Togggle Documentation
  • Togggle Presentation
  • KYC Process
  • Integration Process
    • Webhook structure
    • Custom Fields
    • Successful Payload
    • Failure Payload
  • Decentralized Storage
    • Definitions
    • Types of Storages
    • Creation of the Personal Decentralized Storage
    • New User Verification Flow
    • One Click KYC
    • Company Dashboard
    • Authority Check
    • Data Deletion
  • B2B Dashboard
  • Reusable Credentials - One Click KYC
  • Product Information
  • Frequently Asked Questions
  • On-chain verifiable Proof-of-KYC
  • Wallet creation and VC
  • Architecture and Identity Flow
    • 🛡️ KYC Verification + AML Monitoring Flow
    • Data deletion - Right to be forgotten
Powered by GitBook
On this page
  1. Architecture and Identity Flow

🛡️ KYC Verification + AML Monitoring Flow

PreviousArchitecture and Identity FlowNextData deletion - Right to be forgotten

Last updated 1 month ago

This flow illustrates the full lifecycle of a user's identity verification process on the Zyphe Platform — from vault creation and document validation to verifiable credential (VC) issuance and Anti-Money Laundering (AML) checks.

🖼️ Diagram

🧭 Overview

The process follows a two-pronged track:

  • User-side Flow (Left): User document verification, credential generation, and vault storage.

  • Business-side Flow (Right): Business rules validation, VC sharing, AML checks, and monitoring.

🧩 Flow Steps Breakdown

1. User Document Validation

  • ✅ Already owns a vault?

    • No → Create a personal vault.

  • ✅ Vault contains the required document?

    • Yes → Check if it's still valid.

  • ✅ Is document still valid?

    • Yes → Share relevant data with the business.

    • No / Missing → Start document verification:

      • Collect document pictures.

      • Run verification in the background.

      • Perform authenticity checks.

  • ❌ If invalid → Failure.

  • ✅ If valid → Create Verifiable Credential (VC) and store in encrypted vault.

2. Business Rules & Requirements

  • ✅ Assess if the document fits business-specific requirements.

    • Example: User may be underage or from a restricted region.

  • ❌ If not → Failure.

  • ✅ If yes → Proceed to data sharing.

3. VC Sharing & Document Update Logic

  • Share relevant data with the business.

  • ✅ If it's a replacement document (of same type):

    • Update previous KYC results for businesses using that type.

    • 💡 New revenue stream: Charge businesses for automatic updates.

4. AML Check Integration

  • ✅ Ongoing monitoring enabled?

    • Yes → Share minimal VC info with Zypher AML monitoring module.

    • No → Perform one-time AML check (background job).

  • ✅ Perform AML check

    • Match against PEPs, sanctions, etc.

  • ✅ Is the user already in the list for AML checks?

    • Yes → Update result without re-enrolling.

    • No → Enroll user in the ongoing module.

  • 📎 Attach AML result to the verification outcome.

💡 Notes

  • Flexibility in business rules: VCs may pass authenticity checks but still fail business-specific KYC/AML criteria.

  • Proxy-friendly AML checks: Your system shares only necessary information with external AML providers — ensuring user data minimization.

  • Smart update mechanism: Businesses get real-time updates when a document is replaced — reducing redundant verifications.