Skip to main content

Native SDK 4.0 — Modular Variants

The biggest native SDK release of the year. iOS, Android, React Native, and Flutter all shipped a 4.0 line that splits the SDK into independent variants so you only ship the binary you actually need.
  • Four variantsCore (no NFC, no auto-capture), AutoDetection (auto-capture, no NFC), NFC (NFC reading, no auto-capture), and All (everything)
  • 84% smaller binary on iOS Core — about 6 MB on disk and 3 MB compressed in the IPA, down from ~40 MB in 3.x for apps that don’t need MediaPipe-backed auto capture
  • Backward compatible — existing pod 'DiditSDK' and Gradle integrations keep working unchanged; All is the default
  • Per-platform pickers — CocoaPods subspecs and SPM library products on iOS, separate artifacts on Android, Expo config plugin flags on React Native, and DIDIT_SDK_IOS_VARIANT / $DiditSdkIosVariant on Flutter
  • Migration guide — new tables in every SDK README explain the install matrix and how to move from 3.x

Configurable Document Liveness

Document liveness moved from a single approve/decline switch to a richer per-fraud-type configuration, exposed both in the API and in a brand-new Forgery tab inside the workflow editor.
  • Per-fraud thresholds — set independent Decline and Review scores for Screen Replay, Printed Copy, and Portrait Replacement
  • New Forgery tab in the Console — three sliders replace the older approve/review/decline chips, with full localization across all supported languages
  • Evidence on every warning — session tooltips now show the actual liveness score, the active thresholds, the decision bucket, and which side of the document produced the result
  • Smarter on uploads — false-positive “printed copy” warnings on legitimate scanned or photographed IDs were removed; screen-replay and portrait-manipulation still trigger on uploads

Front and Back Consistency Check

A new check catches users who upload the front of one ID and the back of a different one — caught for the first time on a Bolivian cedula in production.
  • New DATA_INCONSISTENT risk — fires when OCR data on the front doesn’t match the back
  • Workflow action — route inconsistent submissions to Decline, Review, or Approve through the existing inconsistent_data_action setting
  • Persisted correctly — the saved front image always reflects the front step, even when OCR initially swaps front and back labels

South Africa Database Validation Expansion

South Africa coverage grew from a single national-ID check into a full data-source suite, all callable through the same database validation API.
  • Department of Home Affairs — fingerprint match and DHA photo lookup
  • Vehicle data — ownership and lookup by VIN
  • Business data — company registry, company directors, and person directorships
  • Banking and consumer signals — bank account holder verification and contactability
  • Fraud and AML — fraud prevention check, refugee verification, and criminal screening by face
  • Cheaper national ID — the South African national-ID validation moved to a new integration with significantly lower per-call cost

Mexico INE Voter-Card Validity

Mexican INE/IFE voter cards can now be validated against the official registry in real time.
  • Document validity — confirms the credential model (modelo), expiration (vigencia), and whether it’s valid as identification
  • Voting rights — confirms the holder’s right-to-vote status

AML Screening Optimization

AML screenings are now deduplicated on resubmits when the identity hasn’t changed, so you stop getting billed for repeated screenings of the same person.
  • Skip on identical resubmits — name, date of birth, nationality, and document number all unchanged from the prior screening means no new screening (and no new charge)
  • Unchanged behavior when the identity actually changes, on the first screening, in sandbox sessions, and on the standalone AML endpoint
  • Applies to KYB too — company AML screenings dedupe the same way for unchanged business identity on resubmit

Upload User Face

Faces imported through the Upload User Face endpoint now behave like any face captured in a verification session.
  • Visible on the user profile — the portrait shows up on the Console user-detail page like an organic capture
  • Included in duplicate detection — imported faces are now part of the 1:N search index, so re-registrations under a different vendor data identifier are correctly flagged
  • Backfill-friendly — useful when migrating an existing identity database into Didit

Whitelabel Custom Domain Errors

Custom verification domains no longer silently flip to “Verified” when your DNS provider’s CAA records actually block the certificate from being issued.
  • Real error surfaced — the Console now shows the exact reason (typically a CAA record blocking AWS from issuing the SSL cert)
  • 5-step recovery instructions — the exact DNS records you need to add are listed in the Customization page
  • No more invisible failures — domains that look verified but don’t load are caught before they reach end users

Redesigned Transactional Emails

All 11 authentication and organization emails were rebuilt to match the Console design system — clean white layout, full-width pill CTA, and a text-forward footer with hello@didit.me. White-label customers still get their own logo and theme on the verification email.

Compound Name Matching

Database validation lookups now correctly handle compound first names across consumer-records services.
  • US — “Jorge Luis”, “Miguel Angel Jr”, and similar Spanish double-given-name patterns now match correctly
  • UK — compound first names like “Lukasz Marcin” are parsed as first + middle instead of being treated as a single token

New Document Support

  • Tax Card document type — a new document subtype added across iOS, Android, Flutter, and React Native SDKs for tax-residency verification
  • Netherlands 2025 driver’s license — the new design is supported end-to-end
  • Brazil Digital Driving License — two-sided captures with “Side C” / “Page B” markers now save the correct front photo and back image
  • Spain Refugee Convention Travel Document — and similar stateless travel documents using D / DV / TI MRZ prefixes and XXA nationality now parse correctly
  • 11 newly-supported documents synced into the production registry from real-world submissions

Mongolian Language

The verification flow and all four native SDKs now support Mongolian (mn), bringing total language coverage to 54.

Native SDK Releases

Beyond the 4.0 modular variants, every native SDK shipped a steady stream of stability fixes through May.
  • Android SDK 3.5.3 – 4.0.2 — Document photo quality and face-intro styling, recovery after ambiguous network failures, white-label theme flash fix on completion, camera switching with state reset for both document and liveness, upload guards when video segments are missing, terms and translation updates, front-camera selfie capture fix, back-button and questionnaire polish, Mongolian language, and the 4.0 line with configurable default cameras and switcher visibility
  • iOS SDK 3.3.3 – 4.0.2 — Document capture quality and playable MP4 / H.264 uploads, step recovery after interrupted backend responses, optional no-NFC build, inline podspec license, 3.5 / 3.6 routine releases, a critical fix for an EXC_BAD_ACCESS crash on iOS 13–17 introduced by a Swift 6 runtime symbol, Mongolian language, and 4.0 with the modular variant split and Tax Card support
  • React Native SDK 3.2.11 – 4.0.1 — Bumped to the latest native iOS and Android releases each cycle, added iosNfcEnabled / androidNfcEnabled flags to the Expo config plugin so consumers can pick the no-NFC variant, and shipped 4.0 with the full variant matrix
  • Flutter SDK 3.5.0 – 4.0.2 — Pulled in the latest native iOS and Android releases, added an Android no-NFC build option, exposed the full native configuration surface (showCloseButton, showExitConfirmation, closeOnComplete), and shipped 4.0 with native variant selection and Tax Card support

Device Intelligence

Server-side device fingerprinting got more accurate and harder to fool.
  • Deterministic anchor required — fuzzy fingerprint matches now require a hardware-rooted identifier (Android SSAID or Widevine, iOS identifierForVendor) before two sessions can be linked, eliminating false-positives
  • TLS / JA4 corroboration — web fingerprints are now corroborated against TLS fingerprint signals for stronger deterministic match classification

Improvements

  • Stale “image too blurry” warnings no longer attach to approved sessions when the user successfully retook the document on the final allowed attempt
  • The face-capture algorithm now uses real bounding-box geometry instead of normalized ranges, with new “move away” and “move closer” instructions and device-specific stability tuning
  • Camera permission errors are classified consistently across the verification flow, with clearer messages distinguishing permission timeouts from camera-access failures
  • Unverified accounts can no longer permanently squat an email address — re-registration takes over the unverified row instead of being blocked
  • Workflow graph and questionnaire-editor fullscreen toggles now work on Safari
  • Australian ImmiCard and travel-document fields, New Zealand passport expiration, and structured-address resolution were fixed across roughly 35 address-aware database validation services

Fixes

  • Fixed corrupted front_image crop returned by the ID Verification API when front and back were swapped during OCR (Argentina 2019 and 2020 IDs)
  • Fixed missing FILE_UPLOADED events on resubmitted sessions, which had caused resubmitted documents to show up with no file in the Console
  • Fixed translations and white-label customization issues across the verification web flow