All Products
Search

This Product

    ID Verification:CheckResult.

    Document Center

    ID Verification:CheckResult.

    Last Updated:Jun 25, 2026

    This topic describes how to call the CheckResult operation to query an eKYC verification result.

    API information

    • API operation: CheckResult

    • Request method: HTTPS POST

    • Description: After receiving a callback notification, call this API operation to retrieve the authentication status and data.

      Important

      By default, ID Verification stores verification results for 30 days and then automatically deletes them. Ensure you query your verification results within this 30-day period.

    • QPS limit: Each API has a dedicated QPS limit. For details, see QPS limits of ID Verification server-side APIs.

    • Endpoints:

      Note

      • Benefits of internal network access: An internal network enables private communication between Alibaba Cloud services in the same region. If your application server is also in the same region, use the internal network endpoint to access the ID Verification service for a more secure and stable connection. 

      • Optimization for overseas access: Network conditions outside the Chinese mainland can be complex. To reduce latency and minimize request failures, optimize your integration by following the best practices in Server-side Network Latency Analysis and Optimization.

      China (Hong Kong)

      • Public endpoint: cloudauth-intl.cn-hongkong.aliyuncs.com

      • Internal endpoint: cloudauth-intl-vpc.cn-hongkong.aliyuncs.com

    Online debugging and integration

    Note

    Before you debug or integrate, read the Debug and integrate server-side APIs with OpenAPI guide to understand how to call APIs on the OpenAPI platform and how to obtain the SDK.

    Use OpenAPI Explorer to directly run and debug this API operation, and generate its SDK code example.

    Request parameters

    Parameter

    Type

    Required

    Description

    Example

    MerchantBizId

    String

    Yes

    A unique business ID for tracking and troubleshooting. Must be a unique 32-character alphanumeric string.

    Note

    Alibaba Cloud does not verify uniqueness. To improve tracking, ensure this value is unique.

    e0c34a77f5ac40a5aa5e6ed20c35****

    TransactionId

    String

    Yes

    The unique identifier for the authentication process. This value is from the response of the Initialize API.

    Important

    To prevent tampering, use the TransactionId returned by the Initialize API and stored on your server. Do not use the TransactionId from the client-side callback.

    hksb7ba1b28130d24e015d6********

    IsReturnImage

    String

    No

    Whether to return authentication images. Valid values:

    • Y: Yes

    • N: No (default)

    Y

    Response data

    Parameter

    Type

    Description

    Example

    HTTP status code

    Integer

    HTTP status code.

    200

    HTTP Body

    RequestId

    String

    Request ID.

    130A2C10-B9EE-4D84-88E3-5384FF039795

    Code

    String

    Return code: For more information, see Server-side HTTP status codes.

    Success

    Message

    String

    A detailed description of the response code.

    success

    Result.Passed

    String

    The final authentication result. Valid values:

    • Y: Passed

    • N: Failed

    Y

    Result.SubCode

    String

    Authentication result code. ResultObject.SubCode error codes.

    200

    Result.ExtFaceInfo

    String

    Details of the face liveness verification result. For more information, see the JSON example and the ExtFaceInfo section.

    {
  "faceAttack": "N",
  "faceComparisonScore": 99.99,
  "faceImg": "A Base64-encoded string.",
  "facePassed": "Y",
  "faceQuality": 95.45,
  "faceOcclusion": "N",
  "docVideoUrl": "https://aliyun-cloudauth.oss-aliyuncs.com/******.webm" 
}

    Result.ExtIdInfo

    String

    Details of the certificate OCR result.

    For more information, see the JSON example and the ExtIdInfo section.

    {
 "ocrIdInfo": {
   "expiryDate": "",
   "originOfIssue": "Exit and Entry Administration of the Ministry of Public Security",
   "englishName": "LI SI",
   "sex": "M",
   "name": "Li Si",
   "idNumber": "H11111112",
   "issueDate": "2013-01-02",
   "birthDate": "1990-02-21"
 },
 "ocrIdPassed": "N",
 "spoofInfo": {
   "spoofResult": "Y",
   "spoofType": [
     "SCREEN_REMARK"
   ]
 }
}

    ResultObject.SubCode error codes

    Error code

    Is the authentication record billed?

    Description and suggestion

    200

    Yes

    Authentication passed.

    201

    Yes

    The name and ID card number do not match the information in the official database. The user's information may be incorrect or false. Ask the user to confirm the information and try again.

    Note

    This error code is returned only when the certificate type verified by the product is a Chinese ID card and the authoritative verification feature is enabled.

    202

    Yes

    The identity information cannot be found in the official database. Set up a manual review process.

    Note

    This error code is returned only when the certificate type verified by the product is a Chinese ID card and the authoritative verification feature is enabled.

    204

    Yes

    The liveness face and the certificate photo do not match. This may be because the person does not match the certificate or the liveness photo is of low quality.

    205

    Yes

    Liveness detection is susceptible to threats.

    206

    Yes

    Business policy restriction. When safe mode is enabled, security checks are performed on the authentication device and environment. If a threat is detected, the authentication fails.

    You can perform the following steps to troubleshoot:

    1. Remind the user to uninstall software or plugins such as multi-instance applications, app cloners, or virtual environments from their device. After the device is restored to its initial secure environment, ask the user to retry.

    2. Check whether you are using a test demo package name. If so, change it to your business package name to avoid being blocked by project or service security policies.

    207

    Yes

    Face verification failed in the official database. This may be because the person is not the same or the liveness photo is of low quality.

    Note

    This error code is returned only when the certificate type verified by the product is a Chinese ID card and the authoritative verification feature is enabled.

    209

    Yes

    The authoritative comparison source is abnormal.

    Note

    This error code is returned only when the certificate type verified by the product is a Chinese ID card and the authoritative verification feature is enabled.

    212

    Yes

    Certificate anti-counterfeiting detection indicates a threat. Risky operations such as rephotographing, tampering, or photocopying may have occurred.

    ExtFaceInfo

    Parameter

    Type

    Description

    Example

    facePassed

    String

    The final result of the liveness verification. Valid values:

    • Y: Passed

    • N: Failed

    Y

    faceComparisonScore

    Double

    The comparison score between the collected face and the document face. The value ranges from 0 to 100.

    Note

    A higher score indicates a greater likelihood that the faces belong to the same person. The default threshold is 90. You can customize this threshold based on your business data samples.

    99.99

    faceImg

    String

    The Base64-encoded image of the collected face. This parameter is returned if the isReturnImage=Y parameter is set in the request and the face scan completes successfully.

    Base64 format

    faceAttack

    String

    Indicates whether a liveness attack was detected. Y indicates an attack, and N indicates no attack.

    N

    faceOcclusion

    String

    Indicates whether face occlusion was detected. Y indicates occlusion, and N indicates no occlusion.

    N

    docVideoUrl

    String

    The download URL of the evidence video from Object Storage Service (OSS).

    Note

    • The URL is valid for 15 minutes.

    • You can repeatedly retrieve the URL within 30 minutes after the verification is complete. After 30 minutes, the system automatically deletes the evidence video, and the video cannot be restored. You must download and save the video promptly.

    https://aliyun-cloudauth.oss-aliyuncs.com/******.webm

    faceAge

    String

    The predicted age of the person. This parameter might not be returned if the prediction fails.

    30

    faceGender

    String

    The predicted gender of the person. This parameter might not be returned if the prediction fails. Valid values:

    • M: Male

    • F: Female

    M

    authorityComparisonScore

    Double

    The comparison score between the collected face and the authoritative comparison source. The value ranges from 0 to 100.

    Note

    • A higher score indicates a greater likelihood that the faces belong to the same person. The default threshold is 75. You can customize this threshold based on your business data samples.

    • This parameter is returned only if all the following conditions are met:

      • The document type is second-generation ID cards for residents in the Chinese mainland.

      • In the call to the Initialize operation, the Authorize parameter is set to T.

    99.99

    faceAttackScore

    Double

    The predicted likelihood of a fake face attack. A higher score indicates a greater risk of such an attack.

    The score ranges from 0 to 100.

    80

    guardRiskScore

    Double

    The predicted likelihood of device risk. A higher score indicates a greater risk.

    The score ranges from 0 to 100.

    90

    deviceToken

    String

    The DeviceToken of the device assistant. This parameter is returned if the device assistant module is fully integrated with the SDK. You can use this token to call the server-side operations of the device assistant and obtain device risk details.

    • The device assistant is a paid service. For more information, see product billing.

    • This token is valid for 7 days and is not unique.

    e0c34a77f5ac40a5aa5e6ed20c35****

    ExtIdInfo

    Parameter

    Type

    Description

    Example

    ocrIdPassed

    String

    Whether the certificate OCR succeeded:

    • Y: Passed

    • N: Failed

    N

    idImage

    String

    The certificate image captured during OCR, Base64-encoded. Returned only if isReturnImage is set to Y and OCR completes successfully.

    A Base64-encoded string.

    ocrIdInfo

    String

    Certificate OCR field information.

    Note

    Empty if the certificate OCR process fails.

    {
   "expiryDate": "",
   "originOfIssue": "Exit and Entry Administration of the Ministry of Public Security",
   "englishName": "LI SI",
   "sex": "M",
   "name": "Li Si",
   "idNumber": "H11111112",
   "issueDate": "2013-01-02",
   "birthDate": "1990-02-21"
 }

    spoofInfo

    String

    The result of spoof detection, including the risk decision and risk types:

    Note

    Card spoofing detection is enabled only when IdSpoof = Y in the Initialize request.

    Otherwise, spoofResult defaults to N, and spoofType is empty.

    • spoofResult:

      • Y: Risk detected

      • N: Normal

    • spoofType:

      • SCREEN_REMARK: screen recapture

      • PHOTO_COPY: photocopy

      • TAMPER: tampering

      • SHORTCUT: screenshot

    {
 "spoofResult": "Y",
 "spoofType": ["SCREEN_REMARK"]
}

    ocrIdEditInfo

    String

    Edited certificate OCR field information. Returned if the user modifies OCR results on the confirmation page. To enable this feature, configure ShowOcrResult on the client.

    {
  "expiryDate": "2026-01-02",
  "originOfIssue": "Exit and Entry Administration of the Ministry of Public Security",
  "englishName": "ZHANG SAN",
  "sex": "M",
  "name": "Zhang San",
  "idNumber": "H11111115",
  "issueDate": "2013-01-02",
  "birthDate": "1990-02-21"
}

    idBackImage

    String

    OCR photo of the back of the certificate, Base64-encoded.

    Note

    Returned if isReturnImage is set to Y and the certificate OCR completes successfully.

    A Base64-encoded string.

    ocrIdBackInfo

    String

    OCR field information from the back of the certificate.

    Important

    Empty if the certificate OCR process fails. 

    {
   "originOfIssue": "Tanghe County Public Security Bureau",
   "issueDate": "20230102",
   "expireDate": "20330102"
 }

    spoofBackInfo

    String

    Certificate anti-spoofing detection result for the back of the certificate, including risk decision and risk type.

    Note

    Card spoofing detection is enabled only when IdSpoof = Y in the Initialize request.

    Otherwise, spoofResult defaults to N, and spoofType is empty.

    • spoofResult:

      • Y: Risk detected

      • N: Normal

    • spoofType:

      • SCREEN_REMARK: screen recapture

      • PHOTO_COPY: photocopy

      • TAMPER: tampering

      • SHORTCUT: screenshot

    Note

    This is an algorithmic prediction and may not always be returned. Do not create a hard dependency on this field in your business logic.

    {
   "spoofResult": "Y",
   "spoofType": ["SCREEN_REMARK"]
}

    OCR response fields

    Hong Kong permanent identity card

    Note

    Both the 2003 and 2018 versions of the Smart Identity Card are supported.

    Parameter

    Type

    Description

    name

    String

    Name

    englishName

    String

    Name (English)

    nameCode

    String

    Chinese commercial code

    sex

    String

    Sex. Valid values:

    • M: Male

    • F: Female

    birthDate

    String

    Date of birth

    idNumber

    String

    ID card number

    currentIssueDate

    String

    Date of registration

    firstIssueDate

    String

    Month and year of first registration

    isPermanent

    String

    Specifies whether this is a permanent identity card. Valid values:

    • Y: Yes

    • N: No

    symbols

    String

    Symbol code. For example: "***AZ".

    Exit-entry permit for Hong Kong and Macao

    Parameter

    Type

    Description

    name

    String

    Name

    englishName

    String

    Name (Pinyin)

    sex

    String

    Sex

    birthDate

    String

    Date of birth

    idNumber

    String

    Document number

    issueDate

    String

    Date of issue

    expiryDate

    String

    Expiry date

    placeOfIssue

    String

    Place of issue

    originOfIssue

    String

    Issuing authority

    Mainland permit for Hong Kong and Macao residents

    Parameter

    Type

    Description

    name

    String

    Name

    englishName

    String

    Name (English)

    sex

    String

    Sex

    birthDate

    String

    Date of birth

    idNumber

    String

    Document number

    issueDate

    String

    Date of issue

    expiryDate

    String

    Expiry date

    originOfIssue

    String

    Issuing authority

    Mainland permit for Taiwan residents

    Parameter

    Type

    Description

    name

    String

    Name

    englishName

    String

    Name (Pinyin)

    sex

    String

    Sex

    birthDate

    String

    Date of birth

    idNumber

    String

    Document number

    issueDate

    String

    Date of issue

    expiryDate

    String

    Expiry date

    originOfIssue

    String

    Issuing authority

    placeOfIssue

    String

    Place of issue

    e-passport

    Note

    This document type reads the Machine-Readable Zone (MRZ) of ICAO-compliant e-Passports. Extracting a standard set of fields ensures compatibility across passports from different countries, which often have varying formats.

    Parameter

    Type

    Description

    surname

    String

    Surname in Latin script from the MRZ.

    givenname

    String

    Given name in Latin script from the MRZ.

    sex

    String

    Sex, returned as F or M.

    birthDate

    String

    Date of birth, in yyyy-mm-dd format.

    passportNo

    String

    Passport number

    nationality

    String

    Nationality, represented by a 3-letter country code.

    expiryDate

    String

    Expiry date, in yyyy-mm-dd format.

    countryCode

    String

    Country code of the issuing authority.

    (3-letter country code)

    Macao resident identity card

    Parameter

    Type

    Description

    surnameCN

    String

    Surname (Chinese)

    givennameCN

    String

    Given name (Chinese)

    surname

    String

    Surname (English)

    givenname

    String

    Given name (English)

    sex

    String

    Sex

    birthDate

    String

    Date of birth

    idNumber

    String

    Document number

    expiryDate

    String

    Expiry date

    placeOfBirth

    String

    Code for the place of birth. For example: "***AZ".

    Chinese mainland ID card

    Parameter

    Type

    Description

    name

    String

    Name

    sex

    String

    Sex

    ethnicity

    String

    Ethnicity

    birthDate

    String

    Date of birth

    idNumber

    String

    ID number

    address

    String

    Address

    province

    String

    Province

    Note

    Reserved field. Returns empty by default.

    city

    String

    City

    Note

    Reserved field. Returns empty by default.

    originOfIssue

    String

    Issuing authority

    issueDate

    String

    Date of issue

    expiryDate

    String

    Expiry date