Skip to main content
The contact verification flow is the human part of a verification. It starts after your app creates a verification and ends when the contact completes, rejects, abandons, or times out of the flow.
1

Your app creates a verification

Your app creates a verification with business, contact, and bank account details. The verification starts in created or pending, depending on where it is in processing.If you set send_individual_confirmation_sms to true, ezyshield sends the contact an SMS when the confirmation step is ready. If you set it to false, the API response includes individual_confirmation_url so you can deliver the link yourself.
2

ezyshield prepares the contact step

ezyshield checks the supplied details and prepares the confirmation flow. Your webhook endpoint may receive verification.confirmation_ready.At this point, your app should treat the verification as in progress. Do not mark the payee as verified yet.
3

The contact receives or opens the verification link

The contact opens a secure ezyshield flow. If ezyshield sends the SMS, your app does not need to send the link separately.Suggested wording before handoff:
We use ezyshield to verify identity and bank account details before payments are made. You may receive a secure verification link by SMS.
4

The contact confirms their details

The contact reviews the verification request and continues into the identity step. The exact step depends on the confirmation mode.
5

The contact completes identity verification

With kyc, the contact provides identity details and completes a face scan. With biometric, the contact completes a face scan against the portrait image supplied by your system. With skip, there is no contact identity step.
6

ezyshield sends the result

ezyshield sends a webhook event when the verification reaches a terminal status. Your app should process the event idempotently and update the verification state stored against your record.

Outcomes your app should handle

OutcomeMeaningWhat your app should do
successfulezyshield completed the verification successfully.Store the verification ID as the current successful verification for the record.
rejectedThe contact rejected the verification.Ask the contact or your operations team to review before retrying.
failedezyshield could not verify the supplied details.Treat the payee as unverified and inspect the failure reason.
expiredThe contact did not complete the flow in time.Create a new verification if the payee still needs to be verified.
cancelledA newer verification superseded this one, or it was cancelled.Keep the history, but do not use this verification as the current one.
errorAn unexpected error occurred.Retry only after checking the returned context or contacting support.
Keep the copy short. The contact should understand why they are being asked to verify, what they need, and who to contact if something looks wrong.
We need to verify your identity and bank account details before we can process payments to you. This helps protect you and us from account changes or payment redirection.
You may receive an SMS from ezyshield with a secure verification link. Open the link on your phone and follow the prompts.