Screens a facial image against published criminal-record datasets to surface potential matches. Didit exposes this service through `POST /v3/database-validation/` so you can verify the submitted data against the authoritative source and receive normalized match results. ## Coverage * **Coverage:** — * **Country:** South Africa * **Service ID:** `zaf_criminal_face_screening` * **Data domain:** Criminal * **Category:** Criminal ## Inputs | Field | Required | Example | | ------------- | -------: | --------------- | | `selfie` | Yes | `@./selfie.jpg` | | `score_level` | No | `standard` | | `max_matches` | No | `10` | | `vendor_data` | No | `user-1234` | * **Required inputs:** `selfie` * **Optional inputs:** `score_level`, `max_matches`, `vendor_data` * **Consent:** Required * **Workflow availability:** Available in workflow * **Coverage:** — * **Price:** \$7.00 per successful query ## Body parameters ISO 3166-1 alpha-3 country code for this database service. Example: `ZAF` Array containing this service ID. Pinning the service keeps the request scoped to this exact database. Example: `zaf_criminal_face_screening` Explicit end-user consent for this service. Example: `true` Selfie image file to upload for biometric database validation. Accepted formats: JPEG, PNG, or WebP. Example: `@./selfie.jpg` `score_level` value required by this database service. Example: `standard` `max_matches` value required by this database service. Example: `10` Your stable user reference for this person, such as your internal user ID. Didit uses it to link standalone checks to the same end user and reduce duplicate-detection noise. Example: `user-1234` ## Input rules & validation notes * Send the fields listed above exactly as captured from the user or document. * Didit validates required fields before calling the database. Requests rejected before source lookup are not charged. ## How to call it ```bash cURL theme={null} curl -X POST "https://verification.didit.me/v3/database-validation/" \ -H "x-api-key: YOUR_API_KEY" \ -F "issuing_state=ZAF" \ -F "services=zaf_criminal_face_screening" \ -F "vendor_data=user-1234" \ -F "consent=true" \ -F "selfie=@./selfie.jpg" ``` Every successful call returns HTTP `200`. The **`outcome_code`** field tells you what actually happened — distinguishing, for example, a real biometric mismatch (`BIOMETRIC_NO_MATCH`) from a selfie that could not be read (`BIOMETRIC_IMAGE_UNUSABLE`). The `status` shown is the default feature status; your configured [Partial Match / No Match actions](/core-technology/database-validation/database-validation-warnings) can override it. **`MATCH`** — The registry confirmed the identity and every checked field matched. ```json 200 OK — MATCH theme={null} { "request_id": "req_01H…", "status": "Approved", "issuing_state": "ZAF", "match_type": "full_match", "validations": [ { "outcome_code": "MATCH", "service_id": "zaf_criminal_face_screening", "service_name": "South Africa - Criminal Screening by Face", "source_data": { "criminal_matches": "sample_value", "face_quality": "sample_value", "request_id": "SAMPLE-12345" }, "validation": { "identification_number": "full_match" } } ] } ``` **`NO_MATCH`** — The registry returned no match for the submitted data. ```json 200 OK — NO_MATCH theme={null} { "request_id": "req_01H…", "status": "Declined", "issuing_state": "ZAF", "match_type": "no_match", "validations": [ { "outcome_code": "NO_MATCH", "service_id": "zaf_criminal_face_screening", "service_name": "South Africa - Criminal Screening by Face", "source_data": { "identification_number": "NO_MATCH" }, "validation": { "identification_number": "no_match" } } ] } ``` **`BIOMETRIC_NO_MATCH`** — The face-match score was below the acceptance threshold - the selfie is not the same person as the registry photo. ```json 200 OK — BIOMETRIC_NO_MATCH theme={null} { "request_id": "req_01H…", "status": "Declined", "issuing_state": "ZAF", "match_type": "no_match", "validations": [ { "outcome_code": "BIOMETRIC_NO_MATCH", "service_id": "zaf_criminal_face_screening", "service_name": "South Africa - Criminal Screening by Face", "source_data": { "identification_number": "NO_MATCH" }, "validation": { "identification_number": "no_match" } } ] } ``` **`BIOMETRIC_IMAGE_UNUSABLE`** — The selfie could not be processed (empty, no face, low quality, or the registry could not read it). Prompt the user to retake the selfie. ```json 200 OK — BIOMETRIC_IMAGE_UNUSABLE theme={null} { "request_id": "req_01H…", "status": "In Review", "issuing_state": "ZAF", "match_type": "no_match", "validations": [ { "outcome_code": "BIOMETRIC_IMAGE_UNUSABLE", "service_id": "zaf_criminal_face_screening", "service_name": "South Africa - Criminal Screening by Face", "source_data": { "identification_number": "NO_MATCH" }, "validation": { "identification_number": "no_match" } } ] } ``` ## Returned data The exact fields surfaced in `source_data` depend on what the registry returns. The generated example for `zaf_criminal_face_screening` currently documents this normalized shape: * `criminal_matches` * `face_quality` * `request_id` ## Pricing & SLAs South Africa - Criminal Screening by Face queries are billed only when Didit receives a conclusive result from the validation source. * **Per-call price:** \$7.00 USD. * **Billing:** per successful query. You are not charged when the registry is unreachable, when required fields are missing, or when the request is rejected before reaching the source. * **Latency:** typical p95 \< 2 s. * **Availability:** 99.9% per quarter on Didit's side; downstream source availability varies by country and dataset. ## Continue reading * [South Africa Database Validation overview](/api-reference/database-validation/south-africa) * [Database Validation overview](/core-technology/database-validation/overview) * [Outcome Codes](/core-technology/database-validation/database-validation-outcome-codes)