FACE_IDU_CheckResult - ID Verification - Alibaba Cloud Documentation Center

This topic describes how to query authentication results by calling the CheckResult operation.

API Description

Operation name: CheckResult
Request method: HTTPS POST
Description: After you receive a callback notification, call this operation on your server to retrieve the corresponding authentication status and authentication data.
Important
By default, ID Verification service results are stored for 30 days and then automatically deleted. You must retrieve the verification results within 30 days.
This API operation has a dedicated QPS limit. For more information, see QPS limits for ID Verification server-side API operations.
Service endpoints:
Note
- Benefits of internal network access: An internal network is a private communication network between Alibaba Cloud products within the same region. If your business server is deployed in the corresponding Alibaba Cloud region, you can use the internal same-region endpoint to access the ID Verification service. This provides more secure and stable communication.
- Optimization suggestions for access from outside China: Network environments outside China can be complex. To optimize your integration solution, reduce network latency, and minimize request failures, see Server-side network latency analysis and optimization.
Singapore
- Public network: cloudauth-intl.ap-southeast-1.aliyuncs.com
- Internal network: cloudauth-intl-vpc.ap-southeast-1.aliyuncs.com
Indonesia
- Public network: cloudauth-intl.ap-southeast-5.aliyuncs.com
- Internal network: cloudauth-intl-vpc.ap-southeast-5.aliyuncs.com
China (Hong Kong)
- Public network: cloudauth-intl.cn-hongkong.aliyuncs.com
- Internal network: cloudauth-intl-vpc.cn-hongkong.aliyuncs.com
Malaysia (Kuala Lumpur)
- Internet endpoint: cloudauth-intl.ap-southeast-3.aliyuncs.com
- Internal same-region endpoint: cloudauth-intl-vpc.ap-southeast-3.aliyuncs.com

Online Debugging and Integration

Note

Before you debug and integrate an API operation, see Debug and integrate server-side API operations using OpenAPI Explorer for information about how to call API operations and obtain SDKs and sample code in OpenAPI Explorer.

You can directly run this operation in OpenAPI Explorer to test it and generate SDK code examples for this operation. SDK code examples.

Request parameters

Name	Type	Required	Description	Example
MerchantBizId	String	Yes	A unique identifier that you define for your business. Use it to locate and troubleshoot issues later. The value must be a combination of up to 32 letters and digits. Ensure uniqueness. Note Alibaba Cloud does not check for uniqueness. To track requests effectively, ensure uniqueness.	e0c34a77f5ac40a5aa5e6ed20c35****
TransactionId	String	Yes	The unique identifier for the entire verification flow. Call the Initialize API operation to obtain this value. Important To prevent tampering, use the TransactionId stored on your server when you call the Initialize operation. Do not use the TransactionId returned by the client-side callback.	hksb7ba1b28130d24e015d6********
IsReturnImage	String	No	Specify whether to return authentication images: Y: Required N: No (default)	Y

Response data

Name		Type	Description	Example
HTTP Status Code		Integer	The HTTP status code.	200
HTTP Body	RequestId	String	The request ID.	130A2C10-B9EE-4D84-88E3-5384FF03****
	Code	String	Return to Code.	Success
	Message	String	A detailed description of the returned code.	success
	Result.Passed	String	The final authentication result. Valid values: Y: Passed N: Failed	Y
	Result.SubCode	String	A description of the authentication result. For more information, see ResultObject.SubCode error codes.	200
	Result.ExtFaceInfo	String	Results related to face liveness verification. For the JSON format, see the example on the right. For more information, see ExtFaceInfo.	`{ "faceAttack": "N", "faceImg": "/9j/4AAQSkZJRgABAQAAAQqviV6oakp8...", "docVideoUrl": "https://aliyun-cloudauth.oss-aliyuncs.com/******.webm" }`

ExtFaceInfo (FACE_IDU)

Name	Type	Description	Example
faceImg	String	The captured face image in Base64 format. This field is returned if you set `IsReturnImage` to Y in the request and the face scan is completed.	Base64 format
faceAttack	String	Indicates whether a liveness attack was detected on the captured face. Y: An attack was detected. N: Not applicable	N
docVideoUrl	String	The OSS download URL for the evidence video. Note The URL for the evidence video is valid for 15 minutes. You can query and obtain the video repeatedly within 30 minutes after the authentication is complete. After 30 minutes, the system automatically deletes the evidence video file. The file cannot be recovered. Download and save the file promptly.	https://aliyun-cloudauth.oss-aliyuncs.com/******.webm
faceAge	String	The predicted reference age based on the face image. This field may not be returned if the prediction fails.	30
faceGender	String	The predicted gender based on the face image. This field may not be returned if the prediction fails. M: Male F: Female	M
faceAttackScore	Double	The probability of a spoofing attack predicted by the facial recognition algorithm. A higher score indicates a higher probability of a spoofing attack. The value ranges from 0 to 100.	80
guardRiskScore	Double	The probability of device risk predicted by the Face-Guard algorithm. A higher score indicates a higher device risk. The value ranges from 0 to 100.	90
faceComparisonScore	Double	The score of the face comparison. This field is returned only when the authentication includes a verification pattern. The value ranges from 0 to 100. The default system threshold is 90. You can also customize the decision as needed.	90
faceRegistrationResult	String	Indicates whether the face registration was successful. 1: Successful 0: Failed	1
faceRegistrationID	String	The ID of the face registration. This field is returned only if the customer enables automatic registration and the face registration is successful.	f5a9219aefd6*******c84c8f0ca592a
duplicateFace	String	Information about duplicate faces. If a duplicate face is retrieved, the ID of the corresponding face in the face database is returned.	`[ { "faceGroupCode": "sg7**uzt", "faceId": "f5a921*****9e792ec84c8f0ca592a" } ]`

Response codes

HTTP status code	Code	Message description
200	Success	Request successful.
400	MissingParameter	Parameter cannot be empty.
	InvalidParameter	Invalid parameter.
	TransactionIdInvalid	Invalid Transaction ID.
403	Forbidden.RAMUserAccessDenied	You need to grant the RAM user the AliyunAntCloudAuthFullAccess permission. For more information, see Authorize RAM users to access the service.
	Forbidden.AccountAccessDenied	Ensure that you have activated ID verification and your account has no overdue payment.
	Throttling.Api	API request is blocked due to throttling.
404	ProcessNotCompleted	The entire authentication process is not completed.
500	InternalError	Internal system error. Provide feedback to engineers for troubleshooting.
503	ServiceUnavailable	The service is unavailable. Contact engineers for troubleshooting.

ResultObject.SubCode error codes

Error code	Is the authentication record billed?	Description and recommendations
200	Yes	Authentication passed.
204	Yes	The face comparison failed. The person may be different or the liveness photo is of low quality.
205	Yes	There are risks associated with liveness detection.
206	Yes	Business policy restriction. Note If safe mode is enabled, the service performs security checks on the device and environment used for authentication. If a potential threat is detected, the authentication fails. Remind the user to uninstall software or plug-ins such as multi-instance applications, app cloners, or virtual environments from their device. After the device is restored to its initial secure environment, ask the user to retry.
233	Yes	A similar face was detected.

API Description

Singapore

Indonesia

China (Hong Kong)