All Products
Search

This Product

    ID Verification:FACE_IDU_MIN

    Document Center

    ID Verification:FACE_IDU_MIN

    Last Updated:Feb 07, 2026

    The FaceDuplicationCheckIntl operation checks for duplicate faces. You can use this operation in scenarios where you cannot integrate a software development kit (SDK). You can pass face images to this API operation to verify that a user is a real person, compare a face with a stored face to verify an identity, and search a face database to check whether a face already exists. After a successful verification, the face can be automatically registered to a specified face database.

    API description

    • API operation name: FaceDuplicationCheckIntl

    • Request method: HTTPS POST

    • Description: Checks whether a face exists in a specified face database.

    • QPS limit: This API operation has a dedicated Queries Per Second (QPS) limit. For more information, see QPS limits for ID Verification server-side API operations.

    • Service endpoints:

      Note

      An internal network is a private network used for communication between Alibaba Cloud products in the same region. If your business server is deployed in a supported Alibaba Cloud region, you can use the internal same-region endpoint to access the ID Verification service. This provides more secure and stable network communication.

      Singapore

      • Public network: cloudauth-intl.ap-southeast-1.aliyuncs.com

      • Internal network: cloudauth-intl-vpc.ap-southeast-1.aliyuncs.com

      Indonesia

      • Public network: cloudauth-intl.ap-southeast-5.aliyuncs.com

      • Internal network: cloudauth-intl-vpc.ap-southeast-5.aliyuncs.com

      China (Hong Kong)

      • Public network: cloudauth-intl.cn-hongkong.aliyuncs.com

      • Internal network: cloudauth-intl-vpc.cn-hongkong.aliyuncs.com

      Malaysia (Kuala Lumpur)

      • Public network: cloudauth-intl.ap-southeast-3.aliyuncs.com

      • Internal network: cloudauth-intl-vpc.ap-southeast-3.aliyuncs.com

    Online debugging and integration

    Note

    Before you debug and integrate, read the Debug and integrate server-side API operations using OpenAPI Explorer document. This document explains how to call API operations and obtain SDKs and sample code from the OpenAPI platform.

    You can run this operation in OpenAPI Explorer to debug it and generate SDK sample code.

    Request parameters

    Portrait image parameters

    • You can provide the portrait image in one of the following two ways:

      • FacePictureBase64

      • FacePictureUrl

    • Image format: JPG, JPEG, or PNG.

    • Image size: 50 KB to 100 KB is recommended. The maximum size is 1 MB.

    • Image resolution: The resolution must be at least 640 × 480 pixels (height × width) and no more than 1920 × 1080 pixels. We recommend scaling the shorter side to 720 pixels with a compression rate greater than 0.9. The image height must be greater than its width. If the image width is greater than its height, detection accuracy may be affected.

      Note

      Converting an image to Base64 format increases its data size. If you pass the image in Base64 format, ensure that the original image is no larger than 0.6 MB. This ensures that the converted data does not exceed the 1 MB data transfer limit.

    • Image quality recommendations:

      • The face must be complete, clear, and unobstructed. The user must face the camera directly. We recommend using images captured by a front-facing camera.

      • The face must occupy more than 60% of the image area. A smaller face may reduce detection accuracy.

      • If an image contains multiple faces, the algorithm processes the largest face by default. Avoid providing images with multiple faces.

    Request parameter descriptions

    Name

    Type

    Required

    Description

    Example

    ProductCode

    String

    Yes

    Product code: FACE_IDU_MIN.

    FACE_IDU_MIN

    SceneCode

    String

    No

    The custom authentication scenario ID.

    1234567890

    MerchantBizId

    String

    Yes

    A custom unique business ID used to track and troubleshoot issues. It can be a combination of letters and digits up to 32 characters long. Make sure the ID is unique.

    e0c34a77f5ac40a5aa5e6ed20c35****

    MerchantUserId

    String

    Yes

    A custom user ID or another identifier for a specific user, such as a mobile phone number or email address. We strongly recommend that you desensitize the value of this field in advance, for example, by hashing the value.

    123456789

    VerifyModel

    String

    Yes

    Verification type:

    • 0: Search mode

      • Function: Pass a face database and a user's face image (SourceFacePicture/SourceFacePictureUrl). The system automatically searches the face database to check if the face image already exists. You can enable passive liveness detection for the user's face image.

      • Recommended scenario: A real person creates an account, and duplicate registrations are not allowed.

    • 1: Verification mode (default)

      • Function: Pass a specified face image (SourceFacePicture/SourceFacePictureUrl) and a stored face image (TargetFacePicture/TargetFacePictureUrl). The system automatically verifies if the face information in both images is consistent. You can enable passive liveness detection for the specified face image.

      • Recommended scenario: Verify if an operation, such as changing logon credentials or account information, is performed by the account owner.

    • 2: Comprehensive mode

      • Function: Pass a face database, a specified face image (SourceFacePicture/SourceFacePictureUrl), and a stored face image (TargetFacePicture/TargetFacePictureUrl). The system automatically searches the face database to check if the specified face image exists and if it is consistent with the stored face. You can enable passive liveness detection for the specified face image.

      • Recommended scenario: Verify that a user is a new user and that the operation is performed by that user.

    0

    Liveness

    String

    No

    Specifies whether to enable passive liveness detection.

    • 0: Disable

    • 1: Enable

    Note

    Because image capture is uncontrollable in API integration scenarios, some algorithms cannot run. Passive liveness detection is suitable for low-risk scenarios and primarily defends against basic presentation attacks, such as screen recaptures and masks.

    0

    FaceGroupCodes

    String

    No

    The codes of the face databases. You can obtain the codes when you create the face databases in the ID Verification console. You can query up to 10 face databases at a time. If you specify multiple face database codes, separate them with commas.

    1232344,23444

    SourceFacePicture

    String

    No

    The Base64-encoded portrait image.

    base64

    SourceFacePictureUrl

    String

    No

    The URL of the portrait image. The URL must be an HTTP or HTTPS link accessible over the public network.

    https://***face1.jpeg

    TargetFacePicture

    String

    No

    The Base64-encoded portrait image.

    base64

    TargetFacePictureUrl

    String

    No

    The URL of the portrait image. The URL must be an HTTP or HTTPS link accessible over the public network.

    https://***face2.jpeg

    AutoRegistration

    String

    No

    Specifies whether to automatically register a face to the specified face database if the face is not found during the search.

    • 0: Automatically register

    • 1: Do not register (default)

    0

    FaceRegisterGroupCode

    String

    No

    The face database for registration.

    0e0c34a77f

    SaveFacePicture

    String

    No

    This is a reserved field and is not yet in use.

    FaceVerifyThreshold

    String

    No

    This is a reserved field and is not yet in use.

    ReturnFaces

    String

    No

    If multiple faces are found that meet the matching threshold, you can use this parameter to specify the number of faces to return.

    • The default value is 1.

    • The maximum value is 5.

    1

    Returned Data

    Name

    Type

    Description

    Example

    HTTP Status Code

    Integer

    The HTTP status code.

    200

    HTTP Body

    RequestId

    String

    The ID of the request.

    130A2C10-B9EE-4D84-88E3-5384FF0****

    Code

    String

    Return to Code

    Success

    Message

    String

    A detailed description of the response code.

    success

    Result.FacePassed

    String

    The final result of the authentication. Valid values:

    • Yes: Pass

    • N: The authentication fails.

    Y

    Result.FaceComparisonScore

    String

    The score of the 1:1 face comparison. This parameter is returned when `VerifyModel` is set to 1 or 2. The value ranges from 0 to 100.

    98

    Result.DuplicateFace

    String

    If a duplicate face is found, the face ID and user ID from the face database are returned.

    [
  {
    "faceGroupCode": "sg7****uzt",
    "faceId": "f5a921*******9e792ec84c8f0ca592a",
    "merchantUserId":"face0001"
  }
]

    Result.FaceRegistrationResult

    String

    The result of the face registration.

    • 0: Failed

    • 1: Success

    1

    Result.FaceRegistrationId

    String

    The face ID that is returned when automatic registration is enabled and the face is successfully registered.

    9e792******a592a

    Result.FaceAttack

    String

    Indicates whether the captured face is involved in a liveness attack. Y: Attack detected. N: No attack detected. This parameter is returned when passive liveness detection is enabled.

    N

    Result.FaceAttackScore

    String

    The probability that the face is involved in a passive liveness detection attack. The value ranges from 0 to 100. This parameter is returned when passive liveness detection is enabled.

    99

    Result.FaceAge

    String

    The predicted reference age of the face. This parameter may not be returned if the prediction fails.

    30

    Result.FaceGender

    String

    The predicted gender from the face image. This parameter may not be returned if the prediction fails.

    • M: Male

    • F: Female

    M

    Result.SubCode

    String

    The description of the authentication result. For more information, see SubCode.

    200

    Result.TransactionId

    String

    The unique ID of the authentication request.

    4ab0b***cbde97

    Response codes

    HTTP Status Code

    Code

    Description

    200

    Success

    The request was successful.

    400

    MissingParameter

    A parameter cannot be empty.

    400

    InvalidParameter

    The parameter is invalid.

    401

    NoFaceDetected

    Feature extraction failed for the face in the custom source image. Upload a different image.

    401

    UnqualifiedPhoto

    The uploaded image is unreadable or its resolution does not meet the requirements. Replace the image. Make sure that the photo is clear, properly exposed, complete, and unobscured, and that the subject's head has no significant tilt.

    401

    ToolargeImage

    The image is too large. Compress the image or use a different upload method.

    401

    DataDuplication

    You can also pass images using Base64 or a link.

    401

    DownloadTimeout

    The image download from the URL timed out.

    403

    Forbidden.RAMUserAccessDenied

    Grant the AliyunAntCloudAuthFullAccess permission to the Resource Access Management (RAM) user. For more information, see Grant a RAM user permissions to access the service.

    403

    Forbidden.AccountAccessDenied

    Make sure that you have activated ID Verification and that your account does not have an overdue payment.

    403

    Throttling.Api

    The API call is blocked by throttling.

    500

    InternalError

    An internal system error occurred. Contact technical support for assistance.

    SubCode

    Error code

    Is the authentication record billed?

    Description and recommendations

    200

    Yes

    Authentication passed.

    204

    Yes

    The face comparison failed. The person may be different or the liveness photo is of low quality.

    205

    Yes

    There are risks associated with liveness detection.

    206

    Yes

    Business policy restriction.

    Note

    If safe mode is enabled, the service performs security checks on the device and environment used for authentication. If a potential threat is detected, the authentication fails. Remind the user to uninstall software or plug-ins such as multi-instance applications, app cloners, or virtual environments from their device. After the device is restored to its initial secure environment, ask the user to retry.

    233

    Yes

    A similar face was detected.