Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
This page provides an in-depth look at how to efficiently move through our platform, ensuring you can find and use all features effortlessly.
The Header is located at the top of almost every page on the platform and provides quick access to essential features and information.
The Sidebar Menu is positioned on the left side of the screen and offers a structured layout of all the main features and sections of the platform. It remains accessible as you navigate through different pages.
The Account Settings section allows you to manage your personal information and language settings, ensuring your profile and preferences are up-to-date.
This page provides detailed instructions on how to configure and manage your company's settings
The Company Settings section allows compliance officers to manage important company-related information, ensuring accuracy and relevance.
Below is a detailed description of editable and non-editable fields within Company Settings.
Company Name
Edit the name of your company as required.
Address
Update the physical address of your company.
Phone
Modify the contact phone number for your company.
Update the primary email address associated with your company.
Contact
Edit the details of the primary contact person within your company.
Info
Add or modify general information or notes relevant to your company.
Client Key
Status
Indicates the current status of your company's account
Integration
Displays the type of integration.
Creation Date
Shows the date when your company account was initially created.
Update Date
Displays the last date when any changes were made to your company settings.
Private Client Key
A unique key used for secure API communication between your company's systems and our platform in live mode. This key is generated and managed securely by our system.
Private Client Test Key
Similar to the Private Client Key but used specifically for API communication in test mode. It ensures secure testing of integrations without affecting live data.
This page explains how to manage access control within the platform
The User Roles and Permissions functionality allows you to create custom roles for different users within your organization. By specifying access levels for various items in the functionality list, you can ensure that each user has the appropriate permissions for their role. Here’s how it works:
From the Sidebar Menu, navigate to the My Team
section.
Select Role Management:
Click on the Add New
button:
Enter a name and a description for the new role.
You will also see a list of functionalities with corresponding checkboxes.
Review the list of functionalities and check the boxes for the items you want to grant access to for this role:
Make sure to tailor the permissions according to the responsibilities associated with the role.
Once you have selected the appropriate permissions, click on the Save
button.
The new role will now appear in the list of available roles.
This guide ensures you can seamlessly expand and manage your team within the platform.
Assigning roles to users is a straightforward process that ensures each team member has the appropriate permissions for their responsibilities.
Administrators can easily invite new users by email and assign them roles during the invitation process, as well as manage roles for existing users:
From the Sidebar Menu, go to the My Team
section.
Select Invites
Click Create Invite to send an invitation email to the new user:
Enter the user’s email, choose the role to be assigned and press the Send
button:
The invited user will receive an email with a link to accept the invitation and set up their account.
Once they accept the invitation, they will be added to the platform with the assigned role.
Managing existing users is essential for ensuring that each team member continues to have the correct permissions as their roles and responsibilities evolve. Administrators can easily update user roles and permissions through the My Team section, maintaining the security and efficiency of the platform.
From the Sidebar Menu, go to the Users
section:
Select the user whose role you want to update.
In the user's profile, find the "Role" dropdown menu.
Select the appropriate role from the dropdown list.
Click Save
to update the user's role.
Managing existing users ensures that your team members have the right access to perform their tasks effectively while maintaining the security and integrity of your platform.
This page explains the differences between Test Mode and Live Mode for you to learn how and when to switch between them.
Our Platform offers two distinct modes for users: Test Mode
and Live Mode.
Understanding the differences between these modes is crucial for effectively utilizing our service. Below is a detailed description of each mode.
Test Mode
is designed for users to familiarize themselves with the platform’s features and functionality without the risk of affecting real data. It is ideal for initial testing, training, and experimentation. In Test Mode, you are provided with 5 free verifications. This allows you to test the system and understand how it works without any cost.
Test Mode is available to all users through registering on our website. No prior subscription is required to access this mode
Live Mode
is intended for actual identity verification processes required for compliance. All verifications performed in this mode are real and affect actual data. Verifications performed in Live Mode are billed according to your subscription plan or pay-per-use agreement.
Live Mode is only available to clients who have signed the agreement and selected a pricing plan. Afterwards, access to Live Mode can also be restricted by assigning the respective user roles .
You can switch between Test Mode
and Live Mode
at any time through the toggle in the header:
Data created and collected in Test Mode is not transferred to Live Mode automatically. However, Workflows
can be duplicated manually if needed. For more instructions follow the link.
This step enables users to upload and verify identity documents as part of the verification process. It ensures that only valid and compliant documents are accepted, providing a secure and efficient method for identity verification.
Add Document Check
step into the flow canvas at the appropriate position in the flow.
Click on Document Check
to open its configuration options:
Allpass.AI is a comprehensive platform designed specifically to streamline and enhance the Know Your Customer (KYC) and Anti-Money Laundering (AML) processes. Our platform offers powerful tools to automate user verification, monitor compliance, and manage regulatory requirements with precision and ease.
One of the standout features of Allpass.AI is its no-code environment, allowing you to easily configure and use the platform without any programming knowledge. This ensures that users can swiftly adapt the platform to their specific needs, reducing the time and effort required to get up and running.
This documentation serves as your guide to fully understanding and utilizing the Allpass.AI platform. Inside, you will find:
Workplace Functionality Overview: A detailed breakdown of the core features and functionalities available within the Allpass.AI platform, designed to help you manage your compliance tasks effectively.
Integration Guide: Step-by-step instructions on how to integrate Allpass.AI with your existing systems, ensuring a seamless setup process and optimal performance.
Web SDK Description: Comprehensive information about our Web SDK, including installation, configuration, and usage details, allowing you to extend and customize the platform to meet your specific needs.
Dictionary: A comprehensive dictionary of terms used within Allpass.AI, providing clear definitions and explanations to help you navigate the platform with ease.
We hope this documentation will help you navigate and maximize the potential of Allpass.AI. Should you need further assistance, our support team is always ready to help.
The Intro step welcomes users, explains the verification process, and provides necessary instructions. It is always positioned at the beginning of the flow and is a vital element for guiding users through the verification journey. It is especially useful when the flow includes multiple steps, ensuring users are well-informed and prepared before they begin.
Add Intro Screen
step into the flow canvas at the appropriate position in the flow.
Click on Intro Screen
to open its configuration option
Customization Options While the Intro step does not have functional settings, it offers extensive UI customization options to ensure it fits seamlessly with your brand and provides a positive user experience.
The Liveness step is designed to verify the presence of a live person during the verification process.
Add Liveness Check
step into the flow canvas at the appropriate position in the flow.
Click on Liveness Check
to open its configuration options:
This enhances security by confirming the user's contact information through a one-time password sent to their email. This step helps to ensure that the contact details provided by the user are valid and accessible.
Add Email Verification
step into the flow canvas at the appropriate position in the flow.
Click on Email Verification
to open its configuration options:
These settings allow you to adjust the Email Verification step according to your security requirements and user experience preferences.
It enhances the verification process by requiring users to take a selfie while holding their identification document.
Add Selfie with a Document
step into the flow canvas at the appropriate position in the flow.
Click on Selfie with a Document
to open its customization options.
Customization Options While the Selfie with a Document step does not have functional settings, it offers extensive UI customization options to ensure it fits seamlessly with your brand and provides a positive user experience.
The AML Step enhances security and compliance by monitoring user profiles for potential money laundering activities. Users have the option to enable or disable ongoing monitoring as needed.
Add AML check
step into the flow canvas at the appropriate position in the flow.
Click on AML check
to open its configuration options.
Toggle on or off the ongoing monitoring feature.
Set the periodicity for ongoing monitoring (e.g., daily, weekly, monthly).
The AML step operates seamlessly in the background without requiring any actions from the end user. It conducts ongoing monitoring autonomously to enhance security and compliance.
This page provides a comprehensive introduction to using the Flow Builder
The Flow Builder is a powerful tool that allows you to design verification workflows by arranging and configuring various verification steps. This feature enables you to tailor the verification process to their specific requirements, ensuring compliance and efficiency.
From the Sidebar Menu, click on Workflows
to open the flow builder interface.
Click on the Add new
button, located at the top right of the Flow Builder page:
A user-friendly interface that allows you to build verification flows by simply dragging and dropping different verification steps into place.
In our Platform's Flow Builder, you can create two types of verification flows: Regular Flows and On-Demand Flows. Each type serves different purposes and is designed to meet specific verification needs.
Regular Flows are designed for recurring or scheduled verifications that follow a predefined workflow. They are ideal for scenarios where verifications need to be conducted regularly, such as onboarding new users, periodic compliance checks, or ongoing account maintenance.
On-Demand Flows are designed for ad-hoc verifications that are initiated manually as needed. They provide flexibility and control for conducting verifications outside of regular schedules or predefined workflows.
This feature allows administrators to manage user access to the verification flow based on their geographical location or IP address. Users from restricted countries can be automatically excluded from the process, ensuring compliance with regulatory or company-specific policies.
Navigate to the workflow where you want to implement country-based restrictions. In the settings panel on the left side, you'll see an option labeled Countries
Click the Add Permitted Countries
button to specify the list of countries where users are allowed to proceed with the verification flow. Only users accessing the system from these countries will be able to continue.
Alternatively, use the Add Exclusion Countries
button to block specific countries. Users accessing the platform from these countries will not be allowed to proceed with the verification flow.
The Auto-Approval feature in the flow builder allows the system to automatically approve or reject verification steps without manual intervention. This functionality can be enabled by toggling the Auto-Approval switch within the step configuration settings.
Enable Auto-Approval: Toggle the switch labeled Auto-Approval to the on position.
Click on the Add step
and from the available step options, choose the verification steps you need into the flow canvas:
Each step in the flow can be customized with specific settings and criteria to match your verification needs.
Editing an existing flow will affect all applicants who have already gone through it. Ensure that any changes are carefully considered to avoid disrupting the applicants experience.
Description of the steps is provided further.
The Phone Verification
step validates the applicant’s phone number to ensure its authenticity and activity. This step enhances security by confirming that the provided phone number is legitimate and can receive communications, which is essential for preventing fraud.
To add the Phone Verification
step:
Add Phone Verification: Drag and drop the Phone Verification
step into the flow canvas at the desired position within the verification flow.
Open Configuration Options: Click on Phone Verification
in the flow to access and configure its settings:
These settings allow you to adjust the Phone Verification step according to your security requirements and user experience preferences.
The Application page is where you manage essential keys and settings for interacting with our Public API and Webhooks. Here’s a detailed breakdown of what you can do on this page:
You can create new and manage existing applications. This step-by-step video tutorial will guide you through the entire process of the application creation:
As soon as your application is created you can open it anytime and get the details required for further integration:
Crypto Key
Purpose: The Crypto Key is used for encrypting and decrypting data exchanged between your application and our services.
Private App Key
Purpose: The Private App Key is necessary for authenticating and interacting with the Public API.
Usage: Use this key in your API requests to ensure secure and authorized access to our services
Webhook Endpoint
Purpose: Specify a Webhook Endpoint where we can send event notifications related to your applicants.
Usage: Provide a URL that can handle incoming POST requests from our system. These notifications will keep you updated on various events and statuses of your applicants.
Redirect URL
Purpose: Set a Redirect URL where we will redirect users after they complete the applicant flow.
Usage: This URL should point to a location in your application where users can continue their process or receive further instructions after completing the applicant flow.
Configure Webhook URL:
In the "Webhook settings" section, find the "Webhook URL" field.
Enter the URL where you want to receive applicants progress events (e.g., https://myApp.com.ua/cb
).
Optionally, you can add custom headers by clicking on "Add response headers" and entering the header key and value.
Set Redirect URL:
In the "Application details" section, locate the "Redirect URL" field.
Input the URL where you want applicants to be redirected after verification (e.g., https://www.google.com.ua/?hl=ru
).
Save Changes:
Click "Save changes" to apply the changes to your application.
Application Name: Enter a name for your application (e.g., "Demo").
Description: Provide a brief description of the application (e.g., "Demo application").
Webhook URL: Specify the webhook URL (e.g., https://myApp.com.ua/cb
).
Custom Headers: Add any custom headers if needed (e.g., custom-header: value
).
Redirect URL: Set the redirect URL (e.g., https://www.google.com.ua/?hl=ru
).
This step compares the user’s face across multiple sources to verify their identity. It is crucial for preventing identity fraud and ensuring the integrity of the verification process.
Add Face Matching
step into the flow canvas at the appropriate position in the flow.
Click on Face Matching
to open its configuration options:
Minimum Requirement: You must select at least two sources for face matching to ensure robust verification.
Auto-Approval: an Applicant is approved automatically, if face matching result is 85% or higher. Otherwise, the reviewer has to check the results and finish the verification process manually.
The Questionnaire Builder is a powerful tool designed for compliance officers to create custom user surveys and integrate them into the user verification workflow. This functionality enhances the compliance process by allowing the collection of specific information tailored to the organization's needs.
From the Sidebar Menu, click on Questionnaire
to open the flow builder interface. The interface displays all existing questionnaires and provides options to create new ones.
Users can search for existing questionnaires by name and manage them efficiently.
The Create questionnaire button allows users to start building a new survey quickly:
After clicking the Create questionnaire button, you are directed to the Questionnaire Builder interface, which consists of three main sections: Designer, Preview, and Logic:
You can click the Add Question
button to start building their questionnaire.
Fill in the necessary details such as the questionnaire name, and description.
You can drag and drop various question types from the toolbox into the survey area. This includes multiple-choice, text input, date selection, and more.
After adding a question, users can customize it by setting the question text, adding options for multiple-choice questions, and setting validation rules (e.g., mandatory responses).
The Preview
tab allows users not only to see how their questionnaire will appear to respondents, but also test how it works by inserting the answers. This helps in ensuring that the questions are formatted correctly and the survey flows logically.
In the Logic
tab, you can set up conditional logic to control the flow of the questionnaire based on respondents' answers. This can include showing or hiding questions based on previous responses, making certain questions mandatory, and branching the survey into different paths.
You can click the Add New Rule
button to start building the logic of questionnaire.
Select a question whose answer should be checked and a logical operation from the corresponding drop-down menus.
Then, specify the answer that applies the rule. Some logical operations do not need an answer (for example, Empty or Not empty).
If the rule needs more than one condition, click the Add Condition
button. You can use the AND or OR logical operator to combine the new and previous conditions.
Conditions that you specify in the UI are converted to logical expressions. If you prefer to enter the expressions directly, click the Manual Entry button on the Toolbar.
Select one of the following actions from the drop-down menu:
Click a rule to expand it and use UI elements to edit the rule. Click Done
to save your changes.
Usage: Retrieve this key to secure your data transmissions as described in the.
OTP (One Time Password)
Enable this option to send the OTP to the user's email address. This feature adds an additional layer of security to the email verification process.
Number of attempts
Configure the number of attempts for the user to retry.
OTP (One-Time Password)
Enable or disable the OTP option to require the applicant to verify their phone number with a one-time password. This feature adds an additional layer of security to the phone verification process.
HLR (Home Location Register)
Toggle HLR on or off to check if the applicant’s phone number is currently registered with a mobile network, ensuring that it’s active and valid.
Number of Attempts
Select the maximum number of attempts allowed for the applicant to verify their phone number. This setting can help prevent unauthorized access by limiting the retry attempts for OTP verification.
Choose How to Send OTP
Select the preferred method for delivering the OTP:
SMS Message: Sends the OTP via text message.
Phone Call: Sends the OTP through an automated phone call.
Show (hide) page
Makes the selected page visible. If you want to hide the page, invert the logic of your condition.
Enable (disable) page
Makes the selected page editable. If you want to make the page read-only, invert the logic of your condition.
Show (hide) question
Makes the selected question visible. If you want to hide the question, invert the logic of your condition.
Enable (disable) question
Makes the selected question editable. If you want to make the question read-only, invert the logic of your condition.
Make question required
Requires an answer for the selected question.
Complete survey
Completes the survey.
Set answer
Sets a specified answer to the selected question.
Copy answear
Copies the answer from the selected question to a target question.
Skip to question
Navigates the survey to the selected question.
Run expression
Runs a custom expression on the selected question.
Set "Survey Complete" page markup
Specifies custom HTML markup for the Survey Complete page.
The Workflow Builder includes a convenient auto-save feature that ensures your work is not lost if you forget to save manually.
If you create or modify a workflow but do not click the Save
button before closing the page, the workflow will automatically be saved as a draft. This functionality helps prevent data loss and allows you to continue your work seamlessly at a later time.
To continue working on a draft workflow, simply navigate to your list of workflows and locate the ones marked as "Draft.”
Click on the draft workflow to open it and continue editing from where you left off.
Once you have completed your changes, click the Save
button to finalize the workflow.
Country Restrictions
Define permitted or excluded countries for document submission.
Document Type Restrictions
Specify which types of documents are permitted or excluded.
Ways to Capture Documents
Gallery Upload: Allow users to upload documents from their device gallery.
Device Camera: Enable users to capture documents using their device camera.
Autocapture: Identifies documents within the camera frame automatically.
Device
Allow users to make photos or upload documents from mobile and/or desktop devices.
Age Restrictions
An option to set the minimum age for verification. The default age is set to 18, but you can customize this by entering a different value depending on your organization’s requirements.
Expiry Date Adjustment
Shift the document’s expiry date forward or backward by a specified number of months.
Image Quality Focus Check
Enable or disable focus checks for image quality validation.
Image Glare Check
Enable or disable glare checks for image quality validation.
Color Check
Enable or disable color checks for image quality validation.
Document Position Validation
Define the minimum indent from the document corners to the image borders as a percentage of the document width. If the indent is smaller than specified, an error will be indicated in the documentPosition field.
Style Customization
Customize the user interface to match your branding.
Number of Attempts
Define the maximum number of attempts allowed for the liveness check. The limit is set to 5 attempts.
One-shot Liveness
A quick, single-step verification process.
3D Liveness
Advanced verification using 3D imaging technology.
Custom 3D Liveness
Combine various actions (e.g., eye movement, smile) for a more robust check.
Style Customization
Customize the UI to match your brand's look and feel.
Source Selection
Choose minumum 2 sources for face matching, including the following:
Document Photo: Use the photo from the uploaded document.
Liveness Results: Use the captured image from the liveness check.
Selfie: Use a selfie taken by the user.
External Database: Use a photo from an external database.
The Questionnaire Step allows you to gather essential information from users through customized forms. This step can be tailored to include various questions relevant to your compliance process.
Add the Questionnaire step
into the flow canvas at the appropriate position.
Click on Questionnaire step
to open its configuration options.
Select the desired questionnaire schema from the dropdown menu:
The Questionnaire Builder is a separate tab that allows you to create custom questionnaires. For detailed instructions on how to use the Questionnaire Builder, please refer to the Questionnaire Builder Guide.
The UI Customization functionality within the Flow Builder allows you to personalize the appearance of your verification workflows.
It allows you to align the appearance of the verification flows with your branding preferences. Customize colors, fonts, and button styles effortlessly to match your company's look and feel.
Open your flow and go to Style
tab:
You can choose a color palette that is applied to pictures and color blocks throughout the verification flow:
Fonts can be customized using Google Fonts in the following format: fontname @font weight.
Customize the colors of buttons and button borders to match the branding theme. You can select primary button colors, border, text and hover colors.
Changes made in the style customization are applied to the entire flow, ensuring a consistent and branded experience for users.
All changes are instantly reflected in a real-time preview:
Click on the icon buttons at the bottom of the screen to navigate between different steps in the verification workflow:
The main display area will update to show the selected step, allowing you to preview and edit its content and settings.
To apply and save changes, you need to click the Save
button:
The Thank You step is designed to acknowledge and thank users for completing the verification process. It is always placed at the end of the flow.
Add Thank You Screen
step into the flow canvas at the appropriate position in the flow.
Click on Thank You Screen
to open its configuration options.
Customization Options While the Thank You Step does not have functional settings, it offers extensive UI customization options to ensure it fits seamlessly with your brand and provides a positive user experience.
This page explains the steps an applicant will go through to receive and complete their verification.
When users receive a verification link, the process is designed to be seamless, user-friendly, and flexible, ensuring a smooth and uninterrupted verification journey. Here’s what happens on the user side when they receive a verification link:
Users will receive the verification link via the specified communication channel.
The link redirects them to the verification platform, where the process begins.
If users need to pause the verification process, they can do so without losing their progress. Upon returning, they can resume the verification from the exact step where they left off, ensuring a smooth and uninterrupted user journey.
Users can start the verification process on one device, such as a desktop computer, and seamlessly continue on another device, like a mobile phone:
Users proceed through the various verification steps (e.g., Document Check, Liveness Check, etc.) as defined in the verification flow.
After completing all verification steps, users reach the page specified in the Redirect URL configured during the creation of the Application.
As a compliance officer, you have the capability to restart a verification flow for an applicant if needed. This can be particularly useful if the initial verification flow was not completed successfully.
Here’s how to manually change and restart a verification flow for a user:
Navigate to the Applicants
section from the Sidebar Menu.
Within the applicant's profile, locate the Flow Tracker
.
Click the Generate Link
button
This will create a unique link to the current verification flow, which you can copy and send to the applicant for them to continue the process.
The applicant can use this link to continue with the verification process from where they left off.
As a compliance officer, you have the capability to change a verification flow for an applicant if needed. This can be particularly useful if different verification requirements arise.
Here’s how to manually change and restart a verification flow for a user:
Navigate to the Applicants
section from the Sidebar Menu.
Search for and select the applicant whose verification flow you want to restart.
Once in the applicant's profile, locate the drop-down list for verification flows within the Flow Tracker.
Click on the drop-down list to view available verification flows:
Select the desired verification flow that you want to assign to the applicant.
After selecting the new verification flow, the system will automatically update the flow for the applicant.
However, if the new flow includes steps that have already been completed, the applicant will only need to complete the new steps added to the flow.
The applicant’s status will be changed to reflect that the verification process has been restarted.
Verification statuses help track the progress and outcomes of each verification process, providing clear indicators of where each applicant stands in the verification journey.
Here’s a detailed description of all the verification statuses:
If the verification flow is restarted or changed for the user, the verification status is updated accordingly. This ensures that the status accurately reflects the current state of the verification process and any changes that have been made.
The Duplicate option is easily accessible from the workflow management interface:
In the Duplicate Workflow window, select the status of the duplicate workflow using the toggle switch.
You can choose between Test
and Live
modes:
This flexibility allows you to move workflows from the testing environment to the live environment seamlessly.
Once duplicated, the new workflow will appear in your list of workflows with a name given while Duplicating.
Click on the new workflow to edit and customize it as needed.
INIT
This status is assigned when the applicant is created.
No actions are required from either the client or the end-user at this stage. The user may not have started the verification process yet.
INCOMPLETE
This status indicates that the user initiated the verification but didn't provide all the required details.
The verification process remains unfinished, and the user needs to complete the required actions.
IN PROGRESS
This status is assigned when the user has completed all the actions on their side.
Background checks have started, and the system is processing the provided data.
ON HOLD
This status indicates that the verification is under scrutiny due to suspicious activities.
The system cannot finalize the verification without manual intervention, often due to duplicates or suspicious documents.
COMPLETED
This status is assigned when the user has completed all required actions and provided all necessary data.
All actions from the system side are completed as well, and the verification process is finished.
APPROVED
This status is assigned when the compliance officer has approved the verification. In case the Flow Auto-Approval is switched on, the status can be assigned automatically by the system.
The applicant has passed the verification process successfully.
DECLINED
This status is assigned when the compliance officer has declined the verification. In case the Flow Auto-Approval is switched on, the status can be assigned automatically by the system.
The applicant has not passed the verification process, and specific reasons for the decline are noted by the compliance officer.
This section provides detailed steps on how compliance officers can manage and review applicant profiles, either manually or automatically through flow auto-approval.
As a compliance officer, you have the ability to manage the applicant review process effectively. Here's how to manually handle the review process for an applicant:
After the system assigns a Completed
status to the Applicant, a reviewer must be assigned to finish the verification process.
A reviewer can also be assigned earlier if manual intervention is needed before the user has provided all the data and the system has performed all the checks. It may be necessary if the system completes the verification with the status "On Hold," indicating that a decision cannot be made automatically due to suspicious data.
Navigate to the Applicants
section from the Sidebar Menu.
Select a Reviewer
from the context menu in the applicants table:
Select a reviewer from the drop-down list and click Assign
:
You can also assign a reviewer from the Applicant's Profile.
Open the applicant's profile.
Locate the reviewer section, select a reviewer from the drop-down list and click Assign
:
The reviewer must review and either Approve or Decline the applicant's data:
A system user with the necessary permissions can change the reviewer if required.
If flow auto-approval is enabled, the review process is fully automated.
Nevertheless, a reviewer can be assigned if manual intervention is needed before the user has provided all the data and the system has performed all the checks.
Also, a manual review may be required in case of system warnings or if the face matching result is less than 85%.
There are two ways to run verification flows on our Platform: integrating the flow into your application using API webhooks and manually generating a verification link in the workplace. Here's how each method works:
Integrate the Flow into Your Application This method allows you to seamlessly verify user identities as part of your onboarding or compliance process using API webhooks. It's ideal for verifying your entire user base.
Log in to your account on the https://workplace.elkyc.com/
Navigate to the API Keys
section under Company
to retrieve your API keys.
Follow the steps in the technical documentation to set up webhooks and integrate the verification flow into your application.
Before deploying, test the integration to ensure the verification flow works seamlessly within your application.
Use the Test Mode
to perform verifications without consuming your live verification quota.
Generate a Verification Link Manually This method allows you to generate a verification link manually within the workplace for testing or single verifications.
From the dashboard, click on Applicants
in the Sidebar Menu.
Click on New Verification
Fill in the required details for the verification process:
Application
Select the specific application for which this verification link is being created. This helps categorize and manage verifications under different projects or applications.
Flow
Choose the verification flow you want to use. The flow dictates the sequence of steps the user will go through during the verification process.
External User ID
Enter a unique identifier for the user from your system. This helps you track and match verification results with your user records.
Language
Select the language in which the verification steps will be presented to the user. This ensures the user can understand and complete the process in their preferred language.
Token Lifetime
Set the duration for which the verification link will remain valid. This defines how long the user has to complete the verification process after receiving the link.
Click on Create
and the verification link will be created and displayed.
Copy the generated link and send it to the user via email or any other communication channel.
The Request Additional Information feature allows compliance officers to gather extra details from applicants without disrupting the regular verification flow.
This option will be visible if an On-Demand flow is created in the Flow Builder, allowing you to ask for more information without impacting the regular flow or the applicant’s status.
Here’s how to request additional data from a user:
Navigate to the Applicants
section from the Sidebar Menu.
Search for and select the applicant whose verification flow you want to restart.
Once in the applicant's profile, locate the drop-down list for verification flows within the Flow Tracker.
If available, click the Request Additional Information
button:
Fill in the required details for requesting the additional information.
Create a unique link to the on-demand verification flow, which you can send to the applicant for them to provide the data you require.
The Manual AML Scan allows you to perform targeted searches for individuals or organizations to detect potential financial crime risks. The feature is located in the AML Scan section, accessible from the sidebar menu:
From the sidebar menu, click on AML Scan
and select Search Page.
At the top of the search form, select whether you want to search for an Individual
or an Organization
.
Fill in the Search Fields: Full Name: Enter the full name of the individual or the organization. Search by Name, by Document or by Identity: You can choose whether to search by full name or an alias. Birth Year or Year Range: If applicable, enter the birth year or a range of years for a more specific match. Match Rate: Define the minimum percentage match rate that the search result should meet (e.g., 80%). Only results that meet or exceed this threshold will be returned. Country: Select the country associated with the individual or organization to narrow down the search.
If you want a more thorough search that checks additional databases, tick the Deep Search
checkbox.
Click the Scan
button to start the search request. The system will scan through PEP, Sanctions, Watchlists, and adverse media databases for any potential matches.
Once the scan is complete, review the results on the same page or on the Scan Results
page to assess potential matches and take further action if needed:
The Scan Result provides you with a detailed overview of any matches found during an AML scan. It includes key functionalities for assessing risk, updating case statuses, and enabling ongoing monitoring.
Match Status can be updated by the user to classify the result:
You can activate Monitoring Periodicity
for a match, ensuring regular updates and alerts for any new information that may arise about the entity:
Profile Information displays the matched entity’s key details, including: Name: (e.g., ABIGAÏL DAMASANE).
Match Source: (e.g., OFAC - Specially Designated Nationals - Treasury).
Match Type: Shows whether the result refers to an Individual or an Organization and its associated list (e.g., Sanction).
The Comments section allows users to add internal notes and share information within the team, keeping a record of any actions or decisions related to the case.
Clicking on the card for any specific match will reveal full details about the scanned entity, providing users with a more comprehensive view to aid in decision-making:
The Scan Results page provides you with a list of all the cases found:
The section prominently displays the selfie with the document captured during the verification process.
The image can be zoomed in for closer inspection by the reviewer:
The date when the selfie was captured is displayed above the image. This timestamp helps ensure that the selfie is recent and relevant to the current verification session.
The Email Verification
results are displayed in the applicant's profile, providing a comprehensive breakdown of validation points for the applicant’s email address. Each validation point includes a status indicator and a brief description of the check performed:
If you disagree with any result, you have the option to deactivate this service for the applicant by moving the data to History.
The Liveness step is a crucial part of the verification process, designed to confirm that the applicant is a real, live person and not a spoof or fake identity.
This step typically involves a video recording of the user performing specific actions, such as blinking or turning their head, to demonstrate liveness.
You can find the recording in the Liveness
block within the Applicant's profile:
This video serves as proof that the applicant completed the required actions to verify their liveness. While the screenshot only shows a still image, the platform typically allows the reviewer to access and review the entire video to ensure the liveness check was performed correctly.
The Applicant Profile section serves as the central hub for managing and reviewing key information about each applicant. This feature enables you to efficiently access, verify, and monitor all data.
From the Sidebar Menuclick on Verifications
and go to Applicants
tab:
Click on the Applicant
to open the profile and see the details. The table view offers a clear and concise summary of applicant information:
As illustrated in the screenshot, this view is organized into several key sections:
Applicant Header
Applicant Name and Status: Displays the applicant's full name and the current status of their verification.
Profile Picture: Provides a visual identification of the applicant.
External User ID: A unique identifier specific to this applicant within your system.
Reviewer Assignment: Shows the currently assigned reviewer. The reviewer can be changed using the dropdown menu.
Approve/Decline Options (in case the reviewer is assigned): Allows the reviewer to either approve or decline the applicant’s profile based on the verification results.
Info and Comments Tabs
Info Tab: Displays key applicant details organized into several categories:
Applicant IDs: Includes the External User ID and Applicant ID for tracking and integration purposes.
Personal Info: Lists the applicant's date of birth, location, and IP address. Additional fields like email and telephone number may also be displayed.
Verification Info: Contains the date and time of the application, the platform used (e.g., WEB), and the current status of the application.
Device Info: Shows details about the device used during the application process, including location data (Latitude, Longitude), browser type, version, and user agent string.
Comments Tab: A section where reviewers can add and view notes or comments related to the applicant's profile.
Verification Tracker
Tracker: A visual progress bar showing the stages of the verification process, such as Document Check, Liveness, Selfie Capture, and Face Match. The progress tracker helps reviewers quickly assess which steps have been completed and which are pending or failed.
Verification Steps Details
These sections allow the reviewer to delve into specific verification tasks, providing detailed insights into the results of each step.
Description of each section is provided in the next chapters.
This section is a critical component of the platform, providing results that indicate whether an individual has been flagged in any sanction or watchlist databases.
The top part of the section displays a warning banner, indicating in case the individual has been flagged in one or more databases:
Below the warning, the details of the match are displayed.
At the bottom of the section, a comments area allows reviewers to add notes or observations related to the AML check. This is useful for documenting reasons behind the selected match status or any other relevant details.
By clicking on the individual's name or the match percentage, the reviewer can open a detailed profile view of the flagged individual:
To the right of the match details, a dropdown menu allows the reviewer to categorize the match further:
The available options include:
Unknown: The match status is not yet determined.
No Match: The reviewer determines that there is no match.
Potential Match: The system has flagged a potential match, which is the current selection in the screenshot.
False Positive: The match is determined to be a false positive.
True Positive: The match is confirmed as accurate.
True Positive Approve: The match is confirmed, but the reviewer chooses to approve the applicant.
True Positive Reject: The match is confirmed, and the reviewer decides to reject the applicant based on the match.
The Document Check section within the Applicant Profile provides a detailed view of the applicant’s identification document verification results. This section is crucial for ensuring the authenticity and validity of the applicant's submitted documents. It is also is designed to notify users of any discrepancies or problems that need immediate attention:
Document Expiration: At the top of the section, a warning banner clearly states that the document provided has expired. This is a critical alert, as expired documents cannot be considered valid for verification purposes.
Duplicate Document Warning: The system can also trigger a warning if a duplicate document is detected within the platform. This ensures that no two profiles share the same document, preventing fraud and identity theft. A warning banner will notify the reviewer if a duplicate document is found, prompting further investigation or action.
Resolution Option: The platform provides an option to resolve this issue by clicking Resolve
button directly from the interface. The system will resolve the warning while data will remain the same.
Valid: at the top of the section, a "Valid" status will be displayed if the document is in order.
Non-valid: a status signifies that the document fails to meet the required criteria for successful verification.
Next to each data field (e.g., Issuing State Code, Document Number, Date of Expiry), there are icons that indicate the results of the cross-checks from various sources (visual zone, MRZ, chip):
Green Icon: Indicates that the information has been successfully verified across all available sources (visual zone, MRZ, chip) and there is consistency in the data.
Red Icon: Signifies that the data could not be fully verified or there are discrepancies between the information from different sources.
Orange Icon: Shows that the cross-check for that particular field was not conducted or is not applicable.
If needed, the user can edit the document data directly within the platform. Each field next to the document information features an edit icon.
By clicking this icon, the reviewer can manually adjust the data, ensuring that any necessary corrections are made before final approval. This feature is especially useful if minor discrepancies or typographical errors are identified during the review process.
For a detailed explanation of each data field, including the document class code, issuing state code, and personal number, please follwo a dedicated link.
Timeline functionality provides a detailed, chronological record of all actions taken on an applicant’s profile. This feature is essential for maintaining transparency, tracking changes, and ensuring compliance with regulatory requirements. The logs allow compliance officers to review all updates, edits, and actions associated with an applicant's verification process.
From the Applicant profile, click on Timeline
to open the profile changes history:
The timeline interface displays a series of logs, each entry detailing a specific action taken by an applicant or on the applicant's profile. Each log entry includes the date and time of the action, providing a clear, chronological sequence of events:
Alongside the action details, the log records also include information about the user who made the changes and the system environment in which the changes were made. This includes the operating system, browser version, and IP address, helping to verify the authenticity of the actions and providing context for when and how the changes occurred.
The Questionnaire Results
section provides access to the applicant's completed questionnaire, which is often used to gather additional information required for the verification process.
This section allows users to review the applicant’s responses and assess any potential risks or compliance issues.
The results are displayed as a link to the completed questionnaire in a downloadable PDF format:
Download
button is provided next to the file name, allowing the reviewer to easily access the PDF file. This feature ensures that the questionnaire results can be reviewed in detail, stored, or shared with other team members as necessary.
The reporting functionality in our platform allows compliance officers to generate and download comprehensive reports for each applicant. This feature is crucial for record-keeping, auditing, and sharing verification results with relevant stakeholders. The reports are generated directly from the applicant's profile and provide a detailed overview of all verification steps, changes, and media associated with the applicant.
To generate a report, navigate to the specific applicant's profile within the platform. This profile contains all the verification data and history related to the applicant.
In the applicant's profile, locate the Download
button, which is typically positioned near the top right corner of the interface. Clicking this button will initiate the process of generating and downloading the report:
The reports are downloaded as a ZIP file, which consolidates all relevant documents and data into a single, easily accessible package. The contents of the ZIP file include:
General PDF Report: This PDF file contains all the information available in the applicant’s profile, providing a comprehensive overview of the applicant’s details, verification status, and results.
History of Changes: A separate file that documents all changes made to the applicant’s profile, including timestamps and details of the modifications. This is essential for maintaining an audit trail.
AML Report: If the applicant underwent an AML (Anti-Money Laundering) check as part of their verification flow, the results are included as a separate file in the ZIP. This file contains details about any potential matches or flags identified during the AML check.
Questionnaire Results: If the applicant completed a questionnaire during the verification process, the results are provided as a separate file. This document includes all responses given by the applicant.
Media Data: All available media associated with the applicant’s verification are included in the ZIP file. This may consist of: - Liveness Video: A video recording of the applicant completing the liveness check, verifying that they are a live person during the verification process. - Face Photos: Photos captured during the liveness check, selfie and from the identification document. - Document Photos: Images of the identification documents submitted by the applicant.
This guide helps you integrate the Allpass.ai SDK into your Web Application and start the verification flow
This document explains how to integrate the verification flow directly into your web application through our JavaScript component to verify the identity of your users. This stage might be at the signup page of your application, or at a later point to enrich the profiles of your users. The guide assumes the preliminary steps have already been completed as explained in the overview section of the documentation.
You can either follow the integration guide or watch the integration tutorial that shows the same steps. Please be aware that some property or function names might have slightly changed with newer versions. Make sure to compare your implementation with the latest code snippets here in the documentation.
Read passport data using a smartphone or webcam
Doc type identification (Machine Learning)
Parsing doc data (OCR)
Document authenticity control (data cross-check from visual zone, chip, MRZ)
Document ownership checks
Liveness detection
Face match
AML
Questionnaire
OTP
Device verification
IP verification + geoIP
Data input automation (into client’s software)
Web workplace
And much more
Mobile Browser
More Browsers Partial support
Desktop Browser
More Browsers Partial support
Partial Support - Frequent camera behavior changes cause incompatibilities
Not supported - Custom camera behavior prevents support
The facematch step involves a detailed comparison of the two or more images, providing a confidence percentage and a side-by-side visual representation to help users accurately verify the applicant's identity.
At the top of the section, the system displays the percentage of face match, which indicates the confidence level of the match between the two images:
These images can be zoomed in for a closer inspection by the reviewer, allowing them to manually confirm the match and assess any details that the automated system might have flagged.
These guides ensure a smooth and secure process for both registering and accessing your account.
Open your web browser and navigate to our website
Click on the Sign Up
button located at the top right corner of the homepage.
You will be redirected to the sign-up form. Please fill in the following details:
After filling in all the required fields, click on the Sign Up
button at the bottom of the form.
A verification email will be sent to the email address you provided. Open the email and click on the verification link to activate your account.
Once your email is verified, your account will be activated. You can now log in to the platform.
Click on the Sign In
button located at the top right corner of the homepage.
You will be redirected to the login form.
Enter the email address you used and the password you created during the sign-up process.
Click on the Login
button to access your account.
If you forget your password, click on the Forgot Password?
link on the login page. Follow the instructions to reset your password.
Android Chrome 90
iOS Safari 11
iOS 14.4+ Chrome 90
Android Firefox 62
Opera Not supported
Chrome 85
Firefox 63
Safari 11
Edge 95
Opera Not supported
Open your web browser and navigate to our website
If you encounter any issues during the sign-up or login process, ensure all fields are filled correctly and check your email for the verification link. If problems persist, contact our .
Full Name
Enter your full name.
Company Name
Enter the name of your company.
Phone
Enter your job title or position within the company.
Position
Enter your contact phone number.
Enter a valid email address. This will be used for login and communication purposes.
Password
Create a strong password. Ensure it meets the security requirements.
Place the new HTML element where you want the component to render inside the body of your HTML file:
In order for the verification flow to render correctly, you'll need to pass a valid accessToken as an argument to the start function. You can get accessToken from our public API. You can find more details in the Public API section of our documentation.
Make sure you're using your public App Key and Secret API Key from Integration Page
GitHub repository with sample - https://github.com/elkyc/allpass-web-sdk
Allpass.ai uses webhooks to notify your backend when an event happens in your client-side SDK. Webhooks are useful for asynchronous events like when an applicant completes a Verification or passes any step. You should specify your backend endpoint URL and get your AES-256-CBC key.
You can do it within the workplace Application page
Every application has it's own AES-256-CBC key. Webhook data is encrypted with this key
The Allpass webhook request has the same structure as all Allpass responses:
Where data is encrypted string. Read about encryption
To enable applicant verification, you need to obtain a token. There are two methods for initiating the verification process: through the workplace interface or by using our automated SDK.
Navigate to the Applicants Page:
Go to the "Verification" section and then select "Applicants."
Create a New Verification:
Fill in the required details:
Application: Choose the relevant application.
Flow: Select the desired flow.
ExternalUserId: Provide the external user ID (unique userID from your system).
Language: Set the preferred language (e.g., lang
).
Token Lifetime: Specify the token lifetime.
Generate Verification Link:
After providing the necessary information, our system will generate a link.
Share this link with the user to grant them access to the verification process.
To automate the verification process, you can use our SDK. This method involves generating a token on your backend and initializing the SDK with the token as a parameter.
Create a Token:
Generate a token on your backend. This step should be done securely to ensure the integrity and security of the verification process. More details can find in Open API section
Use the generated token to initialize the SDK.
Pass the token as a parameter when setting up the SDK.
In order to use the public api you will need to obtain a private key.
You can retrieve your Private Application Key from Applications > Private app key
.
Here we describe types and enums, which we are using in our system
In this chapter you can find all information about data structure, types and parameters description
Decorator @ApiProperty
means that property is required.
Decorator @ApiPropertyOptional
means that property is optional.
In this section of our technical documentation, we provide a comprehensive breakdown of key terminology related to the usage of our products and services.
This glossary offers clear and concise definitions for each term, ensuring that developers, data analysts, and privacy compliance officers can confidently navigate the intricacies of user data from the browser.
SDK Version: SDK stands for Software Development Kit. This term refers to the version of the software toolkit or package used to integrate certain features or functions into an application, typically related to data collection and analysis.
IP (Internet Protocol): An IP address is a unique numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. It serves as an identifier for the device's location on the internet.
Country: This is the name of the user's home country, typically determined based on their IP address. It's useful for understanding the geographic origin of the user.
Region: Refers to the specific geographical region within a country where the user is located. It can provide more granular information about the user's location.
EU (European Union): Indicates whether the user is located within a country that is a member of the European Union. This information is important for compliance with EU data protection regulations, like GDPR.
Timezone: This represents the user's local time offset from Coordinated Universal Time (UTC). It helps in displaying date and time information accurately to the user.
City: The name of the city where the user is located, often determined using their IP address. It provides further geographical precision.
Metro: It refers to the metropolitan area or region where the user is located. This can be useful for marketing and demographic analysis.
Latitude and Longitude (Ll): These coordinates pinpoint the exact geographic location of the user. They are expressed in degrees and are valuable for precise geolocation purposes.
Area: This typically denotes a more specific geographical area within a city, helping to pinpoint the user's location even further.
User Agent: The user agent is a string of information that the user's browser sends to websites it accesses. It includes details about the browser and device being used, such as the browser type, operating system, and device model.
Browser Type: This specifies the category or family of the user's web browser, such as Chrome, Firefox, Safari, or Internet Explorer.
Browser Version: Indicates the specific version number of the user's web browser. Knowing the version is important for web development and ensuring compatibility with different browser releases.
Here you can find essential terms and acronyms in the realms of technology and document identification.
MRZ (Machine Readable Zone):
The Machine Readable Zone is a standardized region within identification documents, such as passports and visas, that contains essential personal and document information in a format that can be easily read and processed by machines. This zone typically includes two lines of characters with specific data elements, including the document holder's name, nationality, date of birth, and passport number.
RFID (Radio-Frequency Identification) refers to the integration of radio-frequency tags or chips into official identification documents, such as passports, driver's licenses, and identity cards. These RFID tags store encrypted data related to the document holder's identity and can be wirelessly read by authorized RFID readers. Document verification systems equipped with RFID technology enable quick and secure authentication of the document's validity and the identity of the holder.
You can pass in different handler functions like the onLoad, onStart, onRestart, onPassStep, onComplete or onError method to handle different events of the verification flow to the init function.
Method that is being called once a verification flow is loaded. You can use this to show your own loader and then show div allpass.
Method that is being called once a user starts the verification flow.
appKey
: API Key
transactionId
: UUID of the verification. You can use this to query our API.
externalUserId
: External user ID (user ID in your system)
flowId : Workflow ID
mode : Live or Test mode
Method that is being called once a user starts the verification flow, but the verification is not completed
appKey
: API Key
transactionId
: UUID of the verification. You can use this to query our API.
externalUserId
: External user ID (user ID in your system)
flowId : Workflow ID
mode : Live or Test mode
Method that is being called once a user pass any step of the verification flow.
stepType:
The step can be one of the following
"intro" | "biometry" | "documents" | "scan" | "diia" | "complete"
appKey
: API Key
transactionId
: UUID of the verification. You can use this to query our API.
externalUserId
: External user ID (user ID in your system)
flowId : Workflow ID
mode : Live or Test mode
Method that is being called once the verification is completed.
appKey
: API Key
transactionId
: UUID of the verification. You can use this to query our API.
externalUserId
: External user ID (user ID in your system)
flowId : Workflow ID
mode : Live or Test mode
error:
The reason why the flow failed.
stepType:
The step where the error occurred, can be undefined or one of the following
"intro" | "biometry" | "documents" | "scan" | "diia" | "complete"
appKey
: API Key
transactionId
: UUID of the verification. You can use this to query our API.
externalUserId
: External user ID (user ID in your system)
flowId : Workflow ID
mode : Live or Test mode
If user doesn't finish verification process and current session is still active - we can automatically start this verification. In order to make it you should call restart after init method.
Also it could be chaining with an init method:
The Phone Verification
results section provides a detailed summary of checks performed on the applicant’s phone number. Each validation point includes a status indicator along with an explanation of the check:
If you disagree with any result, you can choose to deactivate the service for this applicant by moving the data to History.
The User Deletion functionality provides you with the ability to remove an applicant’s data from the system.
To initiate the deletion of an applicant’s profile, the reviewer can select the Delete
option from the action menu next to the applicant’s record in the table view:
Upon selecting Delete
, a confirmation dialog appears, as shown in the screenshot. This dialog informs the reviewer that the applicant’s data will be scheduled for deletion and will be permanently removed after a 20-day period:
The reviewer can either confirm the deletion by clicking Schedule Deletion
or cancel the process by selecting Cancel, keep the data
.
The applicant’s profile is not immediately removed from the platform. Instead, it is scheduled for deletion after a 20-day grace period. During this time, the data is marked for deletion but remains recoverable:
If the reviewer decides to restore the applicant’s profile during the scheduled deletion period, they can do so by selecting the Restore Data
option from the action menu next to the applicant’s record in the table view:
If no action is taken to restore the data within the 20-day period, the deletion will proceed automatically, and the applicant’s data will be permanently removed from the platform. Once deleted, the data cannot be recovered, ensuring compliance with data retention policies and regulatory requirements.
This functionality empowers you to halt the verification process if they find discrepancies or issues during any stage of the applicant’s verification.
The Deactivation option is accessible in all verification steps, including Document Check, Liveness, Selfie Capture, Face Match, AML Check, and more. This ensures that reviewers can maintain control all over the entire verification process.
When a reviewer identifies an issue or disagrees with the results presented by the verification step, they can deactivate the service instantly. This is done by clicking the Deactivate
button located at the top right corner of the respective section:
This action stops further processing and a new verification link should be generated for the applicant to pass the step again.
Upon deactivation, the platform automatically moves the relevant data to history. This ensures that the data is archived and recorded but no longer actively used in the ongoing verification process:
If the reviewer decides to reinstate the deactivated data, they can return it from History by clicking the "Activate" button:
This action will replace the current active data with the data retrieved from History, allowing the verification process to continue based on the reinstated information.
During the verification process you will receive webhooks with different types and data.
Allpass Webhook System wait for response with status 200
, otherwise the Webhook Retry System is activated with exponential backoff and 10
attempts. If the webhook has not been delivered, you can check, at any time, if there are any undelivered webhooks, by Allpass .
This guide provides detailed instructions on how to send and receive data securely using encryption keys.
Encryption Overview
We prioritize the security of your data. To ensure this, we employ encryption for the data transmitted through our Public API and Webhooks.
Encryption Key
An encryption key is provided on the page of your account. This key is essential for encrypting and decrypting data exchanged between your application and our services.
Sending Data to Our Public API
You have the option to send data to our Public API either encrypted or unencrypted, depending on your preference and security requirements.
Encrypted Data: To send encrypted data, use the encryption key provided on the page. Encrypt your data before sending it to our API.The encrypted data should be included in the payload as follows:
Unencrypted Data: If you prefer, you can also send data without encryption. This option is available for clients who may not require the added security layer.
Receiving Data from Public API and Webhooks
All data sent to you via our Public API or Webhooks is encrypted using the same encryption key found on the page. Ensure you decrypt the incoming data using this key to access the information.
Steps for Integration
Access Your Encryption Key: Log in to your account and navigate to the page to retrieve your encryption key.
Encrypt Your Data (optional): If you choose to encrypt your data, use the provided key to encrypt your JSON payloads.
Send Data to Public API:
Encrypted: Send your encrypted data to our Public API endpoint.
Unencrypted: Send your plain JSON data to our Public API endpoint.
Receive and Decrypt Data: When receiving data from our Public Api or Webhooks, decrypt the incoming payload using the encryption key.
Example Code Snippets
Here are some example code snippets to help you get started with encryption and decryption using your key:
Encrypting Data:
Decrypting Data:
In addition to handling encrypted data through our Public API and Webhooks, you may also need to decrypt stream files received from our services. Below are the steps and code snippets to help you decrypt these stream files effectively.
Steps for Decrypting Stream Files
Retrieve Initialization Vector (IV): The IV for the decryption process is provided in the response headers of the stream file. You can retrieve it using the following code:
Decrypt Stream Data:
Use the IV and the encryption key to decrypt the incoming stream file data.
The length of the IV is 16 bytes.
Example Code Snippet
Here's an example of how to decrypt a stream file:
This section provides descriptions and guidelines for making requests to our Public API. All data transmitted via our Public API is encrypted to ensure security. For more information on encryption and how to handle encrypted data, please visit the
You can find full description of API here []
Here you will find an overview of the major steps required to integrate Allpass.ai into your application. You can find more details on each step in the relevant sections.
In order for your application to communicate with Allpass.ai you need to sign up for an account in our . You have to provide some information about yourself and a company.
Once you have registered, our system will automatically create an and for you. This ensures that you can start using our platform immediately without any additional setup. In addition to the default application and flow created for you, you have the flexibility to create and or customize the default ones according to your needs.
Depending on your requirements, you can integrate Allpass.ai via our client-side SDK.
The client-side integration process can be summarized in 2 steps:
Install and import our client-side SDK in your application
Initialize SDK and our users will complete a Verification through the Verification flow - on completion, you need to track the Verification in your dashboard in workplace and handle it accordingly via the callbacks (e.g. onComplete function)
if you want to automate the process of KYC Allpass.ai uses webhooks to notify your backend when an event happens in your client-side SDK. Webhooks are useful for asynchronous events like when an applicant completes an Applicant's verification or passes some step. You should specify your backend endpoint url and import public RSA key
For security purposes, we recommend you to minimize the Data points stored on your server. That being said, if you need to retrieve information related to an Applicant you can do so via the Allpass.ai API. You can retrieve the following types of data:
Data points collected and shared during an Applicant (E.g. first name, last name, document number, identity score)
Metadata related to the Applicant (i.e. user agent, timestamp, user references)
The Dashboard provides a comprehensive view of key metrics, enabling users to monitor applicant progress, verification statuses, and system performance across various dimensions. The dashboard is divided into distinct sections, each designed to offer a quick glance into the platform’s core activities and health.
The top section of the dashboard highlights six key application statuses within a selected date range (e.g., Today, Last 7 Days, Last 28 Days):
Applicants Number: The total count of applicants created.
Applications in Review: The number of applications currently undergoing verification.
Applications Completed: The count of fully completed applications.
Applicants Approved: The number of applications that have been successfully approved.
Applicants Rejected: The count of applications that were rejected.
The user can filter the data by selecting a specific date range, which will automatically update all displayed information.
This graph displays the daily count of applicants created within the chosen time frame, allowing users to track activity trends, such as peaks and troughs in applicant submissions over time.
This bar chart shows a breakdown of applicant status across categories:
Completed: Applicants whose verification process is finished.
In Progress: Applicants whose verification is ongoing.
Incomplete: Applicants with incomplete submissions.
Approved/Rejected: Applicants whose verifications resulted in approval or rejection.
This donut chart presents the total number of warnings triggered across all applicants:
Unresolved: Warnings that are yet to be addressed.
Resolved: Warnings that have been reviewed and cleared.
This section features a world map highlighting the geographical distribution of applicants based on their country of residence, phone number or document origin. A list on the right shows the top countries with the highest number of applicants, such as Ukraine, Spain, and the United Kingdom, for instance.
This line chart displays the number of verifications conducted within the selected date range, distinguishing between:
Successful Verifications: Completed successfully.
Failed Verifications: Those that did not meet the verification criteria or encountered technical issues during the process.
This chart illustrates at which stage the verification process failed. It helps users identify common failure points and take corrective action to improve the verification process.
There are three performance charts that provide a comparative analysis:
Successful Verifications Number Compared by Date Range: This line chart compares the number of successful verifications with the target, showing how close or far it is from reaching the goal.
Total Verifications Compared by Average Number: Shows how the total number of verifications compares to the platform’s average over a specific period, highlighting if it is above or below target.
Successful Verifications Number Compared with Failed: This line chart contrasts successful and failed verifications, helping users monitor the success rate.
A pie chart provides an overview of the success rate across various verification services:
Liveness: The percentage of successful liveness checks.
Questionnaire Results: Successful completion of questionnaires.
OTP Verification: Verification through one-time passwords.
Document Check: Completion rate for document verification.
Face Match: Success rate for facial comparison.
AML: Success rate for AML (Anti-Money Laundering) checks.
You can find more details in the of our documentation.
You can find more details in the section of our documentation and how to use it in section.
You can find more details on the endpoints and the response format in the section of our documentation.
applicantCreated
It signifies the creation of an applicant profile within the system. No specific action is required from the client or end-user at this stage, and the verification process may not have commenced.
applicantInProgress
It denotes that the user has completed all required actions on their end, and the system has commenced background checks.
applicantIncomplete
It indicates that the user has initiated the verification process but has not yet provided all the necessary details. As a result, the process remains unfinished.
applicantInReview
It is assigned when a compliance officer has initiated a manual review of the verification process.
applicantRejected
It signifies that the compliance officer has declined the verification after review.
applicantApproved
It denotes that the compliance officer has completed their review and approved the verification.
applicantCompleted
It indicates that the user has fulfilled all required actions and provided the necessary data, and all system-side processes related to verification are also finalized.
applicantOnHold
It is assigned when the system identifies a potentially suspicious verification case that cannot be automatically marked as completed. Examples include duplicate applicant entries or suspicious document submissions, requiring manual intervention.
applicantStepPassed
event occurs when an applicant passes a step in the flow
id*
UUID
A unique applicant identifier
externalUserId*
String
A unique applicant identifier on your side.
appKey*
UUID
A unique application identifier.
warnings
Array of strings
stepName
String
If your IP address is being flagged as a VPN while trying to access certain services, there are a few potential reasons for this behavior. Below is a description of common causes along with solutions for each.
VPN Service is Enabled
If you have an active VPN service running on your device, it will route your traffic through a virtual private server, causing your IP to be identified as a VPN.
Solution: Check if a VPN Service is Active
Ensure that no VPN app or service is currently enabled on your device:
For iOS: Go to Settings > VPN, and toggle it Off.
For Android: Go to Settings > Network & Internet > VPN, and disconnect any active VPN.
For Windows: Go to Settings > Network & Internet > VPN, and disconnect any VPN connections.
Shared IP Addresses by ISPs
Some Internet Service Providers (ISPs) assign shared or dynamic IP addresses. If the IP address you are assigned has previously been associated with VPN services or flagged by websites, it might be detected as a VPN.
Solution: Request a New IP Address
Restart your modem or router to acquire a new IP address from your ISP. This process can resolve issues related to flagged IP addresses.
Private Relay or Limit IP Address Tracking (iOS devices)
On iOS devices, when the "Limit IP Address Tracking" feature is enabled, your device hides your real IP address by using a private or proxy-like address. This can sometimes cause certain systems to identify your IP as a VPN.
Solution: Check "Limit IP Address Tracking" on iOS Devices
If you are using an iPhone or iPad, the "Limit IP Address Tracking" feature may be causing the issue. Follow the steps below to disable it:
Open the Settings app.
Tap on Wi-Fi.
Select the currently connected Wi-Fi network.
Locate the Limit IP Address Tracking option and toggle it OFF
Use of Public Wi-Fi
Public Wi-Fi networks often use shared network configurations that can appear similar to VPN traffic.
Solution: Avoid Public Wi-Fi
Switch to a private Wi-Fi network if possible. Public Wi-Fi often uses shared IPs that may trigger VPN-like detection.
Proxy Settings on Your Device
Your device may have a proxy configured, either manually or automatically, which could lead to its detection as a VPN.
Check Proxy Settings
On your device, ensure that no proxy settings are enabled:
For iOS: Go to Settings > Wi-Fi > [Your Network] > Configure Proxy, and ensure it is set to "Off."
For Android: Go to Settings > Network & Internet > Wi-Fi > [Your Network] > Advanced > Proxy, and ensure it is set to None.
For Windows: Go to Settings > Network & Internet > Proxy, and ensure both Use setup script and Use a proxy server are turned Off.
Use of Privacy Tools
Privacy-focused tools such as DNS-over-HTTPS (DoH) or private DNS settings can be misinterpreted as VPN behavior.
Solution: Disable Privacy Tools Temporarily
If you are using privacy tools such as private DNS or DNS-over-HTTPS, try disabling them temporarily to see if it resolves the issue.
The IP and Geolocation features provide detailed insights about users' internet connection and physical location to enhance identity verification and risk assessment.
On the Info tab of the verification dashboard, you can see the user's IP address and device information in the Device Info
section:
Key elements displayed include:
IP Address: The user's public IP address.
Geolocation Data: A mapped location of the user's IP (e.g., city, region, and country).
Device Details: Information about the user's browser, operating system, and device type.
Clicking on the IP address or the More
link will open a detailed view of the IP properties, geolocation data, and provider details:
The detailed view provides in-depth insights into the user's IP address:
Valid
This check verifies if the IP address follows the correct format (IPv4 or IPv6) and is registered with the appropriate internet authorities (such as ARIN, RIPE, etc.).
Bogon
This check determines if the IP address belongs to a bogon range. Bogon IP addresses are non-routable addresses that are not allocated to any legitimate organization, such as private, reserved, or unassigned addresses.
Hosting
Identifies whether the IP address is associated with hosting providers, data centers, or cloud infrastructure. This indicates that the IP address may belong to a server rather than an individual user’s personal device.
Proxy
This check detects if the IP address is using a proxy service, which allows users to mask their real IP by routing their connection through another server.
VPN
This check identifies if the IP address belongs to a VPN (Virtual Private Network) service, commonly used to anonymize the user's real IP address by encrypting traffic and routing it through a remote server.
ISP
This check identifies whether the IP address belongs to a consumer Internet Service Provider (ISP), typically used by residential users for home internet connections.
City
Geolocates the city associated with the IP address based on databases that map IP ranges to specific geographic regions.
Country Code
Identifies the country associated with the IP address. The country code (ISO 3166 format) is determined through geolocation databases that track IP ownership.
Provider Domain
Identifies the domain name of the service provider associated with the IP address, typically the ISP or hosting company.
Provider Type
Indicates whether it is an ISP, hosting service, or another type of provider.
Provider website
A link to the provider’s official website.
Provider description
Additional information about the provider, such as services offered.
Region
This check determines the region (state or province) within the country associated with the IP address. Like the city check, this data comes from IP geolocation services.
VPN Domain (Optional)
Identifies the specific domain of the VPN provider if the IP is associated with a VPN service.
Identify Suspicious Activity: Check for IP addresses flagged as "hosting," "VPN," or "proxy" to detect potential anonymity tools or high-risk behavior.
Verify User Location: Cross-reference the user's declared location with the geolocation data to ensure consistency.
Assess Risk Levels: Analyze whether the IP address belongs to a residential ISP or hosting service, as hosted IPs might indicate bot or server activity.
This functionality operates in the background, requiring no user action, and provides a robust layer of security for identity verification processes.
Private app key
Applicant ID
Private app key
200
"2021-08-20T14:52:33.648Z"
Applicant ID
Private app key
200
"2021-08-20T14:52:33.648Z"
Applicant identifier
current review status
Applicant ID
Private app key
A flow id
200
"2021-08-20T14:52:33.648Z"
Applicant identifier
current review status
Applicant ID
Private app key
200
"2021-08-20T14:52:33.648Z"
Browser verification uuid
Browser verification access token
Applicant uuid
Applicant ID
Private app key
200
"2021-08-20T14:52:33.648Z"
Applicant identifier
external applicant identifier
current review status
last updated date
applicant created date
applicant phone
applicant email
applicant lang
applicant date Of birth
User ip
User country code ISO-3166-1
User country region ISO 3166-2
User timezone from IANA Time Zone Database
User city
applicant photo
applicant full name
Client Key
applicant flow
status of review
Review ID
Version of Review
status of review
Review create date
Review update date
Reviewer comment
System warnings
Details about status of review
Reviewer id
Reviewer Full Name
Applicant services
Service data
Document ID
Document step type
Document status
Document processing time in ms
Document rfid processing time in ms
Document pages uploaded
Document create date
Document types data
Document type ID
Document ID
Document type name
Document page index
Document MRZ availability
Document ICAO
Document type
Document year
Document format
Document create date
Document graphics data
Document graphic type
Document graphic data
Document graphic ID
Document ID
Document graphic type
Document graphic sourceType
Document graphic containerType
Document page index
Document graphic url
Document graphic create date
Document fields data
Document field type
Document field data
Document field ID
Document ID
Document field type
Document field LCID
Document field status
Document page index
Document field value recognition probability
Document field value validity enum
Document field obtained value
Document field value sourceType enum
Document field value comparison
Document field create date
Service type
Service status
Flow type
status of review
Application key
Applicant Flow
Flow name
Flow id
Flow type
Flow services
Applicant Aml Monitoring Setting
The unique identifier for the applicant AML monitoring entity
The unique identifier for the applicant
The external identifier for the applicant AML monitoring entity
The periodicity of the AML monitoring
Indicates whether the applicant AML monitoring entity is active
Indicates whether the AML monitoring has been purchased
The date and time when the applicant AML monitoring entity was created
The date and time when the applicant AML monitoring entity was last updated
Device data
SDK version
User ip
User country code ISO-3166-1
User country region ISO 3166-2
Europe union flag
User timezone from IANA Time Zone Database
User city
User city metro code
The latitude and longitude of the city
The approximate accuracy radius (km), around the latitude and longitude
Browser user agent
Browser type
Browser version
Private app key
A unique applicant identifies on the client side
A flow name
An applicant phone number.
An applicant email address.
The language, in which the verification results should be displayed to applicants.
Used to compare the data that you provide to us with that we extract from the applicant documents.
200
"2021-08-20T14:52:33.648Z"
Applicant identifier
external applicant identifier
current review status
last updated date
applicant created date
applicant phone
applicant email
applicant lang
applicant date Of birth
User ip
User country code ISO-3166-1
User country region ISO 3166-2
User timezone from IANA Time Zone Database
User city
applicant photo
applicant full name
Client Key
applicant flow
status of review
Review ID
Version of Review
status of review
Review create date
Review update date
Reviewer comment
System warnings
Details about status of review
Reviewer id
Reviewer Full Name
Applicant services
Service data
Document ID
Document step type
Document status
Document processing time in ms
Document rfid processing time in ms
Document pages uploaded
Document create date
Document types data
Document type ID
Document ID
Document type name
Document page index
Document MRZ availability
Document ICAO
Document type
Document year
Document format
Document create date
Document graphics data
Document graphic type
Document graphic data
Document graphic ID
Document ID
Document graphic type
Document graphic sourceType
Document graphic containerType
Document page index
Document graphic url
Document graphic create date
Document fields data
Document field type
Document field data
Document field ID
Document ID
Document field type
Document field LCID
Document field status
Document page index
Document field value recognition probability
Document field value validity enum
Document field obtained value
Document field value sourceType enum
Document field value comparison
Document field create date
Service type
Service status
Flow type
status of review
Application key
Applicant Flow
Flow name
Flow id
Flow type
Flow services
Applicant Aml Monitoring Setting
The unique identifier for the applicant AML monitoring entity
The unique identifier for the applicant
The external identifier for the applicant AML monitoring entity
The periodicity of the AML monitoring
Indicates whether the applicant AML monitoring entity is active
Indicates whether the AML monitoring has been purchased
The date and time when the applicant AML monitoring entity was created
The date and time when the applicant AML monitoring entity was last updated
Device data
SDK version
User ip
User country code ISO-3166-1
User country region ISO 3166-2
Europe union flag
User timezone from IANA Time Zone Database
User city
User city metro code
The latitude and longitude of the city
The approximate accuracy radius (km), around the latitude and longitude
Browser user agent
Browser type
Browser version