Onfido

 

Onfido support was added to CAS in version 20210427.

Onfido helps companies see real identity – the humans behind the screens – using world-leading AI and identity experts. Your customers can prove their identities, wherever they are, with just an ID and their face.

- from https://onfido.com/

To use Onfido identity verification in your Operation, you must modify your CAS configuration as described in this article.

NOTE: if you operate a Standalone CAS server,

  • expose TCP port 7743 (inbound) in your firewall.

  • You must have a FQDN (Fully Qualified Domain Name), an IP alone is insufficient!


Choose an option:

Option A: If you choose to use the GB Cloud Onfido account, select that option.

  • After saving your selection, skip to the next section.

Onfido is a paid service.

  • Each verification (using the integrated GB Cloud Onfido account) currently costs $3 USD.

Option B: If you want to create your own account with Onfido, you’ll need to setup your account with them to acquire the necessary API key.

You’ll need a verification website with this option. Now you face two more choices:

  1. use https://coin.cz/onfido, or

  2. create your own website conforming to the guidelines found here on our Github page.


Change your AML/KYC settings

Set your Registration requirements to “Nothing. Direct customer to identity verification service via SMS”:

  • Set your Authentication methods & limits as you normally would.

  • A phone number is (the minimum) required for Authentication.

Choose the Autoregister type:

After Onfido processes your customer at the BATM, any newly proven Identity will be added to one of these two categories: Registered, or Not Registered.

  • Click the edit icon on the “Nothing….” button to view this option.

Disabled

  • the customer Identity will be added to “Not Registered”

Enabled

  • the customer Identity will be added to “Registered”:

Save the AML/KYC setting!


How Onfido works at the BATM:

  1. Your customer chooses Registration during a transaction.

  2. Their (required) phone number is collected.

  3. Your customer will be sent further instructions via SMS (from Onfido). The link expires in 90 minutes.

  4. They click through and submit the requested documents.

  5. They’re notified of the results via SMS.


Registration procedure on CAS:

  • If the Autoregister option is enabled, and the customer is approved, then a new Registered Identity is automagically created.

  • If Autoregister is disabled, or Onfido has trouble with any of the submitted documents, then a new “Awaiting Registration” Identity is created.

    • Footnotes at the bottom of the Identity page will show what (if any) documents failed inspection.

Messages to your customers can be set in your Terminal’s Custom Strings:

See https://generalbytes.atlassian.net/l/c/FmAMHNPM for more details about Custom Strings.


Troubleshooting:

If you use a Standalone CAS, and the SMS link steers you to a blank page, please check your configuration.

The file /batm/config/hostname must be present and contain your server's domain name:

1 cat /batm/config/hostname
  • that should return your domain name. If empty, add the default to CAS by using:

1 su -c 'hostname > /batm/config/hostname'

If you know your domain name, and wish to enter it specifically (recommended), use:

1 su -c 'echo your.host.name > /batm/config/hostname'
  • replace “your.host.name" with the fully qualified domain name (e.g. example.generalbytes.com).


Notes:

Onfido results

CAS status of Identity

Onfido results

CAS status of Identity

1

CLEAR

Registered when auto-registration is enabled.

When auto-registration is disabled, the Identity becomes: Awaiting Registration

1

Onfido results

CAS status of Identity

2

SUSPECTED_COMPROMISED_DOCUMENT

Identity rejected

3

SUSPECTED_DATA_CONSISTENCY

4

SUSPECTED_POLICE_RECORD

 

5

SUSPECTED_VISUAL_CONSISTENCY

6

SUSPECTED_DATA_VALIDATION

7

SUSPECTED_FACE_COMPARISON

Onfido results

CAS status of Identity

Onfido results

CAS status of Identity

1

REJECTED_AGE_VALIDATION

Rejected.

The customer will need to retry the registration process again.

2

REJECTED_IMAGE_INTEGRITY

Onfido results

CAS status of Identity

Onfido results

CAS status of Identity

1

CAUTION_VISUAL_CONSISTENCY

Awaiting registration.

Demands manual verification, even if auto registration set up.

2

CAUTION_IMAGE_INTEGRITY

3

CAUTION_DATA_COMPARISO

4

CAUTION_FACIAL_COMPARISON

5

CAUTION_DATA_VALIDATION

6

CAUTION_DATA_CONSISTENCY