Onfido support was added to CAS in version 20210427.
Onfido helps companies see real identity – the humans behind the screens – using world-leading AI and identity experts. Your customers can prove their identities, wherever they are, with just an ID and their face.
- from https://onfido.com/
To use Onfido identity verification in your Operation, you must modify your CAS configuration as described in this article.
Install NGINX and Let’s Encrypt before continuing.A reverse proxy is required. |
Api Key: Setup your account with them to acquire the necessary API key.
Verification Site URL: guidelines found here on our Github page.
Onfido region: EU, US, or CA (default = “EU”)
Set your Registration requirements to “Nothing. Direct customer to identity verification service via SMS”:
Set your Authentication methods & limits as you normally would.
A phone number is (the minimum) required for Authentication.
After Onfido processes your customer at the BATM, any newly proven Identity will be added to one of these two categories: Registered, or Not Registered.
Click the edit icon on the “Nothing….” button to view this option.
the customer Identity will be added to “Not Registered”
the customer Identity will be added to “Registered”:
Your customer chooses Registration during a transaction.
Their (required) phone number is collected.
Your customer will be sent further instructions via SMS (from Onfido). The link expires in 90 minutes.
They click through and submit the requested documents.
They’re notified of the results via SMS.
If the Autoregister option is enabled, and the customer is approved, then a new Registered Identity is automagically created.
If Autoregister is disabled, or Onfido has trouble with any of the submitted documents, then a new “Awaiting Registration” Identity is created.
Footnotes at the bottom of the Identity page will show what (if any) documents failed inspection.
Messages to your customers can be set in your Terminal’s Custom Strings:
See https://generalbytes.atlassian.net/l/c/FmAMHNPM for more details about Custom Strings.
If you use a Standalone CAS, and the SMS link steers you to a blank page, please check your configuration.
The file /batm/config/hostname must be present and contain your server's domain name:
cat /batm/config/hostname |
that should return your domain name. If empty, add the default to CAS by using:
su -c 'hostname > /batm/config/hostname' |
If you know your domain name, and wish to enter it specifically (recommended), use:
su -c 'echo your.host.name > /batm/config/hostname' |
replace “your.host.name" with the fully qualified domain name (e.g. example.yourcasdomain.com).
Onfido results | CAS status of Identity | |
|---|---|---|
| 1 | CLEAR | Registered when auto-registration is enabled. When auto-registration is disabled, the Identity becomes: Awaiting Registration |
| 1 | Onfido results | CAS status of Identity |
|---|---|---|
| 2 | SUSPECTED_COMPROMISED_DOCUMENT | Identity rejected |
| 3 | SUSPECTED_DATA_CONSISTENCY | |
| 4 | SUSPECTED_POLICE_RECORD
| |
| 5 | SUSPECTED_VISUAL_CONSISTENCY | |
| 6 | SUSPECTED_DATA_VALIDATION | |
| 7 | SUSPECTED_FACE_COMPARISON |
Onfido results | CAS status of Identity | |
|---|---|---|
| 1 | REJECTED_AGE_VALIDATION | Rejected. The customer will need to retry the registration process again. |
| 2 | REJECTED_IMAGE_INTEGRITY |
Onfido results | CAS status of Identity | |
|---|---|---|
| 1 | CAUTION_VISUAL_CONSISTENCY | Awaiting registration. Demands manual verification, even if auto registration set up. |
| 2 | CAUTION_IMAGE_INTEGRITY | |
| 3 | CAUTION_DATA_COMPARISO | |
| 4 | CAUTION_FACIAL_COMPARISON | |
| 5 | CAUTION_DATA_VALIDATION | |
| 6 | CAUTION_DATA_CONSISTENCY |