NAV
php

Introduction

The Shufti Pro Document Verification API is very simple to use. In fact it just takes 3 steps to verify a document.

  1. You redirect your customer to our site (using an iframe or on a separate page or seamlessly integrated into your site) along with all the request details as defined in the next section.

  2. The User shows his/her face and then shows the required document e.g. Credit/Debit card, Passport, Driving License or National ID card.

  3. Shufti Pro verifies the required data like the name on the passport and the date of birth etc and send response at provided callback URL also redirects the user back to your website along with all the responses and results as laid out further on.

Card Present Verification

Sample Request


<?php
$url = 'https://verify.shuftipro.com/'; //Target URL

$method = 'CPV; //Verification Method
$client_id = 1; //Your merchant id provided by shuftipro
$request_ref_number = 'TREF007'; //Unique reference number
$secret_key = '1234567890';// API Secret Key provided by Shuftipro
$card_first_6_digits = 123456;
$card_last_4_digits = 0000;
$ttl = 10;
$phone_number = '+440000000000';
$country = 'GB'; //Country iso2 
$callback_url = 'https://demo.shuftipro.com/callback.php';
$redirect_url = 'https://demo.shuftipro.com/response.php';
$control_value = sha256($client_id . $request_ref_number . $card_first_6_digits . $card_last_4_digits . $ttl . $phone_number . $country . $callback_url . $redirect_url . $secret_key);
$apiURL = $url . '?method=' . $method . '&client_id=' . $client_id . '&request_ref_number=' . $request_ref_number . '&card_first_6_digits=' . $card_first_6_digits . '&card_last_4_digits=' . $card_last_4_digits . '&ttl=' . $ttl . '&phone_number=' . $phone_number . '&country=' . $country . '&callback_url=' . $callback_url . '&redirect_url=' . $redirect_url . '&control_value=' . $control_value;
header('Location: ' . $apiURL); // Forward customer to Shufti Pro for verification
?>

Sample Response

<?php

Array(
    'request_ref_number' => 'TREF007',
    'response_ref_number' => 1,
    'status_code' => 'CPV01',
    'message' => 'Document verified successfully',    
    'confidence_level' => '90',    
    'control_value' => '???'
);

//Calculate control value to validate data
$your_control_value = sha256(request_ref_number . response_ref_number . status_code . message . confidence_level . secret_key);

//Compare your control value with control value received with response data. 
//If control values didn't match it means data is corrupted

if ($your_control_value != control_value){
    die ("Data is corrupted");
}

?>

Card present verification api will verify credit/debit card . It will take snaps of presented card and will match first 6 and last 4 digits on card.

Request

Parameter Type Required Description
method string Yes CPV
client_id integer Yes Merchant Id assigned to you by Shufti Pro.
request_ref_number string Yes Your unique reference id which we’ll sent you back when verification is done.
card_first_6_digits integer Yes First 6 digits of customer’s credit/debit card number.
card_last_4_digits integer Yes Last 4 digits of customer’s credit/debit card number.
ttl Integer No TTL value is the number of seconds after which we’ll redirect customer back to your redirect url even s/he has not completed verification process. By default its 10 minutes after which we forcefully redirect your customer back to your website.
phone_number integer Yes Customer’s phone number with country code. Example: +440000000000
country string Yes Full Country name or ISO2 Code. Example: United Kingdom or GB
callback_url url Yes Once the verification process is completed, we make a server to server call, it includes all the response values, so you can update status on your end even the customer was lost in the midway. Please verify the response’s control value with your own calculated control value. See example on your right hand please.
redirect_url url Yes Once the verification process is completed, we redirect customer back to your given redirect url. In this redirect request, you’ll also get all the response values, so you can make your decision. Please verify the response’s control value with your own calculated control value. See example on your right hand please.
control_value string Yes sha256(client_id + request_ref_number + card_first_6_digits + card_last_4_digits + ttl + phone_number + country + callback_url + redirect_url + secret_key);

Response

Api response may contain following fields

Parameter Description
request_ref_number Your unique reference id which we received with request.
response_ref_number Unique reference number for each request.
status_code Status code represents success and failure of verification process. To know more about status codes please Click Here.
message Human readable message which represents verification status
confidence_level Indicates percentage of system’s confidence level about current approved card.
control_value sha256(request_ref_number + response_ref_number + status_code + message + confidence_level + secret_key);

Passport Verification

Sample Request

SendRequest.php

<?php
$url = 'https://verify.shuftipro.com/'; //Target URL

$method = 'PV; //Verification Method
$client_id = 1; //Your merchant id provided by shuftipro
$request_ref_number = 'TREF007'; //Unique reference number
$secret_key = '1234567890';// API Secret Key provided by Shuftipro
$first_name = 123456;
$last_name = 0000;
$dob = '1994-02-01';
$ttl = 10;
$phone_number = '+440000000000';
$country = 'GB'; //Country iso2 
$callback_url = 'https://demo.shuftipro.com/callback.php';
$redirect_url = 'https://demo.shuftipro.com/response.php';
$control_value = sha256(client_id . request_ref_number . first_name . last_name . dob + ttl . phone_number . country . callback_url . redirect_url . secret_key);
$apiURL = $url . '?method=' . $method . '&client_id=' . $client_id . '&request_ref_number=' . $request_ref_number . '&first_name=' . $first_name . '&last_name=' . $last_name . '&dob='. $dob. '&ttl=' . $ttl . '&phone_number=' . $phone_number . '&country=' . $country . '&callback_url=' . $callback_url . '&redirect_url=' . $redirect_url . '&control_value=' . $control_value;
header('Location: ' . $apiURL); // Forward customer to Shufti Pro for verification

?>

Sample Response

<?php

Array(
    'request_ref_number' => 'TREF007',
    'response_ref_number' => 1,
    'status_code' => 'CPV01',
    'message' => 'Document verified successfully',    
    'confidence_level' => '90',    
    'control_value' => '???'
);

//Calculate control value to validate data
$your_control_value = sha256(request_ref_number . response_ref_number . status_code . message . confidence_level . secret_key);

//Compare your control value with control value received with response data. 
//If control values didn't match it means data is corrupted

if ($your_control_value != control_value){
    die ("Data is corrupted");
}
?>

Passport verification api will verify customer’s name, nationality and date of birth on passport.

Request

Parameter Type Required Description
method string Yes “PV” Leave it empty if you want your customers to choose verification method e.g. Verifying with their ID card, Passport or Driving License
client_id integer Yes Merchant Id assigned to you by Shufti Pro.
request_ref_number string Yes Your unique reference id which we’ll sent you back when verification is done.
first_name string Yes Customer’s First Name.
last_name string Yes Customer’s Last Name.
phone_number integer Yes Customer’s phone number with country code. Example: +440000000000
country string Yes Customer’s Country name or ISO2 Code. Example: United Kingdom or GB
dob integer Yes Customer’s date of birth (YYYY-MM-DD). Example: 1980-01-31
ttl Integer No TTL value is the number of seconds after which we’ll redirect customer back to your redirect url even s/he has not completed verification process. By default its 10 minutes after which we forcefully redirect your customer back to your website.
callback_url url No Once the verification process is completed, we make a server to server call, it includes all the response values, so you can update status on your end even the customer was lost in the midway. Please verify the response’s control value with your own calculated control value. See example on your right hand please.
redirect_url url Yes Once the verification process is completed, we redirect customer back to your given redirect url. In this redirect request, you’ll also get all the response values, so you can make your decision. Please verify the response’s control value with your own calculated control value. See example on your right hand please.
control_value string Yes sha256(client_id + request_ref_number + first_name + last_name + dob + ttl + phone_number + country + callback_url + redirect_url + secret_key);

Response

Api response may contain following fields

Parameter Description
request_ref_number Your unique reference id which we received with request.
response_ref_number Unique reference number for each request.
status_code Status code represents success and failure of verification process. To know more about status codes please Click Here.
message Human readable message which represents verification status
confidence_level Indicates percentage of system’s confidence level about current approved card.
control_value sha256(request_ref_number + response_ref_number + status_code + message + confidence_level + secret_key);

Driving License Verification

Sample Request

SendRequest.php

<?php
$url = 'https://verify.shuftipro.com/'; //Target URL

$method = 'DLV; //Verification Method
$client_id = 1; //Your merchant id provided by shuftipro
$request_ref_number = 'TREF007'; //Unique reference number
$secret_key = '1234567890';// API Secret Key provided by Shuftipro
$first_name = 123456;
$last_name = 0000;
$dob = '1994-02-01';
$ttl = 10;
$phone_number = '+440000000000';
$country = 'GB'; //Country iso2 
$callback_url = 'https://demo.shuftipro.com/callback.php';
$redirect_url = 'https://demo.shuftipro.com/response.php';
$control_value = sha256(client_id . request_ref_number . first_name . last_name . dob + ttl . phone_number . country . callback_url . redirect_url . secret_key);
$apiURL = $url . '?method=' . $method . '&client_id=' . $client_id . '&request_ref_number=' . $request_ref_number . '&first_name=' . $first_name . '&last_name=' . $last_name . '&dob='. $dob. '&ttl=' . $ttl . '&phone_number=' . $phone_number . '&country=' . $country . '&callback_url=' . $callback_url . '&redirect_url=' . $redirect_url . '&control_value=' . $control_value;
header('Location: ' . $apiURL); // Forward customer to Shufti Pro for verification
?>

Sample Response

response.php

<?php

Array(
    'request_ref_number' => 'TREF007',
    'response_ref_number' => 1,
    'status_code' => 'CPV01',
    'message' => 'Document verified successfully',
    'confidence_level' => '90',    
    'control_value' => '???'
);

//Calculate control value to validate data
$your_control_value = sha256(request_ref_number . response_ref_number . status_code . message . confidence_level . secret_key);

//Compare your control value with control value received with response data. 
//If control values didn't match it means data is corrupted

if ($your_control_value != control_value){
    die ("Data is corrupted");
}
?>

Driving License verification api will verify customer’s name, nationality and date of birth on driving license.

Request

Parameter Type Required Description
method string Yes “DLV” Leave it empty if you want your customers to choose verification method e.g. Verifying with their ID card, Passport or Driving License
client_id integer Yes Merchant Id assigned to you by Shufti Pro.
request_ref_number string Yes Your unique reference id which we’ll sent you back when verification is done.
first_name string Yes Customer’s First Name.
last_name string Yes Customer’s Last Name.
phone_number integer Yes Customer’s phone number with country code. Example: +440000000000
country string Yes Customer’s Country name or ISO2 Code. Example: United Kingdom or GB
dob integer Yes Customer’s date of birth (YYYY-MM-DD). Example: 1980-01-31
ttl Integer No TTL value is the number of seconds after which we’ll redirect customer back to your redirect url even s/he has not completed verification process. By default its 10 minutes after which we forcefully redirect your customer back to your website.
callback_url url Yes Once the verification process is completed, we make a server to server call, it includes all the response values, so you can update status on your end even the customer was lost in the midway. Please verify the response’s control value with your own calculated control value. See example on your right hand please.
redirect_url url Yes Once the verification process is completed, we redirect customer back to your given redirect url. In this redirect request, you’ll also get all the response values, so you can make your decision. Please verify the response’s control value with your own calculated control value. See example on your right hand please.
control_value string Yes sha256(client_id + request_ref_number + first_name + last_name + dob + ttl + phone_number + country + callback_url + redirect_url + secret_key);

Response

Api response may contain following fields

Parameter Description
request_ref_number Your unique reference id which we received with request.
response_ref_number Unique reference number for each request.
status_code Status code represents success and failure of verification process. To know more about status codes please Click Here.
message Human readable message which represents verification status
confidence_level Indicates percentage of system’s confidence level about current approved card.
proof A URL for the proof of approved/verified images.
video_proof A video stream URL for the proof of all recorded images.
control_value sha256(request_ref_number + response_ref_number + status_code + message + confidence_level + secret_key);

ID card Verification

Sample Request

SendRequest.php

<?php
$url = 'https://verify.shuftipro.com/'; //Target URL

$method = 'IDV; //Verification Method
$client_id = 1; //Your merchant id provided by shuftipro
$request_ref_number = 'TREF007'; //Unique reference number
$secret_key = '1234567890';// API Secret Key provided by Shuftipro
$first_name = 123456;
$last_name = 0000;
$dob = '1994-02-01';
$ttl = 10;
$phone_number = '+440000000000';
$country = 'GB'; //Country iso2 
$callback_url = 'https://demo.shuftipro.com/callback.php';
$redirect_url = 'https://demo.shuftipro.com/response.php';
$control_value = sha256(client_id . request_ref_number . first_name . last_name . dob + ttl . phone_number . country . callback_url . redirect_url . secret_key);
$apiURL = $url . '?method=' . $method . '&client_id=' . $client_id . '&request_ref_number=' . $request_ref_number . '&first_name=' . $first_name . '&last_name=' . $last_name . '&dob='. $dob. '&ttl=' . $ttl . '&phone_number=' . $phone_number . '&country=' . $country . '&callback_url=' . $callback_url . '&redirect_url=' . $redirect_url . '&control_value=' . $control_value;
header('Location: ' . $apiURL); // Forward customer to Shufti Pro for verification
?>

Sample Response

<?php

Array(
    'request_ref_number' => 'TREF007',
    'response_ref_number' => 1,
    'status_code' => 'CPV01',
    'message' => 'Document verified successfully',    
    'confidence_level' => '90',    
    'control_value' => '???'
);

//Calculate control value to validate data
$your_control_value = sha256(request_ref_number . response_ref_number . status_code . message . confidence_level . secret_key);

//Compare your control value with control value received with response data. 
//If control values didn't match it means data is corrupted

if ($your_control_value != control_value){
    die ("Data is corrupted");
}
?>

ID card verification api will verify customer’s name, nationality and date of birth on id card.

Request

Parameter Type Required Description
method string Yes “IDV” Leave it empty if you want your customers to choose verification method e.g. Verifying with their ID card, Passport or Driving License
client_id integer Yes Merchant Id assigned to you by Shufti Pro.
request_ref_number string Yes Your unique reference id which we’ll sent you back when verification is done.
first_name string Yes Customer’s First Name.
last_name string Yes Customer’s Last Name.
phone_number integer Yes Customer’s phone number with country code. Example: +440000000000
country string Yes Customer’s Country name or ISO2 Code. Example: United Kingdom or GB
dob integer Yes Customer’s date of birth (YYYY-MM-DD). Example: 1980-01-31.
ttl Integer No TTL value is the number of seconds after which we’ll redirect customer back to your redirect url even s/he has not completed verification process. By default its 10 minutes after which we forcefully redirect your customer back to your website.
callback_url url Yes Once the verification process is completed, we make a server to server call, it includes all the response values, so you can update status on your end even the customer was lost in the midway. Please verify the response’s control value with your own calculated control value. See example on your right hand please.
redirect_url url Yes Once the verification process is completed, we redirect customer back to your given redirect url. In this redirect request, you’ll also get all the response values, so you can make your decision. Please verify the response’s control value with your own calculated control value. See example on your right hand please.
control_value string Yes sha256(client_id + request_ref_number + first_name + last_name + dob + ttl + phone_number + country + callback_url + redirect_url + secret_key);

Response

Api response may contain following fields

Parameter Description
request_ref_number Your unique reference id which we received with request.
response_ref_number Unique reference number for each request.
status_code Status code represents success and failure of verification process. To know more about status codes please Click Here.
message Human readable message which represents verification status
confidence_level Indicates percentage of system’s confidence level about current approved card.
control_value sha256(request_ref_number + response_ref_number + status_code + message + confidence_level + secret_key);

Status Codes

Status Code Meaning
CPV01 Document verified successfully
CPV03 Customer didn’t authorise verification
CPV05 Customer closed his/her browser
CPV14 Duplicate transaction reference number
CPV62 Verification declined - Insufficient account balance
CPV63 Verification declined - Couldn’t detect customer'’s face
CPV64 Verification Declined: Couldn’t detect document
CPV65 Verification declined - Credit/Debit card number didn’t match
CPV67 Verification declined - Name on passport didn’t match
CPV68 Verification declined - Date of birth didn’t match
CPV69 Verification declined - Name on Driving License didn’t match
CPV70 Verification declined - Name on Id Card didn’t match
php