KYC Web SDK
Introduction
The KYC web SDK is a versatile component that allows you to easily handle verification submission process in your web application. The purpose of the SDK is to simplify the integration of our clients to the KYC app. Using the SDK customisable configuration, the end user would be able to complete the KYC process using either the mobile app or the web app.
How the SDK works
The main highlights of KYC web SDK are as follows:
- The KYC web SDK can be easily embedded in any web application as a reusable web component, declared just like any other HTML element. By using the SDK as an embedded component, the entire journey can be handled within your own domain without the need for redirection to a new domain.
- With a customized configuration object, you can set up the SDK according to your preferences. For example, you can determine the dimensions of the SDK placeholder to make it fill the entire screen or give it a partial view on your page.
- By providing a channel name (mobile or web) in the SDK configuration data, the end user can proceed with the verification submission process either through a web browser or by installing the KYC mobile app on their phone.
- The SDK event broadcast is a useful tool that provides visibility into user activity from the beginning to the end of the verification submission journey. It allows you to respond to user interactions during the verification submission journey by implementing a desired event handler.
SDK Integration Guide
Integrating the KYC Web SDK into your web application is a simple and straightforward process. You can follow the integration steps outlined in the following recipe:
How to generate the token
-
Use the below endpoint to generate the temporary token and to use the same in below SDK initialisation flow
Access token endpoint: https://XXXX-prod.auth.ap-southeast-2.amazoncognito.com/oauth2/token
Method : POST
Authorization: BASIC
Note : the alias ‘XXXX’ in the access token URL needs to be replaced with the alias of your tenancy
(where ‘XXXX’ is the alias name) -
Request parameters in header
Parameter Required Value Authorization Required Basic base64 of username:password
Note Truuth team will share this informationContent-Type Required Must always be 'application/x-www-form-urlencoded' -
Request parameters in body (Form URL Encoded)
Parameter Required Value grant_type Required client_credentials client_id Required truuth team will share this scope Required websdk/websdk:run -
Note: Store the username and password into your backend service and call this token service. Then pass the token back to frontend to send the same to the SDK initialisation.
How to initialise the SDK
To initialise the SDK, you can use the truuthKYCWebSdk.init(config) method, which takes a configuration JSON object as input.
In the config object, you can provide specific values for the properties based on your requirements. Adjust the property names and values accordingly to customise the initialisation of the SDK for your web application.
- config (JSON Object): The customised configuration used to initialize the SDK. The schema of the config JSON object is defined as follows:
| Parameter | Type | Required | Description |
|---|---|---|---|
| tenant | String | Required | Tenant alias with all letters in lower case. |
| token | String | Required | The access token required for calling SDK endpoints. Refer above How to generate the token section |
| apiUrl | String | Required | The base URL used for the verification submission process. Please set https://portal.api.au.truuth.id/kyc/ as the value for the AU region and https://portal.api.eu.truuth.id/kyc/ for the EU region. Note: Replace "au" and "eu" with the appropriate region code. |
| width | String | Optional | The width of the SDK element in percentage. |
| height | String | Optional | The height of the SDK element in percentage. |
| config | Object | Required | The configuration object containing additional settings for the SDK initialization. Please refer to the 'Configuration' section for more details on the properties and their values. |
Configuration
| Parameter | Type | Required | Description |
|---|---|---|---|
| String | Required | The customer's email id to save as part of the verification record | |
| givenName` | String | Optional | The customer's legal given name, also known as the first name. |
| familyName` | String | Optional | The customer's legal family name, also known as the last name or surname. |
| middleName` | String | Optional | The customer's legal middle name. |
| gender` | String | Optional | The gender of the customer can be specified using 'M' for male, 'F' for female, or 'O' for others. |
| mobileNumber` | String | Optional | The customer's contact number. |
| dateOfBirth` | String | Optional | The customer's date of birth in the format "YYYY-MM-DD". |
| externalRefId | String | Optional | The reference ID. Please enter only alphanumeric characters. |
| options | Object | Optional | Additional options for customisation. Please refer to the 'Options' section for more details on the properties and their values. |
Options
| Parameter | Type | Required | Description |
|---|---|---|---|
| channel | String | Optional | Specifies the channel for the verification submission process. Possible values include "MOBILE" for the mobile app channel and "WEB" for the web app channel. If provided, the end user will proceed with the verification submission either through the web browser or by installing the KYC mobile app on their phone. |
| proofingFrameworks | String [] | Optional | This is configured as part of your subscription. This is an optional field. Service will pick the first proofing framework by default. Please contact Truuth to get the list of proofing frameworks as per your subscription and you can send the exact value here. |
| timeout | Number | Optional | The amount of time in seconds to wait for the verification result. The default value is 60 seconds. If the result is not received within this timeout, the process will be considered as timed out. |
| timeoutMessage | String | Optional | A custom message to be displayed if the verification processing takes longer than expected. If no value is set, the SDK will use the default message. |
| showWelcomePage | Boolean | Optional | true if the identity owner should see the Welcome page in the truuth KYC app otherwise set it to false. Default is true. |
| showTermsAndConditionsPage | Boolean | Optional | true if the identity owner should see the Terms and conditions page in the truuth KYC app otherwise set it to false. Default is true. |
| sanctionsAndPepCheckRequired | Boolean | Optional | Wish to do a more detailed investigation of a user’s background, mainly for employment purposes. After verifying a person’s identity, this check does the following searches. Defaults to false. |
| businessVerificationRequired | Boolean | Optional | A Company Enquiry product provides the credit records of a company together with public record information, ASIC data as it exists on the Veda database, plus fresh PPSR Grantor Search information on Companies. The user needs to supply an ACN so we can use it to retrieve the report from Equifax. Defaults to false. |
| identityOwnerCheckSource | string | Optional |
Logging Event Information
As mentioned, the SDK Event broadcast helps provide visibility into user activity from the beginning to the end of the verification submission journey and allows you to respond to user interactions in the verification submission journey by implementing a desired event handler in your code.
The "detail" property of each event provides details about that event. The fields of the "detail" property dispatched by the SDK are as follows:
- type: It specifies the main event types triggered during the verification submission process. You can find a full list of event types in the following table.
- tenant: It indicates the tenant alias on which the SDK has been set up.
- verificationId: This can be transaction identifier.
- timestamp: It indicates event's creation date.
- body: This is an optional field that provides additional details about the event type. You can find more information about the body structure in the following table.
| Type | Body | Comments |
|---|---|---|
| VERIFICATION_STATUS_CHANGED | { "currentStatus": "string", "previousStatus": "string" } | |
| VERIFICATION_CREATED | ||
| VERIFICATION_SUBMISSION_STARTED | ||
| VERIFICATION_SUBMISSION_COMPLETED | ||
| VERIFICATION_SUBMISSION_ABORTED | { "abortedReasonCode": "string" } | Please note that the specific aborted reason codes and their meanings can be found in the 'Aborted Reason Codes' section, which provides more details regarding the possible reasons for the verification submission being aborted. |
| ERROR | { "name": "string", "message": "string" } | Please refer to 'Error Codes' section for more details. |
| VERIFICATION_PROCESSING_STARTED | ||
| VERIFICATION_COMPLETED | [ { "proofingType": { "code": "string", "name": "string" }, "proofingStatus": string, "userBehaviourChecks": [{ "name": "string", "type": "string", "status": "string" }], "documents":[{ "status": "string", "securityChecks":[{ "name": "string", "type": "string", "status": "string" }] }] } ] | |
| TERMS_AND_CONDITION_ACCEPTED | ||
| TERMS_AND_CONDITION_DECLINED | ||
| VERIFICATION_PROCESSING_TIMEOUT |
- Aborted Reason Codes
| Name | Description |
|---|---|
| UserRequested | If the user taps on 'Come back later' during the KYC submission process, an event of type "VERIFICATION_SUBMISSION_ABORTED" will be captured. The event object for this type would include the "abortedReasonCode" property, which indicates the reason for the verification submission being aborted. |
- Error Codes
| Name | Message | Comments |
|---|---|---|
| InvalidTenantError | Tenant not found. | |
| UnauthorizedError | Please check your token and make sure your token has not been expired. | |
| BadRequestError | Invalid request. Please check SDK parameters provided. [(Parameter: <param_name>)] | |
| Error | It looks like something went wrong. Please try again and if the problem still persists please contact your service provider. | |
| UnsupportedPlatformError | Sorry, your operating system is not supported. This probably means you have an old phone, or have not updated your phone’s software. Please update and try again, or try on a newer phone. | It can be replicated by trying KYC web invitation on Safari < 13.0. |
| JailBreakDetectedError | This device is jailbroken or rooted. For security reasons, you can't use this app. If you are using Android, you may have Developer Options turned on. Please check your Settings and turn them off. | It can be replicated by trying KYC mobile invitation on a jailbroken / rooted phone. |
| AppUpdateError | It looks like your version of the app is out of date. Please uninstall Truuth ID and start again by clicking on the link in your email. | It can be replicated by trying KYC mobile invitation using an old version of mobile app installed on the phone. |
Mobile and Desktop Browser Support
The KYC Web SDK supports the following browsers on different platforms:
- iOS: iOS Safari (version >= 13.0) and Chrome.
- Android: Chrome and Samsung Internet browser.
- Desktop: Firefox, Chrome, Samsung Internet, and Safari.
Please ensure that the specified browser versions are met for optimal compatibility and functionality with the KYC Web SDK.
Compatibility and Versioning
If the channel is selected as "mobile" in the SDK configuration, the KYC mobile app needs to be installed on the end user's phone as the KYC app platform.
- The KYC mobile app is compatible with Android devices running version 5.0 and above, with android:minSdkVersion="21" and android:targetSdkVersion="33" specified.
- For iOS devices, the KYC mobile app is compatible with iOS version 11.0 and above.
Also, the latest version of KYC web SDK is '1.0'.
Updated about 1 month ago