890",
"subject": {
"firstName": "MARIA PAULA",
"lastName": "SANTOS MENDES",
"dateOfBirth": "2002-04-29",
"gender": "F",
"nationality": "PRT",
"personalIdentificationNumber": "99999999",
"photo": {
"x": 295,
"y": 764,
"width": 629,
"height": 868
},
"signature": {
"x": 2660,
"y": 1562,
"width": 610,
"height": 118
}
},
"securityChecks": {
"notTamperedDocument": {
"name": "Not tampered document",
"passed": true
},
"nonExpired": {
"name": "Document not expired",
"passed": true
},
"notUnderage": {
"name": "Not underage",
"passed": true
},
"notBlackAndWhite": {
"name": "Not black & white copy",
"passed": true
},
"dataIntegrity": {
"name": "Data integrity",
"passed": true
}
}
}
},
"createdAt": "2024-11-14T12:27:01Z",
"updatedAt": "2024-11-14T12:27:28Z"
}
In this example, true
is passed as value in the security checks, which means all the underlying verifications have passed.
rejected
More information will follow.
inconclusive
More information will follow.
failed
More information will follow.
canceled
More information will follow.
Download full result
More information will follow