VERIFY (User Verification)

The VERIFY operation is designed to authenticate an already-registered user by comparing a live biometric sample against the reference homomorphically encrypted token stored during registration. This process is entirely privacy-preserving; raw biometric data is processed on-device and purged immediately after generating a cryptographic token.

Operation Overview

In the VERIFY operation, the following steps are performed:

Live Biometric Capture & Preprocessing:
- The client device captures a current facial biometric image.
- Local algorithms (e.g., face detection, alignment, normalization) extract and preprocess the facial region.
Homomorphic Token Generation:
- The preprocessed biometric data is transformed into a homomorphically encrypted token using advanced schemes (such as BFV or CKKS).
- This token is designed for secure arithmetic operations on ciphertexts, enabling similarity measurements without decryption.
Reference Token Retrieval & Comparison:
- The reference token is retrieved based on the user’s UUID, either from secure local storage or through a server lookup if necessary.
- A cryptographic comparison is executed locally to measure similarity. In cases where the token is not available locally, the encrypted reference token is securely fetched from the server.
Data Purging & Optional Selfie Capture:
- As with other operations, raw biometric data is immediately purged post-token generation.
- Optionally, an accompanying selfie or audit image may be sent via webhook for anti-fraud or forensic purposes.
Enhanced Session Metadata:
- Additional metadata such as sessionExpiry, deviceInfo, and a cryptographic nonce (challenge) are incorporated to bind the verification session to specific context and to mitigate replay attacks.

POST/v2/verification-session

Endpoint

  POST /v2/verification-session

Expanded Request Body

The VERIFY request includes not only the core parameters but also additional fields for session control, detailed device metadata, and cryptographic nonce validation:

{
  "type": "VERIFY",
  "uuid": "123e4567-e89b-12d3-a456-426614174000", // Registered user's UUID.
  "redirectURL": "https://your-app.com/callback",
  "callback": {
    "url": "https://your-api.com/webhook",
    "headers": {
      "authorization": "Bearer YOUR_TOKEN"
    }
  },
  "locale": "en-US",
  "enableDesktop": false, // Desktop verification disabled for enhanced security.
  "sendImages": false, // Do not include images in webhook by default.
  "verifyDeleteUser": false, // Optionally delete user data post-verification.
  "sessionExpiry": 1800, // Verification session expiry in seconds.
  "transactionID": "txn-verify-112233", // Unique identifier for tracking the transaction.
  "deviceInfo": {
    // Optional metadata about the client device.
    "os": "iOS 16",
    "model": "iPhone 14",
    "resolution": "2778x1284"
  },
  "challenge": "unique-nonce-string", // Cryptographic nonce for preventing replay attacks.
  "additionalAuditData": {
    // Supplementary audit data.
    "ambientLight": "350 lux",
    "captureTime": "2025-03-19T12:34:56Z"
  },
  "debugMode": false, // Disable verbose logging in production.
  "requirements": [
    // Enables usage of different scenarios. With Face or Face and Passkey
    "face",
    "passkey"
  ]
}

Parameter Details

Name
type
Type
(String, Required)
Description
Must be "VERIFY" to denote a face registration operation.
Name
uuid
Type
(String, Required)
Description
The unique identifier of the user to be verified. This value is established during the REGISTER operation.
Name
redirectURL
Type
(String, Required)
Description
The URL where the client browser is redirected after successful sign-in.
Name
callback
Type
(Object, Required)
Description
Contains configuration for the webhook that delivers asynchronous authentication results.
- Name
  url
  Type
  (String)
  Description
  Endpoint for receiving webhook notifications.
- Name
  headers
  Type
  (Object)
  Description
  Additional headers (e.g., authorization) for securing the callback endpoint.
Name
locale
Type
(String, Required)
Description
Locale context for the session (e.g., "en-US"). Supports 44 languages.
Name
enableDesktop
Type
(Boolean, Optional)
Description
If true, desktop-based sign-in is enabled. Default is false. The desktop is not as secure as mobile devices.
Name
sendImages
Type
(Boolean, Optional)
Description
Default is false. If set to true, loudly announces in the UI that their selfie will be shared with your organization, and returns captured user selfie in the webhook payload. Please consult with your counsel before enabling to support anti-fraud or regulatory requirements.
Name
verifyDeleteUser
Type
(Boolean, Optional)
Description
If set to true, the user’s reference token and associated data are purged post-verification. This is useful for one-time verification scenarios.
Name
sessionExpiry
Type
(Number, Optional)
Description
The duration (in seconds) that the verification session is valid.
Name
transactionID
Type
(String, Optional)
Description
A client-generated identifier for tracking the verification transaction.
Name
deviceInfo
Type
(Object, Optional)
Description
Provides metadata about the device performing the verification (e.g., OS, model, resolution).
Name
challenge
Type
(String, Optional)
Description
A cryptographic nonce that must be included in the token generation process. It ensures the freshness of the verification session and guards against replay attacks.
Name
additionalAuditData
Type
(Object, Optional)
Description
Additional data to support forensic and compliance audits (e.g., ambient light level, capture timestamp).
Name
debugMode
Type
(Boolean, Optional)
Description
Enables additional logging and diagnostic output for development and troubleshooting purposes.
Name
requirements
Type
(Array, String)
Description
Enables usage of different scenarios for sign-in. Using Face or Face and Passkey.

Success Response

A successful sign-in returns a JSON payload including a unique session identifier and a launch URL for the biometric process:

{
  "launchUrl": "https://verify.privateid.com/start?sessionId=2fbbb4a3-1392-43c4-8d12-f61ff44e4efb",
  "sessionId": "2fbbb4a3-1392-43c4-8d12-f61ff44e4efb"
}

Webhook Response

The asynchronous webhook provides the outcome of the SIGN-IN operation.

{
  "message": "Success!",
  "status": "success",
  "sessionId": "dac57c75-0ed8-40fa-b40e-f0620dbb9444",
  "identificationResult": {
    "uuid": "123e4567-e89b-12d3-a456-426614174000",
    "guid": "ljkn23ln-23rl-n23r-l23rl23rl23rln2bk",
    "confidence": 0.97,
    "status": "success",
    "challengeResponse": "signed-challenge-response"
  }
}

Failure Response

{
  "status": "error",
  "message": "Verification failed due to token mismatch or replay attack.",
  "errorCodes": [-12],
  "retryAfter": 10
}

Cryptographic Considerations for VERIFY

Homomorphic Encryption Integrity:
The verification process leverages the same homomorphic encryption scheme as registration, ensuring that biometric tokens are compared securely without exposing the underlying data
Challenge-Response Validation:
The inclusion of a cryptographic nonce (challenge) in the token generation process ensures that each verification session is unique. The signed challenge response binds the session to the current verification attempt, preventing replay attacks.
Data Purging:
Immediate purging of raw biometric data following token generation minimizes the risk of data leakage. This is critical in preserving the integrity of the verification process.
Audit and Forensics:
The additionalAuditData field provides contextual information (e.g., ambient light conditions, capture timestamp) to support forensic analysis and ensure compliance with regulatory standards.
Token Comparison Protocol:
The system performs a secure, on-device comparison of the newly generated token with the reference token. In cases where the reference token is not available locally, a secure server retrieval mechanism is invoked. The comparison is performed using cryptographic similarity measures that operate directly on the ciphertexts.