WebID (opens new window) is a German eIDV (electronic identity document verification) service for secure online end-user identity verification and contract signing. It is compliant with AML regulations such as German AML Law (GwG (opens new window)) and has been approved by the Federal Financial Supervisory Authority (BaFin (opens new window)).
The WebID service provides call-center functionality, where trained support agents can verify the validity of the provided identity papers and ask security questions to the end-user during a live video call. The verification process is recorded and evidence is made available for the merchant.
From the end-user perspective, the online identity verification consists of three main steps:
- The end-user enters personal details in an online form (on a desktop or mobile device).
- The end-user shows an ID paper, such as a passport, to a support agent in a live video call.
- The end-user receives and fills in a one-time password (OTP) to confirm the identification process.
# Key features
The WebID service provides:
- Identity verification of private (non-business) individuals.
- Assurance via live video sessions with support agents.
- Compliance with AML regulations (Anti-Money Laundering).
- IdP containing validated identities collected during earlier verification (optional).
- AI-driven services based on known fraudulent ID papers.
- Digital contract signing with qualified electronic signature (QES).
# Identity verification
WebID is used to verify the end-user’s identity and obtain relevant personal details about them.
Typically, the merchant can obtain the following information:
- User: Title, sex, family name, first name, date of birth
- Address: Street, street number, postal code, city, country
- Contact: Email, telephone, mobile
- ID document: Type, authority, issue date, expiry date, nationality, ID number
The information the end-user fills in is double-checked when the end-user shows ID papers during a video call to a WebID support agent.
# Use case for onboarding a new customer
WebID is useful in many scenarios, for example when digitally onboarding new customers, or as an identification method before signing a document.
In the following scenario, a merchant wants to onboard a new customer. The merchant uses WebID to both identify the prospective customer and for signing the provided contract.
- The prospective customer’s personal data is sent via Signicat to WebID. The data is processed and checked, for example towards any pre-filled information.
- WebID sends a 9-digit transaction number to the prospective customer. The prospective customer enters this number to proceed to a video call with a support agent.
- The support agent guides the prospective customer through the video call and asks them to hold up a form of picture ID in front of their camera.
- WebID checks the authenticity of the ID and matches the picture with the face in the video.
- The prospective customer completes the identification by entering a 6-digit one-time password (OTP).
- Once the identity is verified, the verified identity data can be used to establish a QES process. The customer signs the provided document with the QES, which means it is equally valid from a legal perspective as a handwritten signature.
# Contract signing (QES)
WebID provides services to digitally sign multiple contracts with a qualified electronic signature (QES). It uses the identity verification process as a basis for this. In addition to uploading the end-users personal details during the identification, the merchant must also upload the unsigned contracts before the video call. The end-user signs the contracts after the video call.
# Use case for contract signing
In this use case, an end-user wants to sign a document with a merchant.
- Before the end-user can sign a contract, they must identify themselves for the merchant as shown in the above identity verification use case.
- After successful identification, the end-user can proceed to sign the contract.
- The merchant shows a letter of intent for the end-user to read.
- The end-user confirms the letter of intent.
- The end-user receives a confirmation code on the mobile device and enters the code (TAN) in the displayed web form.
- The signing process is now done and the end-user may download and view the signed documents (letter of intent and the signed contract)
Here is an example of how the contract signing steps may look:
# Integrating with WebID through Signicat
Web integration with WebID is done via the same API as Signicat's other ID methods. For more information, see Getting started with authentication. Through the single point of integration, you will get access to Signicat's wide portfolio of integrated ID methods.
Signicat supports WebID’s end-user video identification. This service enables merchants to send identification requests about their customers and receive a response status and evidence files after the identification is verified.
# Data flow for identity verification
The integration flow between the different components can be illustrated as follows:
- Create user interaction: The service posts end-user data to the Signicat user action endpoint to create an identification user action.
- Response with redirect link: The service redirects the end-user to the WebID call-center, using the redirect URL in the previous step.
- Redirect to video identification: The end-user is now checked in a video-call identification at the WebID’s call-center.
- Complete user interaction: After completion at the call-center, the end-user is redirected to the endpoints configured in the user action creation (see step 1).
- Notify status change: The merchant will later receive a callback as a notification about the completed status.
- Status retrieval: The merchant retrieves the user action status which contains the outcome of the identification. The status also contains a link to the evidence file if the outcome is successful.
- Evidence retrieval: If the outcome is successful, the merchant downloads the evidence file and stores it safely.
# How to get started with WebID
If you want to start using WebID through Signicat, contact Signicat (opens new window) and our sales team will guide you through the process.
# Test information
Signicat's test environment preprod.signicat.com is available 24×7, and may be used during your development and test phase.
After you are registered as a service provider in the WebID platform, you will receive a client_id and a client_secret to authenticate your application.