Introduction

IdentityVerify provides a unified API for biometric liveness detection and hardware-backed identity attestation. Our platform is designed to integrate seamlessly into enterprise Zero-Trust workflows.

Note: 2026 SDK versions (v4.0+) require TLS 1.3 for all endpoint negotiations.

Quickstart Guide

Initialize our Web SDK to begin passive liveness monitoring.

<script src="https://cdn.identity-verify.net/sdk/v4/iv-core.js"></script>
const iv = new IdentityVerify('IV_PUB_9901_X');
iv.startVerification({ mode: 'passive-liveness' });

Authentication

Authenticate requests by including your secret key in the X-IV-Session-Token header.

Request Example CURL

curl -X GET "https://api.identity-verify.net/v2/handshake/verify" \
     -H "X-IV-Session-Token: IV_LIVE_enterprise_8829_v4" \
     -H "Accept: application/json"

Liveness Handshake

The server issues an encrypted challenge that must be signed by the client's secure enclave. This prevents replay attacks during the biometric exchange.

Phase 1: Challenge-Response

{
  "challenge_id": "9011-EF-X",
  "status": "AWAITING_BIOMETRIC_BLOB",
  "timeout": 2000
}

Metadata Collection

To maintain the integrity of our trust network, we collect hardware-bound telemetry to identify Sybil attacks.

attestation.hardware.id Unique TPM/TEE hash.

network.asn.telemetry Origin reputation scoring.