Professional Documents
Culture Documents
Copyright:
Jumio Inc. 268 Lambert Avenue, Palo Alto, CA 94306
Contents
Netverify Web Implementation Guide ....................................................................................... 1
Contents.................................................................................................................................. 2
Release notes ...................................................................................................................... 4
Contact ................................................................................................................................ 5
Embedding Netverify into your page ..................................................................................... 6
Initiating the transaction..................................................................................................... 6
Displaying and configuring your Netverify client ................................................................ 8
Redirecting the customer after the user journey ............................................................... 9
Callback ............................................................................................................................... 9
Using Netverify redirect........................................................................................................ 10
Customizing your landing page ......................................................................................... 10
Initiating the transaction................................................................................................... 12
Using the initiateNetverify API ..................................................................................... 12
Using the Jumio merchant backend ............................................................................. 14
Calling your landing page .................................................................................................. 14
Redirecting the customer after the user journey ............................................................. 14
Callback ............................................................................................................................. 15
Embedding Netverify Multi Document ................................................................................ 16
Initiating the transaction................................................................................................... 16
Supported documents ...................................................................................................... 17
Displaying and configuring your Netverify Multi Document client .................................. 19
Redirecting the customer after the user journey ............................................................. 19
Callback ............................................................................................................................. 20
Using performNetverify ........................................................................................................ 21
Global Netverify APIs ............................................................................................................ 24
Supported IDs.................................................................................................................... 24
Accepted IDs ..................................................................................................................... 25
Callback ................................................................................................................................. 27
Netverify............................................................................................................................ 27
Netverify Multi Document ................................................................................................ 34
Global Netverify settings ...................................................................................................... 36
Application settings........................................................................................................... 36
Customize client ................................................................................................................ 36
2
Release notes
Version
1.7.5
1.7.4
1.7.3
Date
2014-04-23
2014-03-11
2014-02-03
1.7.2
2014-01-14
1.7.1
2013-12-17
1.7.0
2013-11-13
1.6.12
2013-10-29
1.6.11
2013-10-14
1.6.10
2013-09-24
1.6.9
2013-09-10
1.6.8
2013-08-13
1.6.7
2013-08-01
1.6.6
1.6.5
2013-07-17
2013-06-27
1.6.4
1.6.3
2013-05-28
2013-05-14
1.6.2
2013-05-02
Description
Added supported cipher suites during SSL handshake (TLS required)
Introduced data deletion
Introduced manual transaction setup for Netverify redirect
Added "User-Agent" header for callback image URL requests
Enhanced supported documents for Netverify Multi Document
initiateNetverifyRedirect parameter "successUrl" and "errorUrl" not mandatory anymore
Removed "callbackEmail" API parameters and related application setting
Changed performNetverify RESTful URL from v1 to v2
Added parameters "faceImage" and "faceImageMimeType" for performNetverify face match
Success and error URLs should be HTTPS using the TLS protocol
Removed custom HTTP GET parameters for the Netverify redirect landing page
Added callback parameters postalCode and city for Raw address format
Added HTTP status code 403 Forbidden for all RESTful APIs
Added scan state explanations in the sections "Redirecting the customer after the user
journey" and "Callback"
Added footnotes 7 and 8 in the Netverify callback table
Introduced RESTful supportedIdTypes and acceptedIdTypes APIs
Changed "Mandatory fields" to "Data settings" separating mandatory and optional fields
Added HTTP GET method restriction for callback image retrieval
Changed RESTful URL getSupportedDocumentTypes to supportedDocumentTypes
Parameters "customerId" and "additionalInformation" should not contain sensitive data
Parameter "merchantIdScanReference" must not contain sensitive data
Added "User-Agent" header for all RESTful APIs
Added callback parameter "merchantReportingCriteria"
Added reject reason code 108 for MRZ_CHECK_FAILED
Removed reject reason code 208 for NOTHING_SHOWN
Removed createDocumentAcquisition parameters "firstName", "lastName" and "country"
Added maximum file size for performNetverify parameters "frontsideImage" and
"backsideImage"
Added color customization in Netverify settings
Deprecated callback email
createDocumentAcquisition parameter "country" not mandatory anymore
Added parameter "merchantReportingCriteria" to the createDocumentAcquisition API and
the Netverify Multi Document callback
Corrected values of "idUsState" parameter for initiateNetverify, initiateNetverifyRedirect,
performNetverify and the Netverify callback
Corrected data types for all APIs from Java types to JSON types
Added callback parameter "rejectReason"
Enhanced "Accepted IDs" settings
Enhanced "idAddress" callback parameter with EU and Raw format
Added "additionalInformation" parameter for initiateNetverify, initiateNetverifyRedirect and
performNetverify
Added additional information input field for Netverify redirect
Added callback parameter "additionalInformation"
Added value "UNSUPPORTED" for callback parameter "idType"
Added locale specific settings for Netverify redirect
Added value "idAddress" to the "enabledFields" parameter
Added French, Italian, Portuguese and Spanish localizations
Added maximum field lengths for all JSON parameters
Corrected values of callback parameter "idScanSource"
Corrected value "ID_CARD" of callback parameter "idType"
Added Finnish, Norwegian, Polish, Russian and Swedish localization
Introduced face match in Jumio merchant settings and callback
Added HTTP GET parameter "merchantIdScanReference" in the success and error redirect
URLs for embedded Netverify
Added new callback field "idScanSource"
Added IP addresses for the callback
Added maximum parameter lengths for callback fields
1.6.1
1.6.0
2013-04-16
2013-04-03
1.5.1
1.5.0
2013-03-05
2013-03-04
1.4.2
1.4.1
1.4.0
1.3.0
2013-02-18
2013-02-14
2013-02-13
2012-12-18
1.2.4
1.2.3
2012-11-27
2012-10-30
1.2.2
2012-10-03
1.2.1
1.2.0
1.1.2
2012-08-23
2012-08-17
2012-07-18
1.1.1
2012-06-27
1.1.0
1.0.2
1.0.1
1.0.0
2012-06-15
2012-05-30
2011-03-06
2011-03-01
Contact
If you have any questions regarding our implementation guide please contact Jumio
Customer Service at support@jumio.com or https://support.jumio.com. The Jumio online
helpdesk contains a wealth of information regarding our service including demo videos,
product descriptions, FAQs and other things that may help to get you started with Jumio.
Check it out at: https://support.jumio.com.
Accept: application/json
Content-Type: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/VERSION
SSL handshake: The TLS protocol is required (see Supported cipher suites chapter) and we
strongly recommend using the latest version.
Note: Calls with missing or suspicious headers, suspicious parameter values, or without HTTP
Basic Authentication will result in HTTP status code 403 Forbidden.
Request parameters
Note: Mandatory JSON parameters are highlighted.
Parameter
merchantIdScanReference
Type
String
Max. length
100
successUrl *
String
255
errorUrl *
String
255
enabledFields
String
100
Description
Your reference for each scan must not contain
sensitive data like PII (Personally Identifiable
Information) or account login
Redirect URL in case of success. This setting
overrides your Jumio merchant settings. We
strongly recommend providing an HTTPS URL
using the TLS protocol (ports are not allowed).
* Mandatory if not specified in your Jumio
merchant settings.
Redirect URL in case of error. This setting
overrides your Jumio merchant settings. We
strongly recommend providing an HTTPS URL
using the TLS protocol (ports are not allowed).
* Mandatory if not specified in your Jumio
merchant settings.
Defines which fields must be processed during
the ID verification. This setting overrides your
authorizationTokenLifetime
Number
Max. value:
2147483647
merchantReportingCriteria
callbackUrl
String
String
100
255
locale
String
100
clientIp
customerId
String
String
100
100
firstName
lastName
country
usState
String
String
String
String
100
100
3
100
expiry
number
dob
idType
personalNumber
mrzCheck
String
String
String
String
String
Boolean
additionalInformation
String
100
255
14
100
Response parameters
Parameter
timestamp
Type
String
Max. length
Description
Timestamp of the response in the format YYYY-MMDDThh:mm:ss.SSSZ
authorizationToken
String
36
jumioIdScanReference
String
36
Sample request
POST https://netverify.com/api/netverify/v2/initiateNetverify HTTP/1.1
Accept: application/json
Content-Type: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/x.x.x
Authorization: Basic
{
"merchantIdScanReference": "YOURSCANREFERENCE",
"successUrl": "https://www.your-site.com/sucess",
"errorUrl": "https://www.your-site.com/error"
}
Sample response
{
"timestamp": "2012-08-16T10:27:29.494Z",
"authorizationToken": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"jumioIdScanReference": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
Type
String
locale
String
Description
Your transaction-specific authorization token
Locale of the Netverify client:
"de" German
Description
"SUCCESS" or "ERROR"
Your reference for each scan
Jumios reference number for each scan
Note: HTTP GET parameters can be manipulated on the client side and may be used for
display purposes only. It is also possible to set success and error URLs to the same address,
because you can get the status from the URLs query parameter "idScanStatus".
Sample redirect URL
https://www.yoursite.com/success?idScanStatus=SUCCESS&merchantIdScanReference=YOURIDSCANREFERENCE&j
umioIdScanReference=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Callback
The callback is the authoritative answer from Jumio. Specify a callback URL (see Global
Netverify settings chapter) to receive the ID verification result for each scan (see Callback
chapter).
10
11
Accept: application/json
Content-Type: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/VERSION
SSL handshake: The TLS protocol is required (see Supported cipher suites chapter) and we
strongly recommend using the latest version.
Note: Calls with missing or suspicious headers, suspicious parameter values, or without HTTP
Basic Authentication will result in HTTP status code 403 Forbidden.
Request parameters
Note: Mandatory JSON parameters are highlighted.
Parameter
merchantIdScanReference
Type
String
Max. length
100
customerId
String
100
successUrl
String
255
errorUrl
String
255
enabledFields
String
100
12
Description
Your reference for each scan must not contain
sensitive data like PII (Personally Identifiable
Information) or account login
Identification of the customer should not contain
sensitive data like PII (Personally Identifiable
Information) or account login
Redirect URL in case of success. This setting
overrides your Jumio merchant settings. We
strongly recommend providing an HTTPS URL
using the TLS protocol (ports are not allowed).
Redirect URL in case of error. This setting
overrides your Jumio merchant settings. We
strongly recommend providing an HTTPS URL
using the TLS protocol (ports are not allowed).
Defines which fields must be processed during
authorizationTokenLifetime
Number
Max. value:
2147483647
merchantReportingCriteria
callbackUrl
String
String
100
255
locale
String
100
clientIp
firstName
lastName
country
usState
String
String
String
String
String
100
100
100
3
100
expiry
number
dob
idType
personalNumber
mrzCheck
String
String
String
String
String
Boolean
additionalInformation
String
100
255
14
100
Response parameters
Parameter
timestamp
Type
String
Max. length
Description
Timestamp of the response in the format YYYY-MMDDThh:mm:ss.SSSZ
13
authorizationToken
String
36
clientRedirectUrl
jumioIdScanReference
String
String
255
36
Sample request
POST https://netverify.com/api/netverify/v2/initiateNetverifyRedirect HTTP/1.1
Accept: application/json
Content-Type: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/x.x.x
Authorization: Basic
{
"merchantIdScanReference": "YOURSCANREFERENCE",
"customerId": "CUSTOMERID",
"successUrl": "https://www.your-site.com/success",
"errorUrl": "https://www.your-site.com/error"
}
Sample response
{
"timestamp": "2012-08-16T10:27:29.494Z",
"authorizationToken": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"clientRedirectUrl": "https://[your-domainprefix].netverify.com/v2?authorizationToken=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"jumioIdScanReference": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
14
Callback
The callback is the authoritative answer from Jumio. Specify a callback URL (see Global
Netverify settings chapter) to receive the ID verification result for each scan (see Callback
chapter).
15
Accept: application/json
Content-Type: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/VERSION
SSL handshake: The TLS protocol is required (see Supported cipher suites chapter) and we
strongly recommend using the latest version.
Note: Calls with missing or suspicious headers, suspicious parameter values, or without HTTP
Basic Authentication will result in HTTP status code 403 Forbidden.
Request parameters
Note: Mandatory JSON parameters are highlighted.
Parameter
documentType
Type
String
Max. length
100
merchantScanReference
String
100
customerID
String
100
successUrl *
String
255
errorUrl *
String
255
16
Description
Expected document type
You receive possible parameters by calling the
RESTful API supportedDocumentTypes (see
Supported documents section).
Your reference for each scan must not contain
sensitive data like PII (Personally Identifiable
Information) or account login
Identification of the customer should not contain
sensitive data like PII (Personally Identifiable
Information) or account login
Redirect URL in case of success. This setting
overrides your Jumio merchant settings. We
strongly recommend providing an HTTPS URL
using the TLS protocol (ports are not allowed).
* Mandatory if not specified in your Jumio
merchant settings.
Redirect URL in case of error. This setting
authorizationTokenLifetime
Number
Max. value:
2147483647
merchantReportingCriteria
callbackUrl
String
String
100
255
clientIp
String
100
Response parameters
Parameter
jumioScanReference
authorizationToken
Type
String
String
Timestamp
String
Max. length
36
36
Description
Jumios reference number for each scan
Authorization token, which is valid for the authorization
token lifetime
Timestamp of the response in the format YYYY-MMDDThh:mm:ss.SSSZ
Sample request
POST https://netverify.com/api/netverify/v2/createDocumentAcquisition HTTP/1.1
Accept: application/json
Content-Type: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/x.x.x
Authorization: Basic
{
"documentType": "CC",
"merchantScanReference": "YOURSCANREFERENCE",
"customerID": "CUSTOMERID",
"successUrl": "https://www.your-site.com/sucess",
"errorUrl": "https://www.your-site.com/error"
}
Sample response
{
"jumioScanReference": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"authorizationToken": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"timestamp": "2013-02-25T10:27:29.494Z"
}
Supported documents
Call the RESTful HTTP GET API supportedDocumentTypes to receive a JSON response
including code and name of all supported documents.
REST URL: https://netverify.com/api/netverify/v2/supportedDocumentTypes
17
Authentication: The supportedDocumentTypes API call is protected. To access it, use HTTP
Basic Authentication with your merchant API token as the "userid" and your API secret as
the "password".
Header: The following parameters are mandatory in the "header" section of your request.
Accept: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/VERSION
SSL handshake: The TLS protocol is required (see Supported cipher suites chapter) and we
strongly recommend using the latest version.
Note: Calls with missing or suspicious headers, suspicious parameter values, or without HTTP
Basic Authentication will result in HTTP status code 403 Forbidden.
Response parameters
Parameter
timestamp
Type
String
supportedDocumentTypes
Array
Description
Timestamp of the response in the format YYYY-MMDDThh:mm:ss.SSSZ
Array of supported documents
Parameter
"supportedDocumentTypes"
code
name
Type
Max. length
Description
String
String
2
255
Sample request
GET https://netverify.com/api/netverify/v2/supportedDocumentTypes HTTP/1.1
Accept: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/x.x.x
Authorization: Basic
Sample response
{
"timestamp":"2014-01-22T13:38:12.750Z",
"supportedDocumentTypes":[{"code":"BS","name":"Bank
statement"},{"code":"CC","name":"Credit card"},{"code":"IC","name":"Insurance
card"},{"code":"UB","name":"Utility bill"},{"code":"CAAP","name":"Cash advance
application"},{"code":"CRC","name":"Corporate resolution
certificate"},{"code":"CCS","name":"Credit card
statement"},{"code":"LAG","name":"Lease agreement"},{"code":"LOAP","name":"Loan
application"},{"code":"MOAP","name":"Mortgage
application"},{"code":"TR","name":"Tax return"},{"code":"VT","name":"Vehicle
title"},{"code":"VC","name":"Voided check"},{"code":"STUC","name":"Student
card"},{"code":"HCC","name":"Health care card"},{"code":"CB","name":"Council
bill"},{"code":"SENC","name":"Seniors card"},{"code":"MEDC","name":"Medicare
card"},{"code":"BC","name":"Birth certificate"},{"code":"WWCC","name":"Working with
children check"},{"code":"SS","name":"Superannuation
statement"},{"code":"TAC","name":"Trade association
card"},{"code":"SEL","name":"School enrolment letter"},{"code":"PB","name":"Phone
bill"}]
}
18
Type
String
locale
String
Description
Your transaction-specific authorization token
Locale of the Netverify Multi Document client:
"de" German
"en" American English (default)
"en_GB" British English
"es" Spanish
"fi" Finnish
"fr" French
"it" Italian
"no" Norwegian
"pl" Polish
"pt" Portuguese
"ru" Russian
"sv" Swedish
"tr" Turkish
19
Parameter
documentStatus
merchantScanReference
jumioScanReference
Description
SUCCESS (in any expected case)
ERROR (in case of an unexpected error)
Your reference for each scan
Jumios reference number for each scan
Note: HTTP GET parameters can be manipulated on the client side and may be used for
display purposes only. It is also possible to set success and errors URL to the same address,
because you can get the status from the URLs query parameter "documentStatus".
Sample redirect URL
https://www.yoursite.com/success?merchantScanReference=YOURIDSCANREFERENCE&documentStatus=SUCCESS&j
umioScanReference=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Callback
The callback is the authoritative answer from Jumio. Specify a callback URL (see Global
Netverify settings chapter) to receive the result for each scan (see Callback chapter).
20
Using performNetverify
performNetverify offers a RESTful ID verification API without a Jumio-hosted user interface.
Simply send an HTTP POST including the customers ID image to the URL below. You will
immediately receive a JSON response with a Jumio scan reference and a timestamp, and the
callback after the verification is completed (see Callback chapter).
REST URL: https://netverify.com/api/netverify/v2/performNetverify
Authentication: The performNetverify API call is protected. To access it, use HTTP Basic
Authentication with your merchant API token as the "userid" and your API secret as the
"password". Log into https://netverify.com, and you can find your merchant API token and
API secret on the "Settings" page under "API credentials".
Header: The following parameters are mandatory in the "header" section of your request.
Accept: application/json
Content-Type: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/VERSION
SSL handshake: The TLS protocol is required (see Supported cipher suites chapter) and we
strongly recommend using the latest version.
Note: Calls with missing or suspicious headers, suspicious parameter values, or without HTTP
Basic Authentication will result in HTTP status code 403 Forbidden.
Request parameters
Note: Mandatory JSON parameters are highlighted.
Parameter
merchantIdScanReference
Type
String
Max. length
100
frontsideImage
frontsideImageMimeType
String
String
Max. 5 MB
enabledFields
String
100
merchantReportingCriteria
customerId
String
String
100
100
callbackUrl
String
255
21
Description
Your reference for each scan must not contain
sensitive data like PII (Personally Identifiable
Information) or account login
Base64 encoded image of ID front side
Mime type of front side image
Possible values: image/jpeg (default), image/png
Defines which fields must be processed during
the ID verification. This setting overrides your
Jumio merchant settings.
Possible values:
"idNumber,idFirstName,idLastName,idDob,idExpi
ry,idUsState,idPersonalNumber,idFaceMatch,idA
ddress"
Your reporting criteria for each scan
Identification of the customer should not contain
sensitive data like PII (Personally Identifiable
Information) or account login
Callback URL for the confirmation after the
verification is completed. This setting overrides
firstName
lastName
country
usState
String
String
String
String
100
100
3
100
expiry
number
idType
dob
backsideImage
backsideImageMimeType
String
String
String
String
String
String
callbackGranularity
String
255
personalNumber
mrzCheck
String
Boolean
14
additionalInformation
String
100
faceImage
String
Max. 5 MB
faceImageMimeType
String
100
255
Max. 5 MB
Response parameters
Parameter
jumioIdScanReference
timestamp
Type
String
String
Description
Jumios reference number for each scan
Timestamp of the response in the format YYYY-MMDDThh:mm:ss.SSSZ
Sample request
POST https://netverify.com/api/netverify/v2/performNetverify HTTP/1.1
Accept: application/json
Content-Type: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/x.x.x
Authorization: Basic
22
{
"merchantIdScanReference": "YOURSCANREFERENCE",
"frontsideImage": "<binary>"
}
Sample response
{
"timestamp": "2012-08-16T10:37:44.623Z",
"jumioIdScanReference": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
23
Accept: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/VERSION
SSL handshake: The TLS protocol is required (see Supported cipher suites chapter) and we
strongly recommend using the latest version.
Note: Calls with missing or suspicious headers, suspicious parameter values, or without HTTP
Basic Authentication will result in HTTP status code 403 Forbidden.
Response parameters
Parameter
supportedIdTypes
timestamp
Type
Array
String
Description
Array of supported IDs
Timestamp of the response in the format YYYY-MMDDThh:mm:ss.SSSZ
Parameter
"supportedIdTypes"
countryName
countryCode
idTypes
Type
Max. length
Description
String
String
Array
100
3
Parameter "idTypes"
idType
acquisitionConfig
Type
String
Object
Max. length
Description
PASSPORT, DRIVING_LICENSE, ID_CARD
Object containing acquisition configuration for this
ID type
Parameter
"acquisitionConfig"
backSide
minYear
Type
Max. length
Description
Boolean
Number
24
Sample request
GET https://netverify.com/api/netverify/v2/supportedIdTypes HTTP/1.1
Accept: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/x.x.x
Authorization: Basic
Sample response
{
"supportedIdTypes": [{"countryName": "Austria","countryCode": "AUT","idTypes":
[{"idType": "ID_CARD","acquisitionConfig": {"backSide": true}},{"idType":
"DRIVER_LICENSE","acquisitionConfig": {"backSide":
false}},{"idType":"PASSPORT","acquisitionConfig": {"backSide":
false}}]},{"countryName": "United states","countryCode": "USA","idTypes":
[{"idType": "ID_CARD","acquisitionConfig": {"backSide": false}},{"idType":
"DRIVER_LICENSE","acquisitionConfig": {"backSide": false}},{"idType":
"PASSPORT","acquisitionConfig": {"backSide": false}}]}],
"timestamp": "2013-04-10T07:38:25.332Z"
}
Accepted IDs
Call the RESTful HTTP GET API acceptedIdTypes to receive a JSON response including all
accepted IDs, as specified in your Jumio merchant settings.
REST URL: https://netverify.com/api/netverify/v2/acceptedIdTypes
Authentication: The acceptedIdTypes API call is protected. To access it, use HTTP Basic
Authentication with your merchant API token as the "userid" and your API secret as the
"password".
Header: The following parameters are mandatory in the "header" section of your request.
Accept: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/VERSION
SSL handshake: The TLS protocol is required (see Supported cipher suites chapter) and we
strongly recommend using the latest version.
Note: Calls with missing or suspicious headers, suspicious parameter values, or without HTTP
Basic Authentication will result in HTTP status code 403 Forbidden.
Response parameters
Parameter
accepteddIdTypes
timestamp
Type
Array
String
Description
Array of accepted IDs, as specified in your Jumio merchant settings
Timestamp of the response in the format YYYY-MMDDThh:mm:ss.SSSZ
Parameter
"accepteddIdTypes"
countryName
countryCode
Type
Max. length
Description
String
String
100
3
25
idTypes
Array
Parameter "idTypes"
idType
acquisitionConfig
Type
String
Object
Max. length
Description
PASSPORT, DRIVING_LICENSE, ID_CARD
Object containing acquisition configuration for this
ID type
Parameter
"acquisitionConfig"
backSide
minYear
Type
Max. length
Description
Boolean
Number
Sample request
GET https://netverify.com/api/netverify/v2/acceptedIdTypes HTTP/1.1
Accept: application/json
User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/x.x.x
Authorization: Basic
Sample response
{
"acceptedIdTypes": [{"countryName": "Austria","countryCode": "AUT","idTypes":
[{"idType": "ID_CARD","acquisitionConfig": {"backSide": true}},{"idType":
"DRIVER_LICENSE","acquisitionConfig": {"backSide":
false}},{"idType":"PASSPORT","acquisitionConfig": {"backSide":
false}}]},{"countryName": "United states","countryCode": "USA","idTypes":
[{"idType": "ID_CARD","acquisitionConfig": {"backSide": false}},{"idType":
"DRIVER_LICENSE","acquisitionConfig": {"backSide": false}},{"idType":
"PASSPORT","acquisitionConfig": {"backSide": false}}]}],
"timestamp": "2013-04-10T07:38:25.332Z"
}
26
Callback
An HTTP POST is sent to your specified callback URL (see Global Netverify settings chapter) containing an "application/x-www-form-urlencoded"
formatted string with the result.
User journey state
Not started
Drop off before scan/upload
Scan state
Pending
Failed
Finished
Done
Callback
Netverify: No callback
Netverify Multi Document: Transaction will be cleaned-up from pending to failed after the authorization token lifetime;
Callback: document status NO_DOCUMENT_PRESENT
Transaction will be cleaned-up after 15 minutes
Callback: verification status NO_ID_UPLOADED/document status NO_DOCUMENT_PRESENT
ID verification will be performed
Callback: verification/document status depends on the result (see sections below)
Netverify
The following parameters are posted to your callback URL for embedded Netverify, Netverify redirect and performNetverify. The values depend
on the verification status.
Parameter
callBackType
clientIp
idFaceMatch
idCheckDataPositions
idCheckDocumentValidation
idCheckHologram
idCheckMRZcode
idCheckMicroprint
idCheckSecurityFeatures
Max.
length
15
3
Fraud
NETVERIFYID
IP address of the client
Face match percentage 0-100 (*4)
OK
OK
OK
OK for passports if MRZ check is
enabled
N/A otherwise
OK
OK
Unsupported ID
country (*7)
NETVERIFYID
IP address of the
client
N/A
N/A
N/A
N/A
Name mismatch
(*6)
NETVERIFYID
IP address of the
client
N/A
N/A
N/A
N/A
Not readable ID
(*8)
NETVERIFYID
IP address of the
client
N/A
N/A
N/A
N/A
No ID uploaded
NETVERIFYID
IP address of the
client
N/A
N/A
N/A
N/A
Unsupported ID
type (*7)
NETVERIFYID
IP address of the
client
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
27
NETVERIFYID
IP address of the
client
N/A
N/A
N/A
N/A
idCheckSignature
idCountry
idScanStatus
idScanSource
idType
OK
ISO 3166-1 alpha-3 country code
SUCCESS
Possible values (*5):
WEB_CAM
WEB_UPLOAD
REDIRECT_CAM
REDIRECT_UPLOAD
WEB
API
PASSPORT, DRIVING_LICENSE,
ID_CARD
jumioIdScanReference
36
merchantIdScanReference
100
verificationStatus
APPROVED_VERIFIED
customerId
100
idFirstName
200
idLastName
200
idDob
10
idExpiry
10
idNumber
200
idUsState
100
N/A
ISO 3166-1 alpha-3
ERROR
Possible values
(*5):
WEB_CAM
WEB_UPLOAD
REDIRECT_CAM
REDIRECT_UPLOAD
WEB
API
PASSPORT,
DRIVING_LICENSE,
ID_CARD
Jumios reference
number for each
scan
Your reference for
each scan
DENIED_FRAUD
ID of the customer
as provided
First name of the
customer, if
provided
Last name of the
customer, if
provided
Date of birth, if
provided
Date of expiry, if
provided
ID number, if
provided
US state, if
provided
N/A
ISO 3166-1 alpha-3
ERROR
Possible values
(*5):
WEB_CAM
WEB_UPLOAD
REDIRECT_CAM
REDIRECT_UPLOAD
WEB
API
PASSPORT,
DRIVING_LICENSE,
ID_CARD,
UNSUPPORTED
Jumios reference
number for each
scan
Your reference for
each scan
DENIED_UNSUPPO
RTED_ID_TYPE
ID of the customer
as provided
First name of the
customer, if
provided
Last name of the
customer, if
provided
Date of birth, if
provided
Date of expiry, if
provided
ID number, if
provided
US state, if
provided
28
N/A
ISO 3166-1 alpha-3
ERROR
Possible values
(*5):
WEB_CAM
WEB_UPLOAD
REDIRECT_CAM
REDIRECT_UPLOAD
WEB
API
PASSPORT,
DRIVING_LICENSE,
ID_CARD,
UNSUPPORTED
Jumios reference
number for each
scan
Your reference for
each scan
DENIED_UNSUPPO
RTED_ID_COUNTR
Y
ID of the customer
as provided
First name of the
customer, if
provided
Last name of the
customer, if
provided
Date of birth, if
provided
Date of expiry, if
provided
ID number, if
provided
US state, if
provided
N/A
ISO 3166-1 alpha-3
ERROR
Possible values
(*5):
WEB_CAM
WEB_UPLOAD
REDIRECT_CAM
REDIRECT_UPLOAD
WEB
API
PASSPORT,
DRIVING_LICENSE,
ID_CARD
N/A
ISO 3166-1 alpha-3
ERROR
Possible values
(*5):
WEB_CAM
WEB_UPLOAD
REDIRECT_CAM
REDIRECT_UPLOAD
WEB
API
PASSPORT,
DRIVING_LICENSE,
ID_CARD
Jumios reference
number for each
scan
Your reference for
each scan
DENIED_NAME_MI
SMATCH
Jumios reference
number for each
scan
Your reference for
each scan
ERROR_NOT_READ
ABLE_ID
ID of the customer
as provided
First name of the
customer, if
provided
Last name of the
customer, if
provided
Date of birth, if
provided
Date of expiry, if
provided
ID number, if
provided
US state, if
provided
ID of the customer
as provided
First name of the
customer, if
provided
Last name of the
customer, if
provided
Date of birth, if
provided
Date of expiry, if
provided
ID number, if
provided
US state, if
provided
N/A
ISO 3166-1 alpha-3
ERROR
Possible values
(*5):
WEB_CAM
WEB_UPLOAD
REDIRECT_CAM
REDIRECT_UPLOAD
WEB
API
PASSPORT,
DRIVING_LICENSE,
ID_CARD,
UNSUPPORTED
Jumios reference
number for each
scan
Your reference for
each scan
NO_ID_UPLOADED
ID of the customer
as provided
First name of the
customer, if
provided
Last name of the
customer, if
provided
Date of birth, if
provided
Date of expiry, if
provided
ID number, if
provided
US state, if
provided
idScanImage
255
idScanImageBackside
255
personalNumber
14
100
idAddress
additionalInformation
rejectReason
merchantReportingCriteria
100
Additional
information as
provided
Reject reason as
JSON object, see
tables below
Your reporting
criteria for each
scan
Additional
information as
provided
-
Additional
information as
provided
-
Additional
information as
provided
-
Additional
information as
provided
-
Your reporting
criteria for each
scan
Your reporting
criteria for each
scan
Your reporting
criteria for each
scan
Additional
information as
provided
Reject reason as
JSON object, see
tables below
Your reporting
criteria for each
scan
Your reporting
criteria for each
scan
(*1) For ID types that are configured to support a separate scan of front side and back side, this is the front side. If face match is enabled, this is the image of the ID and the
picture of the face. To access it, use the HTTP GET method and HTTP Basic Authentication with your merchant API token as the "userid" and your API secret as the "password".
Set "User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/VERSION" (e.g. MyCompany MyApp/1.0.0) in the "header" section of your request. The TLS protocol is
required during the SSL handshake (see Supported cipher suites chapter) and we strongly recommend using the latest version.
(*2) For ID types that are configured to support a separate scan of front side and back side, this is the back side. To access it, use the HTTP GET method and HTTP Basic
Authentication with your merchant API token as the "userid" and your API secret as the "password". Set "User-Agent: YOURCOMPANYNAME
YOURAPPLICATIONNAME/VERSION" (e.g. MyCompany MyApp/1.0.0) in the "header" section of your request. The TLS protocol is required during the SSL handshake (see
Supported cipher suites chapter) and we strongly recommend using the latest version.
(*3) Address recognition is performed for supported IDs, if activated in your Jumio merchant settings. There are three different address formats. You can see which format
applies to specific IDs under "Data settings" in your Jumio merchant settings. Different address parameters are part of the JSON object, if they are available on the ID.
(*4) Face match is performed for the sources WEB_CAM, REDIRECT_CAM and API, if enabled.
(*5) WEB_CAM for embedded Netverify Web via camera, WEB_UPLOAD for embedded Netverify Web via upload, REDIRECT_CAM for Netverify Web redirect via camera,
REDIRECT_UPLOAD for Netverify Web redirect via upload, WEB for Netverify Multi Document, API for performNetverify
(*6) Name match is performed, if you pass first and last name to Netverify redirect.
29
(*7) Scan is declined as unsupported, if the provided ID is not supported by Jumio or not accepted in your Netverify settings.
(*8) Scan is declined as not readable, if the customer does not provide an ID which is able to be processed during all three tries (see reject reasons below), or if the ID is able to
be processed but enabled fields are not readable during the ID verification.
US address format
Parameter
city
state
streetName
streetSuffix
Max. length
64
2
64
14
streetDirection
Description
City
Last two characters of ISO 3166-2:US state code
Street name
Examples include:
ALY=ALLEY, ANX=ANNEX, ARC=ARCADE, AVE=AVENUE, BYU=BAYOO, BCH=BEACH, BND=BEND, BLF=BLUFF, BLFS=BLUFFS, BTM=BOTTOM,
BLVD=BOULEVARD, BR=BRANCH, BRG=BRIDGE, BRK=BROOK, BRKS=BROOKS, BG=BURG, BGS=BURGS, BYP=BYPASS, CP=CAMP,
CYN=CANYON, CPE=CAPE, CSWY=CAUSEWAY, CTR=CENTER, CTRS=CENTERS, CIR=CIRCLE, CIRS=CIRCLES, CLF=CLIFF, CLFS=CLIFFS,
CLB=CLUB, CMN=COMMON, COR=CORNER, CORS=CORNERS, CRSE=COURSE, CT=COURT, CTS=COURTS, CV=COVE, CVS=COVES,
CRK=CREEK, CRES=CRESCENT, CRST=CREST, XING=CROSSING, XRD=CROSSROAD, CURV=CURVE, DL=DALE, DM=DAM, DV=DIVIDE,
DR=DRIVE, DRS=DRIVES, EST=ESTATE, ESTS=ESTATES, EXPY=EXPRESSWAY, EXT=EXTENSION, EXTS=EXTENSIONS, FALL=FALL, FLS=FALLS,
FRY=FERRY, FLD=FIELD, FLDS=FIELDS, FLT=FLAT, FLTS=FLATS, FRD=FORD, FRDS=FORDS, FRST=FOREST, FRG=FORGE, FRGS=FORGES,
FRK=FORK, FRKS=FORKS, FT=FORT, FWY=FREEWAY, GDN=GARDEN, GDNS=GARDENS, GTWY=GATEWAY, GLN=GLEN, GLNS=GLENS,
GRN=GREEN, GRNS=GREENS, GRV=GROVE, GRVS=GROVES, HBR=HARBOR, HBRS=HARBORS, HVN=HAVEN, HTS=HEIGHTS,
HWY=HIGHWAY, HL=HILL, HLS=HILLS, HOLW=HOLLOW, INLT=INLET, I=INTERSTATE, IS=ISLAND, ISS=ISLANDS, ISLE=ISLE, JCT=JUNCTION,
JCTS=JUNCTIONS, KY=KEY, KYS=KEYS, KNL=KNOLL, KNLS=KNOLLS, LK=LAKE, LKS=LAKES, LAND=LAND, LNDG=LANDING, LN=LANE,
LGT=LIGHT, LGTS=LIGHTS, LF=LOAF, LCK=LOCK, LCKS=LOCKS, LDG=LODGE, LOOP=LOOP, MALL=MALL, MNR=MANOR, MNRS=MANORS,
MDW=MEADOW, MDWS=MEADOWS, MEWS=MEWS, ML=MILL, MLS=MILLS, MSN=MISSION, MHD=MOORHEAD, MTWY=MOTORWAY,
MT=MOUNT, MTN=MOUNTAIN, MTNS=MOUNTAINS, NCK=NECK, ORCH=ORCHARD, OVAL=OVAL, OPAS=OVERPASS, PARK=PARK,
PARK=PARKS, PKWY=PARKWAY, PKWY=PARKWAYS, PASS=PASS, PSGE=PASSAGE, PATH=PATH, PIKE=PIKE, PNE=PINE, PNES=PINES,
PL=PLACE, PLN=PLAIN, PLNS=PLAINS, PLZ=PLAZA, PT=POINT, PTS=POINTS, PRT=PORT, PRTS=PORTS, PR=PRAIRIE, RADL=RADIAL,
RAMP=RAMP, RNCH=RANCH, RPD=RAPID, RPDS=RAPIDS, RST=REST, RDG=RIDGE, RDGS=RIDGES, RIV=RIVER, RD=ROAD, RDS=ROADS,
RTE=ROUTE, ROW=ROW, RUE=RUE, RUN=RUN, SHL=SHOAL, SHLS=SHOALS, SHR=SHORE, SHRS=SHORES, SKWY=SKYWAY, SPG=SPRING,
SPGS=SPRINGS, SPUR=SPUR, SPUR=SPURS, SQ=SQUARE, SQS=SQUARES, STA=STATION, STRM=STREAM, ST=STREET, STS=STREETS,
SMT=SUMMIT, TER=TERRACE, TRWY=THROUGHWAY, TRCE=TRACE, TRAK=TRACK, TRL=TRAIL, TUNL=TUNNEL, TPKE=TURNPIKE,
UPAS=UNDERPASS, UN=UNION, UNS=UNIONS, VLY=VALLEY, VLYS=VALLEYS, VIA=VIADUCT, VW=VIEW, VWS=VIEWS, VLG=VILLAGE,
VLGS=VILLAGES, VL=VILLE, VIS=VISTA, WALK=WALK, WALK=WALKS, WALL=WALL, WAY=WAY, WAYS=WAYS, WL=WELL, WLS=WELLS
Examples include: E=EAST, W=WEST, N=NORTH, S=SOUTH
30
streetNumber
unitDesignator
14
14
unitNumber
zip
zipExtension
country
14
14
20
3
Street number
Examples include:
APT=APARTMENT, BSMT=BASEMENT, BLDG=BUILDING, DEPT=DEPARTMENT, FL=FLOOR, FRNT=FRONT, HNGR=HANGAR,LBBY=LOBBY,
LOT=LOT, LOWR=LOWER, OFC=OFFICE, PH=PENTHOUSE, PIER=PIER, REAR=REAR, RM=ROOM, SIDE=SIDE, SLIP=SLIP,SPC=SPACE,
STOP=STOP, STE=SUITE, TRLR=TRAILER, UNIT=UNIT, UPPR=UPPER
Unit number
Zip code
Zip extension
ISO 3166-1 alpha-3 country code
Max length
64
64
64
15
64
15
3
Description
City
Province
Street name
Street number
Unit details
Postal code
ISO 3166-1 alpha-3 country code
EU address format
Parameter
city
province
streetName
streetNumber
unitDetails
postalCode
country
Max length
100
100
100
100
100
3
15
64
Description
Line item 1
Line item 2
Line item 3
Line item 4
Line item 5
ISO 3166-1 alpha-3 country code
Postal code, if available
City
31
Reject reason
Parameter
rejectReasonCode
rejectReasonDescription
Max length
5
64
Description
Possible codes and descriptions for verification status DENIED_FRAUD:
100
MANIPULATED_DOCUMENT
105
FRAUDSTER
106
FAKE
107
PHOTO_MISMATCH
108
MRZ_CHECK_FAILED
Possible codes and descriptions for verification status ERROR_NOT_READABLE_ID:
102
PHOTOCOPY_BLACK_WHITE
103
PHOTOCOPY_COLOR
104
DIGITAL_COPY
200
NOT_READABLE_DOCUMENT
201
NO_DOCUMENT
202
SAMPLE_DOCUMENT
205
PUNCHED_DOCUMENT
206
MISSING_BACK
207
WRONG_DOCUMENT_PAGE
209
MISSING_SIGNATURE
210
CAMERA_BLACK_WHITE
211
DIFFERENT_PERSONS_SHOWN
300
MANUAL_REJECTION
Reject reason details as JSON array containing JSON objects, if available
Possible for reject reason codes 100 and 200
rejectReasonDetails
Max length
5
32
Description
Possible code and description details for reject reason code 100:
1001 PHOTO
1002 DOCUMENT_NUMBER
1003 EXPIRY
32
1004
1005
1006
1007
1008
DOB
NAME
ADDRESS
SECURITY_CHECKS
SIGNATURE
Possible code and description details for reject reason code 200:
2001 BLURRED
2002 BAD_QUALITY
2003 MISSING_PART_DOCUMENT
2004 HIDDEN_PART_DOCUMENT
2005 DAMAGED_DOCUMENT
33
Max.
length
callBackType
clientIP
customerID
documentPageImageUrls
15
100
255
documentStatus
documentType
Document present
No document present
DOCUMENT
IP address of the client as provided
ID of the customer as provided
URL(s) to the image(s) of the scanned document(s) (JPEG or
PNG)
The parameter value is formatted with surrounding
squared brackets, separating the two image URLs (credit
card front and back side) with ",".
To access an image, use the HTTP GET method and HTTP
Basic Authentication with your merchant API token as the
"userid" and your API secret as the "password". Set "UserAgent: YOURCOMPANYNAME
YOURAPPLICATIONNAME/VERSION" (e.g. MyCompany
MyApp/1.0.0) in the "header" section of your request
The TLS protocol is required during the SSL handshake (see
Supported cipher suites chapter) and we strongly
recommend using the latest version.
DOCUMENT_PRESENT
BS (Bank statement, front side)
CC (Credit card, front and back side)
IC (Insurance card, front side)
UB (Utility bill, front side)
CAAP (Cash advance application, front and back side)
CRC (Corporate resolution certificate, front and back side)
CCS (Credit card statement, front and back side)
LAG (Lease agreement, front and back side)
LOAP (Loan application, front and back side)
MOAP (Mortgage application, front and back side)
TR (Tax return, front and back side)
VT (Vehicle title, front side)
VC (Voided check, front side)
STUC (Student card, front side)
HCC (Health care card, front side)
CB (Council bill, front side)
SENC (Seniors card, front side)
MEDC (Medicare card, front side)
DOCUMENT
IP address of the client as provided
ID of the customer as provided
-
DOCUMENT
IP address of the client as provided
ID of the customer as provided
-
NO_DOCUMENT_PRESENT
BS (Bank statement, front side)
CC (Credit card, front and back side)
IC (Insurance card, front side)
UB (Utility bill, front side)
CAAP (Cash advance application, front and back side)
CRC (Corporate resolution certificate, front and back side)
CCS (Credit card statement, front and back side)
LAG (Lease agreement, front and back side)
LOAP (Loan application, front and back side)
MOAP (Mortgage application, front and back side)
TR (Tax return, front and back side)
VT (Vehicle title, front side)
VC (Voided check, front side)
STUC (Student card, front side)
HCC (Health care card, front side)
CB (Council bill, front side)
SENC (Seniors card, front side)
MEDC (Medicare card, front side)
DENIED_UNSUPPORTED_DOCUMENT_TYPE
CC (Credit card, front and back side)
34
merchantScanReference
jumioScanReference
merchantReportingCriteria
100
36
100
35
Application settings
Callback URL
Provide an HTTPS callback URL using the TLS protocol. Ports are not allowed.
Whitelist the following IP addresses for callbacks, and use these to verify that the callback
originated from Jumio: 50.57.26.240, 50.57.26.241, 50.57.26.248, 50.57.26.249. You can
look up the IP addresses with the host name "callback.jumio.com".
Success and error URLs
Specify your own redirect pages for success and error. We strongly recommend providing
HTTPS URLs using the TLS protocol. Ports are not allowed.
Data deletion
Select a time interval to enable permanent purge of sensitive data. Fraud transaction data
can be excluded from the deletion.
Customize client
Specify Netverify base and message colors for your own look and feel per locale.
Any configuration which is not set will first default to the language (e.g. EN_GB to EN), then
to your default setup, and finally to the Jumio standard.
36
Accepted IDs
You can configure accepted IDs per region or country. The default setup includes all
countries and ID types supported by Jumio at the time when your account was created.
Note: You can enable the option to automatically accept newly supported IDs by Jumio.
Per region configuration
37
Data settings
You can choose which fields should be processed during the ID verification.
Mandatory fields
Mandatory fields will be returned in the callback for all Jumio supported IDs, if enabled.
Optional fields
Optional fields will be returned in the callback under certain conditions, if enabled.
Note: To perform the MRZ check, the fields date of birth, expiry and personal number will be
processed during the ID verification and returned in the callback, if available on the ID.
38
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_RSA_WITH_RC4_128_SHA
39