AutoIdent via IDnow
This guide describes how to implement AutoIdent via IDnow for completing the Re-Know Your Customer (Re-KYC) process in your solution
Introduction
User journey
Below are the steps involved in performing customer KYC using AutoIdent via IDnow:
- You initiate the identification request with Solaris, and Solaris forwards the customer data to IDnow.
- Customer will be redirected to IDnow to complete the identification process via the IDnow SDK. Note the list of accepted documents by IDnow here.
- IDnow will prompt the customer to begin an AutoIdent session (either in English or in German). The customer must provide the government-issued identification document (e.g., Passport, ID-card, Driver's license)
-
During the AutoIdent session, the following steps will occur:
- Customer will provide the necessary details to start the identification process.
- Customer will scan the ID document and take a liveness check.
- Once the process completes, the customer will be redirected to your frontend.
Eligibility
This identification method is available for customers residing in Germany. It cannot be used for first-time identification but is valid for re-KYC processes and specific authentication use cases, rather than full identification. For further details and guidance on its applicability, please consult your Partner Manager.
IDnow integration
In addition to the Solaris technical prerequisites, you must also integrate IDnow into your solution. You can achieve this either using IDnow's mobile SDKs (available for iOS and Android) or using their webview APIs (for desktop).
For instructions on how to set up IDnow in your solution, see the following IDnow documentation links:
-
Mobile:
-
Mobile:
-
Desktop (Webview):
Webhooks
You must subscribe to the following webhook events to ensure that your system receives notifications for crucial events in the identification process. For detailed instructions on implementing Solaris webhooks, see the webhooks documentation.
Create the identification resource for the customer
Initiate the Re-KYC process by creating an identification resource for the customer. This resource sets various parameters for the identification process and stores the results returned by IDnow.
API reference
For a complete list of endpoints, properties, and examples related to customer identification (KYC), visit the following link:
note
- The previous link includes all endpoints for different KYC methods. This section includes the relevant endpoints required for Autoident with IDnow.
Related webhook events
POST Create identification
Call this endpoint to create an identification resource for the person specified in the request URL, and add the following properties to the request body:
method: The identification method to use. In this case, set the value toidnow_autoident.language: The customer's preferred language for the identification process. Possible values areENandDE.
attention
Note that this endpoint does not actually trigger the identification process with the provider. Calling the PATCH Request an identification endpoint will trigger the process.
Request example
POST /v1/persons/{person_id}/identifications
{
"method": "idnow_autoident",
"language": "DE",
}Response example
The API call will return an identification object with a unique id (i.e., identification_id) and an initial status of created.
{
"id": "53e2e4c098045c12cd7249b2b9b2de51cidt",
"reference": null,
"url": null,
"status": "created",
"completed_at": null,
"method": "idnow_autoident",
"proof_of_address_type": "GAS_BILL",
"proof_of_address_issued_at": "2022-09-21",
"language": "DE",
"iban": null,
"terms_and_conditions_signed_at": null,
"authorization_expires_at": null,
"confirmation_expires_at": null
}Click here to view the full API reference.
PATCH Request person identification
Call this endpoint to trigger the identification flow with IDnow for the specific customer.
Request URL
PATCH /v1/persons/{person_id}/identifications/{id}/requestResponse example
The API call returns the identification object with the status pending. The status will remain pending until the customer completes the identification. Additionally, the payload includes the following key properties:
urlThe URL to complete the identification process in webview.reference: An internal IDnow identification token for the session (format: ABCDEFGH). Do not share this with the customer under any circumstances.
{
"id": "53e2e4c098045c12cd7249b2b9b2de51cidt",
"reference": "TS2-ADLSU",
"url": "https://go.test.idnow.de/solarisbankautosandbox/identifications/53e2e4c098045c12cd7249b2b9b2de51cidt",
"status": "pending",
"completed_at": null,
"method": "idnow_autoident",
"proof_of_address_type": "GAS_BILL",
"proof_of_address_issued_at": "2022-09-21",
"language": "DE",
"iban": null,
"terms_and_conditions_signed_at": null,
"authorization_expires_at": null,
"confirmation_expires_at": null,
"estimated_waiting_time": 60
}Click here to view the full API reference.
GET Retrieve person identification
Once the identification completes successfully, call this endpoint to retrieve the finalized person identification. If you use the include_documents filter, the API will also return the documents submitted by the customer during the process. To download any of these documents, use the document's unique id to call the document download endpoints.
Request URL
GET /v1/persons/{person_id}/identifications/{id}Click here to view the full API reference.
Other identification endpoints
- GET Index identifications for a person
- POST Upload documents for a person identification
- GET List the IDnow attempts of a person identification
- GET List IDnow legitimation data.
After the customer successfully complete the AutoIdent process, you can download the documents submitted during the identification session using our document-related endpoints here.
Testing
IDnow offers test scenarios to simulate different outcomes for the identification process. To trigger a test scenario, you can create a person resource and set the first_name or last_name to one of the following prefixes and the name of the relevant test case. The format is as follows:
{{Test scenario}}-{{Test case}}Example:
X-MANUALTEST-HAPPYPATHTest scenarios
| Prefix | Description |
|---|---|
X-MANUALTEST |
Performs a test where you can use the web or app, but the agent is automated. |
The available test scenarios are as follows:
| Test Case | Description |
|---|---|
HAPPYPATH |
Ident result will be Success |
CANCELED |
Ident result will be FRAUD_SUSPICION_CONFIRMED with the reason WARNING_FAKED_MANIPULATED_ID |
FRAUDIDENT |
Ident result will be FAILED with the reason OTHER_ERROR |
Happy path test tutorial
Complete the following steps to simulate a successful identification workflow with IDnow on Sandbox.
1. Create a person
Create a person resource using the following endpoint and set the value of the first_name field to X-MANUALTEST-HAPPYPATHto trigger the HAPPYPATH scenario and any value for the last_name in the request body.
Request
POST /v1/persons
{
"first_name": "X-MANUALTEST-HAPPYPATH",
"last_name": "{{random_name}}"
}2. Create an identification resource
Create an identification resource and specify the identification method as idnow_autoident in the request body of the following endpoint. Add the person_id returned from the previous API call to the request URL.
Request example
POST /v1/persons/{person_id}/identifications
{
"method": "idnow_autoident"
}3. Trigger the identification
To trigger the identification flow, call the following endpoint, using the person_id and the identification id returned from the previous API call in the request URL.
Request example
PATCH /v1/persons/{person_id}/identifications/{id}/requestResponse example
The API call will return the details of a test AutoIdent session, including url (for web browser) and reference (for mobile app).
{
"id": "24e9967b0d14ac8b123e45efccbf8164cidt",
"reference": "TS2-YDEKT",
"url": "https://go.test.idnow.de/solarisbankautosandbox/identifications/24e9967b0d14ac8b123e45efccbf8164cidt",
"status": "pending",
"completed_at": null,
"method": "idnow_autoident",
"proof_of_address_type": null,
"proof_of_address_issued_at": null,
"language": null,
"iban": null,
"terms_and_conditions_signed_at": null,
"authorization_expires_at": null,
"confirmation_expires_at": null,
"estimated_waiting_time": 60
}4. Complete the identification flow
Depending on whether you want to test the identification on the web browser or IDnow mobile application, you can click on the URL to go to the web browser session or enter the reference in the mobile app.
Afterwards, you'll be directed to the AutoIdent flow where you have to:
- Enter any mobile number that starts with 0 or you can use the static value: +15550101, check all boxes and click on Start identification.
- The flow will start and you'll start seeing different pop-ups with instructions, simulating what would happen in a real AutoIdent session.
- The flow goes to the successful stage and the verification data will be submitted.
- Afterward, you can call the following endpoint, which will show the identification
statusassuccessful. Additionally, the webhook eventIDENTIFICATIONwill be triggered as well after a successful identification.
Request URL:
GET /v1/persons/{person_id}/identificationsWhat's next?
Congratulations! You have successfully completed the customer KYC process using IDnow AutoIdent
Check the following appendices for more information on enum values and testing data.
For an overview of other KYC methods, check the identity products overview page.
Useful resources
Check the following links for additional related guides and API reference documentation:
Appendix I: Enums
Document types
The following table includes the possible values for the field document_type and their descriptions.
| Enum | Description |
|---|---|
ANNUAL_FINANCIAL_STATEMENT |
A business or a company's annual financial statement. |
KYC_REPORT |
The KYC report generate after a successful customer identification. |
ID_DOCUMENT |
An person's identification document, such as passport or ID. |
SIGNATURE |
A signature example. |
PICTURE |
A picture or a scanned document of any other type. |
QES_DOCUMENT |
A document related to a Qualified Electronic Signature (QES). |
SIGNED_CONTRACT |
A signed contract of any kind. |
SIGNED_QES_DOCUMENT |
A document signed by a Qualified Electronic Signature (QES). |
REGISTER_CHECK |
A register check. |
REGISTER_EXTRACT |
A business or a company's commercial register excerpt or a similar document. |
FOUNDATION_DOCUMENT |
The foundation document of a company or business. |
SCHUFA_COMPACT_REPORT |
A compact SCHUFA report. |
SCHUFA_GWG_REPORT |
A GWG SCHUFA report. |
SCHUFA_FULL_REPORT |
A full SCHUFA report about a person. |
SCHUFA_SHORT_REPORT |
A short SCHUFA report about a person. |
CREDIT_AGENCY_REPORT |
A report issued by a credit agency. |
SHARE_HOLDERS_AGREEMENT |
A business or a company's shareholders agreement. |
SHAREHOLDERS_LIST |
A business or a company's shareholders list. |
TRADING_LICENSE |
A business or a company's trading license. |
TRANSPARENCY_REGISTER_EXTRACT |
An extract of a transparency register. |
INVOICE |
An invoice of any kind. |
OTHER |
Any other type of document. |
VIDEO |
A video of any kind. |
VAT_CERTIFICATE |
VAT registration certificate |
IDow status values
The following table includes the possible values for the field status for the AutoIdent process carried out by IDnow and the related description of each status.
| Status | Description |
|---|---|
created |
The identification resource has been created for the customer. |
pending |
The identification process has been triggered and the AutoIdent URL and reference are generated. You must redirect the customer to the URL to complete the identification process with IDnow. |
pending_failed |
The identification is currently under review. You cannot offer banking services to the customer at this stage. The identification might eventually turn to successful, but it is unlikely. |
successful |
The AutoIdent was successful. Please note that the customer's data might have been updated during the identification session. |
aborted |
The customer aborted the identification process. The customer can still identify using the same URL(if not expired). |
canceled |
The provider canceled the auto identification. The customer should identify again using the same URL (if not expired). |
failed |
The identification process was unsuccessful. |
IDnow provides a reason whenever the identification has a canceled or
aborted status. No reason can be disclosed for the final failed status.
IDnow failure codes
The following table describes the possible failure or cancellation reasons for AutoIdent.
| Failure reason | Description |
|---|---|
| ABORTED | |
| USER_CANCELLATION_DOCUMENT_NOT_ACCEPTED | User’s ID document is not accepted for the verification process |
| USER_CANCELLATION_DOCUMENT_EXPIRED | User cannot continue the verification process due to an expired ID document |
| USER_CANCELLATION_UNDERAGE | User is underage and is not allowed to continue the verification process |
| USER_CANCELLATION_CAMERA_ACCESS_DENIED | User does not allow camera permission in the app |
| USER_CANCELLATION_TERMS_DENIED | User does not accept the terms and conditions |
| USER_CANCELLATION_SELFIE_NOT_READY | User is not ready for a selfie |
| USER_CANCELLATION_APP_NOT_SCANNING | User aborts as the app is not scanning the document |
| USER_CANCELLATION_ESIGNING_REJECTED | User does not accept the esigning request |
| USER_CANCELLATION_ESIGNING_NAME_CONFIRMATION_REJECTED | User’s name is specified incorrectly (This applies only to the QES/Signing flow) |
| USER_CANCELLATION_INCORRECT_PHONE_NUMBER | User aborts as the phone number is specified incorrectly |
| USER_CANCELLATION_IDENTIFY_LATER | User wants to identify later |
| USER_CANCELLATION_USER_NOT_INTERESTED | User is not interested in performing the identity verification |
| USER_CANCELLATION_APP_NOT_RESPONDING | User aborts because the app is not responding |
| USER_CANCELLATION_PRIVACY_CONCERNS | User aborts due to privacy concerns |
| USER_CANCELLATION_DOCUMENT_NOT_AVAILABLE | User does not have the ID document available and aborts |
| APP_CANCELLATION_APPROVAL_PHRASE_RETRY_LIMIT_REACHED | This is used in the QES/esign flow when the app is unable to retrieve the approval phrases from the backend after multiple retries |
| APP_CANCELLATION_APPROVAL_PHRASE_NO_CONTRACT | App encounters a technical error in the Approval Phrases step in QES/esign |
| APP_CANCELLATION_APPROVAL_PHRASE_INSUFFICIENT_DOCUMENT_COUNT | In the Approval Phrases step for QES/esign, the required number of documents to be signed are not received from backend |
| APP_CANCELLATION_OTP_MATCH_LIMIT_REACHED | In the OTP Authentication step, the user has reached the allowed limit for number of OTP entries and cannot try again |
| APP_CANCELLATION_TSP_TECHNICAL_EXCEPTION | App encounters a technical error from the TSP side. If this error state does not resolve after multiple automatic retries, the user cannot proceed further and the ident is aborted with this reason |
| CANCELLED | |
| ID_BLURRY | Document is blurry and mandatory data cannot be read due to the blur. |
| ID_GLARE | Document has glare and mandatory data cannot be read due to the glare. |
| ID_DARKNESS | Pictures of the document are dark and it is not possible to read the mandatory data or verify the authenticity of the document. |
| ID_DATA_COVERED | Mandatory data is covered by the user while taking the picture |
| ID_PERSPECTIVE | Document is positioned at such an angle that mandatory data cannot be read or document cannot be verified |
| ID_DATA | Mandatory data cannot be read on the document |
| ID_DATA_OTHER | Any other reason due to which mandatory data cannot be read |
| ID_NOT_SUPPORTED | Document used during the identification is not supported for the customer’s use case |
| ID_EXPIRED | Document used during the identification is expired |
| ID_WRONG_SIDE | Wrong side of the document is scanned during the process |
| ID_OUTWORN | Document is worn out. Either data cannot be read or the document cannot be verified |
| ID_HAS_STICKER | Document has such stickers which are not acceptable and the document is considered as damaged document |
| ID_WRITTEN_ON | Document has text written over it which makes the document not readable or not verifiable. If the sticker is legit one and added by the authorities while issuing the document then the document will be acceptable and not cancelled due to this reason |
| ID_BROKEN | Document used during the identification is broken |
| ID_DAMAGED | Document used during identification is a damaged document |
| ID_DAMAGED_OTHER | Any other reason for a damaged document |
| ID_SECURITY_FEATURE_NOT_VISIBLE_NOT_FRAUD | Security features of the document are not visible because user did not move the document correctly |
| ID_SECURITY_FEATURE_VIDEO_SHORT | Security feature video is too short to detect if there are holograms in the document |
| ID_SECURITY_FEATURE_VIDEO_CANNOT_BE_PLAYED | Security feature video cannot be played for the agent to review holograms |
| ID_SECURITY_FEATURE_OTHER | Any other issues with the security feature video |
| ID_SECOND_DOCUMENT | If two documents are required for the identification process, the user needs to photograph two different documents (i.e. ID + Driver’s license) - If the second required ID document is not available, the ident will be cancelled |
| ID_SECOND_DOCUMENT_BAD_PHOTO_QUALITY | Photo quality of the additional document in the process is not acceptable |
| ID_SECOND_DOCUMENT_DAMAGED | Additional document used in the identification process is severely outworn, written or drawn on, ripped or broken |
| ID_SECOND_DOCUMENT_EXPIRED | Additional document used in the identification process is an expired document |
| ID_SECOND_DOCUMENT_OTHER | Any other issues with the additional document used in the identification process |
| ID_NEED_ADDITIONAL_DOCUMENT | Additional document like Driver’s License is missing in the identification process but it was required |
| ID_OTHER | Any other issues with the document used in the identification process |
| USER_INVOICE_MISSING | Customer needs proof of address from the user as the additional document but user did not provide it in the identification process |
| USER_OBSCURED | User has covered the face during the face comparison process unintentionally like wearing the face mask |
| SELFIE_BLURRY | Selfie taken by the user is blurry and cannot be used to compare the face with the identification document |
| SELFIE_GLARE | Photo of the user on the ID document has glares and selfie cannot be compared with it |
| SELFIE_DARKNESS | Selfie taken by the user is too dark to compare the face of the person with the photo on the identification document |
| SELFIE_PERSPECTIVE | Selfie taken by the user is on such an angle that it is not possible to compare it with the photo on the identification document |
| SELFIE_OTHER | Any other issues with the selfie which restrict ident specialist to compare the selfie of the user with the photo on the identification document |
| IDENT_CANNOT_BE_COMPLETED | Due to a technical reason, ident specialist cannot finish the identity verification process. |
| IDENT_DISPLAY_ERROR | Due to a technical reason, ident specialist cannot see the data submitted by the user in the identification process. |
| IDENT_OTHER | Any other reason due to which the identification process cannot be completed by the ident specialist. |
| TSP_WRONG_CONFIRMATION_TOKEN | A wrong signing code was entered by the user during the signing step. (Only when using Autodent with QES / eSign) |
| TSP_SIGNING_FAILED | The signing process failed due to any technical error. (Only when using Autodent with QES / eSign) |
| TSP_CERTIFICATE_EXPIRED | Signing certificates are valid for an hour. The final signing step took more than an hour from the time of certificate generation. (Only when using Autodent with QES / eSign) |
| ID_SECURITY_FEATURE_VIDEO_FILE_MISSING | If enabled, the system automatically cancels an ident when the 'Security Features' (Hologram) video is not saved due to any technical error, and is hence missing from the final result (zip) file. |
| FRAUD_SUSPICION_CONFIRMED | |
| WARNING_SELFIE_REAL_PERSON | User that performed the identification is a real person but the selfie does not match with the face on the document. |
| WARNING_SELFIE_NO_REAL_PERSON | Selfie taken in the identification process is not of a real person. For example, the selfie taken is a photo of a picture. |
| WARNING_SELFIE_DISGUISED | User intentionally disguised the face by wearing a mask or in some other way. |
| WARNING_MANIPULATED_DATA | Data is manipulated on the Identification document. |
| WARNING_MANIPULATED_PHOTO | Photo of the person is manipulated on the Identification document. |
| WARNING_FAKED_SECURITY_FEATURES | Security features like holograms on the Identification document are not real. |
| WARNING_PAPER_PRINT | The Identification document is not real but a printout taken on a paper. |
| WARNING_DIGITAL_DOCUMENT | Identification document image is taken from a digital screen (from laptop, from mobile or from any other screen). |
| WARNING_FAKED_SPECIMEN | Identification document is a specimen document and not a real document. |
| WARNING_USER_UNDERAGE | User is below the age required to access the customer’s service. |
| WARNING_DIGITAL_SELFIE | Selfie is taken from a digital screen (from laptop, from mobile or from any other screen). |
| WARNING_MONEY_MULE | User is duped by fraudster to perform identification on fraudster’s behalf. |
| WARNING_NAME_COMPARISON | Considerable inconsistency between user’s name and document. |
| WARNING_SCAN | Identification document is a facsimile. |
| WARNING_FRAUD_OTHER | Any other type of fraud identified during the verification process by Ident specialist. |
Identification documents
- List of accepted ID documents for AutoIdent via IDnow: here
List of passports with address
The following table lists all ID types that include the bearer's address, which you can use to perform identification without having to provide a proof of address document.
| Document | Issuer Country | Type (ID/PP) |
|---|---|---|
| BGR-AO-01005 | Bulgaria | Passport |
| CHN-AO-04003 | China | Passport |
| HRV-BO-02001 | Croatia | ID |
| HRV-AO-02001 | Croatia | Passport |
| CZE-BO-04001 | Czech Republic | ID |
| CZE-BO-04002 | Czech Republic | ID |
| FRA-BO-02002 | France | ID |
| FRA-AO-03001-03003 | France | Passport |
| DEU-BO-01003 | Germany | ID |
| DEU-BO-02001 | Germany | ID |
| IND-AO-01001 | India | Passport |
| ITA-BO-04003 | Italy | ID |
| ITA-BO-03004 | Italy | ID |
| ITA-BO-03002 | Italy | ID |
| ITA-BO-03001 | Italy | ID |
| ITA-BO-03003 | Italy | ID |
| MLT-BO-02001 | Malta | ID |
| MLT-BO-03001 | Malta | ID |
| MAR-AO-02001 | Morocco | Passport |
| POL-BO-02001-02003 | Poland | ID |
| SGP-BO-01001-A | Singapore | ID |
| SGP-BO-01001 | Singapore | ID |
| SVK-BO-02001 | Slovakia | ID |
| SVK-BO-05001 | Slovakia | ID |
| SVK-BO-04001 | Slovakia | ID |
| SVN-AO-02001-02003 | Slovenia | Passport |
| SVN-AO-02004 | Slovenia | Passport |
| SVN-BO-02001 | Slovenia | ID |
| SVN-AO-01004 | Slovenia | Passport |
| ESP-BO-03001 | Spain | ID |
| ESP-BO-05001 | Spain | ID |
Appendix II: IDnow status transitions
Only the following transitions can occur during an IDnow identification session:
Case 1: Happy path
created → pending → successful
Case 2: Suspicion of fraudulent behavior by IDnow that was not confirmed. Identification was marked as successful after review.
created → pending → canceled → successful
Case 3: Fraudulent behavior was detected during a review of an identification that was previously marked as successful.
created → pending → successful → canceled
