Get Started
Integrate / SDKs
User Verification
Business Verification
Transaction Monitoring
Changelog
Our Email Verification process includes automated checks to ensure the validity and security of email addresses. This page outlines the potential warnings and errors you might encounter during the email verification process.Documentation Index
Fetch the complete documentation index at: https://docs.didit.me/llms.txt
Use this file to discover all available pages before exploring further.
Automatic Decline Conditions
The following conditions can result in an automatic decline depending on your application settings:EMAIL_CODE_ATTEMPTS_EXCEEDED- The user has exceeded the maximum attempts to enter the correct codeEMAIL_IN_BLOCKLIST- The email is in the blocklistUNDELIVERABLE_EMAIL_DETECTED- The email could not be delivered because the email does not accept emails
Configurable Verification Settings
Applications can configure how the system handles various verification issues by setting actions for different risk categories:-
Exposure/Breach
- Risks:
BREACHED_EMAIL_DETECTED - Configurable action: Decline, Review, or Approve
- Risks:
-
Disposable Provider
- Risks:
DISPOSABLE_EMAIL_DETECTED - Configurable action: Decline, Review, or Approve
- Risks:
-
Duplicate Email
- Risks:
DUPLICATED_EMAIL - Configurable action: Decline, Review, or Approve
- Risks:
-
Risk Level
- Risks:
EMAIL_IN_BLOCKLIST - Configurable action: Decline, Review, or Approve
- Risks:
Verification Attempt Limits
The system imposes limits on verification attempts to prevent abuse and maintain security:- Code Entry Attempts: Maximum 2 attempts to enter the correct verification code
- Code Resend Requests: Maximum 2 requests to resend a verification code within 24 hours
You can customize these attempt limits in your application settings to match your specific security requirements and user experience needs.
Email Verification Warnings
| Tag | Description |
|---|---|
EMAIL_CODE_ATTEMPTS_EXCEEDED | The user has exceeded the maximum number of verification code entry attempts. |
EMAIL_IN_BLOCKLIST | The system identified this email in the blocklist, which means the email is not allowed to be verified. |
BREACHED_EMAIL_DETECTED | This email address was found in one or more known data breaches. |
DISPOSABLE_EMAIL_DETECTED | The system detected that the email is disposable, which is not allowed. |
UNDELIVERABLE_EMAIL_DETECTED | The system detected that the email is undeliverable, which is not allowed. |
DUPLICATED_EMAIL | The system detected that the email has been used in another verification process of another user. |
Cross-Session Email Matches
When the same email address is detected across sessions belonging to different users, the system records these as matches on the email verification response. The system also checks your Blocklist — if the email was manually added to a blocklist, it appears as a match withsource: "list_entry".
Sessions are grouped by vendor_data: sessions with the same vendor_data are treated as the same user and excluded from matches. Without vendor_data, every session is treated as a unique user and all potential duplicates are surfaced.
Each match includes the session_id, session_number, vendor_data, verification_date, email, status, and is_blocklisted flag. Matches are returned in the matches array on V3 decision endpoints under email_verifications.