Once the user first logs in to Everifin APP, he immediately enters our onboarding process which consists of a few mandatory steps. These steps could be called independently in case we want the user to repeat some step, or dive into a specific step after meeting any requirements. Basically, there are 3 steps and one final state of the identity that represents the completed identification process (not verification).
MAIN DOCUMENT
The user should upload his first document of choice at this step. Currently, we support ID cards and Passport only. From a backend point of view, this particular step is divided into 3 (or 4 in case of ID upload) steps. The First 1 or 2 is uploading the file to our server. (UPLOAD) After this is complete, the frontend should get 1 or 2 uploadId which should be filled into the next backend call (ATTACH) – backUploadId and frontUploadId. Our third-party provider, Ondato, wants the Passport only side as a back side so that frontUploadId is not a mandatory field when attaching a Passport to a user’s identity. This attach call also initiates the identification process on the side of Ondato. Successful attach returns document data, an id especially, which should be used in the following call – (VERIFY). The call is responsible for checking the document and fetching the data if possible eventually. It responds with 4 boolean properties that represent possible failures and whether the data was fetched or not. We could move to the next step if all the 3 failure flags (invalidDocument, expiredDocument, oneSideMissing) are negative.
IDENTITY DATA
The purpose of this step is to have the user filled all the necessary data about his identity. He is supposed to agree with our framework agreement and terms & conditions. Finally, we want him to state his potential political exposition. In this case, the third step follows, otherwise the identity is marked as COMPLETED and thus identification process is done.
ADDITIONAL DOCUMENT
The technical process is very similar to the first step. The frontend should get the remaining available document type, the user performs uploading (attaching, verifying). There is one difference that data are not being fetched at this point of course. In addition to that, there is a mandatory sub-step for the user. He must declare his sources of funds. It’s done by a separate endpoint which assigns these to identity data. After the completion, the user’s identity becomes COMPLETED as well.
frontend SHOULD CHECK what is the current state of the identification and should force redirect user to fulfill it if not COMPLETED.
ID and Passport samples
Every Everifin user must be eventually identified. User identification data are obtained during first bank account connection (name and surname is normally provided by bank along with account data).
Provided data are checked and in certain circumstances the user might be requested to complete the extended user identification process.
Extended User Identification process
If this process is started, user has 3 days to complete the steps described below:
providing 1st document (ID or passport)
Checking and correcting/completing data read from the provided document (if needed)
Agreeing with Everifin’s Framework Agreement and Terms and Conditions
providing additional document - only required in case the user is politically exposed person