Setup

App Drop-in

Web SDK

API Only

Setup

This page provides guidance on preparing to integrate European Identity Verification solution via the App Drop-in, Web SDK, or API only.

See also

See the integration guides for:
• French solution
• German solution
• Italian solution
• Spanish solution

For the Portuguese solution, follow the French solution integration guide.

Before you begin your integration, make sure you have the following in place:

Prerequisites

• You need your Fourthline API key.
• Agree with your implementation manager the identifiers of your product and market-specific workflows.
  For default options, see Create workflow.

Statuses

Set up handling for Identity Verification statuses.

Webhook

Set up a webhook and handling for the Identity Verification notifications.

Configuration

Discuss with your implementation manager the following configuration options:

Module	Configuration
Documents	Document types and nationalities per country See also: Supported ID documents
	Required ID document photos: • Flat only • Flat and titled to check security features
	Document NFC included or not See also: Supported ID documents
	Second ID document module included or not Required in Czech Republic and Luxembourg
	Tax number module included or not
	Address on the ID document included in the CDD Report and output XML file or not
	Document issuing country included in the CDD Report and output XML file or not
	Raw VIZ data including special characters with diacritics shared or not
	Duplicated ID document check
Biometrics	Selfie audio included or not
Location	Supported countries See also: Prohibited countries
	Physical Proof of Address included or not
	Required geolocation data groups See also: Upload identity data > deviceMetaData
AML Screening	The number of hits that triggers your threshold for automatic rejection
	Four-eyes review of confirmed hits by Fourthline human agents included or not
	Your sensitivity list screened or not See also: Sensitivity list
Platform	Deployment model: • Shared deployment • Dedicated deployment
	Operating model: • Fourthline operated • Fourthline powered
	Enhanced risk score for Italian clients required or not
	Fourthline Dashboard included or not
Client	Fourthline usually supports a minimum age of 18 years, but for Web SDK integrations you can configure this to 16 years.

Data collection and upload

Configurable

Determine how clients' identity data is collected and uploaded to Fourthline:

Diacritics service

Configurable

On request, Fourthline can share raw VIZ data with special characters with diacritics (on a best-effort basis) for ID documents issued by:

• France
• Germany
• Netherlands
• Poland
• Portugal
• Spain

The raw data is returned in the Get case status response as a RawVizReading JSON object.
This data isn't included in the CDD Report or output XML file.

"RawVizReading":[
  {
    "FieldName":"FirstName",
    "FieldValue":"WILLEKÉ LISELÖTTE"
  },
  {
    "FieldName":"GivenNames",
    "FieldValue":"DÖ BRUIJN"
  },
  {
    "FieldName":"DateOfBirth",
    "FieldValue":"650310"
  },
  {
    "FieldName":"Gender",
    "FieldValue":"F"
  },
  {
    "FieldName":"PlaceOfBirth",
    "FieldValue":"SPECIMEN"
  },
  {
    "FieldName":"Nationality",
    "FieldValue":"NËDÉRLÁNDSE"
  },
  {
    "FieldName":"CountryCode",
    "FieldValue":"NÈD"
  },
  {
    "FieldName":"DocumentNumber",
    "FieldValue":"SPÉCI2014"
  },
  {
    "FieldName":"IssueDate",
    "FieldValue":"140309"
  },
  {
    "FieldName":"ExpiryDate",
    "FieldValue":"240309"
  },
  {
    "FieldName":"DocumentType",
    "FieldValue":"P"
  }
]

Our AI agent was trained on the following characters:

Note

Fourthline human agents don't check special characters fields during case processing.
The diacritics service doesn't affect case processing or data correction in any way.

Duplicated ID document check

Configurable

You can configure Fourthline to check if the ID document number provided has been used before. This can help prevent fraudsters from using stolen documents.

However, sometimes legitimate clients may need to re-use a document number, e.g. if they:

• Want to open a new type of account with you
• Delete the Fourthline app and can't sign back in
• Need to re-submit a case that was sent back

In such cases, you need to clear the ID document data from the client's profile:

• The status of the client's Identity Verification case must have changed from new to pending.
• The status of the original case doesn't change when you reset the document.
  
  

Important

Resetting a document doesn't delete the client's personal data from their profile.
To remove personal data completely from our system, the client must make a formal deletion request under the GDPR.
For more information, contact your implementation manager.

Use the following requests as required:

User guide

Identity files

When making an Upload identity files request, check the following guidance:

• Always upload the client's primary ID document first, and then the second ID document (if required).
• Make a separate request for each DocumentType, but you can include multiple identity files of the same type in one request.
• Set all required parameters, or the identity file is ignored.
• For a single clientId, every filename must be unique.
• If an ID document contains an NFC chip, you must afterwards upload an EmbeddedFace file (the portrait on the NFC chip) in a separate request, including the ID document's DocumentNumber.
  Don't upload an EmbeddedFace file if the ID document doesn't contain an NFC chip, or you can't start case processing.
• To add new or extra identity files for an already uploaded identity file, include the correct DocumentType and DocumentNumber (if relevant) in the request, or we will add it as a new identity file.
• To modify the content or details of an already uploaded identity file, include the same DocumentType and DocumentNumber and fileName, or we will add it as a new identity file.
• You can't update PDF documents.
• For document and selfie videos, we support the following formats:
  • MP4
  • WEBM
  • WEBM;CODECS=VP8
  • MKV
  • x-MATROSKA

The following files are required per document type:

Special characters

To standardize data entered by the client and extracted from the VIZ in line with the MRZ, Fourthline applies the International Civil Aviation Organization (ICAO) transliteration standard in Doc 9303: Machine Readable Travel Documents.

The CDD Report and output XML file include the transliterated data.

Characters with diacritics are converted into simplified Latin characters as follows:

Diacritics transliteration

Diacritic	Transliteration
Å	AA
Æ	AE
À Á Â Ã Ā Ă Ą	A
Ä	AE Austria, Belgium, Estonia, Finland, Germany, Sweden, Switzerland A Netherlands
ẞ	SS
Ç Ć Ĉ Ċ Č	C
Ď Ð	D
È É Ê Ë Ē Ė Ę Ĕ (0114) Ě (011A)	E
Ĝ Ğ Ġ Ģ	G
Ĥ Ħ	H
Ì Í Î Ï Ĩ Ī Ĭ Į İ I (0131)	I
Ĵ	J
Ķ	K
Ĺ Ļ Ľ Ŀ Ł	L
Ń Ņ Ň Ŋ	N
Ñ	N Argentina, Bolivia, Latvia, Mexico, Philippines, Poland, Slovakia, Spain NXX Chile, Costa Rica, Dominican Republic, Ecuador, El Salvador, Guatemala, Paraguay, Peru, Uruguay Fourthline then transliterates NXX to N
Ø Œ	OE
Ò Ó Ô Õ Ō Ŏ Ő	O
Ö	OE Austria, Belgium, Estonia, Finland, Germany, Hungary, Iceland, Norway, Sweden, Switzerland O Turkey, Netherlands
Ŕ Ŗ Ř	R
Ś Ŝ Ş Š	S
Ţ Ť Ŧ	T
Ù Ú Û Ũ Ū Ŭ Ů Ű Ų	U
Ü	UE Austria, Belgium, Estonia, Germany, Hungary, Switzerland U Philippines, Turkey, Netherlands, Spain
Þ	TH
Ŵ	W
Ý Ŷ Ÿ	Y
Ź Ż Ž	Z

Supported countries

We never onboard clients in Fourthline's list of prohibited countries and you can't configure this. The list may change over time, e.g. depending on European sanctions.

More information

For the complete list of supported countries and territories and all checks we perform, request our CDD Policy from your implementation manager.

Supported ID documents

To check which ID documents Fourthline supports in different countries and whether they contain an NFC chip, make a Get ID documents request.

More information

For the complete list of supported ID documents and all checks we perform, request our CDD Policy from your implementation manager.

Testing

Fourthline's platform is built to detect real faces and authentic ID documents with correctly matching personal data. This means, by the nature of our business, we can't provide dummy documents, photos, files, or data for testing.

To test your Identity Verification solution:

1. Use official specimen documents, or the real ID documents and data of your colleagues, to create test cases in the sandbox environment.

2. Use the Set test outcome endpoint to set the outcome for test cases when they reach a specific status.

3. To safeguard the privacy of your colleagues and their data, when you have finished testing, contact your implementation manager to delete all testing data from the sandbox.

More information

For more information about how Fourthline protects data, see Security & Compliance.

Set test outcomes

In the sandbox environment, you can make a Set test outcome request to set the outcome for an Identity Verification case when it reaches a specific status.

How it works

• When you make the Set test outcome request, the case status must be new.
• You receive webhook notifications as normal.
• To download the CDD Report for test cases, you must wait for the case status to change from pending to the final status.

The request flow per integration option is as follows:

Limitations

• This endpoint works for Identity Verification workflows only, not for workflows that also include Qualified Electronic Signature and/or Bank Account Verification.
• You can set 1 risk code or 1 or more status codes, but not both a risk code and status code(s) in 1 request.
• ID document security features aren’t included in the CDD Report for test cases.
• Data points that are extracted from the ID document in real cases, or corrected by Fourthline agents, aren't included in the CDD Report, output XML, or Get case status response.
• The supported statuses and outcomes depend on your configuration, and some can't be tested with this endpoint.
• You can’t further configure this endpoint, e.g. by adding or removing checks or data points.
• The endpoint can return a fraud outcome even if the test case isn't fraudulent.

Supported statuses

You can apply outcomes when the case reaches the following statuses:

• completed
• inconsistent_data
• pending

Supported outcomes

You can set the following outcomes when the case reaches the specified status using the relevant risk code or status code(s):

Support

For any questions, contact your implementation manager.

Top of page