This topic describes how to call the CheckResult API operation to retrieve the results of an eKYC_PRO authentication.
API description
API name: CheckResult
Request method: HTTPS POST
Description: After you receive a callback notification, call this API operation on the server to retrieve the authentication status and materials.
ImportantBy default, ID Verification service results are stored for 30 days and then automatically deleted. You must retrieve the verification results within 30 days.
This API operation has a dedicated QPS limit. For more information, see QPS limits for ID Verification server-side API operations.
Endpoints:
NoteBenefits of internal network access: An internal network is a private communication network between Alibaba Cloud products within the same region. If your business server is deployed in the corresponding Alibaba Cloud region, you can use the internal same-region endpoint to access the ID Verification service. This provides more secure and stable communication.
Optimization suggestions for access from outside China: Network environments outside China can be complex. To optimize your integration solution, reduce network latency, and minimize request failures, see Server-side network latency analysis and optimization.
Singapore
Public network:
cloudauth-intl.ap-southeast-1.aliyuncs.comInternal network:
cloudauth-intl-vpc.ap-southeast-1.aliyuncs.com
Indonesia
Public network:
cloudauth-intl.ap-southeast-5.aliyuncs.comInternal network:
cloudauth-intl-vpc.ap-southeast-5.aliyuncs.com
China (Hong Kong)
Public network:
cloudauth-intl.cn-hongkong.aliyuncs.comInternal network:
cloudauth-intl-vpc.cn-hongkong.aliyuncs.com
Malaysia (Kuala Lumpur)
Public network:
cloudauth-intl.ap-southeast-3.aliyuncs.comInternal network:
cloudauth-intl-vpc.ap-southeast-3.aliyuncs.com
Online debugging and integration
Before you debug and integrate an API operation, see Debug and integrate server-side API operations using OpenAPI Explorer for information about how to call API operations and obtain SDKs and sample code in OpenAPI Explorer.
You can run this operation directly in OpenAPI Explorer to debug it, and generate its SDK sample code.
Request parameters
Name | Type | Required | Description | Example |
MerchantBizId | String | Yes | A unique business ID that you define to track and troubleshoot issues. It must be a combination of letters and digits up to 32 characters long. Ensure the ID is unique. Note Alibaba Cloud servers do not validate the uniqueness of this field. For better tracking, ensure the value is unique. | e0c34a77f5ac40a5aa5e6ed20c35**** |
TransactionId | String | Yes | The unique identifier for the entire verification flow. Call the Initialize API operation to obtain this value. Important To prevent tampering, use the TransactionId stored on your server when you call the Initialize operation. Do not use the TransactionId returned by the client-side callback. | hksb7ba1b28130d24e015d6******** |
IsReturnImage | String | No | Specifies whether to return authentication image data.
| Y |
Return data
Name | Type | Description | Example | |
HTTP Status Code | Integer | The HTTP status code. | 200 | |
HTTP Body | RequestId | String | The request ID. | 130A2C10-B9EE-4D84-88E3-5384FF039795 |
Code | String | Success | ||
Message | String | A detailed description of the response code. | success | |
Result.Passed | String | The final authentication result. Valid values:
| Y | |
Result.SubCode | String | A description of the authentication result. For more information, see ResultObject.SubCode error codes. | 200 | |
Result.ExtFaceInfo | String | Information about the face liveness verification result. For the JSON format, see the example on the right. For more information, see ExtFaceInfo. | | |
Result.ExtIdInfo | String | Information about the certificate recognition result. For the JSON format, see the example on the right. For more information, see ExtIdInfo. | | |
Result.ExtSourceInfo | String | The following describes the details of the data source verification results. The Indonesian data source is used as an example.
| | |
Return code
HTTP status code | Code | Message description |
200 | Success | Request successful. |
400 | MissingParameter | Parameter cannot be empty. |
InvalidParameter | Invalid parameter. | |
TransactionIdInvalid | Invalid Transaction ID. | |
403 | Forbidden.RAMUserAccessDenied | You need to grant the RAM user the AliyunAntCloudAuthFullAccess permission. For more information, see Authorize RAM users to access the service. |
Forbidden.AccountAccessDenied | Ensure that you have activated ID verification and your account has no overdue payment. | |
Throttling.Api | API request is blocked due to throttling. | |
404 | ProcessNotCompleted | The entire authentication process is not completed. |
500 | InternalError | Internal system error. Provide feedback to engineers for troubleshooting. |
503 | ServiceUnavailable | The service is unavailable. Contact engineers for troubleshooting. |
ResultObject.SubCode error codes
Error code | Is authentication record billed? | Description and suggested reasons |
200 | Yes | Authentication passed. |
202 | Yes | The national ID number is not in the authoritative data source. |
204 | Yes | Liveness face and selfie photo do not match. This may be due to a person-document mismatch or low-quality liveness photo. |
205 | Yes | Risk detected in liveness detection. |
206 | Yes | Business policy restriction. When safe mode is enabled, security checks are performed on the authentication device and environment. If risks are detected, the authentication fails. Troubleshooting steps:
|
207 | Yes | The selfie photo doesn't match the information in the authoritative data source. |
209 | Yes | Authoritative data source timeout. |
212 | Yes | Document anti-counterfeiting detection indicates risk. High-risk operations detected, such as re-capturing (taking a photo of a screen/photo ), tampering, or photocopying. |
214 | Yes | The personal information (national ID number, name, date of birth) doesn't match the information in the authoritative data source. |
215 | Yes | Neither the personal information (national ID number, name, date of birth) nor the selfie photo matches any records in the authoritative data source. |
216 | Yes | Authoritative data source detected a liveness anomaly. This can occur during verification with the Indonesian data source if the |
217 | Yes | The quality of the selfie photo doesn't meet the requirements. |
218 | Yes | The eKYC process has passed but failed to use the authoritative data source. |
ExtFaceInfo
Name | Type | Description | Example |
facePassed | String | The final result of the face liveness verification.
| Y |
faceComparisonScore | Double | The similarity score of the face comparison between the captured face and the face on the certificate. The value ranges from 0 to 100. | 99.99 |
faceImg | String | The captured face image in Base64 format. This field is returned if you set | Base64 format |
faceAttack | String | Indicates whether a liveness attack was detected on the captured face. Y: An attack was detected. N: No attack was detected. | N |
docVideoUrl | String | The OSS download URL for the evidence video. Note
| https://aliyun-cloudauth.oss-aliyuncs.com/******.webm |
faceAge | String | The predicted reference age based on the face image. This field may not be returned if the prediction fails. | 30 |
faceGender | String | The predicted gender based on the face image. This field may not be returned if the prediction fails.
| M |
faceAttackScore | Double | The probability of a spoofing attack predicted by the facial recognition algorithm. A higher score indicates a higher probability of a spoofing attack. The value ranges from 0 to 100. | 80 |
guardRiskScore | Double | The probability of device risk predicted by the Face-Guard algorithm. A higher score indicates a higher device risk. The value ranges from 0 to 100. | 90 |
ExtIdInfo
Name | Type | Description | Example |
ocrIdPassed | String | The final result of the certificate Optical Character Recognition (OCR) stage:
| N |
ocrIdInfoData | Map<String,Object> | Detailed OCR information for the certificate. The key is the page number of the certificate. For details about the value, see ocrIdInfoData. 01 and 02 represent the front and back (or secondary page) of the certificate. | |
ocrIdEditInfo | String | The certificate OCR field information submitted by the user after editing it on the OCR results page. This field is returned only when the client is configured to show the OCR results editing page (ShowOcrResult). Note For Web SDK integration, configure ShowOcrResult in the server-side Initialize API operation. | |
ExtInfo
Name | Type | Description | Example |
procedurePriority | String | The fallback authentication method:
| keep |
ocrIdInfoData
Name | Type | Description | Example |
idImage | String | The certificate OCR photo in Base64 format. This field is returned if you set the isReturnImage parameter to Y in the request and the certificate OCR process completes successfully. | Base64 format |
ocrIdPassed | String | The result for this page of the certificate during the OCR stage:
| N |
ocrIdInfo | String | Certificate OCR field information. For field details, see Certificate OCR fields. Note If the certificate OCR process fails, this field is empty. | |
spoofInfo | String | The result of certificate anti-spoofing detection, including the threat determination result and threat type: Note Card detection is enabled only when IdSpoof = Y in the Initialize API operation. Otherwise, spoofResult defaults to N, and spoofType is empty.
| |