KYC Best Practices
Always Build a User Interface to Collect Government ID
Although we might not require government ID for a specific product we recommend to always build the user interface. As stated above, should a user be flagged on one of our sanction lists we will require the submission of a government ID.
Use Our Address Verification API Call
Please refer to the Address Verification page for more details.
Provide Accurate IP Address of The User on API Call Headers
Providing an accurate IP address of the user helps us and platforms combat fraud, and creating transactions from to/from/within sanctioned countries. Occasionally, certain platforms will submit their own IP on the API call header, we recommend not do so for the above described reasons.
- Please note that when creating multiple users, it is recommended to do so from different networks and IP Addresses.
Consider a Whitelist Option for Approved Networks
Consider using a whitelisting option and having users confirm the network they are on as approved. When a user connects from a new/unidentified IP address, you may provide a prompt (e.g. "you're trying to access your account on an unrecognized network, would you like to add it to your approved networks or cancel?")
Avoiding Race Conditions
To avoid race conditions for subsequent patch calls to users, nodes, and subnets, please consider doing one of the following:
- adding a 4-5 second delay
- waiting for a webhook response
- adding all the document information into 1 patch call
Updated about 4 years ago