Skip to content

Integration guide and architecture

Reference Architecture Diagram

The following architecture diagram presents a reference proposal showing the interactions between the different components of the solution. In this diagram, the following assumptions are made.

  • Deployment of the Veridas solution: cloud
  • Personal data storage: In the customer infrastructure.
  • It is assumed that the customer infrastructure is cloud. In case it is on-premises, the architecture diagram is still valid.
  • It is assumed that the identity verification process is performed from the customer APP or website.
  • Customer journey: Document and selfie capture
  • Acceptance criteria: Fully automated, no back-office (no-human-in-the-loop).
  • The architecture includes the following components presented in the document:

    - OCR and ID validation

    - Biometric verification

    - Liveness detection (PAD)

    - Injection attack detection (IAD)

    - Capture technology: SDKs

Reference Architecture diagram

Each step of the architecture diagram is described below.

  1. The user accesses the customer web or APP to perform the customer onboarding and agrees to the terms and conditions of the process provided by the customer.

  2. The customer web or APP communicates with the Customer Central Server to request the initiation of an identity verification process.

  3. The Central Service requests a one-time use token from the Veridas Identity Verification Service (Verids CORE) for the execution of an onboarding process.

  4. The Veridas capture component (XpressID) is launched on the customer web or APP with the above token.

  5. The user captures the front and back of their document or passport.

  6. The user captures a photo selfie.

  7. The Veridas capture component (XpressID) sends the images to the Veridas Identity Verification Service (Veridas CORE).

  8. Veridas Identity Verification Service (Veridas CORE) performs the evidence processing:

    - The OCR is extracted from the document and the document is validated,

    - The biometric comparison between the printed photo and the selfie photo is carried out,

    - A liveness detection is performed on the selfie and

    - It is verified that there is no injection attack.

  9. The Central Service calls the Identity Verification Service (Veridas CORE) to obtain the result of the onboarding process. The OCR, images and validation scores are obtained.

  10. An automatic decision is made to accept or reject the process.

  11. Central Service stores the user's information in the customer database.

  12. The user completes other stages of the verification process unrelated to the Veridas solution. For example, the user provides information about the product to be contracted, credit card, etc.

The identity verification process described above can be used for biometric user enrollment, so that the enrollment selfie can be used later for facial biometric authentication, in the physical or digital environment.

Architecture diagram with back-office agent review

This case is similar to the previous one, but introducing the review of an agent as part of the identity verification process. Therefore, step 10 is replaced by a back-office agent review for all cases, or only for some of them.

Agent review of cases can be performed by Veridas or client agents.

In any case, the user's customer journey is not altered.

Back office Architecture diagram

Architecture diagram with personal data stored in the Veridas cloud

In this architecture diagram, the customer does not have to worry about managing the storage of its users' identities in a database hosted on its infrastructure. In this deployment mode, customer users' personal data is securely stored in the Veridas cloud, applying encryption. In addition, the information is stored in a database with both logical and physical separation.

The use of back-office agents (boi-Das) is optional.

In any case, the user's customer journey is not altered.

Data stored Architecture diagram

Architecture diagram with connection to other services

Architecture diagram

Each step of the complete architecture diagram is described below.

  1. The user accesses the customer web or APP to perform the customer onboarding and agrees to the terms and conditions of the process provided by the customer.

  2. The customer web or APP communicates with the Customer Central Server to request the initiation of an identity verification process.

  3. The Central Service requests a one-time use token from the Veridas Identity Verification Service (Verids CORE) for the execution of an onboarding process.

  4. The Veridas capture component (XpressID) is launched on the customer web or APP with the above token.

  5. The user captures the front and back of their document or passport.

  6. The user captures a photo selfie.

  7. The Veridas capture component (XpressID) sends the images to the Veridas Identity Verification Service (Veridas CORE).

  8. Veridas Identity Verification Service (Veridas CORE) performs the evidence processing.

    - The OCR is extracted from the document and the document is validated

    - The biometric comparison between the printed photo and the selfie photo is carried out

    - A liveness detection is performed on the selfie

    - It is verified that there is no injection attack.

  9. The Veridas Identity Verification Service (Veridas CORE) communicates with those third-party services that are part of the solution. For example, it communicates with a Government service for identity verification, performs a validation of whether the user is PEP or is on a sanctioned list (AML Screening).

  10. The Veridas Identity Verification Service (Veridas CORE) verifies whether the identity is duplicated or belongs to a list of prohibited persons through the Veridas das-FaceBond tool.

  11. The Central Service calls the Identity Verification Service (Veridas CORE) to obtain the result of the onboarding process. The OCR, images and validation scores are obtained.

  12. An automatic decision is made to accept or reject the process. In addition, a review of the back-office agent can be performed for all or some of the cases.

  13. Central Service stores the user's information in the customer database.

  14. The user completes other stages of the verification process unrelated to the Veridas solution. For example, the user provides information about the product to be contracted, credit card, etc.

Architecture diagram for an on-prem solution

In this case, the Veridas identity verification solution can be installed within the customer infrastructure. In this scenario, personal data never leaves the customer infrastructure. This implementation eliminates the call to external services that might also require communication from the customer infrastructure to the outside.

In any case, the user's customer journey is not altered.

Onprem diagram

Integration Review

The below document summarizes general recommendations/improvements, mandatory checks and several weak points an integration may have, so we strongly suggest paying special attention to them before moving forward as not doing so might cause issues in production.

Veridas Integration Review Document for XpressID: Download

Veridas Integration Review Document for Validas+SDKs (Modular onboarding): Download