GlobalPass offers a variety of settings that allow you to customize your verification flow to perfection. This guide explains how to configure your Verification Settings in GlobalPass Portal.
Please note that editing verification settings is possible for users with Admin or Settings Manager roles. Other users can only view the settings. It can be accessed by going to the sidebar > System > Verification Settings.
It is divided in two parts: A) Verification Settings & B) Widget Customization
A) Verification Settings:
1. Default Screening Settings
Default Screening Settings show the core services enabled for your KYC verification (widget onboarding) flow. As editing these settings can lead to a breaking change in the entire KYC flow, they can be edited only via a request to GlobalPass support.
- ID Verification – Enables ID verification service in Widget and KYC Screening Report.
- AML / OFAC / PEP Screening – Enables AML scan in KYC Screening Report.
- Biometrics Mode – Enables Biometric scan in Widget and KYC Screening Report.
- Address Verification – Enables address data collection in Widget and shows it on the KYC Screening Report. Required setting to enable Proof of Address and/or Geolocation Verification.
- Proof of Address Document Verification – Enabled Proof of Address verification service in Widget and KYC Screening Report.
- Geolocation Verification – Collects geolocation data in the Widget and includes a geolocation summary in the KYC Screening Report.
- KYC Flow Process – Either Regular or Split Flow. Regular flow combines all the above services in one widget session and one screening report. Split flow separates ID, AML, and Biometrics flow from Address, Proof of Address, and Geolocation into two separate verification flows. Changing this setting requires adjustments to the GlobalPass integration.
2. Widget Settings
This section provides various customizations of the widget and it is fully editable.
- NFC Scan – Enables NFC chip scan in widget after identity document capture. Due to browser limitations, available in Mobile SDK Integration only.
- Skip identity document quality check – Disables instant check & live feedback in the Widget for whether the applicant correctly captured their identity document.
- Additional Address Validation – Allows applicants to enter only Latin letters and a maximum of 50 characters in the Address widget field. Affects Web Widget only.
- Request Social Security Number (SSN) for USA Nationals - When the applicant selects United States as country in the widget, this setting requests them to provide SSN in the widget.
- Postal Code Validation - To ensure the address validity, the Widget will validate the format of the submitted postal code in address details step. If turned ON; The validation applies when the applicant selects an EU country.
- Allow Image Upload for ID Verification – Allows the applicant to upload copies of identity documents from their device instead of taking a picture.
- Do not Allow PO Box Address - When an applicant submits a PO Box address, the widget requires them to provide only a non-PO Box address.
3. Allowed Document & Proof of Address Type Settings:
Here, you can customize which identity documents you would like to accept from each country/territory. To begin, click the “Add New Type” button and select a document type that you would like to allow.
For each document type, select the countries from which you would like to accept each document in drop-down menu. You can select “All Countries” or choose a custom list of jurisdictions.
For example, you can select to approve Driving Licenses only from Switzerland. This way, the Driving License option will be presented in the Widget only when Switzerland is selected as the country of document issue, and if a driving license is presented from any other country, it will not be approved.
If the Proof of Address service is activated; similar to document types, the applicants will now see a list of acceptable POA types in the widget during document upload.
This clarifies for applicants about which documents are acceptable, and reduces rejection rates for incorrect POA types. Currently, you can choose from 12 types of documents to be allowed from applicant.
4. Auto-Reject Settings
These settings enable specific rejection scenarios.
Minimum Allowed Applicant Age - This sets a specific minimum age for the widget and verifies the applicant’s age based on their ID. If the applicant is younger than this specified age, they won’t be able to proceed in the widget.
Maximum Allowed Applicant Age - This sets a specific maximum age for the widget and verifies the applicant’s age based on their ID. If the applicant is older than this specified age, they won’t be able to proceed in the widget.
Reject IDs where Signture is Not Visible - This setting specifies if the signature is required when the document is being processed. The results are based on if the signature crop from the ID could be obtained or not.
AML / OFAC / PEP Matches – Specifies minimum AML match score that provides an AML-based rejection for all screening types (except transaction AML). Leaving this field empty means you do not require screenings to be rejected for AML reasons, and screenings with AML hits will be accepted if there are no other issues found.
Here, Multiple options can be chosen. For example, you wish to reject screenings if they are above 85% in AML score. You should select Exact & Strong both options to set rejection above 85%.
Reject Duplicate Screenings - Turning on this setting rejects verification attempts by the same person – one person will be allowed to get approved only once, and other verification attempts will be rejected. Turning it off will ignore duplicate screenings and the same person can get approved multiple times.
ID Document Months Before Expiry – Specifies minimum required validity of the identity document in months at the time of verification. Additionally, when identity documents inside accepted screenings reach this minimum validity, the screening receives an ‘Expiring’ tag and a notification appears in the Dashboard.
Document Expiration Auto-Tracking – Tracks and informs your system when identity documents inside accepted screenings begin expiring or gets expired. When an identity document in an accepted screening reaches the minimum validity period threshold, your system will receive a notification that the document is expiring, and at this moment you can already prompt the applicant to submit a newer ID. If a new document is not provided and the ID expires, screening gets automatically rejected with “DocumentExpired” reject reason. Requires additional integration with your system for full functionality.
Reject IP Threats as Baddata - In case the geolocation verification is on and there are any IP threats detected in 'Threats' section. The screening gets rejected as Baddata (temporary rejection) and the applicant is asked to perform the address part of verification again. These threats can be due to multiple reasons like VPN, Proxy, iCloud relay, and other IP address-related threats.
Reject if Blacklisted Country is detected in Geolocation - This verification setting allows you to automate responses to blacklisted regions (the ones assigned as blacklisted in your settings) detected in IP address or device location during geolocation analysis. Choose from options like ignoring these instances, rejecting as BadData (requesting to repeat address verification), or rejecting as ConditionsNotMet with Blacklisted tag.
5. Risk Level Settings
Each GlobalPass KYC Screening is assigned a geographic risk level. In this section, you can customize your risk levels for each country/territory, which will reflect on the final screening report. If left undefined, each screening will receive a “Low” geographic risk level.
Country setting checks Country of Identity Document Issue and Residence Country (from Address verification).
The nationality setting checks the nationality specified on the identity document.
The final risk score, if you use Regular flow, will be the highest found risk level among the Country of Document Issue, Nationality, and Residence Country. If you use Split flow, two separate risk levels will be issued – for the Identity part – the highest risk score between the Country of Document Issue and Nationality will be applied, and for the Address part – the risk level will reflect customer’s residence country.
If a blacklist country/nationality is detected, the screening will be rejected with a Blacklisted tag.
Note: Your Countries and Nationalities lists do not have to be matching. You can opt to specify a different risk level for a country and a nationality.
6. API Credentials
API keys and Webhooks are used only for integration purposes between your system and GlobalPass. For more information, please visit our developer documentation here.
Pressing ‘Create New’ will generate new API keys. Make sure to copy the credentials and store them in a secure location as they are sensitive information, and secrets are displayed only once. After closing, the secret is hidden and cannot be seen anymore.
IMPORTANT note: Removing an API key is irreversible. If you remove the API key that you have integrated, the API will stop working. If you remove credentials that were used for your integration, you should regenerate new credentials and replace the old ones in your integration – the API connection will be restored.
For Webhook management, Press ‘Add New’ to add your desired URL and it will generate a ‘Webhook Secret’. With Webhook secret, you can validate that webhooks were sent from the GlobalPass system.
7. Audit Log
At the very bottom of the Verification Settings, you’ll find the ‘Audit Log.’ This log records all the changes made to settings, complete with date and time stamps. It also keeps a record of the accounts used to make these changes.
Whenever a change is made by someone from GlobalPass, it will show as ‘GlobalPass.’ When a change is made by someone from your team, their email will be displayed.
B) Widget Customization
1. QR Code Settings:
- Hide QR Code – Disables QR code that leads the applicant to continue in a mobile phone in all Widget flows. Not a recommended approach as the Web Widget experience is much better using a mobile browser. Affects Web Widget only.
- Force Identity Verification through Phone – If an applicant launches the Regular, Identity, or Instant Biometrics Widget via desktop, they are shown a QR code and must scan it using their mobile phone to continue the process using a mobile browser. Recommended approach for the best Widget experience. Affects Web Widget only. Having both Hide QR Code and this setting off allows applicants to choose whether they wish to scan the QR code or continue using a desktop.
- Show QR Code in Address Widget – If an applicant launches Address Widget via desktop, this setting gives them the option to scan the QR code and continue using mobile or continue using the current device. Having this setting off disables the QR code screen in the Address widget and the applicant is led to continue using the current device only. Affects Split Flow integration only.
2. Optional Widget Steps:
This section allows you to remove/change certain custom widget steps when needed:
Hide Welcome Step (Web widget only)
Hides/skips the first (welcome) step of the web widget. Not that if you hide this step, you will also hide the selector allowing you to change widget language.
Welcome step - Web widget (Mobile browser & Desktop browser):
Hide Record Yourself Guide:
Skips widget step with instructions on how to successfully pass facial biometric analysis in web widget. Is skipped by default if widget flow does not include a biometric scan.
Record yourself guide - Mobile browser, Desktop browser:
Simplified Document Type Selection ( Web widget only)
Turns off the requirement for applicants to confirm their identity document’s country of issue and allows a simple option to provide a Passport or Identity Card. Not recommended if you have document type customizations per country or allow additional document types such as residence permits, or driving licenses.
Normal document type selection vs Simplified:
Hide Confirm Personal Details Step (web & mobile SDK)
This setting turns off the widget step which requests applicants to confirm their 'personal details' after capturing their identity document.
With this step disabled, applicants will complete the widget faster, but instant feedback messages if the person is underage or their identity document is expired/expiring are also skipped – in such cases applicant will complete the widget (will not be stopped) and a rejected screening report will be produced.
Confirm personal details step - Web widget & mobile SDK:
Auto Close Success Message in the End (web widget only)
With this setting on, the widget automatically closes itself 3 seconds after the final “Thank You” message is displayed. Otherwise, the applicants will have to press the “Close” button himself to close the widget.
- If the widget was completed in a mobile browser after scanning the QR code – the widget tab will close itself (unless there are browser limitations not allowing to auto-close the tab)
- If the widget was completed using a desktop or mobile browser within your website/URL (without being redirected to kyc.globalpass.ch widget site), the applicant will be automatically redirected to your specified redirect URL.