How it works

Learn how ID verification works.

The process of ID verification includes the following steps:

  1. Applicants upload photos of their ID documents via WebSDK or MobileSDK. This can also be done by you via Sumsub API.
  2. Sumsub checks the submitted documents for authenticity, image integrity, and validates document data.
  3. The extracted data is checked against external sources, including sanctions and watchlists databases.
  4. You handle verification results.

There are certain requirements that ID documents must meet to successfully pass verification. These requirements are applied to the original document, its contents and photo characteristics.

Document requirements

The ID documents must meet the following requirements:

  • The document validity period lies within the limits set in Minimum residual validity of ID document. You can set this parameter in Global settings.
  • The document is not scratched, stained, or torn.
  • The applicant full name, date of birth, MRZ (Machine Readable Zone), and other important information is present and readable.
  • All the documents in the applicant profile must belong to the same person.

Sumsub can process IDs in 40+ languages from 220+ countries and territories. To see if your ID document is supported, follow this link.



To get a complete list of extended documents organized by jurisdiction that includes new validity periods, contact your customer success manager or our support team.

Content requirements

ID documents must contain:

  • Owner full name, date of birth, photo, and (if applicable) a signature.
  • Document number.
  • Validity data (issue date or validity period).

Photo requirements

The ID document photo should meet the following requirements:

  • The file is an original photo (static image) or scan (not a screenshot or a photo uploaded from social networks) in JPG, JPEG, PNG, PDF.
  • If the document has data on the front and back sides, the photos of both sides should be uploaded.
  • The file size is no less than 100 KB or 300 DPI.
  • The photo is in color.
  • The information in the document is readable.
  • All corners of the document are visible and no foreign objects or graphic elements are present.
  • The uploaded photo has not been edited with any software or converted to PDF.
  • The document is not digital (in most cases).



You are allowed to provide a notarized copy of your identity document. All the documents issued in breakaway regions are not accepted by default.

Authenticity detection

The image authenticity check is intended to ensure that the uploaded image has not been edited electronically. This process involves automated signature and pixel analyses.

Signature analysis

A software signature includes file metadata, compression parameters, vendor or software-specific tags, sections, and so on.

We utilize an extensive database of camera and software signatures to determine the source of an image, detect traces of modification software, and estimate the risk of intended image tampering (as opposed to cosmetic changes like cropping, resizing, or rotation).

Pixel analysis

This method is used on demand in addition to signature analysis to identify abnormal areas within the image. For example, deviations from sustainable local characteristics.

The results of the analysis are shown as a probability map, where areas suspect to tampering are highlighted. In most cases, pixel analysis is combined with the manual analysis of a forensic expert.

Integrity detection

Integrity checks are designed to ensure the uploaded image represents an official document by comparing it with a template from a database of original documents.

Sumsub integrity checks:

  • General conformity to the template.
  • Presence of security features, such as watermarks, holograms, and so on.
  • Font originality and compliance with the relevant standards (width, spaces between the letters, and so on).
  • Required fields and inscriptions.

Data validation

At the final step, the data extracted from the document is checked against various sources, including our sanctions and watchlists database.

Potentially matching data from various sanctions and watchlists is compared against the applicant profile to determine if the applicant name matches one or more watchlist records and to assign a certain match status.

Depending on the match status, the applicant is either approved or declined, or—in controversial cases—delegated to your compliance officers for manual processing.