WebID

About WebID

WebID is a German eIDV (electronic identity document verification) service for secure online end-user identity identification and contract signing. It is compliant with AML regulations such as German AML Law (GwG) and has been approved by the Federal Financial Supervisory Authority (BaFin).

The WebID service provides call-center functionality, where trained support agents can verify the validity of the provided identity papers and ask security questions to the end-user during a live video call. The verification process is recorded and evidence is made available for the merchant.

From the end-user perspective, the online identity verification consists of three main steps:

  1. The end-user enters personal details in an online form (on a desktop or mobile device).
  2. The end-user shows an ID paper, such as a passport, to a support agent in a live video call.
  3. The end-user receives and fills in a one-time password (OTP) to confirm the identification process.

Key features

The WebID service provides:

  • Identity verification of private (non-business) individuals.
  • Assurance via live video sessions with support agents.
  • Compliance with AML regulations (Anti-Money Laundering).
  • IdP containing validated identities collected during earlier verification (optional).
  • AI-driven services based on known fraudulent ID papers.
  • Digital contract signing with qualified electronic signature (QES).

Identity verification

WebID is used to verify the end-user’s identity and obtain relevant personal details about them.

Typically, the merchant can obtain the following information:

  • User: Title, sex, family name, first name, date of birth
  • Address: Street, street number, postal code, city, country
  • Contact: Email, telephone, mobile
  • ID document: Type, authority, issue date, expiry date, nationality, ID number

The information the end-user fills in is double-checked when the end-user shows ID papers during a video call to a WebID support agent.

Use case for onboarding a new customer

WebID is useful in many scenarios, for example when digitally onboarding new customers, or as an identification method before signing a document.

In the following scenario, a merchant wants to onboard a new customer. The merchant uses WebID to both identify the prospective customer and for signing the provided contract.

  1. The prospective customer’s personal data is sent via Signicat to WebID. The data is processed and checked, for example towards any prefilled information.
  2. WebID sends a 9-digit transaction number to the prospective customer. The prospective customer enters this number to proceed to a video call with a support agent, for example via Skype.
  3. The support agent guides the prospective customer through the video call and asks them to hold up a form of picture ID in front of their camera.
  4. WebID checks the authenticity of the ID and matches the picture with the face in the video.
  5. The prospective customer completes the identification by entering a 6-digit one-time password (OTP).
  6. Once the identity is verified, the verified identity data can be used to establish a QES process. The customer signs the provided document with the QES, which means it is equally valid from a legal perspective as a handwritten signature.

Contract signing (QES)

WebID provides services to digitally sign multiple contracts with a qualified electronic signature (QES). It uses the identity verification process as a basis for this. In addition to uploading the end-users personal details during the identification, the merchant must also upload the unsigned contracts before the video call. The end-user signs the contracts after the video call. For implementation process details, see the WebID API reference documentation.

Use case for contract signing

In this use case, an end-user wants to sign a document with a merchant.

  1. Before the end-user can sign a contract, s/he must identify himself for the merchant as shown in the above identity verification use case.
  2. After successful identification, the end-user can proceed to sign the contract.
  3. The merchant shows a letter of intent for the end-user to read.
  4. The end-user confirms the letter of intent.
  5. The end-user receives a confirmation code on the mobile device and enters the code (TAN) in the displayed web form.
  6. The signing process is now done and the end-user may download and view the signed documents (letter of intent and the signed contract)

Here is an example of how the contract signing steps may look:

Tip: Click on the image below to start the photo slider.

Integrating with WebID through Signicat

Web integration with WebID is done via the same API as Signicat’s other ID methods. Through the single point of integration, you will get access to Signicat’s wide portfolio of integrated ID methods. See Get started with authentication for more information.

Specific information on how to interact with WebID through Signicat’s API can be found in our WebID API documentation. The process for identity verification is summarized below.

Signicat supports WebID’s end-user video identification. This service enables merchants to send identification requests about their customers and receive a response status and evidence files after the identification is verified.

Data flow for identity verification

The integration flow between the different components can be illustrated as follows:

1. Create user interaction: The service posts end-user data to the Signicat user action endpoint to create an identification user action.
2. Response with redirect link: The service redirects the end-user to the WebID call-center, using the redirect URL in the previous step.
3. Redirect to video identification: The end-user is now checked in a video-call identification at the WebID’s call-center.
4. Complete user interaction: After completion at the call-center, the end-user is redirected to the endpoints configured in the user action creation (see step 1).
5. Notify status change: The merchant will later receive a callback as a notification about the completed status.
6. Status retrieval: The merchant retrieves the user action status which contains the outcome of the identification. The status also contains a link to the evidence file if the outcome is successful.
7. Evidence retrieval: If the outcome is successful, the merchant downloads the evidence file and stores it safely.

How to get started with WebID

If you want to start using WebID through Signicat, please contact Signicat and our sales team will guide you through the process.

Test information

Signicat’s test environment preprod.signicat.com is available 24×7, and may be used during your development and test phase.

After you are registered as a service provider in the WebID platform, you will receive a client_id and a client_secret to authenticate your application.

Other sources

WebID official web site

WebID API documentation

OpenAPI documentation (Swagger)