> ## Documentation Index
> Fetch the complete documentation index at: https://docs.didit.me/llms.txt
> Use this file to discover all available pages before exploring further.

# May 2026

> May 2026 release: native SDK 4.0 with modular variants, configurable document liveness, South Africa database validation, and Mexico INE checks.

### Native SDK 4.0 — Modular Variants

The biggest native SDK release of the year. iOS, Android, React Native, and Flutter all shipped a 4.0 line that splits the SDK into independent variants so you only ship the binary you actually need.

* **Four variants** — `Core` (no NFC, no auto-capture), `AutoDetection` (auto-capture, no NFC), `NFC` (NFC reading, no auto-capture), and `All` (everything)
* **84% smaller binary on iOS Core** — about 6 MB on disk and 3 MB compressed in the IPA, down from \~40 MB in 3.x for apps that don't need MediaPipe-backed auto capture
* **Backward compatible** — existing `pod 'DiditSDK'` and Gradle integrations keep working unchanged; `All` is the default
* **Per-platform pickers** — CocoaPods subspecs and SPM library products on iOS, separate artifacts on Android, Expo config plugin flags on React Native, and `DIDIT_SDK_IOS_VARIANT` / `$DiditSdkIosVariant` on Flutter
* **Migration guide** — new tables in every SDK README explain the install matrix and how to move from 3.x

<Frame>
  <img src="https://mintcdn.com/didit-0f962782/5cj1EteGq5bbThZl/images/changelog/may-2026/native-sdk-4.png?fit=max&auto=format&n=5cj1EteGq5bbThZl&q=85&s=4e510f464f74489edd59bae07ff0d274" alt="Didit native SDK 4.0 — modular variants for iOS, Android, React Native, and Flutter" width="1200" height="675" data-path="images/changelog/may-2026/native-sdk-4.png" />
</Frame>

### Configurable Document Liveness

Document liveness moved from a single approve/decline switch to a richer per-fraud-type configuration, exposed both in the API and in a brand-new Forgery tab inside the workflow editor.

* **Per-fraud thresholds** — set independent **Decline** and **Review** scores for Screen Replay, Printed Copy, and Portrait Replacement
* **New Forgery tab in the Console** — three sliders replace the older approve/review/decline chips, with full localization across all supported languages
* **Evidence on every warning** — session tooltips now show the actual liveness score, the active thresholds, the decision bucket, and which side of the document produced the result
* **Smarter on uploads** — false-positive "printed copy" warnings on legitimate scanned or photographed IDs were removed; screen-replay and portrait-manipulation still trigger on uploads

<Frame>
  <img src="https://mintcdn.com/didit-0f962782/5cj1EteGq5bbThZl/images/changelog/may-2026/configurable-document-liveness.png?fit=max&auto=format&n=5cj1EteGq5bbThZl&q=85&s=e16fdb8399ca71a6df910b7c9ad1b06a" alt="Configurable document liveness thresholds in the Forgery tab of the Didit workflow editor" width="1600" height="1026" data-path="images/changelog/may-2026/configurable-document-liveness.png" />
</Frame>

### Front and Back Consistency Check

A new check catches users who upload the front of one ID and the back of a different one — caught for the first time on a Bolivian cedula in production.

* **New `DATA_INCONSISTENT` risk** — fires when OCR data on the front doesn't match the back
* **Workflow action** — route inconsistent submissions to Decline, Review, or Approve through the existing `inconsistent_data_action` setting
* **Persisted correctly** — the saved front image always reflects the front step, even when OCR initially swaps front and back labels

### South Africa Database Validation Expansion

South Africa coverage grew from a single national-ID check into a full data-source suite, all callable through the same database validation API.

* **Department of Home Affairs** — fingerprint match and DHA photo lookup
* **Vehicle data** — ownership and lookup by VIN
* **Business data** — company registry, company directors, and person directorships
* **Banking and consumer signals** — bank account holder verification and contactability
* **Fraud and AML** — fraud prevention check, refugee verification, and criminal screening by face
* **Cheaper national ID** — the South African national-ID validation moved to a new integration with significantly lower per-call cost

<Frame>
  <img src="https://mintcdn.com/didit-0f962782/5cj1EteGq5bbThZl/images/changelog/may-2026/south-africa-database-validation.png?fit=max&auto=format&n=5cj1EteGq5bbThZl&q=85&s=92550f269a92e6b98eb8b5623ceb6fcb" alt="Didit database validation — expanded data-source coverage for South Africa" width="1200" height="675" data-path="images/changelog/may-2026/south-africa-database-validation.png" />
</Frame>

### Mexico INE Voter-Card Validity

Mexican INE/IFE voter cards can now be validated against the official registry in real time.

* **Document validity** — confirms the credential model (`modelo`), expiration (`vigencia`), and whether it's valid as identification
* **Voting rights** — confirms the holder's right-to-vote status

### AML Screening Optimization

AML screenings are now deduplicated on resubmits when the identity hasn't changed, so you stop getting billed for repeated screenings of the same person.

* **Skip on identical resubmits** — name, date of birth, nationality, and document number all unchanged from the prior screening means no new screening (and no new charge)
* **Unchanged behavior** when the identity actually changes, on the first screening, in sandbox sessions, and on the standalone AML endpoint
* **Applies to KYB too** — company AML screenings dedupe the same way for unchanged business identity on resubmit

### Upload User Face

Faces imported through the **Upload User Face** endpoint now behave like any face captured in a verification session.

* **Visible on the user profile** — the portrait shows up on the Console user-detail page like an organic capture
* **Included in duplicate detection** — imported faces are now part of the 1:N search index, so re-registrations under a different vendor data identifier are correctly flagged
* **Backfill-friendly** — useful when migrating an existing identity database into Didit

### Whitelabel Custom Domain Errors

Custom verification domains no longer silently flip to "Verified" when your DNS provider's CAA records actually block the certificate from being issued.

* **Real error surfaced** — the Console now shows the exact reason (typically a CAA record blocking AWS from issuing the SSL cert)
* **5-step recovery instructions** — the exact DNS records you need to add are listed in the Customization page
* **No more invisible failures** — domains that look verified but don't load are caught before they reach end users

<Frame>
  <img src="https://mintcdn.com/didit-0f962782/5cj1EteGq5bbThZl/images/changelog/may-2026/custom-domain.png?fit=max&auto=format&n=5cj1EteGq5bbThZl&q=85&s=a442091912ad56ff6836bec035028e7e" alt="Didit custom domain error diagnostics for white-label verification domains" width="1200" height="675" data-path="images/changelog/may-2026/custom-domain.png" />
</Frame>

### Redesigned Transactional Emails

All 11 authentication and organization emails were rebuilt to match the Console design system — clean white layout, full-width pill CTA, and a text-forward footer with `hello@didit.me`. White-label customers still get their own logo and theme on the verification email.

### Compound Name Matching

Database validation lookups now correctly handle compound first names across consumer-records services.

* **US** — "Jorge Luis", "Miguel Angel Jr", and similar Spanish double-given-name patterns now match correctly
* **UK** — compound first names like "Lukasz Marcin" are parsed as first + middle instead of being treated as a single token

### New Document Support

* **Tax Card document type** — a new document subtype added across iOS, Android, Flutter, and React Native SDKs for tax-residency verification
* **Netherlands 2025 driver's license** — the new design is supported end-to-end
* **Brazil Digital Driving License** — two-sided captures with "Side C" / "Page B" markers now save the correct front photo and back image
* **Spain Refugee Convention Travel Document** — and similar stateless travel documents using D / DV / TI MRZ prefixes and `XXA` nationality now parse correctly
* **11 newly-supported documents** synced into the production registry from real-world submissions

### Mongolian Language

The verification flow and all four native SDKs now support Mongolian (mn), bringing total language coverage to 54.

### Native SDK Releases

Beyond the 4.0 modular variants, every native SDK shipped a steady stream of stability fixes through May.

* **Android SDK 3.5.3 – 4.0.2** — Document photo quality and face-intro styling, recovery after ambiguous network failures, white-label theme flash fix on completion, camera switching with state reset for both document and liveness, upload guards when video segments are missing, terms and translation updates, front-camera selfie capture fix, back-button and questionnaire polish, Mongolian language, and the 4.0 line with configurable default cameras and switcher visibility
* **iOS SDK 3.3.3 – 4.0.2** — Document capture quality and playable MP4 / H.264 uploads, step recovery after interrupted backend responses, optional no-NFC build, inline podspec license, 3.5 / 3.6 routine releases, a critical fix for an `EXC_BAD_ACCESS` crash on iOS 13–17 introduced by a Swift 6 runtime symbol, Mongolian language, and 4.0 with the modular variant split and Tax Card support
* **React Native SDK 3.2.11 – 4.0.1** — Bumped to the latest native iOS and Android releases each cycle, added `iosNfcEnabled` / `androidNfcEnabled` flags to the Expo config plugin so consumers can pick the no-NFC variant, and shipped 4.0 with the full variant matrix
* **Flutter SDK 3.5.0 – 4.0.2** — Pulled in the latest native iOS and Android releases, added an Android no-NFC build option, exposed the full native configuration surface (`showCloseButton`, `showExitConfirmation`, `closeOnComplete`), and shipped 4.0 with native variant selection and Tax Card support

### Device Intelligence

Server-side device fingerprinting got more accurate and harder to fool.

* **Deterministic anchor required** — fuzzy fingerprint matches now require a hardware-rooted identifier (Android SSAID or Widevine, iOS `identifierForVendor`) before two sessions can be linked, eliminating false-positives
* **TLS / JA4 corroboration** — web fingerprints are now corroborated against TLS fingerprint signals for stronger deterministic match classification

### Improvements

* Stale "image too blurry" warnings no longer attach to approved sessions when the user successfully retook the document on the final allowed attempt
* The face-capture algorithm now uses real bounding-box geometry instead of normalized ranges, with new "move away" and "move closer" instructions and device-specific stability tuning
* Camera permission errors are classified consistently across the verification flow, with clearer messages distinguishing permission timeouts from camera-access failures
* Unverified accounts can no longer permanently squat an email address — re-registration takes over the unverified row instead of being blocked
* Workflow graph and questionnaire-editor fullscreen toggles now work on Safari
* Australian ImmiCard and travel-document fields, New Zealand passport expiration, and structured-address resolution were fixed across roughly 35 address-aware database validation services

### Fixes

* Fixed corrupted `front_image` crop returned by the ID Verification API when front and back were swapped during OCR (Argentina 2019 and 2020 IDs)
* Fixed missing `FILE_UPLOADED` events on resubmitted sessions, which had caused resubmitted documents to show up with no file in the Console
* Fixed translations and white-label customization issues across the verification web flow
