Sessions and states

Discover what an identity validation session is, the stages of the process, and their different states.


What is an identity validation session?

To verify someone's identity, it is necessary to complete the KYC process, and for validating a company, we use the KYB verification.

When starting either of these two processes, a new identity validation session is created, where all the information from that verification will be stored. In other words, sessions are the main entity in Identity.

The main objectives of this solution are:

  • Collect all necessary data and documents.
  • Verify the authenticity of all that information.
  • Compare the data to prevent illegal activities, such as money laundering, terrorist financing, and fraud.

How is an identity validation session composed?

Each session is composed of several steps, which are different stages in the verification process. Each step indicates one of the various checks we perform to carry out a verification.

The steps vary between validating a user or a company:

KYCKYB
T&C acceptanceT&C acceptance
Proof of lifeForm completed
Selfie / document matchCompany validation
OCRPartner validation
Form completedDocument validation
Data validationRisk validation
Photo validation-
Risk validation-

What states can steps have?

The state of the session is determined by the state of the steps. The steps have their own state and, all these states together define the overall state of the session. The states of the steps are as follows:

PENDINGIndicates that there are pending steps or information in the validation process.
SUCCESSIndicates that the client successfully completed the step.
PROCESSINGIndicates that we are waiting for a response from our provider.
FAILEDIndicates that the client did not complete the step correctly.
NOT AVAILABLEIndicates that we cannot access one of the services we use.
For the session to be valid, all the steps must be in the SUCCESS state.

What is the state of a session?

There are two types of session states:

  • Temporary states: these show the progress of the session.
  • Terminal states: these are the states where a session is finished, with no possibility of going back.

In this graph, you can see the states that a session goes through and its possible final states.

Modelo de estados

What state can a session have?

As the steps progress, the session will go through different states:

CREATEDInitial state indicating that a new validation session was created.
IN PROGRESSIndicates that the user started the identity validation process. The change from CREATED to IN PROGRESS occurs when your client takes the first action in the flow.
PROCESSINGThis is a transitory state that is activated when we are waiting for information to perform verifications asynchronously or when a provider is experiencing delays. This state allows you to provide your users with a more contextualized and timely message.
MANUAL REVIEWIndicates that at least one step in the flow requires manual review, as it cannot be resolved automatically.
REJECTEDIndicates that after a thorough analysis, it was determined that the session does not meet the validation criteria. Once this state is confirmed, a new session cannot be created for the same user or company.
NOT VALIDATEDIndicates that we could not validate one or more steps in the flow, preventing the confirmation of the user's identity. In this case, you can recreate another session for the same user or company. Learn about the failure reasons that can cause this state.
VERIFIEDIndicates that all steps of the session have been validated.
EXPIREDIndicates that the session cannot be carried out because the established time to access the flow has expired.
CANCELLEDIndicates that the session cannot be carried out for one of the following reasons:
     - Se creó una nueva sesión para el mismo usuario. A new session was created for the same user. In that case, the previous session is set to the CANCELLED state, and your client continues the flow in the new session.
     - You decide to cancel the session for security or fraud prevention reasons.
A user can have multiple sessions associated over time, but can only have one session in a temporary state at a time. Each session has a unique reference code, you can find an example in our API Reference.
After creating a session, you will receive notifications about transitions and state changes through webhooks to an endpoint that you can configure in the integration process. You can also obtain session information through the API.

Did you find the content of this document helpful?