This topic describes how to integrate with ID Verification using only the server-side API.
API description
API operation: EkycVerify
Request method: HTTPS POST
Description: Performs eKYC authentication using parameters such as image data.
QPS limit: The API has a dedicated queries per second (QPS) limit. For more information, see QPS limits for ID Verification server-side API operations.
Endpoints:
NoteThe internal network is used for communication between Alibaba Cloud products in the same region. If your server is deployed in an Alibaba Cloud region, you can use the internal endpoint to access the ID Verification service. This provides more secure and stable network communication.
China (Hong Kong)
Internet:
cloudauth-intl.cn-hongkong.aliyuncs.comInternal:
cloudauth-intl-vpc.cn-hongkong.aliyuncs.com
Online testing and integration
Before you start debugging and integration, ensure that you read the Use OpenAPI Explorer to debug and integrate server-side APIs document to understand how to call APIs in OpenAPI Explorer and obtain SDKs and their code.
You can run this API operation in OpenAPI Explorer to perform tests and generate sample SDK code for it.
Image format requirements
Image format: JPG, JPEG, or PNG.
Image size: An image size of 50 KB to 100 KB is recommended. The maximum size cannot exceed 1 MB.
Image resolution: The resolution cannot exceed 1920 × 1080 pixels (H × W) and must be at least 640 × 480 pixels (H × W). We recommend that you scale the shorter side to 720 pixels with a compression ratio greater than 0.9. The image height should be greater than the width. Detection accuracy may be affected if the width is greater than the height.
NoteAfter an image is converted to the base64 format, its data size typically increases. To pass parameters in base64 format, ensure that the original image size does not exceed 0.6 MB to meet the maximum data transmission limit of 1 MB.
Image quality recommendations:
The face must be complete, clear, and unobstructed, and must face the camera directly. We recommend that you use facial images captured by the front-facing camera.
The face should occupy more than 60% of the image area. A smaller face may affect detection accuracy.
If there are multiple faces in the image, the algorithm crops the largest face by default. We recommend that you avoid passing images with multiple faces.
Request parameters
Name | Type | Required | Description | Example |
ProductCode | String | Yes | The product solution to integrate. Set the value to eKYC_MIN. | eKYC_MIN |
SceneCode | String | No | A custom authentication scenario ID. You can use this ID to query related records in the console. The ID can be up to 10 characters in length and can contain letters, digits, and underscores (_). | 1234567890 |
MerchantBizId | String | Yes | A unique business identifier that you customize. It is used to locate and troubleshoot issues. The identifier can be up to 32 characters in length and can contain letters and digits. Make sure that the identifier is unique. | e0c34a77f5ac40a5aa5e6ed20c35**** |
MerchantUserId | String | Yes | A custom user ID or another identifier that can identify a specific user, such as a mobile number or an email address. Desensitize the value of this field in advance, for example, by hashing the value. | Y |
DocType | String | Yes | The certificate type, which is uniquely identified by an 8-digit number. For more information, see Certificate types. | 01000000 |
DocName | String | No | The user's real name. Note If Authorize is set to T and the certificate type is Chinese mainland resident ID card, you must enter at least one of the following groups of information:
| Zhang San |
DocNo | String | No | The user's certificate number. Note If Authorize is set to T and the certificate type is Chinese mainland resident ID card, you must enter at least one of the following groups of information:
| 411xxxxxxxxxxx0001 |
IdOcrPictureBase64 | String | No Note You must specify either IdOcrPictureBase64 or IdOcrPictureUrl. | The Base64 encoding of the certificate image. Note If you use this method to pass the certificate image, check the image size. Do not pass an oversized image. | Base64 encoding |
IdOcrPictureUrl | String | No | The URL of the certificate image. The URL must be an HTTP or HTTPS link accessible over the Internet. | https://*** |
FacePictureBase64 | String | No Note You must specify either FacePictureBase64 or FacePictureUrl. | The Base64 encoding of the portrait image. Note If you use this method to pass the certificate image, check the image size. Do not pass an oversized image. | Base64 encoding |
FacePictureUrl | String | No | The URL of the portrait image. The URL must be an HTTP or HTTPS link accessible over the Internet. | https://*** |
Crop | String | No | Specifies whether to crop the face image:
| F |
Authorize | String | No | Specifies whether to enable identity verification against the official database:
Note This feature is currently available only for second-generation resident ID cards of the Chinese mainland. | F |
IdThreshold | String | No | The custom OCR quality detection threshold mode:
| 0 |
Certificate types
DocType | Corresponding certificate |
01000000 | Global passport |
00000006 | Hong Kong Identity Card (2003 version) |
00000008 | Hong Kong Identity Card (2018 version) |
00000007 | Exit-Entry Permit for Travelling to and from Hong Kong and Macao |
00000009 | Mainland Travel Permits for Hong Kong and Macao Residents |
000000011 | Macao Identity Card |
000000012 | Mainland Travel Permit for Taiwan Residents |
00000001 | Second-generation resident ID card of the Chinese mainland |
Response parameters
Name | Type | Description | Example | |
HTTP Status Code | Integer | The HTTP status code. | 200 | |
HTTP Body | RequestId | String | The request ID. | 130A2C10-B9EE-4D84-88E3-5384FF0**** |
Code | String | The response code. | Success | |
Message | String | A detailed description of the response code. | success | |
Result.Passed | String | The final authentication result. Valid values:
| Y | |
Result.SubCode | String | A description of the authentication result. For more information, see Error codes for ResultObject.SubCode. | 200 | |
Result.ExtFaceInfo | String | Information about the face liveness verification result. For the JSON format, see the example on the right. For more information, see ExtFaceInfo. | | |
Result.ExtIdInfo | String | Information about the certificate detection result. For the JSON format, see the example on the right. For more information, see ExtIdInfo. | | |
Status codes
HTTP status code | Code | Message description |
200 | Success | Request successful. |
400 | MissingParameter | Parameter cannot be empty. |
InvalidParameter | Invalid parameter. | |
401 | UnqualifiedPhoto | The uploaded image is unreadable or the image resolution does not meet requirements. We recommend changing the image. Ensure the photo is clear, has normal exposure, is complete without occlusion, and has no significant angle deviation. |
DataDuplication | Both Base64-encoded image and URL image address are provided. Choose only one of these parameters. | |
ToolargeImage | The image size is too large. We recommend compressing the image or changing the upload method. | |
DownloadTimeout | URL image download timeout. | |
NoFaceDetected | No face detected in the uploaded image. | |
403 | Forbidden.RAMUserAccessDenied | You need to grant the RAM user the AliyunAntCloudAuthFullAccess permission. For more information, see Authorize RAM users to access the service. |
Forbidden.AccountAccessDenied | Ensure that you have activated ID verification and your account has no overdue payment. | |
Throttling.Api | API request is blocked due to throttling. | |
500 | InternalError | Internal system error. Provide feedback to engineers for troubleshooting. |
Error codes for ResultObject.SubCode
Error code | Billed | Description, cause, and suggestion |
200 | Yes | The authentication is passed. |
201 | Yes | The name and ID card number do not match the information in the official database. The user's information may be incorrect or fake. Ask the user to confirm the information and try again. |
202 | Yes | The identity information cannot be found in the official database. Provide an option for manual review. |
203 | Yes | The photo cannot be found or is unavailable. Possible cause: The authoritative comparison source does not have a base photo on file. Provide an option for manual review. |
204 | Yes | The face comparison failed. The person in the image may not be the same person, or the quality of the liveness photo is low. |
205 | Yes | A risk is detected during liveness detection. |
207 | Yes | The uploaded face does not match the face in the official database. The person in the image may not be the same person, or the quality of the face photo is low. |
209 | Yes | The authoritative comparison source is abnormal. |
212 | Yes | A risk is detected during anti-spoofing detection for the certificate. High-risk operations such as screen recapturing, tampering, or photocopying may have occurred. |
ExtFaceInfo
Name | Type | Description | Example |
facePassed | String | The final result of the face liveness verification during the face scan phase:
| Y |
faceComparisonScore | Double | The comparison score between the captured face and the portrait on the certificate. The score ranges from 0 to 100. | 99.99 |
faceAttack | String | Indicates whether a liveness attack is detected on the captured face:
| N |
authorityComparisonScore | Double | The comparison score between the captured face and the data from the official authoritative source. The score ranges from 0 to 100. | 99.99 |
ExtIdInfo
Name | Type | Description | Example |
idPassed | String | The final result of the certificate OCR phase:
| N |
ocrIdInfo | String | The field information from the certificate OCR. Note If the certificate OCR process fails, this field is empty. | |
spoofInfo | String | The result of the anti-spoofing detection for the certificate, including the risk assessment result and risk type:
| |