Skip to main content
NEW Didit KYC Identity Verification is live, verify signers with government ID & biometrics for eIDAS Advanced signatures Learn more
πŸ›‘οΈ Identity & Compliance

KYC Identity Verification

Verify who signs your documents before they sign , government ID, facial biometrics, and liveness detection powered by Didit. Elevate your signatures to eIDAS Advanced level with real identity assurance.

Powered by Didit
βœ“ Government ID Check
βœ“ Facial Biometrics
βœ“ Liveness Detection
βœ“ eIDAS Advanced
βœ“ 190+ Countries

Three-Layer Identity Verification

Didit verifies identity through three independent layers , document authenticity, facial match, and liveness, all in under 90 seconds.

Government ID Verification

190+ Countries

Layer 1

Passports, national ID cards, driver's licenses, and residence permits are read and authenticated automatically using OCR and NFC chip technology.

  • Passport & national ID cards
  • Driver's licenses
  • Residence permits
  • 190+ countries supported

Facial Biometric Match

AI-Powered

Layer 2

A live selfie is captured and compared against the photo on the ID document using AI facial recognition to confirm the person signing is the document holder.

  • Real-time selfie capture
  • AI facial recognition
  • Match score validation
  • Anti-impersonation checks

Liveness Detection

Anti-Spoofing

Layer 3

Video-based liveness verification ensures a real person is present, a printed photo or screen recording is not accepted.

  • Video-based liveness check
  • Deepfake detection
  • Presentation attack prevention
  • ISO 30107-3 aligned

eIDAS Signature Levels

The EU eIDAS regulation defines three levels of electronic signatures. KYC moves your signature from Simple to Advanced , a significant legal upgrade that matters in courts, regulated industries, and cross-border transactions.

SES

Simple Electronic Signature

Click-to-sign, checkbox acceptance. No identity verification required. Limited legal weight, easier to repudiate in court.

KYC: ❌ Not required
In WPS: Default signing
Use case: Low-risk internal documents
AdES

Advanced Electronic Signature

β˜… Recommended

Identity-verified signature. eIDAS Article 26 requirements met: uniquely linked to signatory, identifies the signatory, under sole control, tamper-evident.

KYC: βœ… Required
In WPS: WPsigner + Didit KYC
Use case: Contracts, NDAs, regulated industries
QES

Qualified Electronic Signature

Highest eIDAS level. Requires a Qualified Trust Service Provider (QTSP) and a Qualified Signature Creation Device (QSCD). Legally equivalent to a handwritten signature.

KYC: βœ… Required
In WPS: Requires external QTSP
Use case: Notarial acts, high-value contracts

eIDAS Regulation (EU) No 910/2014. QES requires a Qualified Trust Service Provider (QTSP) and is outside WPsigner's scope.

Security & Implementation

KYC enforcement built to be secure by design, server-side, GDPR-aware, and ready for regulated environments.

Server-Side Enforcement

WPsigner enforces KYC on the backend. A signer cannot bypass verification by manipulating the client, the API rejects signatures until Didit confirms identity.

Audit Trail Events

Every KYC action is logged in the document's Activity Timeline: session started, verification passed or declined, and the session ID from Didit.

GDPR-Aware Architecture

Didit processes biometric data under their own DPA and GDPR-compliant infrastructure. WPsigner only stores the verification outcome and session ID, never biometric data.

One-Click Setup

Enable Didit KYC from the Security & Compliance settings page with a single toggle. No code changes, no custom integrations required.

Regulated Industry Ready

Financial services, real estate, healthcare, and legal sectors require verified identity. KYC makes WPsigner compliant with sector-specific requirements in the EU and beyond.

Court-Admissible Evidence

An identity-verified signature with a biometric audit trail is dramatically harder to repudiate than a basic click-to-sign. KYC creates a tamper-evident chain of evidence.

KYC in the Audit Trail

Every KYC verification step is automatically logged in the document's Activity Timeline. This creates a tamper-evident chain of identity evidence that can be presented in legal proceedings alongside the signed document.

πŸͺͺ

Document Type

Passport, national ID, driver's license

🌍

Issuing Country

Country that issued the identity document

🀳

Biometric Match Score

Confidence level of selfie-to-ID match

πŸŽ₯

Liveness Result

Pass / fail from anti-spoofing check

⏰

Session Timestamp

UTC timestamp of identity verification

πŸ”

Didit Session ID

Reference ID for verification audit

kyc_audit_event.json 
{
  "event": "kyc_verification_passed",
  "timestamp": "2026-02-27T14:32:18Z",
  "signer": {
    "name": "MarΓ­a GarcΓ­a",
    "email": "m.garcia@example.com"
  },
  "kyc_result": {
    "provider": "didit.me",
    "session_id": "did_sess_9f3a2b1c",
    "document_type": "passport",
    "issuing_country": "ES",
    "biometric_match": "passed",
    "liveness_check": "passed",
    "match_score": 0.97
  },
  "document_id": "DOC-2026-0458",
  "ip_address": "203.0.113.42"
}

Frequently Asked Questions

What is KYC and why does it matter for electronic signatures?

KYC (Know Your Customer) is an identity verification process that confirms a signer is who they claim to be, using a government-issued ID and biometrics. For electronic signatures, KYC transforms a simple click into a legally stronger, identity-backed signature. Under eIDAS, KYC is the key distinction between a Simple Electronic Signature and an Advanced Electronic Signature, with significantly higher legal weight and court admissibility.

What exactly makes a signature 'eIDAS Advanced'?

Under EU Regulation 910/2014 (eIDAS) Article 26, an Advanced Electronic Signature must: (1) be uniquely linked to the signatory, (2) be capable of identifying the signatory, (3) be created using data under the signatory's sole control, and (4) be linked to the signed data in a way that detects any subsequent change. KYC identity verification with ID + facial biometrics satisfies requirement 2. Combined with WPsigner's cryptographic document integrity, audit trail, and timestamping, all four requirements are met.

Is Didit GDPR compliant?

Yes. Didit.me is a European identity verification provider built for GDPR compliance. Biometric data is processed under their Data Processing Agreement and is not retained beyond the verification session. WPsigner only stores the verification outcome (pass/fail) and session reference ID, never photos, selfies, or biometric templates. Your server never receives or stores biometric data.

Can signers bypass KYC verification?

No. WPsigner enforces KYC server-side. The signing API rejects any signature submission if the signer's KYC status has not been confirmed by Didit's secure callback webhook. There is no client-side workaround, even a technically sophisticated signer cannot bypass the check by modifying requests.

How long does KYC verification take for the signer?

The Didit verification flow typically takes 30 to 90 seconds for the signer: photograph the ID front and back, take a selfie, complete a brief liveness video. Didit processes the result in real time. Most verifications complete within 60 seconds. Signers who fail verification are notified immediately and can retry.

Is KYC required for all documents or can I configure it per document?

In the current version, KYC is configured globally from the Security & Compliance settings page, when enabled, it applies to all signing flows on your site. Per-document KYC configuration is planned for a future release. If you need different requirements for different document types today, consider using separate WPsigner installations or contact support.

Add Real Identity to Every Signature

Didit KYC integration is available on all WPsigner plans. Enable it in one click from the Security & Compliance settings, no code required.

Get Started Read Documentation