checkresult
POST/api/v1/zoloz/realid/checkresult
The ZOLOZ Real ID checkresult API is used to request a result about the identity proofing process running status and other corresponding results, which include basic and detailed document verification results, face verification results, risk control results and so on. This API is idempotent.
structure
Request parameters
Field name | Data type | Max Length | Default Value | Description |
bizId | String | 32 | - | Required. A unique business ID for tracing purposes. For example, the sequence ID from the merchant's business-related database. Note: The ZOLOZ server does not perform uniqueness checks on the value of this field. For better tracking, it is strongly recommended to enable the merchant server to guarantee the uniqueness of the business ID. |
transactionId | String | 64 | - | Required. The unique transaction ID that is returned in the response of the initialize API. |
isReturnImage | String | 1 | N | Optional. A flag that specifies whether the image data needs to be returned in the response. The following values are supported:
|
extraImageControlList | List<String> | [] | Optional. Specify whether to return extra document images if isReturnImage is "Y". The following values are supported:
Note: The possibility of additional images being returned is dependent on whether these images have been captured successfully. This is determined by both the integration mode and the serviceLevel value set in the initialize API. For example, if the integration mode selected is Native App SDK and the serviceLevel value is | |
returnFiveCategorySpoofResult | String | 1 | N | Optional. Specify whether to return document spoofing check results in 5 categories. Valid values include:
|
Response parameters
Field name | Data type | Description |
result | Required. The API request result, which contains information about the result of the API request, such as status and error codes. | |
ekycResult | String | Optional. Specifies the running status of the whole identity proofing process. This field is only available when the value of the result.resultSatus filed is
|
extBasicInfo | ExtBasicInfo | Optional. Basic real-name information. This field is only available when the value of the result.resultStatus field is set to |
extFaceInfo | ExtFaceInfo | Detailed eKYC application face information. Only available when result.resultStatus is Optional. Detailed information about face verification. This field is only available when the value of the result.resultStatus field is set to |
extIdInfo | ExtIdInfo | Optional. Detailed information about document verification. This field is only available when the value of the result.resultStatus field is set to |
extRiskInfo | ExtRiskInfo | Optional. Detailed information about risk control. This field is only available when the value of the result.resultStatus field is set to |
extCustomInfo | ExtCustomInfo | Optional. Detailed information about customization information. This field is only available when the value of the result.resultStatus field is set to |
Result
Result process logic
For different request results, different actions are to be performed. See the following for details:
- If the value of the result.resultStatus is
S
, the ZOLOZ Real ID checkresult API is invoked successfully, and results about document verification, face verification, and risk control processing are returned. - If the value of the result.resultStatus is
F
, the invocation of the ZOLOZ Real ID checkresult API fails. Check the error code and message for more information about the possible reasons. Error codes.
Common error codes
For the full list of common error codes, see the Common error codes section in the Error handling topic.
API-specific error codes
The following table shows the possible error codes that are specific for the Real ID checkresult API.
resultCode | resultSatus | Description |
SUCCESS | S | The API call is successful. |
INVALID_ARGUMENT | F | Input parameters are invalid. For more information about which parameter is invalid, check the result message or the related log. |
SYSTEM_ERROR | F | Other internal errors. For more information about the error details, check the result message or the related log. |
Sample
Request Sample
The following sample shows what a request that the merchant server sends looks like.
{
"bizId": "2017839040588699",
"transactionId": "G000000005FID20200304000000000001570702",
"isReturnImage": "Y",
"extraImageControlList": [
"FACE_EYE_CLOSE",
"DOC_FRONT_ANGLE"
],
"returnFiveCategorySpoofResult": "Y"
}
Response Sample
The following sample shows what a response that the ZOLOZ server returns looks like.
{
"result": {
"resultCode": "SUCCESS",
"resultMessage": "Success",
"resultStatus": "S"
},
"ekycResult": "Pending",
"extBasicInfo": {
"certType": "08530000001",
"certNo": "A12345678",
"certName": "xxxxxx"
},
"extFaceInfo": {
"ekycResultFace": "Success",
"faceScore": 88,
"faceImg": "/9j/4AA..[omitted]..PxA=",
"extraImages": {
"FACE_EYE_CLOSE": "/9j/4AA..[omitted]..PxA="
},
"faceQuality": 97.61517973846627,
"faceLivenessResult": "Success",
"estimatedAge": 34,
"faceAttribute": {
"occlusionMouthResult": "false",
"occlusionForeheadResult": "false",
"occlusionResult": "false",
"occlusionChinResult": "false",
"occlusionEyesResult": "false",
"occlusionNoseResult": "false",
"occlusionCheekResult": "false",
"maskResult": "false",
"glassesResult": "true",
"hatResult": "false"
},
"deeperFaceResult":"Success",
"deeperFaceResultDescription":"",
"deviceRisk":{
"riskLevel": 0
}
},
"extIdInfo": {
"ekycResultDoc": "Pending",
"docEdition": 1,
"frontPageImg": "/9j/4AA..[omitted]..PxA=",
"backPageImg": "/9j/4AA..[omitted]..PxA=",
"extraImages": {
"DOC_FRONT_ANGLE": "/9j/4AA..[omitted]..PxA=",
"CROPPED_FRONT": "/9j/4AA..[omitted]..PxA=",
"CROPPED_BACK": "/9j/4AA..[omitted]..PxA="
},
"ocrResult": {
...
},
"ocrResultDetail": {
"MRZ_ID_NUMBER": {
"name": "ID_NUMBER",
"source": "MRZ",
"value": "xxxx"
},
"VISUAL_ID_NUMBER": {
"name": "ID_NUMBER",
"source": "VISUAL",
"value": "xxxx"
}
},
"spoofResult": {
"TAMPER_CHECK": "Y",
"MATERIAL_CHECK": "Y",
"SCREEN_RECAPTURE_CHECK": "Y",
"INFORMATION_CHECK": "Y",
"SECURITY_FEATURE_CHECK": "Y"
},
"extraSpoofResultDetails": [
{
"name": "landmarkCheck",
"result": "Y",
"spoofType": "SECURITY_FEATURE_CHECK",
"components": [
{
"name": "kadPengenalan",
"subResult": "Y"
},
{
"name": "mykadLogo",
"subResult": "Y"
},
{
"name": "flagLogo",
"subResult": "Y"
},
{
"name": "mscLogo",
"subResult": "Y"
},
{
"name": "ghostFace",
"subResult": "Y"
},
{
"name": "hibiscusLogo",
"subResult": "Y"
},
{
"name": "coatOfArm",
"subResult": "Y"
},
{
"name": "twinTower",
"subResult": "Y"
}
]
},
{
"name": "hologramCheck",
"result": "Y",
"spoofType": "SECURITY_FEATURE_CHECK",
"components": [
{
"name": "hologram",
"subResult": "Y"
}
]
},
{
"name": "pageInfoCheck",
"result": "Y",
"spoofType": "INFORMATION_CHECK",
"components": [
{
"name": "id",
"subResult": "Y"
},
{
"name": "symbol",
"subResult": "Y"
},
{
"name": "name",
"subResult": "Y"
}
]
}
{
"result": "N",
"components": [
{
"subResult": "N",
"name": "ID_NUMBER"
}
],
"spoofType": "INFORMATION_CHECK",
"name": "commonConsistencyCheck"
},
{
"result": "N",
"components": [
{
"subResult": "N",
"name": "NAME"
},
{
"subResult": "Y",
"name": "SEX"
}
],
"spoofType": "INFORMATION_CHECK",
"name": "mrzVisualConsistencyCheck"
}
],
"securityFeaturesResult": {
"LASER_IMAGE_1_SCORE":95,
"LASER_IMAGE_1_THRESHOLD":90,
"LASER_IMAGE_1_PASSED":"True",
"HOLOGRAM_SCORE":95,
"HOLOGRAM_THRESHOLD":90,
"HOLOGRAM_PASSED":"True",
"STEREO_LASER_PORTRAIT_SCORE":95,
"STEREO_LASER_PORTRAIT_THRESHOLD":90,
"STEREO_LASER_PORTRAIT_PASSED":"True",
"LASER_IMAGE_2_SCORE":95,
"LASER_IMAGE_2_THRESHOLD":90,
"LASER_IMAGE_2_PASSED":"True",
"OVERALL_SCORE":95,
"OVERALL_THRESHOLD":90,
"OVERALL_PASSED":"True"
},
"docErrorDetails": "BLUR"
},
"extRiskInfo": {
"ekycResultRisk": "Pending",
"strategyPassResult": "ID_NETWORK_HIGH_RISK",
"idNetworkDetails": "[{\"ekyc_id\":\"\",\"mobile\":\"\",\"reason_code\":[\"SIMILAR_FACE\"],\"type\":\"Fake ID\",\"user_id\":\"idn-z8Cuj\"}]"
"deeperRiskResult":"Success",
"deeperRiskResultDescription":"",
"advancedIdnDetail": {
"itemId": "AIN20240823437824356351",
"riskDetails": [
{
"riskData": [
"AIN20240823437671943639"
],
"subType": "SamePersonDifferentFace",
"type": "IDFAKE"
},
{
"riskData": [
"AIN20240823437672383752",
"AIN20240822429059966837"
],
"subType": "SamePersonDifferentIdNumber",
"type": "IDFAKE"
}
]
}
},
"extCustomInfo": {"h5Degraded":"Y"}
}
Please note that "securityFeaturesResult" field is deprecated, refer to Hong Kong Document SecurityFeature Upgrade Notification - July 31, 2024 . For the sake of API compatibility, this field will remain in the response. We include it in the examples to demonstrate what the actual response looks like. Please do not consume it under any circumstances.
More information
ExtBasicInfo
The following table shows the fields that can be specified in the ExtBasicInfo data model.
Field name | Data type | Description |
certType | String | ID type. Specifies the type of the identity document. Required if the document verification process runs successfully. |
certNo | String | ID number. Specifies the ID number that is recognized from the identity document. Required if the document verification process runs successfully. |
certName | String | ID name. Specifies the name that is recognized from the identity document. Required if the document verification process runs successfully. |
ExtFaceInfo
The following table shows the fields that can be specified in the ExtFaceInfo data model.
Field name | Data type | Description |
ekycResultFace | String | Specifies the result of the face verification process. Possible values and their meanings are as below:
Required if the face verification process runs successfully. |
faceScore | Integer | Specifies the score that indicates a result of comparing the live face (selfie) against the one that is recognized from the identity document. The value of this field is in the range of 0-100. Note: The faceScore field is returned only if the face image is collected successfully. |
faceImg | String | The face selfie image, which is encoded in base64. This field is specified only when the value of the isReturnImage field in the request is set to |
extraImages | Map<String,String> | Contain the extra face images specified in request.extraImageControlList. Key is the value specified in request.extraImageControlList. Value is the image content encoded in base64. If the requested image is not found, the value will be "". |
faceQuality | Double | Specifies the quality score of the face selfie image. Required if the face verification process runs successfully. The value of this field is in the range of 0-100. |
faceLivenessResult | String | Specifies whether the face selfie image is detected as a fake face attack by using the face liveness check algorithm. If the image is not a fake face attack, the value of |
estimatedAge | Integer | Specifies estimated age based on the face selfie image. Notes:
|
faceAttribute | Specifies the result of face attribute detection. For more details, please refer to the faceAttribute. Note: This field is returned only when the faceAttributeCheck parameter is passed in and | |
deeperFaceResult | String | Optional. Specifies the deeper face detection result. It is returned when
|
deeperFaceResultDescription | String | Optional. Specifies the detail descriptions of the deeper face detection result when |
deviceRisk | DeviceRisk | Optional. Returned device risk information. This field is only returned when you purchase Deeper product and the |
faceAttribute
Field name | Data type | Description |
occlusionMouthResult | String | Specifies mouth occlusion detection result.
|
occlusionForeheadResult | String | Specifies forehead occlusion detection result.
|
occlusionResult | String | Specifies overall occlusion detection result.
|
occlusionChinResult | String | Specifies chin occlusion detection result.
|
occlusionEyesResult | String | Specifies eyes occlusion detection result.
|
occlusionNoseResult | String | Specifies nose occlusion detection result.
|
occlusionCheekResult | String | Specifies cheek occlusion detection result.
|
maskResult | String | Specifies mask detection result.
|
glassesResult | String | Specifies glasses detection result.
|
hatResult | String | Specifies hat detection result.
|
DeviceRisk
Field name | Data type | Description |
riskLevel | Integer | Optional. Risk levels and corresponding recommendations:
|
ExtIdInfo
The following table shows the fields that can be specified in the ExtIdInfo data model.
Field name | Data type | Description |
ekycResultDoc | String | Specifies the result of the document verification process. Possible values and their meanings are as below:
Required if the document verification process runs successfully. |
docEdition | Integer | Specifies the edition of the identity document.
|
frontPageImg | String | The frontside image of the identity document. The image must be encoded in base64. This field is specified only when the value of the isReturnImage field in the request is set to |
backPageImg | String | The backside image of the identity document (if any). The image must be encoded in base64. This field is specified only when the value of the isReturnImage field in the request is set to |
extraImages | Map<String,String> | Contain extra doc images specified in request.extraImageControlList and request.cropImage parameter. Key is the value specified in request.extraImageControlList if request.extraImageControlList is not blank. Possible Key values if request.cropImage is not blank:
Value is the image content encoded in base64. If the requested image is not found, the value will be "". |
ocrResult | Map | The OCR result, which contains information about the identity. Required if the document verification process runs successfully. Depending on the type of the identity document, different sets of identity information are recognized. For more information, see Document types supported and OCR results returned. |
ocrResultDetail | Map<String, OcrResultDetail> | OCR result details. This field is returned only when |
spoofResult | Map | Optional. The spoofing check result, which contains information about the check results in terms of tampering, authenticity of the document material, and screen recapture. For more information, see spoofResult. |
extraSpoofResultDetails | List<ExtraSpoofResultDetail> | Optional. Extra document spoof detection result details. For more details, see extraSpoofResultDetails. |
securityFeaturesResult | Map | This field is deprecated, please refer to Hong Kong Document SecurityFeature Upgrade Notification - July 31, 2024 for more information. |
docErrorDetails | String | Optional. Specifies the error details of the document verification process. Possible values and their meanings are as below:
|
spoofResult
The following table shows the detailed information that is included in a spoofing check result.
Field name | Data type | Description |
TAMPER_CHECK | String | Required. Specifies whether the input identity document passes the tampering check. If the identity document does not pass the check, which means it is detected as tampered, the value of |
MATERIAL_CHECK | String | Required. Specifies whether the material of the identity document passes the authenticity check. If the material of the identity document does not pass the check, for example, detected in black and white, the value of |
SCREEN_RECAPTURE_CHECK | String | Required. Specifies whether the identity document passes the screen recapture check. If the identity document does not pass the check, which means the image uploaded is detected as an image recaptured from a screen, the value of |
INFORMATION_CHECK | String | (Optional) Currently only support HKIDs (both the old and new versions). Indicate whether the identity document passed information check. Returned only if the "returnFiveCategorySpoofResult" parameter is set to " Possible values include:
|
SECURITY_FEATURE_CHECK | String | (Optional) Currently only support HKIDs (both the old and new versions) and MyKad. Indicate whether the identity passed security feature check. Returned only if the "returnFiveCategorySpoofResult" parameter is set to " Possible values include:
|
extraSpoofResultDetails
The following table shows the data structure of an element of the spoofResultDetails array.
Field name | Data type | Description |
name | String | Required. Indicate the name of the detailed document spoof check. For example, "landmarkCheckResult", "hologramCheckResult" |
result | String | Required. Indicate the result of the detailed document spoof check. Possible values include:
|
spoofType | String | Required. Indicate the detailed document spoofing check category. Possible values include:
|
components | Array | Required. Contain check result of each components. It will always be returned. If there is only one component check specified, the array will return one element. |
components.name | String | Required. Indicate the name of the component. To understand possible values, please refer to the spoofing check details document for more information. |
components.subResult | String | Required. Indicates the result of the component.
|
securityFeaturesResult
This field is deprecated, please refer to Hong Kong Document SecurityFeature Upgrade Notification - July 31, 2024 for more information.
ExtRiskInfo
The following table shows the fields that can be specified in the ExtRiskInfo data model.
Field name | Data type | Description |
ekycResultRisk | String | Specifies the result of the risk control process. Possible values and their meanings are as below:
|
strategyPassResult | String | Specifies the result of risk check. Required if the risk control process runs successfully. Possible values and their meanings are as below:
|
idNetworkDetails | String | Optional. Specifies the detailed information about the ID Network output, this field is a JSON string that comes from the JSON serialization result of the IdNetworkDetails structure, please refer to IdNetworkDetails. Note: This field is specified only when the strategyPassResult field returns as |
otherRiskReasonDetails | String | Optional. Specifies the detailed outputs of risk engines other than ID Network. For example, in the case of blacklist hits, the structure of this field will be like: { "BLACKLIST_HIGH_RISK": { "CERT": [ {"listId":"xx","transactionId":"xx","itemId":xx,"similarScore":xx} ], "FACE":[ {"listId":"xx","transactionId":"xx","itemId":"xx","similarScore":xx} ] } } |
deeperRiskResult | String | Optional. Specifies the deeper risk detection result. It is returned when
|
deeperRiskResultDescription | String | Optional. Specifies the detail descriptions of the deeper risk detection result when |
advancedIdnDetail | AdvancedIdnDetail | Optional. Advanced IDN result details. This field is only returned when you purchase Advanced IDN and either the |
IdNetworkDetails
Field name | Data type | Description |
ekyc_id | String | Optional. Deprecated field. Specifies eKYC ID. |
mobile | String | Optional. Deprecated field. Specifies mobile phone number. |
reason_code | Array | Optional. Specifies causes of risk:
|
type | String | Optional. Specifies the type of risks triggered:
|
score | String | Optional. Reserved field. When the value of Note: Please don't rely on this field. |
user_id | String | Optional. Merchant user ID, or other identifiers that can be used to identify a specific user. |
Note: The IDN embedded in RealID is a streamlined version of IDN that contains only some of IDN, and thus is called IDN Lite.
- For all functions of IDN, please refer to IDN API Documentation.
- To understand the differences between IDN Lite and IDN, please refer to IDN Lite vs IDN: What are the differences?
Introduction to risk types and reason codes
IdNetwork supports 2 types of major risk detection:
- Fake ID (tampering with document information)
- Duplicated ID (multiple documents for the same person)
The risk types and reason codes details are shown in the table below:
Risk type | Reason code | Description |
Fake ID | SIMILAR_FACE | Same face, different ID numbers (same ID type). |
SAME_CERT_NO | Same ID number (same ID type), different faces. | |
Duplicated ID | SIMILAR_FACE | Same face, different ID types. |
AdvancedIdnDetail
Field name | Data type | Description |
itemId | String | Optional. The record ID added to the ID Network database. Please keep this record ID for subsequent risk queries. |
riskDetails | List<RiskDetail> | Optional. For details on the risks currently faced by the merchant, see RiskDetail. |
RiskDetail
Field name | Data type | Description | Example |
type | String | Returned risk type. For more details, see IDN Risk introduction. | "IDFAKE" |
subType | String | Returned sub-risk type. For more details, see IDN Risk introduction. | "SameFaceDifferentIdNumber" |
riskData | List<String> | Returned risk data with an itemId array. | ["AIN20220727890199220364"] |
ExtCustomInfo
Field name | Data type | Description |
h5Degraded | String | Specifies whether degraded mode is enabled. Possible values include:
Note: This field is returned only when the |
Version
Date | Change log |
August 1,2024 | Deeper related interface information changes |
28 March, 2024 | New output parameter faceAttribute is added. |
30 November, 2023 | IdNetworkDetails and Introduction to risk types and reason codes are added |
22 May, 2022 | New input parameters of extraImageControlList, returnFiveCategorySpoofResult and new output parameters of extraImages, extraSpoofResultDetails are added. |
23 October, 2020 | OCR result keys for China identity card are added. |
8 September, 2020 | Two more types of identity documents are supported: Malaysia MyKad and Macau identity card. |
30 July, 2020 |
|
21 May, 2020 |
|
27 December, 2019 | The letter case convention of the parameter name is updated. |
06 December, 2019 | Released. |