Skip to main content

InstantKYC

Our InstantKYC workflow offers identity and risk attributes as well as remote identification solutions for use in a typical domestic Know Your Customer (KYC) process. InstantKYC is available for a variety of countries, and we can add more countries on request.

InstantKYC contains a fixed series of steps that are chosen based on KYC best practices in a specific country, targeted to be compliant with local AML (anti-money laundering) and KYC requirements. This allows you to get started quickly.

If you want to further enrich the InstantKYC functionality with custom steps or information, contact us to discuss how we can design a workflow that's fully tailored to your needs:

Concepts

Read about the key concepts in our InstantKYC flow before you start your integration.

The flow explained

The first step of the process involves conducting risk profiling on the device, email, IP and mobile number. A score is calculated for each section, and if the risk is deemed high, the flow will be exited. Additionally, the data will be analysed to identify any known associations or instances where a particular field has been encountered multiple times previously.

The flow then progresses to the identity verification step. We will generate a URL for the appropriate eID or ID document verification, to which your user will be redirected. Once the user completes the identity verification process, the flow continues.

Address information is obtained through local data verification registers. Additionally, PEP (Politically Exposed Persons), sanction and adverse media checks are conducted on the individual. On completion of the flow, you receive a response containing all the gathered information.

The identity verification step varies depending on the country of the subject:

Norway, Sweden, Denmark, Finland

In Norway, Sweden, Denmark and Finland, authentication takes place using the corresponding countries' eIDs. The diagram below illustrates a basic KYC workflow for onboarding with an eID.

Basic KYC workflow for onboarding - Norway, Sweden, Denmark, Belgium and Finland

Basic KYC workflow for onboarding - Norway, Sweden, Denmark, Belgium and Finland

Netherlands

In the Netherlands, authentication takes place using an eID and identity proofing through document verification.

Basic KYC workflow for onboarding - Netherlands

Basic KYC workflow for onboarding - Netherlands

Germany

In German, identity proofing takes place via an eIDV (electronic identity document verification) service. The diagram below illustrates a basic KYC workflow for onboarding with document verification.

Basic KYC workflow for onboarding - Germany

Basic KYC workflow for onboarding - Germany

United Kingdom

In the UK, identity validation takes place using registry lookups to local data registries. The diagram below illustrates a basic KYC workflow for onboarding in the UK.

Basic KYC workflow for onboarding - UK

Basic KYC workflow for onboarding - UK

Getting started

To gain access to test InstantKYC, you can contact us by creating a support ticket in the Signicat Dashboard. To use webhook functionality, please provide us with your target URL.

Once you have access, you can begin testing the product. As InstantKYC is a combination of different products, you will need to use the test data provided on our test data page:

Using the API

The InstantFlows API is used to validate and verify the identity of an individual and to gather risk attributes.

Postman collection

This guide provides steps for using Postman to make API calls.

We have created a Postman collection that lets you try the InstantFlows API for InstantKYC. Click the button below to get the collection for Postman.

Run In Postman

For more detailed instructions on how to use the collection, refer to the instructions below.

  1. Download the Postman collection.
  2. Open Postman.
  3. Click File > Import and browse to the collection file to import it.
  4. Click the name of the collection and edit the following variables:
    • oauth_url: Enter the URL you want to authenticate with. This will be https://api.signicat.com/auth/open/connect/token.
    • oauth_scope: Enter the scope you want to work with. This will be signicat-api.
    • oauth_client_id: Enter the client ID obtained when you created an API client.
    • oauth_client_secret: Enter the client secret obtained it when you created an API client.
    • baseURL: Enter the base URL for the InstantFlows API. This will be https://api.signicat.com/risk-flow/instant-flows.
  5. Click Save.

Step-by-step guide

You can complete flows for all countries using the test data provided on our test data page.

A basic process varies, but will start with the following steps:

Step 1: Obtain an access token

Acquire an access token using the OAuth 2.0 protocol.

The following is a cURL example of a request to receive an access token:

curl --location --request POST 'https://api.signicat.com/auth/open/connect/token' \
--header 'Authorization: Basic <BASE64-ENCODED CLIENTID:CLIENTSECRET>' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials'

Step 2: Start the appropriate flow

Call the following endpoint:

POST https://api.signicat.com/risk-flow/instant-flows/kyc/v1
Form the request body

The only required fields in the request body are country and the URLs.

Note

For the URLs, the documentRedirect is used for NL, ES and DE only. For all other countries, this field is not needed.

This example shows all fields that can be included in the request:

{
"externalReference": "my-reference-12345",
"input": {
"country": "NO",
"skipRiskProfiling": "No",
"urls": {
"success": "https://example.com/success",
"abort": "https://example.com/abort",
"error": "https://example.com/error",
"documentRedirect": "https://example.com/redirect",
"mismatch": "https://example.com/mismatch"
},
"applicant": {
"details": {
"mobile": "447777777777",
"email": "email@sphonic.com",
"ip": "111.111.111.111"
},
"names": {
"firstName": "John",
"lastName": "Doe",
"middleName": "Smith",
"title": "Mr",
"gender": "Male"
},
"dateOfBirth": {
"year": "1990",
"month": "10",
"day": "30"
},
"address": {
"building": "10",
"street": "Downing Street",
"city": "London",
"county": "London",
"countryCode": "GB",
"postalCode": "E16 7XX"
}
},
"countrySpecificFields": {
"DE": {
"clientName": "Acme Bank",
"productType": "Account Opening"
}
}
}
}

The response will contain a URL which will redirect the user to the appropriate eID or eIDV. Note that the transaction ID will be used later on.

{
"transactionId" : "a1e26081-35b4-4557-a46a-ef50bc91672f"
"iDPUrl" : "https://demo.app.signicat.com/broker/sp/external-service/login?messageId=123abc&transactionId=abc123"
}

Step 3: Perform the identity verification

In this step, you will need to complete identity verification. For test information, refer to our test data page for the applicable test data.

Once the process is complete, you will be redirected to the URLs from your initial request. If configured, you will then receive a webhook.

Step 4: Get the results

To get the result of the identity verification process, you will need to generate a new access token and call the following endpoint:

GET https://api.signicat.com/risk-flow/instant-flows/kyc/v1/transactions/{transactionId}/response
Example response
{
"data":{
"transactionId":"transaction-id-example",
"authUrl":"https://demo.app.signicat.com/broker/sp/external-service/login?messageId=123abc&transactionId=abc123",
"overallResults":{
"finalResult":"Pass",
"identityStatus":"Verified",
"addressStatus":"Verified",
"screeningStatus":"No Match",
"riskStatus":"Low",
"reason":"Address was not verified"
},
"risk":{
"velocityAssociations":{
"result":"Pass",
"velocity":{
"band":"Medium",
"emailCount":1,
"mobileCount":1,
"ipAddressCount":1
},
"associations":{
"band":"Medium",
"emailMobileCount":1,
"emailIpCount":1,
"mobileEmailCount":1,
"mobileIpCount":1,
"ipEmailCount":1,
"ipMobileCount":1
}
},
"email":{
"riskBand":"High",
"riskScore":100,
"inputEmail":"name@email.com",
"domainName":"gmail.com",
"valid":true,
"emailExists":true,
"domainExists":true,
"disposable":true,
"totalHits":4,
"uniqueHits":2,
"emailCreatedDate":"2023-02-02T04:39:28.127Z",
"domainCreatedDate":"2023-08-11T12:52:07.624Z",
"emailFirstSeenDate":"2023-02-02T04:39:46.329Z",
"emailLastSeenDate":"2023-06-07T15:33:12.056Z"
},
"mobile":{
"riskBand":"High",
"riskScore":100,
"mobileNumber":"0123456789",
"carrierName":"Vodafone",
"valid":true,
"type":"premium rate",
"totalHits":5,
"countryCode":"GB",
"mobileFirstSeenDate":"2023-09-25",
"mobileLastSeenDate":"2023-09-25"
},
"ip":{
"riskBand":"High",
"riskScore":100,
"inputIp":"100.200.300.40",
"isp":"TalkTalk",
"harmful":true,
"proxy":true,
"tor":true,
"vpn":true,
"spamListCount":4,
"totalHits":7,
"uniqueHits":7,
"countryCode":"GB",
"ipLatitude":51.501366,
"ipLongitude":-0.14189,
"ipFirstSeenDate":"2023-08-31T15:10:30.136Z",
"ipLastSeenDate":"2023-08-31T15:10:27.519Z"
}
},
"applicant":{
"firstName":"John",
"lastName":"Doe",
"dateOfBirth":"1990-10-13",
"nin":"1990101301123",
"ninType":"Birth",
"ninIssuingCountry":"Norway",
"uniqueId":"VlWSTstQOl2vtQdXItC-hVSbpXH7YyOpYxvagkyqKI8=",
"nationalities":[
{
"isActive":true,
"alpha2":"NO",
"alpha3":"NOR",
"numerical":"578",
"startDate":"1990-12-01",
"endDate":"2010-12-01"
}
],
"citizenships":[
{
"isActive":true,
"alpha2":"NO",
"alpha3":"NOR",
"numerical":"578",
"startDate":"1990-12-01",
"endDate":"2010-12-01"
}
],
"address":{
"addressLine":"Beddingen 16, 7042 Trondheim",
"street":"Beddingen 16",
"postalCode":"7042",
"city":"Trondheim",
"country":"NO"
}
},
"screening":{
"data":[
{
"entityType":"person",
"listType":"pep",
"matchScore":"80",
"matchCertainty":"high",
"sourceName":"SCREENING_SOURCE",
"roles":[
{
"roleType":"Director",
"organization":"Signicat",
"description":"Chief Executive Office",
"startDate":"01-01-2010",
"endDate":"01-01-2020"
}
],
"media":[
{
"title":"Title of the content",
"excerpt":"An excerpt of the content",
"url":"Url to the content",
"date":"Date of the content"
}
],
"functions":[
{
"name":"Name",
"function":"Type of function",
"startDate":"string of null or <date-time>",
"endDate":"string of null or <date-time>"
}
],
"comments":[
{
"name":"",
"value":""
}
],
"associates":[
{
"name":"Name of the associate",
"association":"Type of association",
"comments":"Additional information / Detailed description"
}
],
"aliases":[
{
"status":"A hint to which attributes are set. partial : only full name, all : all attributes.",
"full":"Full name of the entity",
"first":"First/given name of the entity",
"last":"Last/surname of the entity"
}
],
"subject":{
"firstName":"John",
"lastName":"Doe",
"gender":"unknown",
"fullName":"John Doe"
}
}
]
},
"jawJsonData":{
"eID":{
"firstName":"John",
"lastName":"Doe",
"dateOfBirth":"1990-10-13",
"nin":"1990101301123",
"ninType":"Birth",
"ninIssuingCountry":"Norway",
"uniqueId":"VlWSTstQOl2vtQdXItC-hVSbpXH7YyOpYxvagkyqKI8=",
"iDPSpecifcData":{
"legalLastName":"Vries",
"legalLastNamePrefix":"de",
"preferredLastName":"Vries-Jansen",
"preferredLastNamePrefix":"de",
"partnerLastName":"Jansen",
"partnerLastNamePrefix":"de",
"address":"Pascalstreet 19, 0000AA, Maastricht, NL\t",
"18OrOlder":"true",
"initials":"VJ"
}
},
"document":{
"status":"pending",
"processType":"document",
"processId":"8afb3ac6-6780-42e4-bbc2-3713e2f6d97c",
"provider":"eid",
"finalResult":{
"firstName":"John",
"dateOfBirth":"1970-09-19",
"lastName":"Doe",
"personalIdentificationNumber":"12123456",
"nationality":"GBR",
"gender":"M",
"documentNumber":"CA412356",
"documentType":"passport",
"livenessDetected":"true",
"similarityScore":"high",
"placeOfBirth":"Portugal",
"issuingCountry":"GBR",
"dateOfIssue":"2021-01-01",
"dateOfExpiry":"2024-03-02",
"lastNameSecondLine":"e/v Molenaar"
},
"providerSpecificResults":{
"webId":{
"actionId":"9digitref",
"transactionId":"some-transaction-id",
"actionType":"auto_ident",
"success":true,
"responseType":"string",
"finishedOn":"someTimeandDate",
"identMode":"automated_ident",
"agentId":"someIdentifier",
"identifiedOn":"someTimeandDate",
"idDocument":{
"authority":"",
"dateOfExpiry":"2025-10-13",
"dateOfIssue":"2015-10-13",
"documentType":"passport",
"idNumber":"someIdentNumber",
"mrz":"someString",
"nameAtBirth":"Hans",
"nationality":"DEU",
"placeOfBirth":"Hamburg"
},
"rejectionReason":"someString",
"user":{
"gender":"Male",
"firstName":"Hans",
"lastName":"Merkel",
"dateOfBirth":"2000-12-29",
"address":{
"street":"Rosenweg",
"streetNumber":"10",
"addressLine1":"Rosenweg 10",
"addressLine2":"12345 Berlin",
"region":"Berlin",
"zip":"12345",
"city":"Berlin",
"country":"DEU"
}
}
},
"ocr":{
"lastName":"Reynolds",
"dateOfExpiry":"1900-01-01",
"healthNumber":"366355550",
"gender":"F",
"documentType":"identityCard",
"socialSecurityNumber":"11876398740",
"documentNumber":"122336694ZY4",
"taxNumber":"200693803",
"personalIdentificationNumber":"12123456",
"livenessDetected":"{\"valid\":true}",
"dateOfBirth":"1973-02-10",
"similarityScore":"high",
"firstName":"John",
"nationality":"PRT",
"issuingCountry":"PRT",
"securityChecks":{
"nonExpired":{
"valid":true
},
"notUnderage":{
"valid":true
},
"dataIntegrity":{
"valid":true
},
"liveness":{
"valid":true
},
"sidesMatch":{
"valid":true
},
"notBWCopy":{
"valid":true
},
"notFaceSpoofing":{
"valid":true
},
"untamperedDocument":{
"valid":true
}
},
"features":[
{
"name":"Header 2",
"found":true,
"bbox":{
"x":517,
"y":21,
"width":97,
"height":17
},
"side":"front"
}
]
}
}
},
"addresses":{
"postalAddresses":[
{
"isActive":true,
"isConfidential":true,
"startDate":"1990-12-01",
"endDate":"2010-12-01",
"addressLines":"Beddingen 16, 7042 Trondheim",
"street":"Tistelvegen 207",
"postalCode":"7033",
"city":"TRONDHEIM",
"alpha3":"NOR",
"alpha2":"NO"
}
],
"permanentAddresses":[
{
"isActive":true,
"isConfidential":true,
"startDate":"1990-12-01",
"endDate":"2010-12-01",
"addressLines":"Beddingen 16, 7042 Trondheim",
"street":"Tistelvegen 207",
"postalCode":"7033",
"city":"TRONDHEIM",
"alpha2":"NO",
"alpha3":"NOR"
}
],
"foreignAddresses":[
{
"isActive":true,
"isConfidential":true,
"startDate":"1990-12-01",
"endDate":"2010-12-01",
"addressLines":"Beddingen 16, 7042 Trondheim",
"street":"Tistelvegen 207",
"postalCode":"7033",
"city":"TRONDHEIM",
"alpha2":"NO",
"alpha3":"NOR"
}
]
}
}
}
}

API reference and test data

In our InstantFlows API reference, you can find information about the available endpoints and properties, as well as sample requests and responses. You can complete flows for all countries using the test data provided on our test data page.