Netverify-implementation-guide v1 7 5

Netverify Web Implementation Guide

This guide is a reference manual and configuration guide for the Netverify Web product. It illustrates how to embed Netverify and Netverify Multi Document into your web page, redirect to a customizable landing page, and implement the performNetverify API. Copyright: Jumio Inc. 268 Lambert Avenue, Palo Alto, CA 94306

2

Contents

Netverify Web Implementation Guide ....................................................................................... 1

Contents .................................................................................................................................. 2

Release notes ...................................................................................................................... 4

Contact ................................................................................................................................ 5

Embedding Netverify into your page ..................................................................................... 6

Initiating the transaction..................................................................................................... 6

Displaying and configuring your Netverify client ................................................................ 8

Redirecting the customer after the user journey ............................................................... 9

Callback ............................................................................................................................... 9

Using Netverify redirect........................................................................................................ 10

Customizing your landing page ......................................................................................... 10

Initiating the transaction................................................................................................... 12

Using the initiateNetverify API ..................................................................................... 12

Using the Jumio merchant backend ............................................................................. 14

Calling your landing page .................................................................................................. 14

Redirecting the customer after the user journey ............................................................. 14

Callback ............................................................................................................................. 15

Embedding Netverify Multi Document ................................................................................ 16

Initiating the transaction................................................................................................... 16

Supported documents ...................................................................................................... 17

Displaying and configuring your Netverify Multi Document client .................................. 19

Redirecting the customer after the user journey ............................................................. 19

Callback ............................................................................................................................. 20

Using performNetverify ........................................................................................................ 21

Global Netverify APIs ............................................................................................................ 24

Supported IDs .................................................................................................................... 24

Accepted IDs ..................................................................................................................... 25

Callback ................................................................................................................................. 27

Netverify ............................................................................................................................ 27

Netverify Multi Document ................................................................................................ 34

Global Netverify settings ...................................................................................................... 36

Application settings ........................................................................................................... 36

Customize client ................................................................................................................ 36

3

Accepted IDs ..................................................................................................................... 37

Data settings ..................................................................................................................... 38

Supported cipher suites ........................................................................................................ 39

4

Release notes Version Date Description

1.7.5 2014-04-23 Added supported cipher suites during SSL handshake (TLS required)

1.7.4 2014-03-11 Introduced data deletion

1.7.3 2014-02-03 Introduced manual transaction setup for Netverify redirect Added "User-Agent" header for callback image URL requests Enhanced supported documents for Netverify Multi Document initiateNetverifyRedirect parameter "successUrl" and "errorUrl" not mandatory anymore Removed "callbackEmail" API parameters and related application setting

1.7.2 2014-01-14 Changed performNetverify RESTful URL from v1 to v2 Added parameters "faceImage" and "faceImageMimeType" for performNetverify face match

1.7.1 2013-12-17 Success and error URLs should be HTTPS using the TLS protocol Removed custom HTTP GET parameters for the Netverify redirect landing page Added callback parameters postalCode and city for Raw address format Added HTTP status code 403 Forbidden for all RESTful APIs Added scan state explanations in the sections "Redirecting the customer after the user journey" and "Callback" Added footnotes 7 and 8 in the Netverify callback table

1.7.0 2013-11-13 Introduced RESTful supportedIdTypes and acceptedIdTypes APIs Changed "Mandatory fields" to "Data settings" separating mandatory and optional fields Added HTTP GET method restriction for callback image retrieval Changed RESTful URL getSupportedDocumentTypes to supportedDocumentTypes Parameters "customerId" and "additionalInformation" should not contain sensitive data Parameter "merchantIdScanReference" must not contain sensitive data

1.6.12 2013-10-29 Added "User-Agent" header for all RESTful APIs Added callback parameter "merchantReportingCriteria" Added reject reason code 108 for MRZ_CHECK_FAILED Removed reject reason code 208 for NOTHING_SHOWN Removed createDocumentAcquisition parameters "firstName", "lastName" and "country" Added maximum file size for performNetverify parameters "frontsideImage" and "backsideImage"

1.6.11 2013-10-14 Added color customization in Netverify settings Deprecated callback email createDocumentAcquisition parameter "country" not mandatory anymore

1.6.10 2013-09-24 Added parameter "merchantReportingCriteria" to the createDocumentAcquisition API and the Netverify Multi Document callback Corrected values of "idUsState" parameter for initiateNetverify, initiateNetverifyRedirect, performNetverify and the Netverify callback Corrected data types for all APIs from Java types to JSON types

1.6.9 2013-09-10 Added callback parameter "rejectReason" Enhanced "Accepted IDs" settings

1.6.8 2013-08-13 Enhanced "idAddress" callback parameter with EU and Raw format Added "additionalInformation" parameter for initiateNetverify, initiateNetverifyRedirect and performNetverify Added additional information input field for Netverify redirect Added callback parameter "additionalInformation" Added value "UNSUPPORTED" for callback parameter "idType"

1.6.7 2013-08-01 Added locale specific settings for Netverify redirect Added value "idAddress" to the "enabledFields" parameter Added French, Italian, Portuguese and Spanish localizations

1.6.6 2013-07-17 Added maximum field lengths for all JSON parameters

1.6.5 2013-06-27 Corrected values of callback parameter "idScanSource" Corrected value "ID_CARD" of callback parameter "idType"

1.6.4 2013-05-28 Added Finnish, Norwegian, Polish, Russian and Swedish localization

1.6.3 2013-05-14 Introduced face match in Jumio merchant settings and callback Added HTTP GET parameter "merchantIdScanReference" in the success and error redirect URLs for embedded Netverify Added new callback field "idScanSource"

1.6.2 2013-05-02 Added IP addresses for the callback Added maximum parameter lengths for callback fields

5

1.6.1 2013-04-16 Added RESTful getSupportedDocumentTypes API for Netverify Multi Document

1.6.0 2013-04-03 initiateNetverify API is mandatory for embedded and redirect HTTPS callback URL using TLS Added document types for Netverify Multi Document

1.5.1 2013-03-05 Updated Netverify Multi Document parameters

1.5.0 2013-03-04 Introduced Netverify Multi Document Added address recognition for US IDs

1.4.2 2013-02-18 Removed "showIntroductionText" parameter

1.4.1 2013-02-14 Removed API version 1.0

1.4.0 2013-02-13 Introduced client version 2.0 with improved UI

1.3.0 2012-12-18 Relocated and redesigned Netverify backend Added Turkish localization

1.2.4 2012-11-27 Corrected callback format

1.2.3 2012-10-30 Added personal number Enhanced MRZ check configuration

1.2.2 2012-10-03 Added client FAQs Updated "showIntroductionText" parameter

1.2.1 2012-08-23 Improved user experience of landing page

1.2.0 2012-08-17 Introduced RESTful performNetverify and initiateNetverify APIs

1.1.2 2012-07-18 Added Netverify redirect settings Updated callback images

1.1.1 2012-06-27 Added header and footer image dimensions Updated JS link for Netverify embedded

1.1.0 2012-06-15 Introduced Netverify redirect

1.0.2 2012-05-30 Added "idScanImageBackside" callback parameter

1.0.1 2011-03-06 Introduced "showIntroductionText" parameter

1.0.0 2011-03-01 Initial release

Contact

If you have any questions regarding our implementation guide please contact Jumio Customer Service at [email protected] or https://support.jumio.com. The Jumio online helpdesk contains a wealth of information regarding our service including demo videos, product descriptions, FAQs and other things that may help to get you started with Jumio. Check it out at: https://support.jumio.com.

mailto:[email protected]?subject=Netverify%20Web%20Implementation

https://support.jumio.com/

https://support.jumio.com/

6

Embedding Netverify into your page

Initiating the transaction

Call the RESTful HTTP POST API initiateNetverify with the below JSON parameters to create a transaction for each user. You will receive a Jumio scan reference and an authorization, which is valid for a certain amount of time, and to be specified in the embed code parameter "authorizationToken". REST URL: https://netverify.com/api/netverify/v2/initiateNetverify

Authentication: The initiateNetverify API call is protected. To access it, use HTTP Basic Authentication with your merchant API token as the "userid" and your API secret as the "password". Log into https://netverify.com, and you can find your merchant API token and API secret on the "Settings" page under "API credentials". Header: The following parameters are mandatory in the "header" section of your request.

Accept: application/json

Content-Type: application/json

User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/VERSION

(e.g. MyCompany MyApp/1.0.0)

SSL handshake: The TLS protocol is required (see Supported cipher suites chapter) and we strongly recommend using the latest version. Note: Calls with missing or suspicious headers, suspicious parameter values, or without HTTP Basic Authentication will result in HTTP status code 403 Forbidden. Request parameters Note: Mandatory JSON parameters are highlighted.

Parameter Type Max. length Description

merchantIdScanReference String 100 Your reference for each scan must not contain sensitive data like PII (Personally Identifiable Information) or account login

successUrl * String 255 Redirect URL in case of success. This setting overrides your Jumio merchant settings. We strongly recommend providing an HTTPS URL using the TLS protocol (ports are not allowed). * Mandatory if not specified in your Jumio merchant settings.

errorUrl * String 255 Redirect URL in case of error. This setting overrides your Jumio merchant settings. We strongly recommend providing an HTTPS URL using the TLS protocol (ports are not allowed). * Mandatory if not specified in your Jumio merchant settings.

enabledFields String 100 Defines which fields must be processed during the ID verification. This setting overrides your

https://netverify.com/login

7

Jumio merchant settings. Possible values: "idNumber,idFirstName,idLastName,idDob,idExpiry,idUsState,idPersonalNumber,idFaceMatch,idAddress"

authorizationTokenLifetime Number Max. value: 2147483647

Time in seconds until the authorizationToken expires Default: 300 seconds 0: Unused authorization token never expires

merchantReportingCriteria String 100 Your reporting criteria for each scan

callbackUrl String 255 Callback URL for the confirmation after the verification is completed. This setting overrides your Jumio merchant settings. Provide an HTTPS URL using the TLS protocol (ports are not allowed).

locale String 100 Locale of the Netverify client. Possible values: "de" (German), "en" (American English, default), "en_GB" (British English), "es" (Spanish), "fi" (Finnish), "fr" (French), "it" (Italian), "no" (Norwegian), "pl" (Polish), "pt" (Portuguese), "ru" (Russian), "sv" (Swedish), "tr" (Turkish)

clientIp String 100 IP address of the client

customerId String 100 Identification of the customer should not contain sensitive data like PII (Personally Identifiable Information) or account login

firstName String 100 First name of the customer

lastName String 100 Last name of the customer

country String 3 ISO 3166-1 alpha-3 country code

usState String 100 If idType = DRIVING_LICENSE: Last two characters of ISO 3166-2:US state code Possible values if idType = PASSPORT or idType = ID_CARD: Last two characters of ISO 3166-2:US state code ISO 3166-1 country name ISO 3166-1 alpha-2 country code ISO 3166-1 alpha-3 country code

expiry String Date of expiry in the format yyyy-mm-dd

number String 100 Identification number of the document

dob String Date of birth in the format yyyy-mm-dd

idType String 255 PASSPORT, DRIVING_LICENSE, ID_CARD

personalNumber String 14 Personal number of the document

mrzCheck Boolean Enable or disable the MRZ check. This setting overrides your Jumio merchant settings. To perform the MRZ check, the fields date of birth, expiry and personal number will be processed during the ID verification, if available on the ID.

additionalInformation String 100 Additional information for this scan should not contain sensitive data like PII (Personally Identifiable Information) or account login

Response parameters


timestamp String Timestamp of the response in the format YYYY-MM-DDThh:mm:ss.SSSZ

http://en.wikipedia.org/wiki/ISO_3166-1_alpha-3

http://de.wikipedia.org/wiki/ISO_3166-2:US


http://en.wikipedia.org/wiki/ISO_3166-1



8

authorizationToken String 36 Authorization token, which is valid for the authorization token lifetime

jumioIdScanReference String 36 Jumio’s reference number for each scan

Sample request POST https://netverify.com/api/netverify/v2/initiateNetverify HTTP/1.1



User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/x.x.x

Authorization: Basic

{

"merchantIdScanReference": "YOURSCANREFERENCE",

"successUrl": "https://www.your-site.com/sucess",

"errorUrl": "https://www.your-site.com/error"

}

Sample response {

"timestamp": "2012-08-16T10:27:29.494Z",

"authorizationToken": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",

"jumioIdScanReference": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

}

Displaying and configuring your Netverify client

Copy and paste the following script into your page’s "<head>" section right before the "</head>" tag. <script type="text/javascript" src="https://netverify.com/widget/jumio-

verify/2.0/iframe-script.js"> </script>

<script type="text/javascript">

/*<![CDATA[*/

JumioClient.setVars({

authorizationToken: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

}).initVerify("JUMIOIFRAME");

/*]]>*/

</script>

To display Netverify, paste <div id="JUMIOIFRAME"></div>

in the HTML code where you want the client to appear. The iFrame dimension is 800x500 pixels. Embed code parameters Note: Mandatory JavaScript parameters are highlighted.

Parameter Type Description

authorizationToken String Your transaction-specific authorization token

locale String Locale of the Netverify client:

"de" German

9

"en" American English (default)

"en_GB" British English

"es" Spanish

"fi" Finnish

"fr" French

"it" Italian

"no" Norwegian

"pl" Polish

"pt" Portuguese

"ru" Russian

"sv" Swedish

"tr" Turkish This parameter overrides the initiateNetverify parameter "locale".

Redirecting the customer after the user journey

After finishing the Netverify user journey, the customer will be redirected to your specified success page if the provided ID is able to be processed. If the ID is declined as fraud immediately, or if the customer does not provide an ID which is able to be processed over the course of three tries (see Reject reason chapter), the user will be sent to your specified error page. To display information on your redirect pages, you can use the following parameters, which are attached to your URL as HTTP GET query string parameters:

Parameter Description

idScanStatus "SUCCESS" or "ERROR"

merchantIdScanReference Your reference for each scan

jumioIdScanReference Jumio’s reference number for each scan

Note: HTTP GET parameters can be manipulated on the client side and may be used for display purposes only. It is also possible to set success and error URLs to the same address, because you can get the status from the URL’s query parameter "idScanStatus". Sample redirect URL https://www.your-

site.com/success?idScanStatus=SUCCESS&merchantIdScanReference=YOURIDSCANREFERENCE&j

umioIdScanReference=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Callback

The callback is the authoritative answer from Jumio. Specify a callback URL (see Global Netverify settings chapter) to receive the ID verification result for each scan (see Callback chapter).

10

Using Netverify redirect

Customizing your landing page

In your Jumio merchant settings, you can customize and brand your Netverify redirect page.

Domain name prefix Define the domain name prefix for the URL of your landing page. Allowed characters are: A-Z, a-z, "-", "." Max. attempts per user You can restrict the maximum attempts per customer (0 for unlimited). Default locale Set your default language for Netverify redirect. Possible locales are: English (US), English (United Kingdom), Finnish, French, German, Italian, Norwegian, Polish, Portuguese, Russian, Spanish, Swedish or Turkish. Enable additional information field By enabling this field, an input field will be added to your Netverify landing page, which allows your customer to enter additional information. This field should not contain sensitive data like PII (Personally Identifiable Information) or account login.

11

Select locale to configure Images and labels can be defined per locale. Any configuration which is not set will first default to the language (e.g. EN_GB to EN), then to your default setup, and finally to the Jumio standard. Images You can provide header and intro images. The file size per image must not exceed 5 MB. Header image dimensions: 728 x 85 pixels Intro image dimensions: 728 x 310 pixels Success and error images are designed for future enhancements. Label for customer ID Specify the label for the customer identification field on your landing page. This field should not contain sensitive data like PII (Personally Identifiable Information) or account login. Label for additional information Set the label for your additional information input field on your landing page, if enabled. This field should not contain sensitive data like PII (Personally Identifiable Information) or account login.

12


Call the initiateNetverifyRedirect API or use the manual setup in your Jumio merchant backend to create a transaction for each user. You will receive a Jumio scan reference and your Netverify redirect URL including an authorization token, which is valid for a certain amount of time.

Using the initiateNetverify API

Call the RESTful HTTP POST API initiateNetverifyRedirect with the JSON parameters below. REST URL: https://netverify.com/api/netverify/v2/initiateNetverifyRedirect

Authentication: The initiateNetverifyRedirect API call is protected. To access it, use HTTP Basic Authentication with your merchant API token as the "userid" and your API secret as the "password". Log into https://netverify.com, and you can find your merchant API token and API secret on the "Settings" page under "API credentials". Header: The following parameters are mandatory in the "header" section of your request.









successUrl String 255 Redirect URL in case of success. This setting overrides your Jumio merchant settings. We strongly recommend providing an HTTPS URL using the TLS protocol (ports are not allowed).

errorUrl String 255 Redirect URL in case of error. This setting overrides your Jumio merchant settings. We strongly recommend providing an HTTPS URL using the TLS protocol (ports are not allowed).

enabledFields String 100 Defines which fields must be processed during


13

the ID verification. This setting overrides your Jumio merchant settings. Possible values: "idNumber,idFirstName,idLastName,idDob,idExpiry,idUsState,idPersonalNumber,idFaceMatch,idAddress"


Time in seconds until the authorization token expires Default: 300 seconds 0: Unused authorization token never expires



locale String 100 Locale of the Netverify client. This setting overrides your Jumio merchant settings or the default value "en". Possible values: "de" (German), "en" (American English), "en_GB" (British English), "es" (Spanish), "fi" (Finnish), "fr" (French), "it" (Italian), "no" (Norwegian), "pl" (Polish), "pt" (Portuguese), "ru" (Russian), "sv" (Swedish), "tr" (Turkish)













Response parameters









14


clientRedirectUrl String 255 The redirect URL for the customer

jumioIdScanReference String 36 Jumio’s reference number for each scan

Sample request POST https://netverify.com/api/netverify/v2/initiateNetverifyRedirect HTTP/1.1





{


"customerId": "CUSTOMERID",

"successUrl": "https://www.your-site.com/success",


}

Sample response {

"timestamp": "2012-08-16T10:27:29.494Z",


"clientRedirectUrl": "https://[your-domain-

prefix].netverify.com/v2?authorizationToken=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",


}

Using the Jumio merchant backend

You can create a transaction manually in your Jumio merchant backend under the "Create verification" tab. The field values you can specify are equal to the related API request parameters described in the previous section of the guide.

Calling your landing page

Your Netverify "clientRedirectUrl" can be placed as a link on your web page or included in an email to your customer. Note: The URL including its HTTP GET parameter(s) may not be modified.


After finishing the Netverify user journey, the customer will be redirected to your specified success page if the provided ID is able to be processed. If the ID is declined as fraud immediately, or if the customer does not provide an ID which is able to be processed over the course of three tries (see Reject reason chapter), the user will be sent to your specified error page.

15

Callback

The callback is the authoritative answer from Jumio. Specify a callback URL (see Global Netverify settings chapter) to receive the ID verification result for each scan (see Callback chapter).

16

Embedding Netverify Multi Document


Call the RESTful HTTP POST API createDocumentAcquisition with the JSON parameters below to create a transaction for each user. You will receive a Jumio scan reference and an authorization, which is valid for a certain amount of time, and to be specified in the embed code parameter "authorizationToken". REST URL: https://netverify.com/api/netverify/v2/createDocumentAcquisition

Authentication: The createDocumentAcquisition API call is protected. To access it, use HTTP Basic Authentication with your merchant API token as the "userid" and your API secret as the "password". Log into https://netverify.com, and you can find your merchant API token and API secret on the "Settings" page under "API credentials". Header: The following parameters are mandatory in the "header" section of your request.







documentType String 100 Expected document type You receive possible parameters by calling the RESTful API supportedDocumentTypes (see Supported documents section).

merchantScanReference String 100 Your reference for each scan must not contain sensitive data like PII (Personally Identifiable Information) or account login

customerID String 100 Identification of the customer should not contain sensitive data like PII (Personally Identifiable Information) or account login

successUrl * String 255 Redirect URL in case of success. This setting overrides your Jumio merchant settings. We strongly recommend providing an HTTPS URL using the TLS protocol (ports are not allowed). * Mandatory if not specified in your Jumio merchant settings.

errorUrl * String 255 Redirect URL in case of error. This setting


17

overrides your Jumio merchant settings. We strongly recommend providing an HTTPS URL using the TLS protocol (ports are not allowed). * Mandatory if not specified in your Jumio merchant settings.


Time in seconds until the authorization token expires Default: 300 seconds 0: Unused authorization token never expires




Response parameters


jumioScanReference String 36 Jumio’s reference number for each scan


Timestamp String Timestamp of the response in the format YYYY-MM-DDThh:mm:ss.SSSZ

Sample request POST https://netverify.com/api/netverify/v2/createDocumentAcquisition HTTP/1.1





{

"documentType": "CC",

"merchantScanReference": "YOURSCANREFERENCE",

"customerID": "CUSTOMERID",

"successUrl": "https://www.your-site.com/sucess",


}

Sample response {

"jumioScanReference": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",


"timestamp": "2013-02-25T10:27:29.494Z"

}

Supported documents

Call the RESTful HTTP GET API supportedDocumentTypes to receive a JSON response including code and name of all supported documents. REST URL: https://netverify.com/api/netverify/v2/supportedDocumentTypes

18

Authentication: The supportedDocumentTypes API call is protected. To access it, use HTTP Basic Authentication with your merchant API token as the "userid" and your API secret as the "password". Header: The following parameters are mandatory in the "header" section of your request.




SSL handshake: The TLS protocol is required (see Supported cipher suites chapter) and we strongly recommend using the latest version. Note: Calls with missing or suspicious headers, suspicious parameter values, or without HTTP Basic Authentication will result in HTTP status code 403 Forbidden. Response parameters



supportedDocumentTypes Array Array of supported documents

Parameter "supportedDocumentTypes"

Type Max. length Description

code String 2 Unique identifier of the document type

name String 255 Full name of the document type

Sample request GET https://netverify.com/api/netverify/v2/supportedDocumentTypes HTTP/1.1




Sample response {

"timestamp":"2014-01-22T13:38:12.750Z",

"supportedDocumentTypes":[{"code":"BS","name":"Bank

statement"},{"code":"CC","name":"Credit card"},{"code":"IC","name":"Insurance

card"},{"code":"UB","name":"Utility bill"},{"code":"CAAP","name":"Cash advance

application"},{"code":"CRC","name":"Corporate resolution

certificate"},{"code":"CCS","name":"Credit card

statement"},{"code":"LAG","name":"Lease agreement"},{"code":"LOAP","name":"Loan

application"},{"code":"MOAP","name":"Mortgage

application"},{"code":"TR","name":"Tax return"},{"code":"VT","name":"Vehicle

title"},{"code":"VC","name":"Voided check"},{"code":"STUC","name":"Student

card"},{"code":"HCC","name":"Health care card"},{"code":"CB","name":"Council

bill"},{"code":"SENC","name":"Seniors card"},{"code":"MEDC","name":"Medicare

card"},{"code":"BC","name":"Birth certificate"},{"code":"WWCC","name":"Working with

children check"},{"code":"SS","name":"Superannuation

statement"},{"code":"TAC","name":"Trade association

card"},{"code":"SEL","name":"School enrolment letter"},{"code":"PB","name":"Phone

bill"}]

}

19

Displaying and configuring your Netverify Multi Document client

Copy and paste the following script into your page’s "<head>" section right before the "</head>" tag: <script type="text/javascript" src="https://netverify.com/widget/jumio-

verify/2.0/iframe-script.js"> </script>

<script type="text/javascript">

/*<![CDATA[*/

JumioClient.setVars({

authorizationToken: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

}).initMDM("JUMIOIFRAME");

/*]]>*/

</script>

To display Netverify Multi Document, paste <div id="JUMIOIFRAME"></div>

in the HTML code where you want the client to appear. The iFrame dimension is 800x500 pixels. Embed code parameters Note: Mandatory JavaScript parameters are highlighted.


authorizationToken String Your transaction-specific authorization token

locale String

Locale of the Netverify Multi Document client:

"de" German

"en" American English (default)

"en_GB" British English

"es" Spanish

"fi" Finnish

"fr" French

"it" Italian

"no" Norwegian

"pl" Polish

"pt" Portuguese

"ru" Russian

"sv" Swedish

"tr" Turkish


After finishing the Netverify Multi Document user journey, the customer will be redirected to your specified success page. To display information on your redirect pages, you can use the following parameters, which are attached to your URL as HTTP GET query string parameters:

20

Parameter Description

documentStatus SUCCESS (in any expected case) ERROR (in case of an unexpected error)

merchantScanReference Your reference for each scan

jumioScanReference Jumio’s reference number for each scan

Note: HTTP GET parameters can be manipulated on the client side and may be used for display purposes only. It is also possible to set success and errors URL to the same address, because you can get the status from the URL’s query parameter "documentStatus". Sample redirect URL https://www.your-

site.com/success?merchantScanReference=YOURIDSCANREFERENCE&documentStatus=SUCCESS&j

umioScanReference=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Callback

The callback is the authoritative answer from Jumio. Specify a callback URL (see Global Netverify settings chapter) to receive the result for each scan (see Callback chapter).

21

Using performNetverify performNetverify offers a RESTful ID verification API without a Jumio-hosted user interface. Simply send an HTTP POST including the customer’s ID image to the URL below. You will immediately receive a JSON response with a Jumio scan reference and a timestamp, and the callback after the verification is completed (see Callback chapter). REST URL: https://netverify.com/api/netverify/v2/performNetverify

Authentication: The performNetverify API call is protected. To access it, use HTTP Basic Authentication with your merchant API token as the "userid" and your API secret as the "password". Log into https://netverify.com, and you can find your merchant API token and API secret on the "Settings" page under "API credentials". Header: The following parameters are mandatory in the "header" section of your request.








frontsideImage String Max. 5 MB Base64 encoded image of ID front side

frontsideImageMimeType String Mime type of front side image Possible values: image/jpeg (default), image/png

enabledFields String 100 Defines which fields must be processed during the ID verification. This setting overrides your Jumio merchant settings. Possible values: "idNumber,idFirstName,idLastName,idDob,idExpiry,idUsState,idPersonalNumber,idFaceMatch,idAddress"



callbackUrl String 255 Callback URL for the confirmation after the verification is completed. This setting overrides


22

your Jumio merchant settings. Provide an HTTPS URL using the TLS protocol (ports are not allowed).









backsideImage String Max. 5 MB Base64 encoded image of ID back side

backsideImageMimeType String Mime type of back side image Possible values: image/jpeg (default), image/png

callbackGranularity String 255 Possible values: onFinish (default): Callback is only sent after the whole verification onAllSteps: Additional callback is sent before the ID verification, if the ID is able to be processed and not rejected as fraud immediately




faceImage String Max. 5 MB Base64 encoded image of face Face match must be enabled

faceImageMimeType String Mime type of face image Possible values: image/jpeg (default), image/png

Response parameters


jumioIdScanReference String Jumio’s reference number for each scan


Sample request POST https://netverify.com/api/netverify/v2/performNetverify HTTP/1.1











23

{


"frontsideImage": "<binary>"

}

Sample response {

"timestamp": "2012-08-16T10:37:44.623Z",


}

24

Global Netverify APIs

Supported IDs

Call the RESTful HTTP GET API supportedIdTypes to receive a JSON response including all Jumio supported IDs. REST URL: https://netverify.com/api/netverify/v2/supportedIdTypes

Authentication: The supportedIdTypes API call is protected. To access it, use HTTP Basic Authentication with your merchant API token as the "userid" and your API secret as the "password". Header: The following parameters are mandatory in the "header" section of your request.






supportedIdTypes Array Array of supported IDs


Parameter "supportedIdTypes"


countryName String 100 ISO 3166-1 country name

countryCode String 3 ISO 3166-1 alpha-3 country code

idTypes Array Array of supported ID types for this country

Parameter "idTypes" Type Max. length Description

idType String PASSPORT, DRIVING_LICENSE, ID_CARD

acquisitionConfig Object Object containing acquisition configuration for this ID type

Parameter "acquisitionConfig"


backSide Boolean True if back side required, otherwise false

minYear Number 4 Required minimum year in the format yyyy, if applicable



25

Sample request GET https://netverify.com/api/netverify/v2/supportedIdTypes HTTP/1.1




Sample response { "supportedIdTypes": [{"countryName": "Austria","countryCode": "AUT","idTypes":

[{"idType": "ID_CARD","acquisitionConfig": {"backSide": true}},{"idType":

"DRIVER_LICENSE","acquisitionConfig": {"backSide":

false}},{"idType":"PASSPORT","acquisitionConfig": {"backSide":

false}}]},{"countryName": "United states","countryCode": "USA","idTypes":

[{"idType": "ID_CARD","acquisitionConfig": {"backSide": false}},{"idType":

"DRIVER_LICENSE","acquisitionConfig": {"backSide": false}},{"idType":

"PASSPORT","acquisitionConfig": {"backSide": false}}]}],

"timestamp": "2013-04-10T07:38:25.332Z"

}

Accepted IDs

Call the RESTful HTTP GET API acceptedIdTypes to receive a JSON response including all accepted IDs, as specified in your Jumio merchant settings. REST URL: https://netverify.com/api/netverify/v2/acceptedIdTypes

Authentication: The acceptedIdTypes API call is protected. To access it, use HTTP Basic Authentication with your merchant API token as the "userid" and your API secret as the "password". Header: The following parameters are mandatory in the "header" section of your request.






accepteddIdTypes Array Array of accepted IDs, as specified in your Jumio merchant settings


Parameter "accepteddIdTypes"


countryName String 100 ISO 3166-1 country name

countryCode String 3 ISO 3166-1 alpha-3 country code



26

idTypes Array Array of your accepted ID types for this country

Parameter "idTypes" Type Max. length Description

idType String PASSPORT, DRIVING_LICENSE, ID_CARD

acquisitionConfig Object Object containing acquisition configuration for this ID type

Parameter "acquisitionConfig"


backSide Boolean True if back side required, otherwise false

minYear Number 4 Required minimum year in the format yyyy, if applicable

Sample request GET https://netverify.com/api/netverify/v2/acceptedIdTypes HTTP/1.1




Sample response { "acceptedIdTypes": [{"countryName": "Austria","countryCode": "AUT","idTypes":

[{"idType": "ID_CARD","acquisitionConfig": {"backSide": true}},{"idType":

"DRIVER_LICENSE","acquisitionConfig": {"backSide":

false}},{"idType":"PASSPORT","acquisitionConfig": {"backSide":

false}}]},{"countryName": "United states","countryCode": "USA","idTypes":

[{"idType": "ID_CARD","acquisitionConfig": {"backSide": false}},{"idType":

"DRIVER_LICENSE","acquisitionConfig": {"backSide": false}},{"idType":

"PASSPORT","acquisitionConfig": {"backSide": false}}]}],

"timestamp": "2013-04-10T07:38:25.332Z"

}

27

Callback An HTTP POST is sent to your specified callback URL (see Global Netverify settings chapter) containing an "application/x-www-form-urlencoded" formatted string with the result.

User journey state Scan state Callback

Not started Drop off before scan/upload

Pending Netverify: No callback Netverify Multi Document: Transaction will be cleaned-up from pending to failed after the authorization token lifetime; Callback: document status NO_DOCUMENT_PRESENT

Drop off during scan/upload Failed Transaction will be cleaned-up after 15 minutes Callback: verification status NO_ID_UPLOADED/document status NO_DOCUMENT_PRESENT

Finished Done ID verification will be performed Callback: verification/document status depends on the result (see sections below)

Netverify

The following parameters are posted to your callback URL for embedded Netverify, Netverify redirect and performNetverify. The values depend on the verification status.

Parameter Max. length

Approved and verified Fraud Unsupported ID type (*7)

Unsupported ID country (*7)

Name mismatch (*6)

Not readable ID (*8)

No ID uploaded

callBackType NETVERIFYID NETVERIFYID NETVERIFYID NETVERIFYID NETVERIFYID NETVERIFYID NETVERIFYID

clientIp 15 IP address of the client IP address of the client

IP address of the client





idFaceMatch 3 Face match percentage 0-100 (*4) - - - - - -

idCheckDataPositions OK N/A N/A N/A N/A N/A N/A

idCheckDocumentValidation OK N/A N/A N/A N/A N/A N/A

idCheckHologram OK N/A N/A N/A N/A N/A N/A

idCheckMRZcode OK for passports if MRZ check is enabled N/A otherwise

N/A N/A N/A N/A N/A N/A

idCheckMicroprint OK N/A N/A N/A N/A N/A N/A

idCheckSecurityFeatures OK N/A N/A N/A N/A N/A N/A

28

idCheckSignature OK N/A N/A N/A N/A N/A N/A

idCountry 3 ISO 3166-1 alpha-3 country code ISO 3166-1 alpha-3 ISO 3166-1 alpha-3 ISO 3166-1 alpha-3 ISO 3166-1 alpha-3 ISO 3166-1 alpha-3 ISO 3166-1 alpha-3

idScanStatus SUCCESS ERROR ERROR ERROR ERROR ERROR ERROR

idScanSource Possible values (*5): WEB_CAM WEB_UPLOAD REDIRECT_CAM REDIRECT_UPLOAD WEB API

Possible values (*5): WEB_CAM WEB_UPLOAD REDIRECT_CAM REDIRECT_UPLOAD WEB API






idType PASSPORT, DRIVING_LICENSE, ID_CARD

PASSPORT, DRIVING_LICENSE, ID_CARD

PASSPORT, DRIVING_LICENSE, ID_CARD, UNSUPPORTED





jumioIdScanReference 36 Jumio’s reference number for each scan

Jumio’s reference number for each scan






merchantIdScanReference 100 Your reference for each scan Your reference for each scan

Your reference for each scan





verificationStatus APPROVED_VERIFIED DENIED_FRAUD DENIED_UNSUPPORTED_ID_TYPE

DENIED_UNSUPPORTED_ID_COUNTRY

DENIED_NAME_MISMATCH

ERROR_NOT_READABLE_ID

NO_ID_UPLOADED

customerId 100 ID of the customer as provided ID of the customer as provided

ID of the customer as provided





idFirstName 200 First name of the customer First name of the customer, if provided

First name of the customer, if provided





idLastName 200 Last name of the customer Last name of the customer, if provided

Last name of the customer, if provided





idDob 10 Date of birth in the format yyyy-mm-dd

Date of birth, if provided






idExpiry 10 Date of expiry in the format yyyy-mm-dd

Date of expiry, if provided






idNumber 200 Identification number of the document

ID number, if provided






idUsState 100 If idType = DRIVING_LICENSE: Last two characters of ISO 3166-2:US state code Possible values if idType = PASSPORT or idType = ID_CARD: Last two characters of ISO 3166-

US state, if provided
















29

2:US state code ISO 3166-1 country name

idScanImage 255 URL to the image of the scan (JPEG or PNG), if available (*1)

URL to the image of the scan (JPEG or PNG), if available (*1)






idScanImageBackside 255 URL to the back side image of the scan (JPEG or PNG), if available (*2)

URL to the back side image of the scan (JPEG or PNG), if available (*2)






personalNumber 14 Personal number of the document Personal number, if provided

Personal number, if provided





idAddress Address as JSON object in US, EU or Raw format, see tables below (*3)

- - - - - -

additionalInformation 100 Additional information as provided Additional information as provided

Additional information as provided





rejectReason - Reject reason as JSON object, see tables below

- - - Reject reason as JSON object, see tables below

-

merchantReportingCriteria 100 Your reporting criteria for each scan

Your reporting criteria for each scan






(*1) For ID types that are configured to support a separate scan of front side and back side, this is the front side. If face match is enabled, this is the image of the ID and the picture of the face. To access it, use the HTTP GET method and HTTP Basic Authentication with your merchant API token as the "userid" and your API secret as the "password". Set "User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/VERSION" (e.g. MyCompany MyApp/1.0.0) in the "header" section of your request. The TLS protocol is required during the SSL handshake (see Supported cipher suites chapter) and we strongly recommend using the latest version. (*2) For ID types that are configured to support a separate scan of front side and back side, this is the back side. To access it, use the HTTP GET method and HTTP Basic Authentication with your merchant API token as the "userid" and your API secret as the "password". Set "User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/VERSION" (e.g. MyCompany MyApp/1.0.0) in the "header" section of your request. The TLS protocol is required during the SSL handshake (see Supported cipher suites chapter) and we strongly recommend using the latest version. (*3) Address recognition is performed for supported IDs, if activated in your Jumio merchant settings. There are three different address formats. You can see which format applies to specific IDs under "Data settings" in your Jumio merchant settings. Different address parameters are part of the JSON object, if they are available on the ID. (*4) Face match is performed for the sources WEB_CAM, REDIRECT_CAM and API, if enabled. (*5) WEB_CAM for embedded Netverify Web via camera, WEB_UPLOAD for embedded Netverify Web via upload, REDIRECT_CAM for Netverify Web redirect via camera, REDIRECT_UPLOAD for Netverify Web redirect via upload, WEB for Netverify Multi Document, API for performNetverify (*6) Name match is performed, if you pass first and last name to Netverify redirect.



30

(*7) Scan is declined as unsupported, if the provided ID is not supported by Jumio or not accepted in your Netverify settings. (*8) Scan is declined as not readable, if the customer does not provide an ID which is able to be processed during all three tries (see reject reasons below), or if the ID is able to be processed but enabled fields are not readable during the ID verification.

US address format

Parameter Max. length Description

city 64 City

state 2 Last two characters of ISO 3166-2:US state code

streetName 64 Street name

streetSuffix 14 Examples include: ALY=ALLEY, ANX=ANNEX, ARC=ARCADE, AVE=AVENUE, BYU=BAYOO, BCH=BEACH, BND=BEND, BLF=BLUFF, BLFS=BLUFFS, BTM=BOTTOM, BLVD=BOULEVARD, BR=BRANCH, BRG=BRIDGE, BRK=BROOK, BRKS=BROOKS, BG=BURG, BGS=BURGS, BYP=BYPASS, CP=CAMP, CYN=CANYON, CPE=CAPE, CSWY=CAUSEWAY, CTR=CENTER, CTRS=CENTERS, CIR=CIRCLE, CIRS=CIRCLES, CLF=CLIFF, CLFS=CLIFFS, CLB=CLUB, CMN=COMMON, COR=CORNER, CORS=CORNERS, CRSE=COURSE, CT=COURT, CTS=COURTS, CV=COVE, CVS=COVES, CRK=CREEK, CRES=CRESCENT, CRST=CREST, XING=CROSSING, XRD=CROSSROAD, CURV=CURVE, DL=DALE, DM=DAM, DV=DIVIDE, DR=DRIVE, DRS=DRIVES, EST=ESTATE, ESTS=ESTATES, EXPY=EXPRESSWAY, EXT=EXTENSION, EXTS=EXTENSIONS, FALL=FALL, FLS=FALLS, FRY=FERRY, FLD=FIELD, FLDS=FIELDS, FLT=FLAT, FLTS=FLATS, FRD=FORD, FRDS=FORDS, FRST=FOREST, FRG=FORGE, FRGS=FORGES, FRK=FORK, FRKS=FORKS, FT=FORT, FWY=FREEWAY, GDN=GARDEN, GDNS=GARDENS, GTWY=GATEWAY, GLN=GLEN, GLNS=GLENS, GRN=GREEN, GRNS=GREENS, GRV=GROVE, GRVS=GROVES, HBR=HARBOR, HBRS=HARBORS, HVN=HAVEN, HTS=HEIGHTS, HWY=HIGHWAY, HL=HILL, HLS=HILLS, HOLW=HOLLOW, INLT=INLET, I=INTERSTATE, IS=ISLAND, ISS=ISLANDS, ISLE=ISLE, JCT=JUNCTION, JCTS=JUNCTIONS, KY=KEY, KYS=KEYS, KNL=KNOLL, KNLS=KNOLLS, LK=LAKE, LKS=LAKES, LAND=LAND, LNDG=LANDING, LN=LANE, LGT=LIGHT, LGTS=LIGHTS, LF=LOAF, LCK=LOCK, LCKS=LOCKS, LDG=LODGE, LOOP=LOOP, MALL=MALL, MNR=MANOR, MNRS=MANORS, MDW=MEADOW, MDWS=MEADOWS, MEWS=MEWS, ML=MILL, MLS=MILLS, MSN=MISSION, MHD=MOORHEAD, MTWY=MOTORWAY, MT=MOUNT, MTN=MOUNTAIN, MTNS=MOUNTAINS, NCK=NECK, ORCH=ORCHARD, OVAL=OVAL, OPAS=OVERPASS, PARK=PARK, PARK=PARKS, PKWY=PARKWAY, PKWY=PARKWAYS, PASS=PASS, PSGE=PASSAGE, PATH=PATH, PIKE=PIKE, PNE=PINE, PNES=PINES, PL=PLACE, PLN=PLAIN, PLNS=PLAINS, PLZ=PLAZA, PT=POINT, PTS=POINTS, PRT=PORT, PRTS=PORTS, PR=PRAIRIE, RADL=RADIAL, RAMP=RAMP, RNCH=RANCH, RPD=RAPID, RPDS=RAPIDS, RST=REST, RDG=RIDGE, RDGS=RIDGES, RIV=RIVER, RD=ROAD, RDS=ROADS, RTE=ROUTE, ROW=ROW, RUE=RUE, RUN=RUN, SHL=SHOAL, SHLS=SHOALS, SHR=SHORE, SHRS=SHORES, SKWY=SKYWAY, SPG=SPRING, SPGS=SPRINGS, SPUR=SPUR, SPUR=SPURS, SQ=SQUARE, SQS=SQUARES, STA=STATION, STRM=STREAM, ST=STREET, STS=STREETS, SMT=SUMMIT, TER=TERRACE, TRWY=THROUGHWAY, TRCE=TRACE, TRAK=TRACK, TRL=TRAIL, TUNL=TUNNEL, TPKE=TURNPIKE, UPAS=UNDERPASS, UN=UNION, UNS=UNIONS, VLY=VALLEY, VLYS=VALLEYS, VIA=VIADUCT, VW=VIEW, VWS=VIEWS, VLG=VILLAGE, VLGS=VILLAGES, VL=VILLE, VIS=VISTA, WALK=WALK, WALK=WALKS, WALL=WALL, WAY=WAY, WAYS=WAYS, WL=WELL, WLS=WELLS

streetDirection 4 Examples include: E=EAST, W=WEST, N=NORTH, S=SOUTH


31

streetNumber 14 Street number

unitDesignator 14 Examples include: APT=APARTMENT, BSMT=BASEMENT, BLDG=BUILDING, DEPT=DEPARTMENT, FL=FLOOR, FRNT=FRONT, HNGR=HANGAR,LBBY=LOBBY, LOT=LOT, LOWR=LOWER, OFC=OFFICE, PH=PENTHOUSE, PIER=PIER, REAR=REAR, RM=ROOM, SIDE=SIDE, SLIP=SLIP,SPC=SPACE, STOP=STOP, STE=SUITE, TRLR=TRAILER, UNIT=UNIT, UPPR=UPPER

unitNumber 14 Unit number

zip 14 Zip code

zipExtension 20 Zip extension

country 3 ISO 3166-1 alpha-3 country code

EU address format

Parameter Max length Description

city 64 City

province 64 Province

streetName 64 Street name

streetNumber 15 Street number

unitDetails 64 Unit details

postalCode 15 Postal code


Raw address format


line1 100 Line item 1






postalCode 15 Postal code, if available

city 64 City




32

Reject reason


rejectReasonCode 5 Possible codes and descriptions for verification status DENIED_FRAUD: 100 MANIPULATED_DOCUMENT 105 FRAUDSTER 106 FAKE 107 PHOTO_MISMATCH 108 MRZ_CHECK_FAILED Possible codes and descriptions for verification status ERROR_NOT_READABLE_ID: 102 PHOTOCOPY_BLACK_WHITE 103 PHOTOCOPY_COLOR 104 DIGITAL_COPY 200 NOT_READABLE_DOCUMENT 201 NO_DOCUMENT 202 SAMPLE_DOCUMENT 205 PUNCHED_DOCUMENT 206 MISSING_BACK 207 WRONG_DOCUMENT_PAGE 209 MISSING_SIGNATURE 210 CAMERA_BLACK_WHITE 211 DIFFERENT_PERSONS_SHOWN 300 MANUAL_REJECTION

rejectReasonDescription 64

rejectReasonDetails Reject reason details as JSON array containing JSON objects, if available Possible for reject reason codes 100 and 200

Reject reason details


detailsCode 5 Possible code and description details for reject reason code 100: 1001 PHOTO 1002 DOCUMENT_NUMBER 1003 EXPIRY

detailsDescription 32

33

1004 DOB 1005 NAME 1006 ADDRESS 1007 SECURITY_CHECKS 1008 SIGNATURE Possible code and description details for reject reason code 200: 2001 BLURRED 2002 BAD_QUALITY 2003 MISSING_PART_DOCUMENT 2004 HIDDEN_PART_DOCUMENT 2005 DAMAGED_DOCUMENT

Sample callback: Approved and verified idExpiry=2022-12-31&idType=PASSPORT&idDob=1990-01-

01&idCheckSignature=OK&idCheckDataPositions=OK&idCheckHologram=OK&idCheckMicroprint=OK&idCheckDocumentValidation=OK&idCountry=USA&id

ScanSource=WEB_UPLOAD&idFirstName=FIRSTNAME&verificationStatus=APPROVED_VERIFIED&jumioIdScanReference=xxxxxxxx-xxxx-xxxx-xxxx-

xxxxxxxxxxxx&personalNumber=N%2FA&merchantIdScanReference=YOURIDSCANREFERENCE&idCheckSecurityFeatures=OK&idCheckMRZcode=OK&idScanIma

ge=https%3A%2F%2Fnetverify.com%2Frecognition%2Fv1%2Fidscan%2Fxxxxxxxx-xxxx-xxxx-xxxx-

xxxxxxxxxxxx%2Ffront&callBackType=NETVERIFYID&clientIp=xxx.xxx.xxx.xxx&idLastName=LASTNAME&idAddress=%7B%22country%22%3A%22USA%22%2C

%22state%22%3A%22OH%22%7D&idScanStatus=SUCCESS&idNumber=P1234

Sample callback: Fraud idType=PASSPORT&idCheckSignature=N%2FA&rejectReason=%7B%20%22rejectReasonCode%22%3A%22100%22%2C%20%22rejectReasonDescription%22%3A%2

2MANIPULATED_DOCUMENT%22%2C%20%22rejectReasonDetails%22%3A%20%5B%7B%20%22detailsCode%22%3A%20%221001%22%2C%20%22detailsDescription%2

2%3A%20%22PHOTO%22%20%7D%2C%7B%20%22detailsCode%22%3A%20%221004%22%2C%20%22detailsDescription%22%3A%20%22DOB%22%20%7D%5D%7D&idCheckD

ataPositions=N%2FA&idCheckHologram=N%2FA&idCheckMicroprint=N%2FA&idCheckDocumentValidation=N%2FA&idCountry=USA&idScanSource=WEB_UPLO

AD&verificationStatus=DENIED_FRAUD&jumioIdScanReference=xxxxxxxx-xxxx-xxxx-xxxx-

xxxxxxxxxxxx&merchantIdScanReference=YOURSCANREFERENCE&idCheckSecurityFeatures=N%2FA&idCheckMRZcode=N%2FA&idScanImage=https%3A%2F%2F

netverify.com%2Frecognition%2Fv1%2Fidscan%2Fxxxxxxxx-xxxx-xxxx-xxxx-

xxxxxxxxxxxx%2Ffront&callBackType=NETVERIFYID&clientIp=xxx.xxx.xxx.xxx&idScanStatus=ERROR

34

Netverify Multi Document

The following parameters are posted to your callback URL for Netverify Multi Document. The values depend on the document status.

Parameter Max. length

Document present No document present Denied unsupported document type

callBackType DOCUMENT DOCUMENT DOCUMENT

clientIP 15 IP address of the client as provided IP address of the client as provided IP address of the client as provided

customerID 100 ID of the customer as provided ID of the customer as provided ID of the customer as provided

documentPageImageUrls 255 URL(s) to the image(s) of the scanned document(s) (JPEG or PNG) The parameter value is formatted with surrounding squared brackets, separating the two image URLs (credit card front and back side) with ",". To access an image, use the HTTP GET method and HTTP Basic Authentication with your merchant API token as the "userid" and your API secret as the "password". Set "User-Agent: YOURCOMPANYNAME YOURAPPLICATIONNAME/VERSION" (e.g. MyCompany MyApp/1.0.0) in the "header" section of your request The TLS protocol is required during the SSL handshake (see Supported cipher suites chapter) and we strongly recommend using the latest version.

- -

documentStatus DOCUMENT_PRESENT NO_DOCUMENT_PRESENT DENIED_UNSUPPORTED_DOCUMENT_TYPE

documentType 5 BS (Bank statement, front side) CC (Credit card, front and back side) IC (Insurance card, front side) UB (Utility bill, front side) CAAP (Cash advance application, front and back side) CRC (Corporate resolution certificate, front and back side) CCS (Credit card statement, front and back side) LAG (Lease agreement, front and back side) LOAP (Loan application, front and back side) MOAP (Mortgage application, front and back side) TR (Tax return, front and back side) VT (Vehicle title, front side) VC (Voided check, front side) STUC (Student card, front side) HCC (Health care card, front side) CB (Council bill, front side) SENC (Seniors card, front side) MEDC (Medicare card, front side)

BS (Bank statement, front side) CC (Credit card, front and back side) IC (Insurance card, front side) UB (Utility bill, front side) CAAP (Cash advance application, front and back side) CRC (Corporate resolution certificate, front and back side) CCS (Credit card statement, front and back side) LAG (Lease agreement, front and back side) LOAP (Loan application, front and back side) MOAP (Mortgage application, front and back side) TR (Tax return, front and back side) VT (Vehicle title, front side) VC (Voided check, front side) STUC (Student card, front side) HCC (Health care card, front side) CB (Council bill, front side) SENC (Seniors card, front side) MEDC (Medicare card, front side)

CC (Credit card, front and back side)

35

BC (Birth certificate, front side) WWCC (Working with children check, front side) SS (Superannuation statement, front side) TAC (Trade association card, front side) SEL (School enrolment letter, front side) PB (Phone bill, front side)

BC (Birth certificate, front side) WWCC (Working with children check, front side) SS (Superannuation statement, front side) TAC (Trade association card, front side) SEL (School enrolment letter, front side) PB (Phone bill, front side)

merchantScanReference 100 Your reference for each scan Your reference for each scan Your reference for each scan

jumioScanReference 36 Jumio’s reference number for each scan Jumio’s reference number for each scan Jumio’s reference number for each scan

merchantReportingCriteria 100 Your reporting criteria for each scan Your reporting criteria for each scan Your reporting criteria for each scan

Sample callback: Document present jumioScanReference=xxxxxxxx-xxxx-xxxx-xxxx-

xxxxxxxxxxxx&documentType=CC&merchantScanReference=YOURSCANREFERENCE&documentPageImageUrls=%5Bhttps%3A%2F%2Fnetverify.com%2Frecognit

ion%2Fv1%2Fdocuments%2Fxxxxxxxx-xxxx-xxxx-xxxx-

xxxxxxxxxxxx%2Fimages%2F512ccacce4b08a828bd46ec8%2C+https%3A%2F%2Fnetverify.com%2Frecognition%2Fv1%2Fdocuments%xxxxxxxx-xxxx-xxxx-

xxxx-xxxxxxxxxxxx%2Fimages%2F512ccacce4b08a828bd46ecd%5D&callBackType=DOCUMENT&customerID=CUSTOMERID&documentStatus=DOCUMENT_PRESENT

Sample callback: No document present jumioScanReference=xxxxxxxx-xxxx-xxxx-xxxx-

xxxxxxxxxxxx&documentType=CC&merchantScanReference=YOURSCANREFERENCE&callBackType=DOCUMENT&customerID=CUSTOMERID&documentStatus=NO_D

OCUMENT_PRESENT

Sample callback: Denied unsupported document type jumioScanReference=xxxxxxxx-xxxx-xxxx-xxxx-

xxxxxxxxxxxx&documentType=CC&merchantScanReference=YOURSCANREFERENCE&callBackType=DOCUMENT&customerID=CUSTOMERID&documentStatus=DENI

ED_UNSUPPORTED_DOCUMENT_TYPE

36

Global Netverify settings In your Jumio merchant settings, you can configure the following values.

Application settings

Callback URL Provide an HTTPS callback URL using the TLS protocol. Ports are not allowed. Whitelist the following IP addresses for callbacks, and use these to verify that the callback originated from Jumio: 50.57.26.240, 50.57.26.241, 50.57.26.248, 50.57.26.249. You can look up the IP addresses with the host name "callback.jumio.com". Success and error URLs Specify your own redirect pages for success and error. We strongly recommend providing HTTPS URLs using the TLS protocol. Ports are not allowed. Data deletion Select a time interval to enable permanent purge of sensitive data. Fraud transaction data can be excluded from the deletion.

Customize client

Specify Netverify base and message colors for your own look and feel per locale. Any configuration which is not set will first default to the language (e.g. EN_GB to EN), then to your default setup, and finally to the Jumio standard.

37

Accepted IDs

You can configure accepted IDs per region or country. The default setup includes all countries and ID types supported by Jumio at the time when your account was created. Note: You can enable the option to automatically accept newly supported IDs by Jumio. Per region configuration

Per country configuration

38

Data settings

You can choose which fields should be processed during the ID verification. Mandatory fields Mandatory fields will be returned in the callback for all Jumio supported IDs, if enabled.

Optional fields Optional fields will be returned in the callback under certain conditions, if enabled.

Note: To perform the MRZ check, the fields date of birth, expiry and personal number will be processed during the ID verification and returned in the callback, if available on the ID.

39

Supported cipher suites The following cipher suites (listed in server-preferred order) are supported by Jumio during the SSL handshake:

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA

TLS_RSA_WITH_AES_256_GCM_SHA384

TLS_RSA_WITH_AES_256_CBC_SHA256

TLS_RSA_WITH_AES_256_CBC_SHA

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA

TLS_RSA_WITH_AES_128_GCM_SHA256

TLS_RSA_WITH_AES_128_CBC_SHA256

TLS_RSA_WITH_AES_128_CBC_SHA

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA

TLS_RSA_WITH_RC4_128_SHA

Documents

Netverify-implementation-guide v1 7 5