1. Identity and Fraud Developer
  2. Kount 360
  3. Identity Proofing

Identity Proofing One-Time Passcode API Specifications

If the decision for an order is Challenge, the strategy proceeds with the configured step-up. In this case, a One-Time Passcode is the configured step-up. For information about sending the Identity Proofing Assessment, go to the Identity Proofing Integration Guide or the swagger documentation.

One-time passcode flow

When an SMS one-time passcode (OTP) verification is initiated by Identity Proofing, the following occurs:

  1. An SMS message is delivered to the consumer with a generated code.

  2. The customer exposes the web-form and copies the code.

  3. The code is sent with an API to the Identity Proofing Verify API.

  4. Identity Proofing responds giving indication if the one-time passcode matches what was sent to the consumer.

Identity Proofing Verification API specifications

The Identity Proofing Verification API is required to send and receive API requests and responses. Refer to the following specifications to set up the Identity Proofing Verification API.

Sandbox URL

https://api-sandbox.kount.com/business/identity-proofing/v1/verify

Production URL

https://api.kount.com/business/identity-proofing/v1/verify

Identity Proofing API request

Header

x-client-id: 000000

Body

Example API request

{
  "inquiryId": "4172025548",
  "authenticationId": "8d5f5978-e281-4364-934d-caef9776683e",
  "strategy": {  
    "strategyName": "PhoneVerify",
    "actions": {
      "method":"SMS_OTP",
        "data": {
          "resend":false,   
          "otp": "123456"
        }    
    }
  }
}

Identity Proofing API request properties table

The following properties are in the Identity Proofing API request.

JSON Path

Field Name

Description

Type

Example

inquiryId

Inquiry ID

This is a required field. A customer-supplied identifier used to track the status across the inquiry or customer journey.

String

1234567890

authenticationId

Authentication ID

This is a required field. UUID generated by Identity Proofing to identify and correlate all the interactions for an authentication attempted by the end user.

This identifier is returned from the initial Identity Proofing assessment request.

String

3b42bd08-9ccc-4886-bcaa-8da4ab607675

strategyName

Strategy name

This is a required field. The name assigned to the strategy by the customer. Strategy names are configured in Kount 360.

Enum

PhoneVerify

method

Step-up method

The step-up method used. This depends on the configured step-up methods: KBA, SMS_OTH, EMAIL_OTH, SMS_OTP, DOCV

Enum

OTP

resend

Resend

If the SMS verification must be resent to the consumer.

Boolean

false

otp

One-time passcode

The one-time passcode (OTP) the consumer entered into the form to be verified.

String

123456

Identity Proofing API response

Body

Example API response

{
  "inquiryId": "4172025548",
  "authenticationId": "8d5f5978-e281-4364-934d-caef9776683e",
  "decision": "Challenge",
  "strategy": {
    "strategyName": "PhoneVerify",
    "description": "phone verification and step up",
    "status": "complete"
  },
  
  "actions": {
    "method": "SMS_OTP",
    "status": "VERIFIED",
    "data": {
       "authentication":{
         "characteristics":{
           "key": "OTP",
           "value": "Match",
           "text": "OTP matches sent code"

         }
       }
    }
  }
}



{
  "inquiryId": "4172025548",
  "authenticationId": "8d5f5978-e281-4364-934d-caef9776683e",
  "decision": "Challenge",
  "strategy": {
    "strategyName": "PhoneVerify",
    "description": "phone verification and step up",
    "status": "complete"
  },
  
  "actions": {
    "method": "SMS_OTP",
    "status": "TERMINATED",
    "data": {
       "authentication":{
         "characteristics":{
           "key": "OTP",
           "value": "TERMINATED",
           "text": "OTP TERMINATED"

         }
       }
    }
  }
}

Identity Proofing API request properties table

The following properties are in the Identity Proofing API request.

JSON Path

Field Name

Description

Type

Example

inquiryId

Inquiry ID

This is a required field. A customer-supplied identifier used to track the status across the inquiry or customer journey.

String

1234567890

authenticationId

Authentication ID

This is a required field. UUID generated by Identity Proofing to identify and correlate all the interactions for an authentication attempted by the end user.

This identifier is returned from the initial Identity Proofing assessment request.

String

3b42bd08-9ccc-4886-bcaa-8da4ab607675

decision

Verification decision

The outcome of the decision based on the verification: Pass, Fail, Pending

Enum

Allow

strategy.strategyName

Strategy name

This is a required field. The name assigned to the strategy by the customer. Strategy names are configured in Kount 360.

String

PhoneVerify

strategy.description

Strategy description

The description of the strategy created by the customer in Kount 360.

Enum

Phone verification and step up.

strategy.status

Strategy status

The status of the strategy: Active, Complete, Pending

Enum

Complete

actions.method

Actions method

The step-up method used. This depends on the configured step-up methods: KBA, SMS_OTH, EMAIL_OTH, SMS_OTP, DOCV

Enum

SMS_OTP

actions.status

Action status

The status of the action: Challenge, Pending, Passed, Failed

Enum

VERIFIED

data.authentication.characteristics.key

Data authentication characteristics key

The key field with the characteristic data for the step-up method.

String

OTP

data.authentication.characteristics.value

Data authentication characteristics value

The value of the key field.

String

Match

data.authentication.characteristics.text

Data authentication characteristics text

The description of the key value.

String

OTP matches sent code.
Was this article helpful?
0 out of 0 found this helpful
Identity Proofing
Identity Proofing Integration Guide
Document Verification Integration Guide
Webhooks in Identity Proofing
Synthetic Identity Alerts
Identity Proofing One-Time Passcode API Specifications