VerifyVASP
Search…
⌃K

User Verification

post
VEGA_VERIFICATION_API_PATH
User verification API
Enclave Environment Value:
Explicate user verification API endpoint in VEGA_VERIFICATION_API_PATH.
VASP must perform as both the originating and beneficiary VASP.
This API is called when VASP works as a beneficiary one when the originating VASP requests to verify a beneficiary before the withdrawal. The API needs to handle the below:
  • Verify the name of the beneficiary.
  • Verify the address (account number, wallet address) of the beneficiary.
  • Verify the KYC certification.
  • Verify the AML certification.
  • Perform sanction screening on the originator.
  • VASPs can also perform additional filtering or verification process about the personal information of the originator/beneficiary internally.
If the user verification has been normally completed, VASPs can return additional personal information on the beneficiary in the ivms101 format.
Response Time Requirement
This User Verification Request API should respond within 5 seconds at most.
Implementation Policy:
  • This is a guide to verifying beneficiary name when implementing user verification API.
    • If the amount of virtual assets to be transferred is smaller than the amount set by the law, it is not subject to travel rules, so verification through VerifyVASP is not required.
    • However, if you want to process all withdrawal requests through VerifyVASP, it is difficult to verify the user at the same level if the amount exceeds the amount set by the law or if it is not.
    • The beneficiary VASP does not perform matching verification on the beneficiary's name if it is less than the amount stipulated by law (isExceedingThreshold is false).
  • When implementing the user verification API, all information requested by the originating VASP (requiredBeneficiaryInfo) must be entered.
    • If the originating VASP does not have the requested information or does not want to provide it, it returns verificationResult as DENIED and reason as UNAVAILABLE-INFORMATION.
    • Any information not requested by Originating VASP will not be filled out. Only fill in the information requested (in requiredBeneficiaryInfo).
    • The beneficiary account number must be returned without modification. Changing your wallet address may result in incorrect deposits. If the deposit address is incorrect, a DENIED result should be returned.
  • When verifying originator in the user verification API, if the required personal information is insufficient, the following will be processed.
    • Return verificationResult as DENIED and LACK-OF-INFORMATION as reason. It then returns a list of privacy codes indicating which information is missing in the message field.

Request Body

Request Body Examples
Field Name
Data Type
Required
Example
Description
verificationUuid
string
true
"4bc03a8f-5679-4358-815c-906aae5557f4"
Unique identifier of the verification request
assetInfo
object
true
Refer to the example below
Information of the virtual asset
assetInfo.symbol
string
true
“ETH”
VA. Virtual Asset. The symbol of the virtual asset
assetInfo.amount
string
true
“0.024”
The amount of virtual asset
assetInfo.isExceedingThreshold
boolean
true
true or false
Flag field showing whether the withdrawal exceeds the amount the law states ($1,000 or 1,000,000 KRW).
assetInfo.tradePrice
string
true
“2439800”
The amount of VA converted into legal currency
assetInfo.tradeCurrency
string
true
“KRW”
The currency code used to convert VA into legal currency
assetInfo.tradeISODatetime
string
true
“2022-02-06T23:13:43.513Z”
The time at which VA was converted into legal currency. In ISO format.
version
string
true
“1.0”
version information of the ivms101 format (Currently 1.0)
ivms101
object
true
-
Information of the originator and beneficiary in ivms101 format. Refer to the IVMS101 specification document and guide document.
ivms101.originator
object
true
-
Originator Information
ivms101.beneficiary
object
true
-
Beneficiary Information
ivms101.beneficiary.beneficiaryPersons
array
true
-
Personal information of the beneficiary.
ivms101.beneficiary.accountNumber
array
true
[”0x5811001506550d8356a215be229c15b6ef371a9a”]
Account information of the beneficiary (wallet address)

Response Body

Response Body Examples
Field Name
Data Type
Required
Example
Description
result
string
true
“VERIFIED”
User verification result. Refer to the explanation below.
reason
string
true
“OK”
Error code displaying the reason if verification fails. "OK" if successful.
message
string
false
-
Message description for the error code
version
string
false
"1.0”
Version information of the IVMS101 format
ivms101
object
true
-
The beneficiary information which is defined in IVMS101 format. More information can be added upon the information sent from the originating VASP.
ivms101.beneficiary
object
true
-
Beneficiary information
ivms101.beneficiary.beneficiaryPersons
array
true
-
Personal information of the beneficiary
ivms101.beneficiary.accountNumber
array
true
-
Account information of the beneficiary
  • result field specification is as follows.
    • One of “VERIFIED”, ”DENIED”, ”UNKNOWN” and ”ERROR”.
    • VERIFIED: Verification is successful, and there is no problem with the user.
    • DENIED: The wallet addresses are correct, but one of the users (including the originator) has a problem (e.g. lack of KYC credential).
    • UNKNOWN: The wallet address is unknown (not owned by a VASP).
    • ERROR: Other undefined errors.
  • reason field specification is as follows.
    • The field is valid only when result the field is DENIED.
    • Refer to the below table for the message field value.
    reason (string)
    result (string)
    message (string)
    Description
    UNKNOWN-SYMBOL
    DENIED
    The value of symbol name (which is not supported in VASP)
    Unknown or not supported asset symbol
    UNKNOWN-ADDRESS
    DENIED
    The unknown wallet address
    Unknown wallet address to the VASP
    LACK-OF-INFORMATION
    DEINED
    A comma(,) separated required but missing personal information fields list
    Verification denied due to lack of personal information
    UNAVAILABLE-INFORMATION
    DEINED
    A comma(,) separated undeliverable personal information field list
    Requested personal information cannot be transferred for processing
    BLACKLISTED
    DEINED
    -
    Verification denied having probloems in sanction screening
    UNVERIFIED-KYC
    DEINED
    -
    User KYC required
    MISMATCHED-NAME
    DEINED
    -
    Name mismatch
    UNDEFINED-ERROR
    DEINED
    Error description
    Undefined errors

About IVMS101 Format Definition

IVMS101 Message Guide

IVMS101 Codes for types of personal information

  • Visit the below page for requiredBeneficiaryInfo field in Request Body.
  • If the error reason of LACK-OF-INFORMATION is returned, refer to the below page for the message field.