1. Kount Developer
  2. Kount 360
  3. Identity Proofing
Quick Links

Identity Proofing Integration Guide

Identity Proofing in Kount 360 uses a collection of data and verification methods, like real-time policy configuration, case management, and business intelligence analytics, that can be organized into custom workflows to identify fraud and verify consumer identities during any part of the user journey.

With Identity Proofing, you have the ability to configure strategies that organize active and passive verification checks, apply fraud and business information, and branch workflows to achieve desired outcomes during different stages.

Before you can integrate with Identity Proofing, you must have:

  • A Kount 360 organization ID (provided by your Customer Success Manager)

  • A client ID

  • Admin permissions

  • Strategy templates (these are created internally by Equifax)

A successful integration with Identity Proofing requires the following:

  1. An API key

  2. A bearer token

  3. A strategy to pass in the API

  4. The Assessment and Update API endpoints

  5. Device Data Collector implementation

  6. Webhooks (optional)

Configurable Components for Identity Proofing

To integrate Identity Proofing into your systems, you will need to configure several components within Kount 360. Some settings are required — like strategies — while others are optional and help tailor the integration to your needs. This section outlines what is what is essential to get started.

Strategies 

Strategies define the verification checks and step-up methods used in Identity Proofing workflows. At least one strategy template must be created internally before you can configure a strategy. The strategy name is referenced in the Assessment API to determine which workflow to apply. For more information, go to Strategies in Identity Proofing.

Rejection Codes 

Rejection codes are used when an agent or an update API closes a case that is in Review or Challenge. When sending an Update API with rejection codes, they are validated against the Rejection Code not the Rejection Code Name.

  • Color 

    You can open the color selection menu and select a color for each rejection code. This color is visible when a rejection code is selected.

  • Rejection Code 

    An assigned alphanumeric code. This code is used when the Update API is invoked and a rejection code is included. The rejection code cannot be edited after creation.

  • Rejection Code Name 

    This is the title for the rejection code. The character limit is 255 and can be edited.

  • Sort Order 

    You can sort the rejection codes by dragging and dropping them. The sort order is the order rejection codes will display in the selection menus when a fraud agent wants to choose a rejection code.

For more information, go to Rejection Codes in Identity Proofing.

Queue Manager 

Queues can be created to segment cases in Case Management. Cases can be assigned to a queue by:

When a case is updated with the Update API and the queue is passed in the request body, it is validated against the queues created in the Queue Manager.

Device Data Collector Implementation

The Device Data Collector gathers information from a customer’s device by running client-side scripts and then sending that data to Kount. This passive analysis conceals the Kount 360 interaction with the customer and does not affect the customer’s experience.

The flow for device data collection follows this pattern:

Kount_360_DDC_Flow_V2__1_.svg

  1. Generate Session ID: Generates a session ID and provides it to the Device Data Collector SDK.

  2. Device Data Collector SDK collects and sends device data: The Device Data Collector sends the collected device data to Kount 360.

  3. Submit event data
with session ID to your server: When the event data (the order, login, or new account opening data) gets submitted to your server, include the session ID that was passed to the Device Data Collector.

  4. Send event data
with session ID
to Kount 360: Pass the session ID in the call to Kount 360, along with the rest of the event data.

  5. Associate device data and event data by matching the session ID: Kount 360 associates the device data and the event data by using the session ID that was passed to Kount 360.

For detailed instructions, use our guided Device Data Collector Content generator or follow the steps in the Native iOS and Android SDKs article.

Device Data Collector Browser Recommendations

Placement and configuration of the browser Device Data Collector is important for gathering information to identify devices, adhere to business policies, and accurately define sign in risk.

Page and Page Location

Place the Device Data Collector code in the body of the sign-in page. Kount reduces collection from the same session ID when a collection comes within 15 minutes. We recommend that you run a single data collection per session. When multiple collections are run in a single session — if the collection was placed in the header — it is possible the collection events can be mistaken as a DDOS attack, throttling all collections from your site.

Google Chrome Lazy Load

The Google Chrome Lazy Load feature defers loading images and iFrames that come below the end of the page. This feature is active when the Chrome Data Saver feature is on and when the loading attribute is set to auto or unset. If you are using the Kount legacy data collector that uses an iFrame, update integration or set the loading attribute to eager, which bypasses lazy loading functionality.

Content Security Policy

Kount uses both third-party and first-party cookies as well as device data to identify devices. In order to take full advantage of the Device Data Collector, you can make modifications to the Content Security Policy on your site. For more information, go to Content Security Policies (CSP) and the Device Data Collector.

Generate an API Key

In Kount 360, after you have been invited to an organization and your client is initialized, you can generate API keys to securely send data to Kount. You must have an initialized client before you can create an API key.

Note

Only users with the Owner role permissions can generate, delete, or edit API keys.

  1. Sign in to Kount 360. There are two integration environments: sandbox and production. Only integrate into our sandbox environment if you are integrating a pre-production environment without production data.

  2. Select Admin, then Product Configuration.

  3. In System Settings, select API Keys.

    All initialized clients display.

  4. For the client you want to create an API key for, select Generate API Key.

    The new API key is generated. A prompt displays with the ability to copy the API key and add a description.

  5. Copy the API key and store it in a secure location.

    Note

    The API key is not provided again. You must store it in a secure location for future reference. If the API key is compromised or lost, create a new API key and delete the the compromised one.

  6. Enter a description, then select Confirm.

API keys are organized under each client on the API Keys page. Expand the client to view your API keys, the descriptions, and when they were created.

Creating a Bearer Token

After you have provisioned your API credentials in the portal, retrieve a temporary bearer token to authenticate calls to the Kount 360 API. Provide the API key and client ID in an HTTP POST to a specific login.kount.com URL.

With a successful exchange, the returned JSON provides a special bearer token, which is the access_token property. The exchange also provides an expiration date, the expires_in property, provided in seconds until expiration. The API to retrieve the bearer token depends on if you are calling the sandbox or production environment.

The values are:

Sandbox

Auth Server URL:

https://login.kount.com/oauth2/ausdppkujzCPQuIrY357/v1/token?grant_type=client_credentials&scope=k1_integration_api

API Service Host:

https://api-sandbox.kount.com

Production

Auth Server URL:

https://login.kount.com/oauth2/ausdppksgrbyM0abp357/v1/token?grant_type=client_credentials&scope=k1_integration_api

API Service Host:

https://api.kount.com

After obtaining the bearer token, use it to authenticate requests to the Kount 360 API. Include the token in the Authorization header of your HTTP API request, prefixed with Bearer {bearer token}.

To prevent authentication issues, refresh the token before it expires. Tokens issued by login.kount.com expire after 20 minutes, but client credentials remain valid unless revoked. Minimize calls to the /token endpoint by implementing token expiration handling in your customer applications. Always check if a token has expired before requesting a new one, as excessive calls to the /token endpoint could result in rate limiting.

Examples of retrieving and using the bearer token in popular programming languages:

Python

Python Code Example

"""sandbox"""
import requests
AUTH_SERVER_URL = "https://login.kount.com/oauth2/ausdppkujzCPQuIrY357/v1/token"
API_URL = "https://api-sandbox.kount.com"
API_KEY = "YOUR API KEY HERE"
CLIENT_ID = "YOUR CLIENT_ID HERE"

r = requests.post(AUTH_SERVER_URL,
                  params={"grant_type": "client_credentials",
                          "scope": "k1_integration_api"},
                  headers={"Authorization": "Basic" + API_KEY,
                           "Content-Type":
                           "application/x-www-form-urlencoded"})

t = r.json()["access_token"]

r = requests.post(API_URL + "/login",
                  headers={'Authorization': "Bearer " + t},
                  json={
                    "clientId": "900900",
                    "sessionId": "d121ea2210434ffc8a90daff9cc97e76",
                    "userId": "meoyyd8za8jdmwfm",
                    "username": "meoyyd8za8jdmwfm",
                    "userPassword": "38401eb46f8fbb74c1846a5f47f68d83a9bef126b1d4143f886cd464323cdaab",
                    "userIp": "192.168.0.1",
                    "loginUrl": "http://www.example.com/login",
                    "userAuthenticationStatus": "true",
                    "userCreationDate": "2019-08-24T14:15:22Z",
                    "userType": "VIP",
                    "mfaPhone": "+12081234567",
                    "mfaEmail": "username@example.com",
                    "userAgent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36",
                    "context": "LOGIN"
                })
print("Response:", r.json())

TypeScript

TypeScript Code Example

const axios = require('axios')

const API = 'https://api-sandbox.kount.com'
const ISSUER = 
'https://login.kount.com/oauth2/ausdppkujzCPQuIrY357'
const CLIENT_ID = 'YOUR CLIENT ID HERE'
const API_KEY = 'YOUR API KEY HERE'

async function getBearerToken() {

    const auth = await axios({
        url: `${ISSUER}/v1/token`,
        method: 'post',
        headers: {
            authorization: `Basic ${API_KEY}`
        },
        params: {
            grant_type: 'client_credentials',
            scope: 'k1_integration_api'
        }
    })

    return auth.data.access_token
}

async function evaluateLogin(token: string) {

    const resp = await axios({
        url: `${API}/login`,
        method: 'post',
        headers: {
            authorization: `Bearer ${token}`,
        },
        data: {
            clientId: "900900",
            sessionId: "d121ea2210434ffc8a90daff9cc97e76",
            userId: "meoyyd8za8jdmwfm",
            username: "meoyyd8za8jdmwfm",
            userPassword: "38401eb46f8fbb74c1846a5f47f68d83a9bef126b1d4143f886cd464323cdaab",
            userIp: "192.168.0.1",
            loginUrl: "http://www.example.com/login",
            userAuthenticationStatus: "true",
            userCreationDate: "2019-08-24T14:15:22Z",
            userType: "VIP",
            mfaPhone: "+12081234567",
            mfaEmail: "username@example.com",
            userAgent: "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36",
            context: "LOGIN"
        }
    })

    return resp.data
}
const main = async () = {
    const token = await getBearerToken();
    const resp = await evaluateLogin(token);
    console.log(JSON.stringify(resp, null, 4))
}

main()

Bash

Bash Code Example

#!/usr/bin/env bash

API='https://api-sandbox.kount.com'
ISSUER='https://login.kount.com/oauth2/ausdppkujzCPQuIrY357'
CLIENT_ID= "YOUR CLIENT_ID HERE"
API_KEY= "YOUR API KEY HERE"''

# Get our token (it is valid for 20 minutes)
RESPONSE=$(curl -s -X POST "${ISSUER}/v1/token?grant_type=client_credentials&scope=k1_integration_api" -H "Authorization: Basic ${API_KEY}" -H "Content-Type: application/x-www-form-urlencoded")
TOKEN=$(echo $RESPONSE | jq -r .access_token)

# Make our evaluation request
REQUEST_DATA='{
                "clientId": "900900",
                "sessionId": "d121ea2210434ffc8a90daff9cc97e76",
                "userId": "meoyyd8za8jdmwfm",
                "username": "meoyyd8za8jdmwfm",
                "userPassword": "38401eb46f8fbb74c1846a5f47f68d83a9bef126b1d4143f886cd464323cdaab",
                "userIp": "192.168.0.1",
                "loginUrl": "http://www.example.com/login",
                "userAuthenticationStatus": "true",
                "userCreationDate": "2019-08-24T14:15:22Z",
                "userType": "VIP",
                "mfaPhone": "+12081234567",
                "mfaEmail": "username@example.com",
                "userAgent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36",
                "context": "LOGIN"
              }'
RESPONSE=$(curl -s -X POST ${API}/login -H "Authorization: Bearer ${TOKEN}" -d "$REQUEST_DATA")
echo "$RESPONSE" | jq

Go

Go Code Example

package main

import (
        "bytes"
        "encoding/json"
        "fmt"
        "io"
        "net/http"
)

type config struct {
        API      string
        Issuer   string
        ClientId string
        APIKey   string
}

func getToken(c *http.Client, issuer, creds string) string {

        req, _ := http.NewRequest(http.MethodPost, issuer+"/v1/token", nil)

        req.Header.Add("Authorization", "Basic "+creds)

        req.Header.Add("Content-Type", "application/x-www-form-urlencoded")

        q := req.URL.Query()
        q.Add("grant_type", "client_credentials")
        q.Add("scope", "k1_integration_api")
        req.URL.RawQuery = q.Encode()

        resp, _ := c.Do(req)
        defer resp.Body.Close()

        t := struct {
                TokenType   string `json:"token_type"`
                ExpiresIn   int    `json:"expires_in"`
                AccessToken string `json:"access_token"`
        }{}

        json.NewDecoder(resp.Body).Decode(&t)
        return t.AccessToken
}

func evaluate(c *http.Client, api string, payload LoginRequest, token string) string {

        j, _ := json.Marshal(payload)

        req, _ := http.NewRequest(http.MethodPost, api+"/login", bytes.NewBuffer(j))

        req.Header.Add("Authorization", "Bearer "+token)

        resp, _ := c.Do(req)
        defer resp.Body.Close()

        b, _ := io.ReadAll(resp.Body)
        s := string(b)
        return s
}

type LoginRequest struct {
        ClientID                 string `json:"clientId"`
        SessionID                string `json:"sessionId"`
        UserID                   string `json:"userId"`
        Username                 string `json:"username"`
        UserPassword             string `json:"userPassword"`
        UserIP                   string `json:"userIp"`
        LoginURL                 string `json:"loginUrl"`
        UserAuthenticationStatus string `json:"userAuthenticationStatus"`
        UserCreationDate         string `json:"userCreationDate"`
        UserType                 string `json:"userType"`
        MFAPhone                 string `json:"mfaPhone"`
        MFAEmail                 string `json:"mfaEmail"`
        UserAgent                string `json:"userAgent"`
        Context                  string `json:"context"`
}

func main() {
        config := config{
                API:      "https://api-sandbox.kount.com",
                Issuer:   "https://login.kount.com/oauth2/ausdppkujzCPQuIrY357",
                ClientId: "",
                APIKey:   "",
        }
        client := &http.Client{}
        token := getToken(client, config.Issuer, config.APIKey)

        payload := LoginRequest{
                ClientID:                 config.ClientId,
                SessionID:                "d121ea2210434ffc8a90daff9cc97e76",
                UserID:                   "meoyyd8za8jdmwfm",
                Username:                 "meoyyd8za8jdmwfm",
                UserPassword:             "38401eb46f8fbb74c1846a5f47f68d83a9bef126b1d4143f886cd464323cdaab",
                UserIP:                   "192.168.0.1",
                LoginURL:                 "http://www.example.com/login",
                UserAuthenticationStatus: "true",
                UserCreationDate:         "2019-08-24T14:15:22Z",
                UserType:                 "VIP",
                MFAPhone:                 "+12081234567",
                MFAEmail:                 "username@example.com",
                UserAgent:                "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36",
                Context:                  "LOGIN",
        }

        resp := evaluate(client, config.API, payload, token)
        fmt.Printf("%s\n", resp)
}

Assessment API endpoint

This is the API endpoint required to integrate with Identity Proofing in order to submit new inquiries for assessment and to create cases. The Assessment API request requires a strategy, which is created in Admin > Identity Proofing > Strategies.

Note

The strategy used in the strategy field in the API request must match the name of the strategy created in Kount 360.

The authenticationId is passed in the body of the response and is used to reference any subsequent updates to this event. The response body can be verbose or non-verbose. This mode is set internally at the time of template creation.

The inquiryId is a value passed in the body of the response and should be a unique identifier. Both the inquiryId and authenticationId are required for the Update API.

For more information, go to Assessment API help.

Sandbox:

https://api-sandbox.kount.com/business/identity-proofing/v1/assess

Production:

https://api.kount.com/business/identity-proofing/v1/assess

API Request for Assessment API

Header

x-client-id: 000000

Body

Example API Request

{
  "inquiryId": "1234567890",
  "strategy": "default",
  "channel": "mobile",
  "creationDateTime": "2024-07-22T15:59:00Z",
  "deviceSessionId": "SESSION_XYZ123",
  "userIp": "192.168.1.100",
  "account": {
    "accountId": "9876543210",
    "type": "personal",
    "creationDateTime": "2023-01-15T10:30:00Z",
    "username": "johnsmith",
    "accountIsActive": true
  },
  "product": {
    "productName": "Personal Loan",
    "productType": "loan",
    "productId": "LOAN-123",
    "requestedAmount": 25000,
    "status": "Pending"
  },
  "applicant": {
    "phoneNumber": "15551234567",
    "email": "johnsmith@example.com",
    "dateOfBirth": "1990-05-20",
    "name": {
      "first": "John",
      "middle": "David",
      "last": "Smith",
      "secondLast": null,
      "suffix": "Jr.",
      "preferred": "Johnny"
    },
    "governmentId": [
      {
        "type": "passport",
        "issueDate": "2015-03-10",
        "expirationDate": "2025-03-09",
        "value": "AB12345678",
       "countryCode": "USA",
        "state": null
      }
    ],
    "addresses": [
      {
        "type": "HOME",
        "recency": "CURRENT, FORMER, OTHER",
        "line1": "123 Main Street",
        "line2": "Apt 4B",
        "city": "Anytown",
        "region": "CA",
        "countryCode": "USA",
        "postalCode": "90210"
      }
    ],
    "employment": [
      {
        "employer": {
          "name": "Acme Corporation",
          "address": {
            "type": "BUSINESS",
            "recency": "CURRENT, FORMER, OTHER",
            "line1": "456 Elm Street",
            "line2": "Suite 100",
            "city": "Anytown",
            "region": "CA",
            "countryCode": "USA",
            "postalCode": "90210"
          }
        },
        "income": {
          "period": "monthly",
          "amount": 5000,
          "currency": "USD"
        },
        "employeeTitle": "Software Engineer",
        "startDate": "2020-06-01",
        "endDate": null, // Currently employed
        "currentEmployee": true,
        "contractType": "full-time"
      }
    ]
  },
  "coApplicant": null,
  "customFields": {
    "keyString": "PAY",
    "keyBoolean": "TRUE",
    "keyDate": "2024-07-22T15:59:00Z",
    "keyNumber": 2022
  }        
}

API Response for Assessment API

Header

x-correlation-id: dc4e670a-9398-4bf9-b563-ae625097a076 (guid)

Body

Example API Response

{
  "inquiryId": "1234567890",
  "authenticationId": "3b42bd08-9ccc-4886-bcaa-8da4ab607675",
  "deviceSessionId": "d121ea2210434ffc8a90daff9cc97e76",
  "decision": "Allow",
  "userSegment": "OnlineNewCustomer",
  "tags": ["newCustomer", "international"],
  "scorecards": [
    { "name": "FraudScore", "value": 72 },
    { "name": "CreditScore", "value": 685 }
  ],
  "deviceId": "ABCDEFG12345",
  "entityId": "9876543210", //only for internal EFX clients, enabled by configuration or entitlement
  "insights": {
    "applicant": {
      "identityTrust": true,
      "addressTrust": true,
      "phoneTrust": true,
      "emailTrust": true,
      "SSNTrust": true,
      "deceased": false,
      "riskAssessment": "Pass"
    },
    "coapplicant": { // If co-applicant information is present
      "identityTrust": "N",
      "addressTrust": true,
      "phoneTrust": true,
      "emailTrust": true,
      "SSNTrust": true,
      "deceased": false,
      "riskAssessment": "Pass"
    }
  },
  "strategy": {
    "strategyName": "EnhancedVerification",
    "description": "Additional verification due to moderate digital risk.",
    "status": "Active",
    "actions": [
      {
        "method": "KBA",
        "status": "Challenge",
        "data": {
          "questionnaireId": "1",
            "questions": [
                {
                    "questionId": 1,
                    "questionText": "Your credit file indicates you may have a home loan, opened in or around August 2019. Who is the credit provider for this account?",
                    "choiceType": {"type":"singleChoice"},
                    "choices": [
                        {
                            "choiceId": 1,
                            "choiceText": "Esteem Bancshares"
                        },
                        {
                            "choiceId": 2,
                            "choiceText": "Grand Fortune Financial Holdings"
                        },
                        {
                            "choiceId": 3,
                            "choiceText": "Central Bank Group"
                        },
                        {
                            "choiceId": 4,
                            "choiceText": "Apex Financial Inc."
                        },
                        {
                            "choiceId": 5,
                            "choiceText": "NONE OF THE ABOVE"
                        }
                    ]
                },
                {
                    "questionId": 2,
                    "questionText": "Your credit file indicates you may have a home loan, opened in or around August 2019. Who is the credit provider for this account?",
                    "choiceType": {"type":"singleChoice"},
                    "choices": [
                        {
                            "choiceId": 1,
                            "choiceText": "Esteem Bancshares"
                        },
                        {
                            "choiceId": 2,
                            "choiceText": "Grand Fortune Financial Holdings"
                        },
                        {
                            "choiceId": 3,
                            "choiceText": "Central Bank Group"
                        },
                        {
                            "choiceId": 4,
                            "choiceText": "Apex Financial Inc."
                        },
                        {
                            "choiceId": 5,
                            "choiceText": "NONE OF THE ABOVE"
                        }
                    ]
                },
                {
                    "questionId": 3,
                    "questionText": "Your credit file indicates you may have a home loan, opened in or around August 2020. Who is the credit provider for this account?",
                    "choiceType": {"type":"singleChoice"},
                    "choices": [
                        {
                            "choiceId": 1,
                            "choiceText": "Esteem Bancshares"
                        },
                        {
                            "choiceId": 2,
                            "choiceText": "Grand Fortune Financial Holdings"
                        },
                        {
                            "choiceId": 3,
                            "choiceText": "Central Bank Group"
                        },
                        {
                            "choiceId": 4,
                            "choiceText": "Apex Financial Inc."
                        },
                        {
                            "choiceId": 5,
                            "choiceText": "NONE OF THE ABOVE"
                        }
                    ]
                }
            ]
        }
      }
    ]
  },
  "thirdPartyCalls": {
    "applicant": {
      "atDataResponse": {
        "risk": {
          "score": 2,
          "queryId": "39b97005-16f1-4ac9-8874-9b67ed5cc4ea",
          "ip": {
            "organization": "equifax  inc.",
            "latitude": 33.79846,
            "longitude": -84.38828
          },
          "domain": {},
          "postal": {
            "deliverability": "undeliverable",
            "lastNameMatch": "match",
            "firstNameMatch": "match",
            "deliverabilitySubstatus": "invalid_unclear",
            "zipMatch": "no_match",
            "cityMatch": "no_match",
            "streetMatch": "no_match",
            "ipPostalDistance": "< 5 miles"
          },
          "phone": {
            "owner": {}
          }
        },
        "eam": {
          "longevity": 3,
          "velocity": 10,
          "dateFirstSeen": "2011-05-20",
          "popularity": 10
        },
        "dam": {
          "longevity": 3,
          "velocity": 10,
          "dateFirstSeen": "2002-11-09",
          "popularity": 10
        },
        "emailValidation": {
          "domainType": "freeisp",
          "statusCode": 400,
          "address": "johnsmith@gmail.com",
          "status": "invalid"
        }
      }
    },
    "coApplicant": {
      "atDataResponse": {
        "risk": {
          "score": 1,
          "queryId": "85782c4c-f351-40ac-8213-a2ca33ff79f8",
          "ip": {},
          "domain": {},
          "postal": {
            "deliverability": "undeliverable",
            "lastNameMatch": "match",
            "firstNameMatch": "match",
            "deliverabilitySubstatus": "invalid_unclear",
            "zipMatch": "no_match",
            "cityMatch": "no_match",
            "streetMatch": "no_match"
          },
          "phone": {
            "owner": {}
          }
        },
        "eam": {
          "longevity": 3,
          "velocity": 10,
          "dateFirstSeen": "2011-05-20",
          "popularity": 10
        },
        "dam": {
          "longevity": 3,
          "velocity": 10,
          "dateFirstSeen": "2002-11-09",
          "popularity": 10
        },
        "emailValidation": {
          "domainType": "freeisp",
          "statusCode": 400,
          "address": "johnsmith@gmail.com",
          "status": "invalid"
        }
      }
    }
  }
}

Update API endpoint

When an end user completes a step-up notification and step-ups are being processed customer-side, call this API to update the case status. The authenticationId is passed in the response body of the original Assessment API call. The authenticationId and inquiryId is used to identify which case to update.

The Update API can be used to update cases when any process outside of Kount 360 requires a case update. Some examples might include:

  • Customers working with a call center and Customer Relationship Management (CRM) to update a case

  • Third-party integrations to manage a case

  • Making a call to Kount 360 to update a case

For more information, go to Update API help.

Sandbox:

https://api-sandbox.kount.com/business/identity-proofing/v1/update

Production:

https://api.kount.com/business/identity-proofing/v1/update

Update a case with a webhook

A webhook is a callback function that securely enables your workflows to receive events as they occur over HTTP. When an event happens in Kount 360, for example the fraud assessment status of an order is updated, we provide your webhook registration with a payload containing information about the event.

To implement a webhook, you must:

  1. Create a webhook by providing the URL to the API endpoint and selecting the events you want to be notified about. Refer to Managing Webhooks.

  2. Get the public key provided in the Kount 360 portal to verify the authenticity of the events received. Kount creates an RSA 4096 key pair. The private key is used by Kount to sign the message and the public key is available to you for verifying the signature of events that your server receives.

When a fraud agent changes the decision of a Identity Proofing case to Allow, Deny, or opens a case that is closed and webhooks are implemented, a webhook is sent to the customer to update the case status.

Example of a webhook payload

{
  "apiVersion": "v1",
  "authenticationId": "11111111-1111-1111-1111-111111111111",
  "clientId": "xxxxxx",
  "creationDateTime": "",
  "eventDateTime": "2025-05-22T16:08:09.224Z",
  "eventType": "IdentityProofing.StatusChange",
  "fields": {
    "assignee": "joe@joe.com",
    "caseStatus": "CLOSED",
    "decision": "Allow",
    "queue": "",
    "tags": [
      "tag1",
      "tag2"
    ],
    "verifiedFraud": false
  },
  "fieldsUpdated": [
    {
      "fieldName": "decision",
      "newValue": "Allow",
      "oldValue": "Review"
    },
    {
      "fieldName": "caseStatus",
      "newValue": "CLOSED",
      "oldValue": "UNASSIGNED"
    }
  ],
  "inquiryId": "PF122312211"
}
Was this article helpful?
0 out of 0 found this helpful
Identity Proofing
Identity Proofing Integration Guide