Expression attributes help you build complex rule conditions based on the received applicant data.

For example, you can create a rule that compares the applicant country extracted from the ID document with the country provided by the applicant or the country of the specified payment method, and so on.

Root variables

Field	Type
`txn`	Object	Derived data of the current transaction for which the entire related context is created. This data includes the previous score of the transaction, review result, tags assigned, and so on.
`data`	Object	Transaction-related data submitted to Sumsub by the user. This data includes such details as transaction identifier, date and time when the transaction was initiated on the user side, financial information, transaction participants, and so on.
`aggregate`	Object	Aggregated information about transactions based on certain criteria.
`anomalyExpressionData`	Object	Anomaly information obtained by anomaly detection ML Model.
`applicant`	Object	Applicant data of the current transaction participant registered in the Sumsub system as an applicant. This data is taken from the existing applicant profile and not related to a specific transaction.
`counterparty`	Object	The other party that participates in the financial transaction.
`poi`	Object	Applicant's proof of identity.
`poa`	Object	Applicant's proof of address.
`remitter`	Object	`data.applicant` — for outgoing transactions. `counterparty` — for incoming transactions.
`beneficiary`	Object	`counterparty` — for outgoing transactions. `data.applicant` — for incoming transactions.
`questionnaires`	Map of Objects	The Questionnaire item values are nested by questionnaire, section, and item id. E.g. `questionnaire["myQuestionnaireId"]["mySectionId"]["myItemId"]`.
`props`	Map of Strings	Map of custom properties that are not supported by the API data model (e.g. `dailyOutLimit`) and could be reused in rule conditions, for example, to compare the transaction amount (`data.info.amount`) to the `props["dailyOutLimit"]`.
`preScoringContext`	Object	Prescoring context that helps to enrich the information about a transaction.
`applicantAction`	Object	Allows to build logic upon applicant action check results.
`currentScore`	Integer	Current score calculated in the rule matching process.
`currentMatchedRuleNames`	List of Strings	List of rule names matched during the current rule-matching process.
`currentRule`	Object	Current rule to be processed and calculated.
`currentFailedRules`	List of Strings	List of rules failed during the current rule-matching process.
`clientLists`	Map of Strings	Client lists based on key values.
`txnFraud`	Object	Contains information pertaining to Fraud Prevention.

txn

The txn object includes the derived data of the current transaction for which the entire related context is created. This data includes the previous score of the transaction, review result, tags assigned, and so on.

Field	Type	Description
`externalUserId`	String	Unique user ID on the client side.
`clientId`	String	Your identifier as our client in the Sumsub system.
`review`	Object	Transaction review.
`createdAt`	Date	Date and time (UTC) when a transaction was created in the Sumsub system.
`scoringResult`	Object	Overall scoring result.
`tags`	List of Strings	Transaction tags.
`ind`	Integer	Index of the current transaction is calculated in relation to the scoring transaction, which has an index value of 0. This field is used to configure a projection with a specific number of transactions. E.g., projection with last ten transactions.
`travelRuleInfo`	Object	Travel rule information exchange data.

data

The data object is a transaction-related data submitted to Sumsub by the user. This data includes such details as transaction identifier, date and time when the transaction was initiated on the user side, financial information, transaction participants, and so on.

Field	Type	Description
`txnId`	String	Transaction ID
`txnDate`	Date	The date and time (UTC) when a transaction was initiated on the client side (format yyyy-MM-dd HH:mm:ss+XXXX , e.g. 2022-10-25 22:30:02+0000 ).
`txnLocalDate`	LocalDateTime	Calculated value of the transaction creation date and time on the client side if the transaction timezone is provided.
`applicant`	Object	Includes the data of the financial transaction participant registered in the Sumsub system as an applicant. This data is submitted to Sumsub within the transaction and may differ from the relevant applicant profile.
`info`	Object	Transaction-related financial information.
`sourceKey`	String	Source key assigned to the transaction.
`userPlatformEventInfo`	Object	Indicates the applicant platform event status.

aggregate

Field	Type	Description
`txns`	Map of Objects	The transactions-related data aggregated and mapped by certain criteria (e.g. in , out, all, rejected, same beneficiary , etc.).
`currencyCodes`	List of Strings	Unique currency codes (`USD`, `GBP`, `BTC`, etc.) of all non-rejected transactions.
`KytAnomalyStatsScoreExpressionData`	Object	Anomaly scores derived from daily statistical patterns, calculated based on the historical behavior of the applicant.

anomalyExpressionData

Field	Type	Description
`anomalyRiskLevel`	Enum	Transactions general anomaly risk level (`low`, `medium`, `high`).

data.applicant

The data.applicant object includes the data of the financial transaction participant registered in the Sumsub system as an applicant. This data is submitted to Sumsub within the transaction and may differ from the relevant applicant profile.

Field	Type	Description
`externalUserId`	String	Unique user identifier on your side.
`fullName`	String	Full name.
`dob`	Date	Date of birth.
`placeOfBirth`	String	Place of birth.
`email`	String	Email address.
`phone`	String	Phone number.
`address`	Object	Actual address (if provided).
`type`	Enum	Entity type: `individual` or `company`.
`paymentMethod`	Object	Payment method used by an applicant.
`paymentMethodExtractedInfo`	Object	Payment method information extracted from available data.
`device`	Object	Information regarding the device involved in executing the transaction.
`institutionInfo`	Object	Information about the financial institution that facilitated the transaction.
`institutionExtractedInfo`	Object	Information about the financial institution, extracted from available data. Represents the BIC country.

counterparty

The data.counterparty object includes the data related to the other party that participates in the financial transaction. This data is submitted to Sumsub within the transaction.

Field	Type	Description
`externalUserId`	String	Unique user identifier on your side.
`fullName`	String	Full name.
`dob`	Date	Date of birth.
`placeOfBirth`	String	Place of birth.
`email`	String	Email address.
`phone`	String	Phone number.
`address`	Object	Actual address (if provided).
`type`	Enum	Entity type: `individual` or `company`.
`paymentMethod`	Object	Payment method used by a counterparty.
`paymentMethodExtractedInfo`	Object	Payment method information extracted from available data.
`device`	Object	Information regarding the device involved in executing the transaction.
`institutionInfo`	Object	Information about the financial institution that facilitated the transaction.
`institutionExtractedInfo`	Object	Information about the financial institution, extracted from available data. Represents the BIC country.

applicant

The applicant object includes the applicant data of the current transaction participant registered in the Sumsub system as an applicant. This data is taken from the existing applicant profile and not related to a specific transaction.

Field	Type	Description
`id`	String	Unique applicant identifier.
`externalUserId`	String	Unique user identifier on your side.
`createdAt`	Date	This field helps to build rules based on the applicant profiles' creation date. For example, to find the applicants with profiles created in past 90 days, and whose declared incoming or outgoing turnover has been exceeded.
`fullName`	String	Full name.
`country`	String	Applicant country (ISO 3166-1 alpha-3).
`countryOfBirth`	String	Applicant country of birth (ISO 3166-1 alpha-3).
`info`	Object	Information extracted from the applicant documents.
`fixedInfo`	Object	Basic information on an applicant provided to the Sumsub SDK/API.
`review`	Object	Applicant review.
`sourceKey`	String	Source key assigned to an applicant.
`derivatives`	Object	Various information derived from an applicant.
`metadata`	Map of Strings	Applicant's metadata.
`riskLabels`	Object	Applicant risk labels.
`tags`	List of Strings	Applicant tags.
`assessment`	Object	Applicant assessment.
`email`	String	Applicant's email.
`phone`	Object	Includes the details of the applicant's phone number.
`emailDomain`	String	Applicant email's domain name.
`type`	Enum	Applicant entity type: `individual` or `company`.
`allMemberRoles`	List of Strings	Roles of the applicant (`shareholder`, `representative`, `director`, `ubo`).

applicantAction

Field	Type	Description
`ind`	Integer	Index of the added payment source action (excluding duplicates), e.g., the first added payment method has index 1, the second — 2 , etc. The field has a value for `paymentMethodSummary` section only.
`questionnaires`	Map of objects	Questionnaire item values are nested by questionnaire, section, and item id. E.g. `questionnaire["myQuestionnaireId"]["mySectionId"]["myItemId"]`.
`review`	Object	Action review results.

poi

Field	Type	Description
`country`	String	ID document country (ISO 3166-1 alpha-3).
`idDocType`	Object	ID document type (e.g., ID card, Passport, Driver's license, etc.).
`number`	String	ID document number.
`additionalnumber`	String	ID document additional number.
`dob`	Date	Date of birth of the document owner.
`nationality`	String	Nationality of the document owner (ISO 3166-1 alpha-3).
`placeOfBirth`	String	Place of birth of the document owner.
`issuedDate`	Date	Date when the document was issued.
`issueAuthority`	String	Authority that issued the ID document.
`issueAuthorityCode`	String	Unique code of the authority that issued the ID document.
`validUntil`	Date	Validity date of the ID document.
`validityPeriod`	Object	Validity period of the ID document.
`firtsIssuedDate`	Date	Date when the document was first issued.
`metadata`	Map of strings	Metadata related to a Proof of Identity.
`address`	Object	Address specified in the ID document.
`category`	String	ID document category (e.g., category of a driver's license).
`nfc`	Object	Data retrieved from the NFC chip embedded in the identity document.
`fullMrz`	String	Machine-readable zone (MRZ) lines, separated by the End of Line (`\n`) symbol.

poa

Field	Type	Description
`country`	String	PoA (Proof of Address) document country (ISO 3166-1 alpha-3).
`idDocType`	Object	PoA document type (e.g., Passport, Residence permit, etc.).
`number`	String	PoA document number.
`metadata`	Map of strings	PoA related metadata.
`address`	Object	Address specified in the PoA document.
`issuedDate`	Date	Date when the PoA document was issued.
`detectedLanguages`	List of Strings	List of detected languages, presented using 2-letter codes (ISO 639-1).
`image`	Object	Technical details of the document image.

preScoringContext

Field	Type	Description
`cryptoTxnInfo`	Object	Cryptotransaction-related information.
`amlCaseReview`	Object	AML case review result.
`paymentDetailsReview`	Object	Payment details review result.
`paymentMethodsSummary`	Object	Payment methods statistics.
`kytAnomalyStatsScore`	Object	Anomaly scores derived from daily statistical patterns, calculated based on the historical behavior of the applicant.

currentRule

Field	Type	Description
`name`	String	Current short name of the rule.
`id`	String	Current ID of the rule.
`revision`	Integer	Current version of the rule's revision.
`title`	String	Current full title of the rule.
`score`	Integer	Score that can be assigned to a transaction by the current rule.
`dryRun`	Boolean	Value determining whether a rule should be applied in the Test mode.
`tags`	List of Strings	Tags that can be assigned to a transaction by the current rule if it is applied.
`sourceKeys`	List of Strings	Rule is only applied if the transaction has one of the listed source keys.

txnFraud

Field	Type	Description
`categorizations`	Map of `Double`-s	Categories identified by behavioral scoring model.
`behavioral`	Object	Contains information pertaining to the user's behavioral data.
`email`	Object	Contains information pertaining to the user's email data.
`phone`	Object	Contains information pertaining to the user's phone data.
`ip`	Object	Contains information pertaining to the user's IP address data.
`device`	Object	Contains information pertaining to the user's device data.

review

Field	Type	Description
`attemptCnt`	Integer	Number of the current check attempt on the same verification level.
`buttonIds`	Array of strings	List of button IDs that have been used for rejection. Specific `buttonId` is automatically assigned to each rejection. For more details, see Temporary rejection and Final rejection clarification.
`decision`	Object	Review decision.
`levelName`	String	Applicant verification level.
`rejectLabels`	List of Objects	List of rejection labels.
`reviewAnswer`	Object	Review answer.

paymentDetailsReview

Field	Type	Description
`suspiciousPaymentDetails`	Boolean	Detects if there are risky words used in the transaction. `true` or `false`.

paymentMethodsSummary

Field	Type	Description
`cnt`	Integer	Payment methods quantity.
`duplicateAccountIds`	List of Strings	Duplicate `accountId`s used for payment methods by applicants within your same project. Includes the current transaction.
`accounts`	Map of Objects	All payment methods used by the applicant of the current transaction.

txn.scoringResult

Field	Type	Description
`score`	Integer	Calculated score of the transaction.
`dryScore`	Integer	Calculated Test score of the transaction which would be assigned by the rules applied in the Test mode.
`matchedRules`	List of Objects	All rules that matched during the scoring session.
`failedRules`	List of Objects	All rules that failed during the scoring session.
`ruleCnt`	Integer	Total number of the rules counted for a transaction.
`dryRunRuleCnt`	Integer	Total number of the rules in the Test mode counted for a transaction.

txn.travelRuleInfo

Field	Type	Description
`protocolName`	Enum	Name of the protocol used during the information exchange.
`applicant`	Object	Applicant data used during the information exchange.
`counterparty`	Object	Counterparty information used during the information exchange.
`originator`	Object	Transaction originator data used during the process of the information exchange. `data.applicant` — for outgoing transactions. `counterparty` — for incoming transactions.
`beneficiary`	Object	Transaction beneficiary data used during the process of the information exchange. `counterparty` — for outgoing transactions. `data.applicant` — for incoming transactions.
`status`	Enum	Current state of the information exchange.
`expiredAt`	Date	If the timer is set, the transaction will be re-scored after a certain period of time.
`applicantVaspId`	ObjectId	Stores information about the applicant VASP institution.
`counterpartyVaspId`	ObjectId	Stores information about the counterparty VASP institution.

txn.travelRuleInfo.protocolName

Value	Description
`gtr`	Global Travel Rule Protocol.
`sns`	Sumsub protocol.
`code`	CODE protocol.

txn.travelRuleInfo.status

Value	Description
`counterpartyVaspNotReachable`	Data couldn't be sent since the second side of the transaction was not reachable. The response from the counterparty hasn’t been received.
`counterpartyVaspNotFound`	Second side of the transaction was not found.
`awaitingCounterparty`	Second side of the transaction was found and the data was sent. The response from the counterparty is awaited.
`onHold`	Second side of the transaction was found and the data was sent. The transaction has been interrupted on the second side.
`expired`	Second side of the transaction was found and the data was sent. There was no response received from the counterparty on time.
`unconfirmedOwnership`	Second side of the transaction was found and the data was sent. Wallet ownership has not been confirmed.
`counterpartyUnconfirmedOwnership`	Second side of the transaction was found and the data was sent. The negative response on wallet ownership has been received.
`counterpartyMismatchedData`	Data has been sent, compared and there is a mismatch between both data sets.
`counterpartyVaspGeneralDecline`	For inbound and outbound messages, the counterparty declines the transaction. Mostly applicable when dealing with counterparties on connected protocols.
`notEnoughCounterpartyData`	Not enough information was found about the second side of the transaction.
`completed`	Transaction is completed.
`cancelled`	Counterparty was identified, and the data was sent. However, the counterparty decided to decline the transaction, be it by the rules or manually, and not to proceed with it.
`finished`	Blockchain transaction ID has been updated in the `completed` transaction record. This status always follows the `completed` status.

data.info

Field	Type	Description
`paymentTxnId`	String	Identifier from the payment processor: blockchain, bank.
`type`	String	Transaction type: card, account, crypto.
`direction`	String	It can be `out` (applicant sends to counterparty) or `in` (counterparty sends to applicant).
`amount`	Double	Amount of funds sent within the transaction in the currency used by the applicant. The round transaction amounts are detected: 10, 5000, 100000, and so on. For example, to detect transactions with 000 before the decimal point, use the following expression: "data.info.amount % 1000 equals 0".
`currencyCode`	String	Code of the currency in which the transaction was made.
`currencyType`	Enum	Type of the transaction currency: `fiat` or `crypto`.
`amountInDefaultCurrency`	Double	Transaction amount in the default currency.
`defaultCurrencyCode`	String	Code of the default currency.
`paymentDetails`	String	Comment with payment details.
`mcc`	String	4-digit number representing Merchant Category Code (MCC).

data.userPlatformEventInfo

Field	Type	Description
`type`	Enum	User event type sent within the transaction: `login`, `failedLogin`, `signup`, `passwordReset`, `twoFaReset`, `general`.
`passwordHash`	String	Hashed representation of the user’s password, used to detect and prevent fraud by identifying repeated use of the same password across multiple accounts.

aggregate.txns

Field	Type	Description
`minutes1`	Object	One minute from the moment a transaction is made.
`minutes3`	Object	Three minutes from the moment a transaction is made.
`minutes5`	Object	Five minutes from the moment a transaction is made.
`hours1`	Object	One hour from the moment a transaction is made.
`hours3`	Object	Three hour from the moment a transaction is made.
`days1`	Object	One day from the moment a transaction is made.
`days2`	Object	Two days from the moment a transaction is made.
`days3`	Object	Three days from the moment a transaction is made.
`day7`	Object	Seven days from the moment a transaction is made.
`days14`	Object	Fourteen days from the moment a transaction is made.
`days30`	Object	Thirty days from the moment a transaction is made.
`days90`	Object	Ninety days from the moment a transaction is made.
`months1`	Object	One month from the moment a transaction is made.
`months2`	Object	Two months from the moment a transaction is made.
`months3`	Object	Three months from the moment a transaction is made.
`months6`	Object	Six months from the moment a transaction is made.
`months12`	Object	Twelve months from the moment a transaction is made.
`currentCalendarMonth`	Object	Current calendar month related to the date when a transaction is made.
`previousCalendarMonth`	Object	Previous calendar month related to the date when a transaction is made.
`allTime`	Object	Overall period of time from the date when a transaction is made.

aggregate.byIp

Field	Type	Description
`minutes1`	Object	One minute from the moment a transaction is made by a certain IP address.
`minutes3`	Object	Three minutes from the moment a transaction is made by a certain IP address.
`hours1`	Object	One hour from the moment a transaction is made by a certain IP address.
`hours3`	Object	Three hour from the moment a transaction is made by a certain IP address.
`days1`	Object	One day from the moment a transaction is made by a certain IP address.
`days2`	Object	Two days from the moment a transaction is made by a certain IP address.
`days3`	Object	Three days from the moment a transaction is made by a certain IP address.
`day7`	Object	Seven days from the moment a transaction is made by a certain IP address.
`days14`	Object	Fourteen days from the moment a transaction is made by a certain IP address.
`days30`	Object	Thirty days from the moment a transaction is made by a certain IP address.
`days90`	Object	Ninety days from the moment a transaction is made by a certain IP address.
`months1`	Object	One month from the moment a transaction is made by a certain IP address.
`months3`	Object	Three months from the moment a transaction is made by a certain IP address.
`months12`	Object	Twelve months from the moment a transaction is made by a certain IP address.
`currentCalendarMonth`	Object	Current calendar month related to the date when a transaction is made by a certain IP address.
`previousCalendarMonth`	Object	Previous calendar month related to the date when a transaction is made by a certain IP address.

aggregate.kytAnomalyStatsScoreExpressionData, preScoringContext.kytAnomalyStatsScore

Field	Type	Description
`dailyTurnoverAnomalyRiskLevel`	Enum	Anomaly score based on the applicant's daily turnover and history. Shows how abnormally large the turnover is with respect to applicant history. Bucketed into `low` - `medium` - `high` level of abnormality. For applicants with no history, average amount is used.
`dailyTurnoverEWMA`	Double	Exponentially weighted moving average used to calculate anomaly score for turnover.
`dailyTxnCntAnomalyRiskLevel`	Enum	Anomaly score based on the applicant's daily number of transactions and history. Shows how abnormally large the number of transactions is with respect to applicant history. Bucketed into `low` - `medium` - `high` level of abnormality. For applicants with no history, average number is used.
`dailyTxnCntEWMA`	Double	Exponentially weighted moving average used to calculate anomaly score for number of transactions.

address

Field	Type	Description
`country`	String	Country code (ISO 3166-1 alpha-3).
`formattedAddress`	String	Address in an human-readable format.
`state`	String	Name of the state or region if applicable.
`town`	String	Town if applicable.
`street`	String	Street if applicable.
`subStreet`	String	Street (line 2) if applicable.
`postCode`	String	Post code if applicable.

type

Field	Description
`individual`	Individual applicant.
`company`	Company applicant.

paymentMethod

Field	Type	Description
`type`	String	Payment method type: `card`, `account`, `crypto`.
`accountId`	String	Bank card number; bank account number; crypto address.
`issuingCountry`	String	Payment issuing country code in Alpha-3 format.
`memo`	String	Optional field in blockchain transactions to attach metadata or messages for identification, routing, or compliance purposes.

device

Field	Type	Description
`ipInfo`	Object	Data about the IP address used.
`userAgent`	String	Device user-agent.
`sessionId`	String	ID of the transaction session.
`sessionAgeMs`	Long	Session lifetime in milliseconds.
`acceptLang`	String	Language of the browser used by a transaction participant, e.g. en.
`platform`	String	Device platform, e.g., Mobile Android.
`coords`	Object	Geographical coordinates.
`address`	Object	Address related to a device.
`fingerprint`	String	Device fingerprint.

institutionInfo, institutionExtractedInfo

The following table explains the attributes of the institutionInfo and institutionExtractedInfo objects:

institutionInfo — Information regarding the financial institution through which a participant made a transaction.
institutionExtractedInfo — Financial institution information extracted from available data.

For example, Sumsub can fill in the country code by the IBAN extracted from the applicant payment method, or by BIC from institutionInfo.

Field	Type	Description
`code`	String	Transaction institution code, e.g. BIC.
`name`	String	Transaction institution name.
`address`	Object	Transaction institution address.
`vasp`	Object	Directory information about VASP (Virtual Asset Service Provider).

vasp

The following table explains the VASP (Virtual Asset Service Provider) directory information.

Field	Type	Description
`headquartersCountry`	String	Alpha-3 code of the country where the VASP is legally registered and where its headquarter is located (for example, `DEU`, `GBR`, `ARG`, and so on).
`countries`	List of Strings	List of all the registration countries for legal entities of the VASP. Presented as Alpha-3 code (e.g., `DEU`, `GBR`, `ARG`).
`regulationType`	Enum	Represents the type of regulation for VASP (Virtual Asset Service Provider). `authorized` — licensed or registered. `temporaryExemption` — registration process has already been initiated but has not yet been completed. `unauthorized` — unlicensed or unregistered.
`essentialChecksStatus`	Enum	Status of the Essential Checks. `initiated` — the VASP has just been added and is yet to complete any checks. `essentialChecksDone` — the VASP for which Sumsub has only the information from blockchain analytics. `extendedEssentialChecksDone` — Extended Essential Checks (EEC) have been passed. `rejected` — the VASP is rejected due to a number of reasons.
`dueDiligenceStaus`	Enum	Status of the Due Diligence. `notStarted` — the Due Diligence process has not been yet begun. `inProgress` — the Due Diligence process is underway. `completed` — the VASP has passed Due Diligence. `rejected` — the VASP is rejected due to a number of reasons. Note that a VASP with Due Diligence `completed` will have either `essentialChecksDone` or `extendedEssentialChecksDone` status as well.
`riskScoreAnswer`	Enum	Refers to the VASP classification based on its type. `GREEN` — if the VASP type is `exchange_licensed`, `wallet`, `payment`. `YELLOW` — if the VASP type is `exchange_unlicensed`, `payment`, `other`, `atm`, `p2p_exchange_unlicensed`, `marketplace`, `liquidity_pools`, `transparent`. `ERROR` — no data received from the provider. `RED` — otherwise.
`supportsSnsProtocol`	Boolean	Indicates whether the VASP supports exchanging data via SNS protocol — `true`, or not — `false`.
`supportsGtrProtocol`	Boolean	Indicates whether the VASP supports exchanging data via GTR protocol — `true`, or not — `false`.
`supportsCodeProtocol`	Boolean	Indicates whether the VASP supports exchanging data via CODE protocol — `true`, or not — `false`.
`emailExists`	Boolean	VASP profile contains an associated email address.
`urlExists`	Boolean	VASP profile contains an associated website address.
`score`	Double	VASP profile includes a score derived from EEC (Extended Essential Checks) assessments.
`hidden`	Boolean	Used to differentiate VASPs to be added to your VASPs list. If set to `true`, the VASP is categorized as one of the following: internal, test, risky, or a duplicate of an existing VASP.

applicant.info, applicant.fixedInfo

The following table explains the attributes of the applicant.info and applicant.fixedInfo objects:

applicant.fixedInfo — Contains information submitted by the applicant via Web or MobileSDK or by you via this API method. This data is used to compare with the data we extract from the applicant documents.
applicant.info — Contains information recognized and extracted from the applicant documents by Sumsub.

Field	Type	Description
`country`	String	Applicant country (ISO 3166-1 alpha-3).
`countryOfBirth`	String	Applicant country of birth (ISO 3166-1 alpha-3).
`firstname`	String	First name.
`firstnameEn`	String	Transliterated first name.
`middleName`	String	Middle name.
`middleNameEn`	String	Transliterated middle name.
`lastName`	String	Last name.
`lastnameEn`	String	Transliterated last name.
`gender`	String	Applicant gender (`M` or `F`).
`nationality`	String	Nationality (ISO 3166-1 alpha-3 country code).
`taxResidenceCountry`	String	Tax residence country (ISO 3166-1 alpha-3).
`residenceCountry`	String	Residence country (ISO 3166-1 alpha-3).
`age`	String	Applicant age.
`address`	String	Applicant address.
`companyInfo`	Object	Company information (KYB).
`tin`	String	Tax identification number.
`phone`	Object	Includes the details of the applicant phone number.

applicant.info.companyInfo, applicant.fixedInfo.companyInfo

The following table explains the companyInfo attributes.

Field	Type	Description
`country`	String	Alpha-3 code of the country where the company is legally registered (for example, `DEU`, `GBR`, and so on).
`type`	String	Type of legal entity. For example, private company limited by shares, public limited company, state-owned enterprise, and so on.
`companyName`	String	The name of the company.
`registrationNumber`	String	Unique number that is assigned to the company when it was registered as a legal entity.
`address`	Object	Company address details.
`legalAddress`	String	Address a legal entity uses to register with a legal authority.
`postalAddress`	String	Company postal address.
`registrationLocation`	String	City, town, or another location where the company was registered.
`incorporatedOn`	Date	Date of company incorporation (format `YYYY-mm-dd`, e.g. `2001-09-25`).
`incorporationDate`	Date	Date of company incorporation in the broader spectrum.
`email`	String	Company email address.
`phone`	String	Company phone number.
`taxId`	String	Taxpayer registration number/Code of taxpayer registration.
`website`	String	Website URL of the company.
`noUBOs`	Boolean	When set to `true`, a company is to be be verified with no UBOs specified in the company profile. For example, in case when another legal entity that cannot be a UBO owns this company.
`noShareholders`	Boolean	When set to `true`, a company is to be be verified with no shareholders specified in the company profile. For example, in case when the verification level settings require a company to have three shareholders but the company has just one.
`ownershipStructureDepth`	Integer	Indicates the number of hierarchical tiers in the company ownership structure. Mind the following: Intermediate companies have their own `ownershipStructureDepth` values. If a company has no associated parties, `ownershipStructureDepth` is `null` or empty. `ownershipStructureDepth` is only calculated for KYB 2.0.
`beneficiaryStats`	Object	Aggregates across all company beneficiaries.

applicant.info.companyInfo.beneficiaryStats, applicant.fixedInfo.companyInfo.beneficiaryStats

Field	Type	Description
`rejectLabels`	List of Strings	All reject labels of the beneficiaries.

applicant.phone, info.phone, fixedInfo.phone

The following table explains the details of the applicant phone number.

Field	Type	Description
country	String	Country code (ISO 3166-1 alpha-3).
number	String	Applicant's phone number. In a rule, it is important to add only digits without any extra symbols. For example, either 0035736208235 or 35736208235, or just 36208235.

applicant.derivatives

Field	Type	Description
`estimatedAge`	Integer	Applicant's estimated age.

applicant.riskLabels

Field	Type	Description
`email`	List of Objects	Email risk labels.
`phone`	List of Objects	Phone risk labels.
`device`	List of Objects	Device risk labels.
`deviceCheck`	List of Objects	Device check risk labels.
`crossCheck`	List of Objects	Cross-check risk labels.
`selfie`	List of Objects	Selfie risk labels.
`aml`	List of Objects	AML risk labels.
`person`	List of Objects	Person risk labels.
`company`	List of Objects	Company risk labels.

applicant.assessment

Field	Type	Description
`scores`	Map of objects	Total score that is calculated from the applied Rules and assigned to the applicant, primarily to set thresholds based on the applicant score.

date

Field	Type	Description
`ageInDays`	Integer	Time delta in days between this date and now.
`ageInYears`	Integer	Time delta in years between this date and now.
`dayOfMonth`	Integer	Day of the month (starts from 1).
`month`	Integer	Month of the year (starts from 1).
`timestamp`	Long	Unix timestamp in milliseconds.
`year`	Integer	Year.
`yyyymmdd`	Integer	Numeric day in the `YYYYMMDD` format, e.g. {@literal `20230123`}.

poi.validityPeriod

Field	Type	Description
`millis`	long	Period in milliseconds.
`days`	long	Period in days.
`hours`	long	Period in hours.
`minutes`	long	Period in minutes.
`seconds`	long	Period in seconds.

poi.nfc

Data retrieved from the NFC chip embedded in the identity document.

Field	Type	Description
`fullMrz`	String	Full MRZ (machine-readable zone).

poa.image

Field	Type	Description
`softwareTag`	String	Software used for the image processing.

preScoringContext.cryptoTxnInfo

Field	Type	Description
`.answer`	String	Transaction risk severity according to Chainalysis.
`riskScore`	Double	Transaction risk score.
`signals`	Object	A set of the entity types the transaction may belong to. For example, Darknet Service , Online Marketplace , etc.
`chainalysis`	Object	Transaction monitoring data extracted from Chainalysis.

preScoringContext.cryptoTxnInfo.chainalysis

Field	Type	Description
`alerts`	Map of objects	Alerts generated by Chainalysis.
`addressAlert`	Object	Address alert generated by Chainalysis.

preScoringContext.cryptoTxnInfo.chainalysis.alerts

Field	Type	Description
`riskScore`	Double	Transaction risk score.
`red`	String	High and severe risk.
`yellow`	String	Medium risk.
`green`	String	Low risk.
`["alert name"]`	String	This is the alert name triggered, for example, `terrorist financing`, `sanctioned entities`, and so on.

preScoringContext.cryptoTxnInfo.chainalysis.addressAlert

Field	Type	Description
`riskLevel`	Double	Indicates the risk level of the address. `GREEN`, `YELLOW`, `RED`, `UNKNOWN`.
`exposures`	String	Name of the cluster the transaction is related to. E.g. `Direct`, `Indirect`.
`triggers`	Double	Category that is responsible for the alert being generated.
`category`	String	Classification of the cluster the address belongs to. E.g. `exchange`.
`name`	String	Name of the entity itself e.g. `ChangeNOW`.

preScoringContext.cryptoTxnInfo.chainalysis.alerts["alert name"]

Field	Type	Description
`alertsLevel`	String	The level of severity classification that can be `Red`, `Yellow`, `Green`.
`service`	String	Name of the cluster the transaction is related to. For example, `Binance`, `Duelbits`.
`category`	String	This is the alert category. For exampler, `Exchange`, `Sanctioned Entity`.
`alertAmountUsd`	Double	Alert amount in USD terms.
`alertAmountInDefaultCurrency`	Double	Amount in the user's default currency settings.
`exposureType`	String	This can be either `Direct`, or `Indirect`.

txnFraud.behavioral

Field	Type	Description
`riskLevel`	Enum	Sumsub valuation of associated risk.
`labels`	List of Strings	Labels identified by behavioral scoring model.
`metrics`	Map of Doubles	Metrics identified by behavioral scoring model.

txnFraud.email

Field	Type	Description
`riskLevel`	Enum	Sumsub valuation of associated risk.
`labels`	List of Strings	Labels identified by fraud model.
`facts`	Map of Doubles	Information about the email, such as the number of breaches (public Enum `breachesCnt`).

txnFraud.phone

Field	Type	Description
`riskLevel`	Enum	Sumsub valuation of associated risk.
`labels`	List of Strings	Labels identified by fraud model.

txnFraud.ip

Field	Type	Description
`riskLevel`	Enum	Sumsub valuation of associated risk.
`labels`	List of Strings	Labels identified by fraud model.

txnFraud.device

Field	Type	Description
`riskLevel`	Enum	Sumsub valuation of associated risk.
`labels`	List of Strings	Labels identified by fraud model.

decision

Field	Description
`approved`	An item (`transaction`, `applicant`, `amlcase`) was approved.
`rejected`	An item (`transaction`, `applicant`, `amlcase`) was rejected.
`resubmission`	Resubmission requested.

reviewAnswer, answer

Field	Description
`IGNORED`	Check was skipped.
`GREEN`	Successful result of the verification and/or check.
`YELLOW`	There are some warnings regarding the verification and/or check.
`RED`	Violations were found.
`ERROR`	Error occured.

rejectLabels

Field	Description
`ADDITIONAL_DOCUMENT_REQUIRED`	Additional documents are required to pass the check.
`ADVERSE_MEDIA`	Applicant was found in the adverse media.
`AGE_REQUIREMENT_MISMATCH`	The Age requirement is not met (e.g. can't rent a car to a person below 25yo).
`APPLICANT_INTERRUPTED_INTERVIEW`	Applicant refused to finish the interview during the Video Ident call.
`BACK_SIDE_MISSING`	Back side of the document is missing.
`BAD_AVATAR`	Applicant's avatar doesn't meet the client's requirements.
`BAD_FACE_MATCHING`	Face check between a document and a selfie was failed.
`BAD_PROOF_OF_ADDRESS`	Applicant uploaded a poor quality proof of address.
`BAD_PROOF_OF_IDENTITY`	Applicant uploaded a poor quality ID document.
`BAD_PROOF_OF_PAYMENT`	Applicant uploaded a poor quality proof of payment.
`BAD_SELFIE`	Applicant uploaded a selfie in poor quality.
`BAD_VIDEO_SELFIE`	Applicant uploaded a video selfie in poor quality.
`BLACK_AND_WHITE`	Applicant uploaded black and white photos of their documents.
`BLACKLIST`	User is blocklisted by Sumsub.
`BLOCKLIST`	User is blocklisted by you.
`CHECK_UNAVAILABLE`	External database service is not available at the moment.
`COMPANY_DATA_MISMATCH`	Company attributes like Name, Registration on the provided documents do not match the state company registry.
`COMPANY_INACTIVE_ENTITY`	According to the publicly available state company registry, the entity is inactive, dissolved, or deregistered.
`COMPANY_INCORRECT_DATA`	Provided company attributes like Name, Registration or Tax Number do not match the provided documents or the state company registry.
`COMPANY_NOT_DEFINED_BENEFICIARIES`	The entity's beneficial owners weren't identified and duly verified.
`COMPANY_NOT_DEFINED_OWNERSHIP_STRUCTURE`	Company ownership structure has not been specified or differs from the one declared by the corporate documents.
`COMPANY_NOT_DEFINED_REPRESENTATIVES`	The entity's representatives weren't defined.
`COMPANY_NOT_DEFINED_STRUCTURE`	The entity's control structure wasn't defined.
`COMPANY_NOT_VALIDATED_BENEFICIARIES`	The entity's beneficial owners weren't validated.
`COMPANY_NOT_VALIDATED_BENEFICIAL_OWNERS`	Not all beneficial owners have passed the KYC verification procedure.
`COMPANY_NOT_VALIDATED_DIRECTORS`	Not all directors have passed the KYC verification procedure.
`COMPANY_NOT_VALIDATED_REPRESENTATIVES`	The entity's representatives weren't validated.
`COMPANY_PROBLEMATIC_STRUCTURE`	There are officials in the control and ownership structure who got rejected.
`COMPROMISED_PERSONS`	Applicant doesn't correspond to Compromised Person Politics.
`CONNACTION_INTERRUPTED`	Video Ident call connection was interrupted.
`CRIMINAL`	Applicant is involved in the illegal actions.
`DB_DATA_MISMATCH`	Input data/doc does not match the data from the external database.
`DB_DATA_NOT_FOUND`	Data not found in the external database.
`DB_NO_DATA_SOURCE`	Input data is not supported by any enabled source.
`DIGITAL_DOCUMENT`	Applicant uploaded a digital version of the document.
`DOCUMENT_DAMAGED`	Document is damaged.
`DOCUMENT_DEPRIVED`	Applicant has been deprived of the document.
`DOCUMENT_MISSING`	Applicant refused to show or didn't have required documents during the Video Ident call.
`DOCUMENT_PAGE_MISSING`	Some pages of a document are missing (if applicable).
`DOCUMENT_TEMPLATE`	Submitted documents are templates downloaded from the internet.
`DUPLICATE`	Applicant has multiple accounts while duplicates aren't allowed by the regulations.
`EXPERIENCE_REQUIREMENT_MISMATCH`	Applicant doesn't have enough experience (e.g. driving experience is not enough).
`EXPIRATION_DATE`	Applicant uploaded an expired document.
`FOREIGNER`	Rejection label associated with the applicants from an unsupported country or e.g. without a residence permit.
`FORGERY`	Forgery attempt was recognized.
`FRAUDULENT_LIVENESS`	There was an attempt to bypass liveness check.
`FRAUDULENT_PATTERNS`	There was fraudulent behavior detected during the verification.
`FRONT_SIDE_MISSING`	Front side of the document is missing.
`GRAPHIC_EDITOR`	Document has been edited by a graphical editor.
`GPS_AS_POA_SKIPPED`	When GpsAsPoa was skipped and no image uploaded.
`ID_INVALID`	Document that identifies a person (like a passport or an ID card) is not valid.
`INCOMPATIBLE_LANGUAGE`	Document's translation is required.
`INCOMPLETE_DOCUMENT`	Some information is missing from the document, or it's partially visible.
`INCONSISTENT_PROFILE`	Data or documents of different persons were uploaded to one applicant.
`INCORRECT_SOCIAL_NUMBER`	Incorrect TIN/SSN was provided to perform the check.
`LOW_QUALITY`	Documents have low-quality that doesn't allow definitive decisions to be made.
`MORE_DOCUMENTS_REQUIRED`	Additional documents are required to pass the check for applicant review.
`NOT_ALL_CHECKS_COMPLETED`	Not all of the checks were completed.
`NOT_DOCUMENT`	Submitted documents aren't relevant for the verification procedure.
`OK`	Custom reject label.
`OTHER`	There is some unclassified reason of rejection.
`OUTDATED_DOCUMENT_VERSION`	Based on the publicly available state company register, not the most recent version was provided.
`PEP`	Applicant belongs to the PEP category.
`PROBLEMATIC_APPLICANT_DATA`	Applicant data doesn't match the data in their documents.
`REGULATIONS_VIOLATIONS`	Some violations of the regulations were found.
`REQUESTED_DATA_MISMATCH`	Provided information doesn't match with the data recognized from a document.
`RESTRICTED_PERSON`	Person is found in a restricted list (e.g., prohibited from betting).
`SANCTIONS`	Applicant was found on the sanction lists.
`SCREENSHOTS`	Applicant uploaded screenshots.
`SELFIE_MISMATCH`	Applicant's photo (profile image) doesn't match a photo on the provided documents.
`SELFIE_WITH_PAYMENT`	Special selfie is required (e.g. selfie with a piece of paper and date on it).
`SPAM`	Applicant was created by mistake or is just a spam user (irrelevant images were supplied).
`SUSPICIOUS_PATTERNS`	An obsolete label. The applicant may have previously received a “Rejected” status in the dashboard due to patterns potentially implying a non-genuine verification attempt (e.g., signs of artificially altered data, third-party involvement, etc).
`THIRD_PARTY_INVOLVED`	Video Ident user is trying to pass verification to transfer the account to a third party.
`UNFILLED_ID`	Applicant uploaded the document without signatures and stamps.
`UNSATISFACTORY_PHOTOS`	There were problems with the photos during verification, like poor quality or masked information.
`UNSUITABLE_DOCUMENT`	Document either does not fit the required type or lacks obligatory elements, like seal, apostille, or notary certification.
`UNSUITABLE_ENV`	Applicant is either not alone or nor visible during the Video Ident call.
`UNSUPPORTED_LANGUAGE`	Video Ident user does not speak the language common to the operator.
`WRONG_ADDRESS`	Address from the applicant's documents doesn't match the address entered by them manually.
`WRONG_USER_REGION`	Applicant from a region/country which is not allowed to be registered.

aggregate.txns[].minutes1

Field	Type	Description
`cnt`	int	Quantity of the aggregated transactions.
`matchedRuleNames`	Object	All unique rules matched in this interval.
`matchedRuleNamesByTag`	Object	All unique rules matched in this interval by tag.
`amounts`	Object	Numerical fields counted in this interval.
`currencyCodes`	Object	Unique codes (USD, GBP, BTC, etc.) of the currencies used for this interval.
`deviceFingerprints`	Object	Device fingerprints involved within this interval.
`ipCountries`	Object	IP addresses of the countries involved within this interval.

aggregate.txnPercentileAggregates.byIp

Field	Type	Description
`days7`	Object	Seven days from the moment the transaction is made.
`days14`	Object	Fourteen days from the moment the transaction is made.
`days30`	Object	Thirty days from the moment the transaction is made.

ipInfo

Field	Type	Description
`ip`	String	IP address.
`country`	String	Country code (ISO 3166-1 Alpha-2).
`city`	String	City the IP address belongs to.
`zipCode`	String	ZIP code.
`lat`	Double	Returns a Double value representing the latitude of the position in decimal degrees.
`lon`	Double	Returns a Double value representing the longitude of the position in decimal degrees.
`asn`	Integer	Autonomous System Number.
`asnOrg`	String	ASN organisation.
`riskyAsn`	Boolean	A value determining whether ASN is risky or not.

coords

Field	Type	Description
`lat`	Double	Returns a Double value representing the latitude of the position in decimal degrees.
`lon`	Double	Returns a Double value representing the longitude of the position in decimal degrees.
`accuracy`	Double	Returns a Double value representing the accuracy of the latitude and longitude properties, expressed in meters.

applicant.riskLabels.email

Field	Description
`mediumRisk`	Medium-risk email address.
`highRisk`	High-risk email address.
`disposable`	Temporary email address which is provided by a disposable email service and usually expires in a few minutes.
`noWebRegistrations`	Email registration was not detected.
`noWebsiteExists`	Email domain does not exist.
`nonDeliverable`	Messages fail to be delivered to this email address.
`invalidEmail`	Email address is invalid.

applicant.riskLabels.phone

Field	Description
`mediumRisk`	Medium-risk phone number.
`highRisk`	High-risk phone number.
`virtual`	Virtual phone number that allows a user to make calls through the internet and is not associated with a physical location.
`disposable`	Temporary phone number.
`noWebRegistrations`	Phone number registration wasn't detected.

applicant.riskLabels.device

Field	Description
`vpnUsage`	Detects whether VPN connection is used.
`torUsage`	Detects whether TOR connection is used.
`highRiskIp`	Indicates high risk IP addresses.
`multipleDevices`	Informs about using multiple devices.
`multipleMobileDevices`	Informs about using multiple mobile devices.
`lengthySession`	Session lasts too long.
`failedSessionContinuation`	Session was interrupted.
`distantIpLocations`	Login from different and distant IP addresses (> 100 km).
`thirdPartyLinkAccess`	Link access via external source, e.g., WhatsApp or Telegram.
`riskySessionContinuation`	Continuation of the session from a risky IP when the link was failed to be opened or accessed from a messenger.

applicant.riskLabels.deviceCheck

Field	Description
`badBot`	Indicates that the bot is an automated tool that does not have legitimate uses and assumes fraudulent activity.
`tampering`	Indicates the usage of anti-detect browser or tampering with the browser default behaviour.
`virtualMachine`	Detects whether the browser is running inside a virtualization software by examining the browser configuration.
`remoteControl`	Indicates whether the request originated from a device being remotely controlled or remotely controlling another device.
`goodBot`	Indicates that the bot is a well-known web crawler or other search engine bot.
`incognito`	Detects whether incognito or private modes are being used.
`privacySettingsMode`	Privacy settings that have the ability to randomize and obfuscate signal output are enabled.
`highActivity`	Number of visits for the past 24 hours surpasses a threshold. The threshold is calculated for each user separately and is determined through a normal traffic distribution.
`developerTools`	Informs whether developer tools were manually opened in Chrome or Firefox browsers.

applicant.riskLabels.crossCheck

Field	Description
`diverseIdDocCountries`	ID documents issued in different countries.
`manyAccountDuplicates`	Lots of the account duplicates are created.
`accountsInManyServices`	The same account is registered in different services.
`addressCountryVsIpCountryMismatch`	Physical address in the country mismatches the country IP address.
`idDocCountryVsIpCountryMismatch`	ID document country mismatches the country IP address.
`exifCountryVsIdDocCountryOrIpCountryMismatch`	The country detected by EXIF mismatches either the document country or the country IP address.

applicant.riskLabels.selfie

Field	Description
`asleep`	Person in the selfie is asleep.
`forced`	Person is coerced into verification.
`multipleFaces`	Multiple faces are present.
`estimatedAgeMismatch`	Estimated age mismatches the age in the documents.
`virtualCameraPresent`	Virtual (software-based) camera that simulates a physical camera is detected.
`manyAttempts`	There are numerous attempts of passing the selfie check.
`sameFaceWithDifferentData`	There is the same face on the documents with different data.

applicant.riskLabels.aml

Field	Description
`pep`	Applicant belongs to the PEP (Politically Exposed Person) category.
`sanctions`	Applicant was found in sanctions lists.
`terrorism`	Applicant is suspected of terrorism.
`crime`	Applicant is suspected of criminal activity.
`adverseMedia`	Compromising published information related to the applicant was found in the media.
`fitnessProbity`	Applicant does not comply with Fitness and Probity regime.

applicant.riskLabels.person

Field	Description
`famousPerson`	Applicant is supposedly a famous person.
`strangeName`	Applicant has a strange name that does not seem to be a real one.
`noPhoneNamesFromWebServices`	No phone names are found in web services.
`phoneNameMismatchFromWebServices`	There is a name mismatch with the names associated with the phone number.
`noEmailNamesFromWebServices`	No emails are found in web services.
`emailNameMismatchFromWebServices`	There is a name mismatch with the names associated with the email address.

applicant.riskLabels.company

Field	Description
`companyAdditionalDataNotFound`	Additional company fields are absent in the database.
`companyDataMismatch`	Mismatch of additional company fields in the database.
`companyDocumentMissesRequiredField`	Required company fields are absent in the document.
`companyDocumentDataMismatch`	Mismatch of additional company fields in the document.

applicant.assessment.scores

Field	Type	Description
`tag`	String	Applicant tag.
`score`	Float	Applicant score.

preScoringContext.cryptoTxnInfo.signals

Field	Type	Description
`atm`	Double	Cryptocurrency ATM operator.
`childExploitation`	Double	Organization which operates via darknets and is suspected of child abuse and exploitation.
`dark_market`	Double	Online marketplace which operates via darknets and is used for trading illegal products for cryptocurrency.
`dark_service`	Double	Organization which operates via darknets and offers illegal services for cryptocurrency.
`enforcementAction`	Double	The entity is subject to legal proceedings. Jurisdiction will be annotated as a subtype.
`exchangeFraudulent`	Double	Exchange that was involved in illegal activity.
`exchangeLicensed`	Double	Organization that is licensed to provide exchange services.
`exchangeUnlicensed`	Double	Organization that is not licensed to provide exchange services.
`illegalService`	Double	Resource offering illegal services or engaged in illegal activities.
`liquidityPools`	Double	The smart contracts where tokens are locked for the purpose of providing liquidity.
`marketplace`	Double	Entity offering legal services/trading goods for cryptocurrency.
`miner`	Double	Organization which utilizes its computing power for mining cryptocurrency blocks.
`mixer`	Double	Service for mixing funds from different sources to make tracing them back harder or almost impossible. It is mostly used for money laundering.
`p2pExchangeLicensed`	Double	Organization that is licensed to provide P2P exchange services.
`p2pExchangeUnlicensed`	Double	Organization that is not licensed to provide P2P exchange services.
`payment`	Double	Service which acts as an intermediary between customers and the company which provides services for making a payment.
`ransom`	Double	The extortioners demanding payment in the form of cryptocurrency
`sanctions`	Double	Organization that is found in sanctions lists.
`scam`	Double	Entities that have scammed their customers and taken possession of their cryptocurrency.
`seizedAssets`	Double	In the crypto seized by the government, the default Risk Score is 0%.
`stolenCoins`	Double	Entities which have taken possession of someone else’s cryptocurrency by hacking.
`terrorismFinancing`	Double	Organization which operates via darknets and involved in terrorism financing with cryptocurrency.
`trustedExchange`	Double	Exchange that is reliable and can be trusted.
`wallet`	Double	Service for storage and making payments with cryptocurrency.
`other`	Double	None of the specified entities above. It may include a subtype.

matchedRuleNames, matchedRuleNamesByTag

Field	Type	Description
`cnt`	int	Total quantity of matched rules.
`distinctCnt`	int	Quantity of unique rules.
`distinctVals`	List of Strings	List of unique rules.

amounts

Field	Type	Description
`cnt`	long	Quantity of transactions in the aggregate.
`min`	Double	Minimum amount.
`max`	Double	Maximum amount.
`mean`	Double	Arithmetic mean amount.
`sum`	Double	Sum of all transactions per interval.