FAQs

User verification is the process of confirming that a person is who they claim to be. It typically involves checking a government-issued ID, matching the ID photo against a live selfie or biometric capture, and screening the individual against global watchlists. Businesses use it to prevent fraud, meet regulatory requirements like KYC, and build trust with legitimate customers from the first interaction.

Without reliable user verification, your business is exposed to identity fraud, regulatory penalties, and the revenue loss that comes from onboarding bad actors. Regulators across financial services, crypto, gaming, and other industries mandate identity checks under frameworks like FATF, AMLD6, and FinCEN’s CDD Rule. Beyond compliance, strong verification reduces chargebacks, prevents account takeover, and increases customer trust — which directly impacts conversion and retention.

Yes. Shufti’s verification flows are fully optimised for mobile. Users can capture documents, complete face scans, and finish the entire verification process from their smartphone or tablet browser — no app download required. The mobile experience is designed to minimise friction and reduce drop-offs during onboarding.

Yes. Shufti offers AI-powered face verification that matches a user’s live selfie or biometric capture against their government-issued ID photo. The system includes liveness detection to prevent spoofing with printed photos, screen replays, or deepfakes. This combination of biometric matching and liveness checking provides a high level of assurance that the person on the other end is real and present.

Shufti supports 10,000+ document types from 240+ countries and territories. This includes passports, national ID cards, driving licences, residence permits, and other government-issued documents. The platform automatically detects the document type and extracts relevant data fields, so your customers aren’t limited to a narrow set of accepted IDs.

PEP and sanctions screening run as part of the KYC workflow. When a customer submits their identity documents, Shufti automatically screens their name and details against 1,700+ global watchlists, including sanctions lists, PEP databases, and adverse media sources. If a match is found, the case is flagged in your dashboard for compliance review — no separate tool or manual lookup required.

That’s exactly what Shufti is built for. Whether your clients are in London, Lagos, or Lima, they can complete identity verification remotely using their smartphone or computer. The process covers document verification, biometric face matching, and liveness detection — all done digitally, without any in-person visit.

Yes. Shufti provides RESTful APIs and webhooks that allow you to push verification results directly into your CRM, core banking system, or any internal tool. This means verification outcomes, risk scores, and customer data can flow into your existing workflows automatically, removing the need for manual data entry or switching between platforms.

Absolutely. Shufti’s workflow builder lets you configure additional verification steps based on the customer’s jurisdiction, risk profile, or other criteria. For applicants from high-risk regions, you can trigger Enhanced Due Diligence (EDD), require additional document types, or add video verification — all without changing the experience for your low-risk customers.

When a KYC check fails, the result is logged in your dashboard with a clear reason code (e.g., document expired, face mismatch, watchlist hit). Depending on your configuration, the customer can be prompted to resubmit, or the case can be routed to your compliance team for manual review. Failed verifications are fully documented, so you have an audit trail regardless of the outcome.

The user uploads or captures an image of their identity document. Shufti’s AI then classifies the document type, extracts data fields (name, date of birth, document number, expiry date), and runs a series of authenticity checks. These checks look for signs of tampering, digital manipulation, missing security features, and inconsistencies between fields. The entire process typically completes in seconds.

Shufti supports 10,000+ document types from 240+ countries — passports, national IDs, driving licences, residence permits, utility bills, and more — across multiple languages and scripts.

Yes. Shufti’s document verification includes AI-powered forgery detection that identifies digitally manipulated, AI-generated, or synthetically created documents. The system analyses pixel-level inconsistencies, font anomalies, and security feature patterns that are typically disrupted in forged or AI-generated documents. This layer of protection is increasingly important as generative AI tools make document forgery more accessible.

Age verification confirms a user’s exact date of birth using a government-issued document (passport, ID card, driving licence). Age estimation uses facial analysis to approximate a user’s age range without requiring a document. Shufti supports both methods, and many businesses use them in combination — estimation as a low-friction first step, with document-based verification triggered only when the estimated age falls near a regulatory threshold.

When a user’s estimated age falls within a configurable buffer zone around the age threshold (e.g., the system estimates 17–19 and the threshold is 18), Shufti can automatically escalate to document-based age verification. This approach balances user experience with regulatory compliance — most adults pass through quickly, while borderline cases get an extra check.

Shufti’s age verification is designed to support compliance with the UK’s Age Appropriate Design Code and other age-gating regulations, including the EU’s Digital Services Act and various US state-level age verification laws. The platform provides both estimation and document-based methods, giving businesses the flexibility to deploy the approach that aligns with their regulatory obligations.

Yes. Shufti offers face-based age estimation that can approximate a user’s age from a selfie, without the need for any identity document. This method is particularly useful for platforms that need to age-gate content or services while keeping the onboarding experience as frictionless as possible. When a higher level of assurance is needed, the system can prompt for document-based verification as a follow-up.

If the initial age check is inconclusive — due to image quality, an ambiguous age estimate, or a document issue — the system can be configured to prompt the user for an alternative verification method. For example, a failed age estimation can trigger a document upload request. The outcome and reason code are logged in your dashboard so your compliance team has full visibility.

Yes. Shufti’s API delivers age verification results that you can feed directly into your content management, access control, or payment gating systems. This allows you to automatically restrict or unlock content, features, or purchasing options based on verified age status — keeping your platform compliant without requiring manual intervention at every access point.

Shufti accepts a range of address proof documents, including utility bills, bank statements, tax documents, government correspondence, and tenancy agreements. The document must typically show the user’s full name, residential address, and be dated within a recent timeframe (usually the last three months, though this varies by regulation).

In some cases, yes. Shufti supports electronic address verification using authoritative databases and public records, which can confirm an individual’s address without requiring them to upload a document. This method is faster and lower-friction for the user, though document-based verification may still be required in jurisdictions with stricter regulatory requirements.

It depends on the jurisdiction and the risk level of the customer. Many AML/KYC frameworks — including FATF recommendations and EU AML directives — require businesses to verify a customer’s residential address as part of Customer Due Diligence (CDD). For high-risk customers or those subject to Enhanced Due Diligence (EDD), address verification is almost always mandatory.

If a document is rejected, the user is typically notified with a reason (e.g., document too old, address not clearly visible, wrong document type). They can then resubmit a valid document. The rejection is logged in the dashboard so your compliance team can see the full history of the verification attempt, including what was submitted and why it was declined.

Shufti uses a combination of government registries, postal databases, utility records, and third-party data providers to validate addresses across 240+ countries. The specific sources vary by country, but the goal is the same: cross-reference the submitted address against trusted, up-to-date records to confirm it belongs to the individual being verified.

Shufti’s address verification is designed to support compliance with major global frameworks, including FATF recommendations, EU AML directives, FCA guidance (UK), and FinCEN requirements (US). The platform gives you the flexibility to configure address checks based on the specific regulatory obligations of the jurisdictions you operate in.

Face verification ties a real, living person to their identity documents. A stolen passport or a leaked ID scan can be used by a fraudster — but matching a live selfie to the document photo adds a layer of assurance that the person presenting the ID is actually its rightful owner. For businesses, this reduces account takeover, synthetic identity fraud, and onboarding risk.

It confirms the person requesting access is the document's rightful owner. Liveness detection and deepfake analysis catch synthetic or AI-generated faces, stopping takeover attempts at login or high-risk transaction points before any damage occurs.

The system combines biometric face matching with liveness detection and deepfake analysis. Even if a fraudster has a high-quality photo or an AI-generated face, the liveness layer checks for natural micro-movements, 3D depth cues, and texture patterns that distinguish a real person from a static or synthetic image. Deepfake detection adds another layer by flagging AI-generated manipulations.

Shufti’s facial matching algorithms are trained to account for natural ageing, weight changes, facial hair, and other common appearance variations. The system focuses on stable biometric features — bone structure, eye spacing, and other hard-to-change characteristics — that remain consistent over time. In cases where the appearance change is too significant, the system can flag the case for manual review.

Biometric data captured during face verification is encrypted in transit (TLS) and at rest (AES-256). Shufti follows strict data minimisation principles, and biometric data handling aligns with the requirements of GDPR, SOC 2 Type II, and ISO 27001. Depending on your configuration, biometric data can be purged after verification is complete, so it isn’t stored longer than necessary.

Yes. Shufti supports both uploaded selfie photos and live camera captures for face verification. Live capture is recommended for higher assurance because it enables real-time liveness detection. If your use case allows photo uploads (e.g., for asynchronous verification), the system still runs authenticity checks on the submitted image, though the liveness assurance level will differ.

The system includes an image quality assessment that evaluates brightness, sharpness, and face visibility before processing. If the image quality is too low to produce a reliable match, the user is prompted to retake the capture under better conditions. This pre-check reduces false rejections and avoids wasting the user’s time on a verification that would fail at the matching stage.

Users anywhere in the world can complete face verification from their mobile device or computer — no in-person visit, no appointment, no mailing documents. The process takes seconds and works across all major browsers and operating systems. For businesses with global customer bases, this means faster onboarding without compromising on identity assurance.

Shufti’s VideoIdent solution is designed to align with the KYC/AML requirements set by BaFin (Germany), FMA (Austria), and FINMA (Switzerland). The process includes live agent-assisted or AI-powered video sessions that verify the customer’s identity document, match it to their face, and conduct liveness checks — all within a recorded session that provides auditable proof of compliance.

Yes. Shufti supports multi-language VideoIdent sessions, including German, to serve customers across Germany, Austria, and Switzerland. The platform can be configured to match the session language to the customer’s locale, and agent-assisted sessions can be staffed with German-speaking verification agents when required.

During a VideoIdent session, Shufti runs real-time liveness detection and deepfake analysis alongside the identity document checks. The system monitors for injection attacks, screen replay attempts, and AI-generated face manipulations throughout the session. In agent-assisted mode, a trained human verifier adds an additional layer of scrutiny that automated-only systems miss.

Yes. VideoIdent can serve as a high-assurance KYC channel that satisfies both standard Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) requirements. The recorded session, combined with document verification, biometric matching, and liveness detection, provides the level of evidence regulators expect for higher-risk customer segments.

Absolutely. VideoIdent is widely used by banks, neobanks, and crypto exchanges for regulatory onboarding, particularly in jurisdictions that accept or require video-based identity verification. The recorded session provides a compliance trail that satisfies audit requirements under frameworks like AMLD6, BaFin’s regulations, and FATF recommendations.

Shufti’s deepfake detection uses AI models trained to identify the subtle artefacts that generative AI leaves behind. The system analyses facial texture, lighting consistency, micro-expression patterns, and pixel-level anomalies that are nearly invisible to the human eye but statistically distinct in AI-generated or manipulated media. This runs automatically during face verification and VideoIdent sessions.

Yes. Shufti’s deepfake detection works on both live biometric captures and pre-recorded video or image submissions. The analysis checks for injection attacks (where manipulated content is fed into the camera stream), as well as artefacts in uploaded media that indicate the content was synthetically generated or altered.

The system examines multiple dimensions of the facial capture: skin texture uniformity, eye reflection patterns, boundary blending between the face and background, temporal consistency across video frames, and physiological signals like natural blinking and micro-movements. Deepfakes and face-swaps typically fail on several of these dimensions simultaneously, which is what the model detects.

Deepfake detection closes a critical gap in remote onboarding. As generative AI tools become more accessible, the risk of fraudsters using AI-generated faces or manipulated ID photos during video KYC sessions has increased significantly. Deepfake detection catches these attempts in real time, so businesses can trust that the person on the other end of a video session is genuine.

Yes, in scenarios where customer support includes video or biometric re-verification. If a fraudster attempts to impersonate an account holder using a deepfake during a support call that includes identity confirmation, the detection layer will flag the synthetic media. This is particularly relevant for financial institutions where high-value account changes require re-authentication.

Yes. Shufti supports both passive liveness (which analyses the biometric capture without requiring the user to perform any action) and active liveness (which prompts the user to perform specific movements like turning their head or blinking). Passive liveness is faster and lower-friction; active liveness provides a higher assurance level. You can configure which method to use based on your risk requirements.

Yes. Shufti offers on-premise and private cloud deployment options for organisations that need to keep biometric data and processing within their own infrastructure. This is common in banking, government, and healthcare environments where data residency and sovereignty requirements make cloud-only deployment impractical.

Liveness detection is a technology that confirms a real, live person is present during a biometric capture — rather than a photo, video recording, mask, or AI-generated face. It analyses the captured image or video for signs of life and authenticity, which prevents fraudsters from bypassing face verification using spoofed or synthetic media.

Deepfakes are becoming easier to create and harder to spot with the human eye. Liveness detection provides an automated, AI-powered check that catches synthetic face presentations before they reach the matching stage. Without liveness detection, a face verification system can be fooled by a high-quality deepfake video injected into the camera feed. With it, that attack fails.

Common reasons include poor lighting, the face being too far from or too close to the camera, obstructions like glasses or hats, or a device camera that doesn’t meet minimum quality requirements. In some cases, rapid head movements during active liveness checks can also cause a failure. Try again in a well-lit environment, face the camera directly, and follow any on-screen instructions carefully.

How biometric data is handled depends on the configuration set by the business that requested your verification. Shufti provides options for immediate deletion of biometric data after the check is complete, as well as retention for a defined period if required for audit or compliance purposes. Data handling follows GDPR, SOC 2 Type II, and ISO 27001 standards.

Yes. Shufti’s liveness detection works across iOS and Android devices, as well as desktop browsers with a webcam. The mobile experience is optimised to guide users through the capture process with on-screen prompts, and the processing happens in real time without requiring an app download.

While not all KYC regulations explicitly mandate liveness detection, it is increasingly expected as part of a credible identity verification process. Regulators and auditors recognise that document verification alone is insufficient when presentation attacks and deepfakes are a growing threat. Many regulatory frameworks — including EBA guidelines and FATF recommendations — now reference the need for biometric assurance measures that liveness detection fulfils.

Liveness verification typically completes within seconds. Passive liveness requires no user action beyond facing the camera, so it adds virtually no time to the verification flow. Active liveness, which may prompt the user for a head turn or blink, takes a few seconds longer but still completes in under 10 seconds in most cases.

Yes. Shufti’s liveness and deepfake detection models are continuously updated to address new attack vectors as they emerge. The AI is retrained with the latest spoofing techniques — including 3D-printed masks, advanced deepfakes, and injection attacks — to maintain detection effectiveness as fraudsters evolve their methods.

Shufti screens against 1,700+ global watchlists, including UN, EU, OFAC, and HMT sanctions lists, PEP databases, law enforcement lists, and adverse media sources. The lists are updated continuously, so your screening reflects the most current regulatory data available.

Yes. Shufti’s AML screening uses fuzzy matching algorithms that account for transliterations, spelling variations, phonetic similarities, and common typos. This means a match isn’t missed just because a name was romanised differently or entered with a minor spelling error — a common challenge when screening names that originate in non-Latin scripts.

Yes. The screening engine is designed to match against known aliases, nicknames, maiden names, and alternative name formats listed in global watchlist databases. If a sanctioned individual is known by multiple names across different jurisdictions, the system checks all known variations to reduce the chance of a missed match.

Yes. Shufti supports ongoing AML monitoring, which means your customers are continuously screened against updated sanctions lists, PEP databases, and adverse media sources after onboarding. If a customer’s risk status changes — for example, they appear on a newly published sanctions list — you’re alerted immediately so your team can take action.

False positives are managed through Shufti’s case management system, where flagged matches can be reviewed, annotated, and resolved by your compliance team. The system also allows you to configure matching sensitivity and whitelist verified entities to reduce recurring false positives. Over time, this reduces the operational burden on your team without compromising screening coverage.

AML screening is required for any business classified as a “obligated entity” under applicable regulations. This typically includes banks, payment processors, money service businesses, crypto exchanges, insurance companies, real estate agents, law firms, and other regulated sectors. The specific requirements vary by jurisdiction, but FATF, EU AML directives, BSA/FinCEN (US), and FCA (UK) guidance all mandate sanctions and PEP screening.

Shufti’s AML screening can be triggered via API at any point in your customer lifecycle — during onboarding, at transaction checkpoints, or as part of periodic re-screening. Results are delivered via webhooks or API responses, so they flow directly into your existing compliance tools, case management systems, or internal dashboards without manual transfer.

Shufti’s adverse media screening uses AI to scan global news sources, court records, and regulatory enforcement databases for negative coverage associated with an individual or company. The system categorises findings by risk type — financial crime, fraud, terrorism, corruption — and surfaces relevant hits in your dashboard with source links, so your team can make informed decisions.

When a screening flag is raised, Shufti automatically creates a case in your dashboard with all relevant data: the match details, source list, match confidence score, and customer information. Your compliance officers can review, annotate, escalate, or resolve cases from a single interface. This eliminates the spreadsheet-based or email-driven triage that slows down many compliance teams.

eIDV verifies a person’s identity by cross-referencing their submitted information (name, date of birth, address) against authoritative data sources like government registries, credit bureaus, and telecom records. Unlike standard identity verification, which relies on the user capturing and uploading a physical document, eIDV can confirm identity digitally without requiring a document scan — making it faster and lower-friction for the user.

Yes. Shufti’s eIDV supports a wide range of identity data sources across multiple countries and document types. Whether the verification involves a national ID number, a social insurance number, or a tax identification number, the system routes the check to the appropriate data source for the relevant country.

Shufti’s eIDV covers 240+ countries and territories through a network of authoritative data sources. The exact verification capabilities vary by country (some have richer data sources than others), but the platform provides broad global coverage for businesses operating across multiple jurisdictions.

Yes. Shufti’s eIDV is designed to support compliance with FATF recommendations, EU AML directives (including AMLD6), GDPR data protection requirements, and other major regulatory frameworks. The platform provides the audit trail, data handling controls, and verification evidence that regulators expect during examinations.

eIDV results are typically returned within seconds. Because the process involves querying digital databases rather than processing and analysing a physical document image, it’s one of the fastest verification methods available. This speed advantage is particularly valuable for high-volume onboarding scenarios where every second of friction impacts conversion rates.

Absolutely. Shufti’s workflow builder allows you to combine eIDV with document verification, face verification, liveness detection, AML screening, and other modules in a single verification journey. For example, you might use eIDV as a first-pass check and escalate to document + face verification for customers whose data doesn’t match or who fall into a higher risk tier.

eIDV removes the most friction-heavy step in traditional identity verification: the document capture. Instead of asking users to find their passport, photograph it, and wait for it to be processed, eIDV verifies their identity using data they can type in seconds. This simpler experience directly reduces the abandonment rates that businesses see at the verification step of onboarding.

Shufti’s KYB verification accepts corporate registration certificates, articles of incorporation, tax registration documents, shareholder registers, and other official business documents. The system can process documents from multiple jurisdictions and in various languages, extracting key data points like company name, registration number, and director information.

Shufti’s KYB covers businesses registered across a wide range of global jurisdictions. The platform accesses company registries, corporate databases, and regulatory filings to verify business entities, their ownership structures, and their directors. Coverage is continuously expanding as new jurisdictions and data sources are integrated.

Yes. As part of the KYB process, Shufti automatically screens directors, officers, and identified Ultimate Beneficial Owners (UBOs) against 1,700+ global watchlists, PEP databases, sanctions lists, and adverse media sources. This ensures that the people behind the business entity are also vetted — not just the company itself.

Shufti’s KYB verification cross-references submitted company information against official registries and public records to identify inconsistencies that may indicate shell companies, dormant entities, or fraudulently registered businesses. Red flags like mismatched addresses, missing directors, or recently incorporated entities in high-risk jurisdictions are surfaced for your compliance team to review.

Yes. Shufti can trace and verify multi-layer corporate ownership structures to identify Ultimate Beneficial Owners (UBOs), even when ownership is spread across multiple subsidiaries or holding companies. This capability is critical for meeting the beneficial ownership requirements under AMLD6, FinCEN’s Beneficial Ownership Rule, and FATF recommendations.

Shufti’s business registry data is updated on an ongoing basis, with refresh frequencies that depend on the specific registry and jurisdiction. Major registries (Companies House, SEC, etc.) are monitored for updates regularly. For time-sensitive use cases, Shufti can also perform real-time lookups directly against source registries where API access is available.

Yes. Shufti’s KYB is fully accessible via API, allowing you to automate the entire business verification workflow — from company data submission to registry lookup, document verification, UBO identification, and AML screening on directors. This means KYB can run as a seamless part of your B2B onboarding process without manual intervention.

Shufti protects sensitive corporate data with encryption in transit (TLS) and at rest (AES-256), role-based access controls, and audit logging. The platform is SOC 2 Type II and ISO 27001 certified, and data handling practices align with GDPR requirements. Corporate documents and verification records are stored securely and accessible only to authorised users within your organisation.

Yes. Shufti screens business entities — not just individuals — against global sanctions lists, enforcement databases, and adverse media sources. This is important because sanctions and regulatory actions are often directed at corporate entities, and missing a sanctioned company can carry the same penalties as missing a sanctioned individual.

Yes. Beyond the initial verification at onboarding, Shufti supports ongoing monitoring that continuously screens your customers against updated watchlists, sanctions databases, PEP lists, and adverse media sources. This means you’re not relying solely on a one-time check — your compliance posture stays current as your customers’ risk profiles evolve.

Shufti supports 10,000+ document types from 240+ countries and territories. This includes passports, national ID cards, driving licences, residence permits, visa stickers, and other government-issued identity documents. The platform automatically detects the document type and extracts relevant fields, so you don’t need to maintain separate configurations for each document.

Shufti’s workflow builder lets you create tiered verification journeys based on customer risk level, jurisdiction, or transaction value. A low-risk customer might go through document verification only, while a high-risk customer is routed through document verification plus face matching, liveness detection, AML screening, and address verification. Each journey is configured once and runs automatically based on the rules you set.

Yes. Shufti provides RESTful APIs and native SDKs (iOS, Android, Web) for seamless integration into your existing onboarding flows. The verification process can be embedded directly into your app or website, so users never leave your platform. Most development teams complete the integration within a few days using Shufti’s documentation and sandbox environment.

Absolutely. Shufti allows you to configure different verification workflows for different jurisdictions. If your EU customers need AMLD6-compliant checks while your US customers need BSA/FinCEN-aligned verification, you can set up jurisdiction-specific workflows that trigger automatically based on the customer’s location or the regulatory framework that applies to their account.

Yes. Shufti’s identity verification can be combined with AML screening, adverse media monitoring, transaction screening, KYB, address verification, and other modules within a single verification journey. This modular approach means you can build a compliance workflow that covers your full regulatory obligation without stitching together tools from different vendors.

Shufti prevents fraud by verifying identities at the point of onboarding and throughout the customer lifecycle. The platform combines document verification, biometric face matching, liveness detection, deepfake screening, and AML checks to catch fraudulent identities before they gain access to your platform. The result: fewer fake accounts, fewer chargebacks, and less exposure to regulatory penalties.

Shufti is built to catch a wide range of fraud types, including identity theft, synthetic identity fraud, document forgery, account takeover, deepfake-based impersonation, age fraud, and money laundering. The platform’s layered approach — combining multiple verification methods in a single flow — addresses these different attack vectors simultaneously.

Yes. AI is central to how Shufti detects fraud. Machine learning models power the document authenticity checks, facial recognition, liveness detection, deepfake analysis, and risk scoring. These models are continuously retrained on new fraud patterns, so the system’s detection capabilities evolve as attack methods change.

Liveness detection prevents a fraudster from bypassing face verification using a printed photo, a video replay, a 3D mask, or a deepfake. By confirming that a real, live person is present during the biometric capture, liveness detection closes the gap between document verification (which confirms the ID is genuine) and biometric matching (which confirms the person matches the ID).

Yes. By verifying customer identities at onboarding and flagging fraudulent accounts before they transact, Shufti helps reduce the chargebacks, unauthorised transactions, and financial losses associated with identity fraud. Businesses that deploy strong identity verification at the front door typically see measurable reductions in fraud-related costs downstream.

Shufti can be deployed at login, account recovery, or high-risk transaction points to re-verify the account holder’s identity using face verification and liveness detection. If someone tries to take over an account using stolen credentials, the biometric check confirms whether the person requesting access is the verified account owner — stopping the takeover before any damage is done.

Yes. Shufti’s document verification analyses submitted documents for signs of tampering, including altered text fields, manipulated photos, missing or inconsistent security features, and pixel-level anomalies that indicate digital editing. The system also detects AI-generated documents — an increasingly common fraud vector as generative AI tools become more accessible.

Shufti’s liveness detection is designed to catch injection attacks, where a fraudster feeds manipulated video or images directly into the camera feed (bypassing the physical camera). The system detects the technical signatures of injected content, as well as screen replay attempts where a video of someone else is played in front of the camera. These attack types are flagged and rejected automatically.

Shufti uses risk scoring and configurable matching thresholds to balance fraud detection with false positive rates. The system allows your team to fine-tune sensitivity levels for document checks, AML screening, and biometric matching. Over time, whitelisting verified entities and adjusting thresholds based on your transaction data helps reduce false positives without weakening your fraud controls.

Yes. Shufti’s APIs and webhooks allow fraud prevention results — including verification outcomes, risk scores, and screening alerts — to flow directly into your existing transaction monitoring system, CRM, or internal compliance tools. This means your team works from a single source of truth instead of toggling between disconnected platforms.