Skip to main content

Introduction to eKYC Flows and API Integration

To integrate eKYC into your application, there are two main ways:

  • First, developers can integrate eKYC SDKs as described in the previous section (SDKs). This approach provides a ready-to-use solution with pre-built UI components and backend services.
  • Second, which will be described in this section - using backend APIs, developers must follow a structured process, which involves sequentially calling multiple APIs. Each API serves a specific purpose in the verification flow, such as initializing a session, processing user-provided data, and verifying results. This step-by-step approach ensures the flow is secure, modular, and flexible.

Key Features of eKYC Flows

1. Session Management

A session is established to maintain context and security for the eKYC process. Developers must initialize a session by calling an API to receive a unique session ID and related configurations.

2. OCR and Data Extraction

OCR technology extracts data (e.g., name, ID number) from the provided documents. An API call triggers the OCR engine, processes the document, and returns structured data.

3. Fraud Detection and Validation

Once data is extracted, APIs validate the information for consistency and detect any signs of fraud or tampering. For example, face-matching APIs may compare a user’s selfie with the photo on their ID.

4. Liveness Check

To prevent spoofing or identity theft, liveness checks verify that the user is physically present during the eKYC process. This step often involves capturing a live video or image of the user.

5. Face Matching and Verification

APIs compare the user’s face with the photo on their ID to ensure a match. This step is crucial for confirming the user’s identity and preventing impersonation.

6. Response and Feedback

After processing, the backend returns a result via APIs, confirming the success or failure of the eKYC process. This response guides the application in proceeding to the next step or retrying the process if necessary.

API Flow in eKYC

A typical eKYC flow involves multiple API calls executed in a precise order to ensure data integrity and security. Here is a general outline of how these steps work:

1. Session Initialization

Call an API to start a new session. This ensures the subsequent steps are part of a secured and monitored flow.

2. OCR and Data Processing

Invoke APIs to perform OCR and extract key information from the uploaded documents.

3. Liveness Check and Face Matching

Call APIs to verify the user’s presence and match their face with the photo on the ID.

By following a structured API flow and adhering to best practices, developers can implement a secure, scalable, and user-friendly eKYC process that meets industry standards and customer expectations.