Skip to main content
Didit Raises $2M and Joins Y Combinator (W26)
Didit
Business Verification (KYB)

Verify any business.
Surface every UBO.

Verify any company end-to-end: pull the registry, surface every UBO (ultimate beneficial owner), screen the entity and every UBO against sanctions, and run a KYC (know your customer) check on each. $2.00 per business, 220+ jurisdictions.

Start freeRead the docs
Backed by
Y Combinator
GBTC Finance
Bondex
Crnogorski Telekom
UCSF Neuroscape
Shiply
Adelantos

Trusted by 2,000+ organizations worldwide.

Closed-loop KYB

Registry, UBO, officers,
and a KYC for every UBO.

One call resolves the company, extracts owners and officers, screens everyone against 1,300+ sanctions lists, and runs a reusable KYC check for each UBO — at no extra cost.

How it works

From sign-up to verified user in four steps.

  1. Step 01

    Create the workflow

    Pick the checks you want — ID, liveness, face match, sanctions, address, age, phone, email, custom questions. Drag them into a flow in the dashboard, or post the same flow to our API. Branch on conditions, run A/B tests, no code required.

  2. Step 02

    Integrate

    Embed natively with our Web, iOS, Android, React Native, or Flutter SDK. Redirect to a hosted page. Or just send your user a link — by email, SMS, WhatsApp, anywhere. Pick what fits your stack.

  3. Step 03

    User goes through the flow

    Didit hosts the camera, the lighting cues, the mobile hand-off, and accessibility. While the user is in the flow, we score 200+ fraud signals in real time and verify every field against authoritative data sources. Result in under two seconds.

  4. Step 04

    You receive the results

    Real-time signed webhooks keep your database in sync the moment a user is approved, declined, or sent to review. Poll the API on demand. Or open the console to inspect every session, every signal, and manage cases your way.

Built for compliance . Built against fraud . Open by design

Six capabilities. One closed loop. Business Verification.

Every capability is a toggle on the same workflow. No upsell tiers, no separate plans, no manual flow on the side. Switch them on or off per workflow in the console.
Read the docsGet an API key
01 . Registry

220+ jurisdictions. One registry call.

We query the official company registry in the country of incorporation and return the company's legal name, number, type, status, address, and tax ID. The EU, UK, US (per-state), and major Latin American jurisdictions are covered day one.
Registry lookupGET /registry/ES
company_nameAcme Iberia SLregistrationB-87412309countryEStypeSociedad Limitadaincorporated2018-04-12statusActive
220+ jurisdictions covered.EU - US - LatAm
02 . UBOs

Beneficial owners. Pulled, prefilled, confirmed.

Anyone owning above your ownership threshold (commonly 25%) is extracted from the registry and prefilled into the hosted flow. The business admin reviews, edits, or adds parties before submitting. Corporate owners can spawn a nested KYB sub-session.
UBOsthreshold 25%
Carmen Espanola
role: ubo - shareholder
42.0%
David Sanchez
role: ubo
33.0%
Iberia Holdings SA
corporate shareholder
25.0%
Pulled from registry. Confirmed in-flow.key_people_checks[]
03 . Officers

Directors, secretaries, signatories. 15 role tags.

15 canonical role tags cover ownership (UBO, shareholder, beneficiary, settlor, investor) and governance (director, chairman, secretary, signatory, founder). One person can carry several. Each tag is required or optional per workflow.
Officers15 role tags
Lucia Martinez
directorsignatory
Joaquin Ortiz
non_exec
Marta Vidal
secretary
Each role configurable per workflow.15 canonical tags
04 . Entity + person AML

AML on the company. AML on every UBO.

AML screening fires automatically against 1,300+ sources — sanctions (OFAC, EU, UN, HM Treasury), PEPs (politically exposed persons), adverse media, and enforcement actions. Company screened as entity; every owner and officer as person.
AML on the entity AND every UBO1,300+ lists
entity_type: company
  • Acme Iberia SL
  • 0 sanctions hits
  • 0 enforcement
  • Approved
entity_type: person
  • Carmen Espanola
  • 0 PEP hits
  • 0 adverse media
  • Approved
One screen. Company and every UBO.$0.20 / entity
05 . Linked KYC

One KYC per UBO. Same orchestrator. Same audit trail.

Every role that requires KYC spawns a child session — hosted ID capture, passive liveness, face match, Device & IP analysis. The parent waits until every required child resolves, then aggregates to a final verdict. No spreadsheet, no manual chase.
Linked KYCubo_kyc_summary
Acme Iberia SLbs_01H...
vs_01J...Carmen EspanolaApproved
vs_01J...David SanchezApproved
vs_01J...Lucia MartinezIn Review
Closed-loop. One audit trail.$0.33 / linked KYC
06 . Documents

Supporting documents. OCR vs registry, cross-checked.

Certificate of incorporation, articles of association, shareholder register, financial statements, proof of address — uploaded inside the hosted flow. We extract the fields, cross-check them against the registry, and flag any inconsistency for analyst review.
DocumentsOCR cross-check
Certificate of incorporationMatch
Articles of associationMatch
Shareholder registerMatch
Proof of registered addressMatch
OCR vs registry. Inconsistencies flagged.$0.20 / document
Integrate

One workflow type. Two integration paths.

Pick a Business Verification workflow in the console and call our session API. Listen to the webhook for an event-driven flow, or fetch the decision on demand. Same JSON either way.
POST /v3/session/Hosted UI
$ curl -X POST https://verification.didit.me/v3/session/ \
  -H "x-api-key: $DIDIT_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "workflow_id": "wf_kyb_es",
    "vendor_data": "biz-acme-001"
  }'
201Created{ "session_id": "bs_01H...", "url": "verify.didit.me/..." }
KYB-type workflow_id auto-creates a business session. Deliver the url to the company admin.docs →
GET /v3/session/{id}/decision/Server to server
$ curl https://verification.didit.me/v3/session/bs_01H.../decision/ \
  -H "x-api-key: $DIDIT_API_KEY"
200OK{ "status": "APPROVED", "session_kind": "business" }
Returns registry_checks, key_people_checks, company_aml_checks, document_verifications.docs →
Agent-ready integration

Ship Business Verification in one prompt.

Paste the block below into Claude Code, Cursor, Codex, Devin, Aider, or Replit Agent. Fill in your stack. The agent provisions Didit, creates the Business Verification workflow, wires the webhook, and ships.
didit-integration-prompt.md
# Didit Business Verification (KYB) — integrate in 5 minutes

You are integrating Didit's Business Verification (Know Your Business / KYB)
module into <my_stack>. Follow these steps exactly. Every URL, header, and
workflow-type value below is canonical — do not paraphrase or "improve" them.

## 1. Provision an account
- Sign up: https://business.didit.me (no credit card required).
- Or provision programmatically: POST https://apx.didit.me/auth/v2/programmatic/register/
  (returns an API key bound to the workspace + application).

## 2. Create a KYB workflow
In the Business Console: Workflows -> Create workflow -> select
"Business Verification" as the workflow type. Enable the features you need:

- Company registry lookup       (required)
- Company Anti-Money Laundering (AML)                   (recommended)
- Key People                    (required for most regulated industries)
- Documents                     (optional - configure which document types)

Save and copy the workflow_id. KYB workflows automatically create
business sessions - there is no extra "business" flag to set on the
session create call.

## 3. Create a business session via the API
POST https://verification.didit.me/v3/session/
Headers:
  x-api-key:    <your-api-key>      (lowercase, hyphenated)
  Content-Type: application/json
Body:
  {
    "workflow_id": "<your-kyb-workflow-id>",
    "vendor_data": "biz-acme-001"
  }

Response:
  - session_id          (e.g. bs_01H...)
  - session_number      (sequential)
  - url                 (hosted verification link)

Deliver the url to the business administrator via your own channel.
They open it, confirm registry data, add Ultimate Beneficial Owners
(UBOs) and officers, upload documents, and submit.

## 4. Webhooks
Register a webhook destination once via
  POST https://verification.didit.me/v3/webhook/destinations/
with subscribed_events:
  status.updated, data.updated,
  business.status.updated, business.data.updated

Every delivery carries an X-Signature-V2 header you MUST verify before
trusting the payload.  HMAC-SHA256 verification MUST run against the raw body bytes (the raw payload as Didit sent it) BEFORE any JSON parsing — re-serialising the parsed body changes whitespace and key order, which invalidates the signature.Algorithm:
  1. sortKeys(payload) recursively
  2. shortenFloats (truncate trailing zeros after the decimal point)
  3. JSON.stringify the result
  4. HMAC-SHA256 with the secret_shared_key
  5. Hex-encode, compare to the X-Signature-V2 header.

Business-session events carry session_kind: "business" inside data and
the business_session_id. Route on session_kind to your KYB handler.

Example status.updated payload:
{
  "event": "status.updated",
  "application_id": "app_abc123",
  "timestamp": "2026-04-18T12:30:00Z",
  "data": {
    "session_id": "bs_01H...",
    "session_kind": "business",
    "vendor_data": "biz-acme-001",
    "status": "APPROVED",
    "previous_status": "IN_PROGRESS"
  }
}

## 5. Fetch the decision (optional - the webhook already carries it)
GET https://verification.didit.me/v3/session/{session_id}/decision/
Headers:
  x-api-key: <your-api-key>

Top-level shape:
  - status                              "APPROVED" | "DECLINED" | "IN_REVIEW" | "RESUBMITTED" | "IN_PROGRESS" | "NOT_STARTED"
  - session_kind                        "business"
  - registry_checks[]                   per-jurisdiction company registry payloads
  - company_aml_checks[]                entity AML hits (sanctions, PEP, adverse media)
  - key_people_checks[]                 registry-disclosed + user-submitted UBOs / shareholders / directors / representatives, plus ubo_kyc_summary
  - document_verifications[]            uploaded documents with Optical Character Recognition (OCR) fields
  - business_session_id                 mirrors session_id

Each key_people entry includes role tags (ubo, shareholder, director,
representative, authorized_signatory, etc.), ownership_percentage, voting
percentage, and - if Know Your Customer (KYC) is required for that role - a linked_kyc_session_id
pointing at a child User Verification session.

## 6. Hard rules - do not change
- Base URL for /v3/* endpoints is verification.didit.me (NOT apx.didit.me).
- KYB is workflow-typed - there is no standalone POST /v3/business-verification/.
  Set the workflow type to "Business Verification" in the console; the
  session created against that workflow_id is automatically a business session.
- Auth header is x-api-key (lowercase, hyphenated).
- Webhook signature header is X-Signature-V2 (NOT X-Signature).
- Session status casing: APPROVED, DECLINED, IN_REVIEW, RESUBMITTED, IN_PROGRESS, NOT_STARTED (uppercase, underscore).
- Always verify webhook signatures before trusting payload data.

## 7. Pricing reference (public)
- Business Verification core (registry + UBO + officers + Key People): $2.00 per check
- Company AML screening:                                                  $0.20 per check
- Each linked KYC session spawned for a UBO / officer:                    $0.33 per KYC bundle
- KYB document collection (per-document OCR + tamper check):              $0.20 per document
- 500 free verifications every month, forever, on every account.

## 8. Verify your integration
- Sandbox starts on signup at https://business.didit.me - no separate flag.
- Test companies (mocked registry responses) available in sandbox mode.
- Switch to live: flip the application's environment toggle in console.

When in doubt: https://docs.didit.me/business-verification/overview
Need more context? See the full module docs.docs.didit.me →
Compliant by design

Open a new country in one click. We do the hard work.

We open the local subsidiaries, secure the licenses, run the penetration tests, earn the certifications, and align with every new regulation. To ship verifications in a new country, flip a toggle. 220+ countries live, audited and pen-tested every quarter — the only identity provider an EU member-state government has formally called safer than in-person verification.
Read the security & compliance dossier
EU financial sandbox
Tesoro · SEPBLAC · BdE
ISO/IEC 27001
Information security · 2026
SOC 2 · Type I
AICPA · 2026
iBeta Level 1 PAD
NIST / NIAP · 2026
GDPR
EU 2016/679
DORA
EU 2022/2554
MiCA
EU 2023/1114
AMLD6 · eIDAS 2.0
EU-aligned by design

Proof numbers

Proof numbers
  • 0+
    Jurisdictions with registry, officer, and ownership coverage.
  • 0
    Role tags — owner, shareholder, director, signatory, and more.
  • $0.00
    Per business. Registry, owners, officers, and AML in one call.
  • $0.00
    Per linked KYC. Same full-bundle price as a standalone user.
Three tiers, one price list

Start free. Pay per usage. Scale to Enterprise.

500 free verifications every month, forever. Pay-as-you-go for production. Custom contracts, data residency, and SLAs (Service Level Agreements) on Enterprise.
Free

Free

$0 / month. No credit card required.

  • Free KYC bundle (ID Verification + Passive Liveness + Face Match + Device & IP Analysis) — 500 / month, every month
  • Blocklisted Users
  • Duplicate Detection
  • 200+ fraud signals on every session
  • Reusable KYC across the Didit network
  • Case Management Platform
  • Workflow Builder
  • Public docs, sandbox, SDKs, MCP (Model Context Protocol) server
  • Community support
Start free
Most popular
Pay per usage

Usage Based

Pay only for what you use. 25+ modules. Public per-module pricing, no monthly minimum fee.

  • Full KYC at $0.33 (ID + Biometric + IP / Device)
  • 10,000+ AML datasets — sanctions, PEPs, adverse media
  • 1,000+ government data sources for Database Validation
  • Transaction Monitoring at $0.02 per transaction
  • Live KYB at $2.00 per business
  • Wallet Screening at $0.15 per check
  • Whitelabel verification flow — your brand, our infrastructure
See full list of pricesStart free
Enterprise

Enterprise

Custom MSA & SLA. For large volumes and regulated programs.

  • Annual contracts
  • Custom MSA, DPA, and SLA
  • Dedicated Slack and WhatsApp channel
  • Manual reviewers on demand
  • Reseller and white-label terms
  • Exclusive features and partner integrations
  • Named CSM, security review, compliance support
Talk to us

Start free → pay only when a check runs → unlock Enterprise for a custom contract, SLA, or data residency.

FAQ

Common questions

Related

Related modules

Infrastructure for identity and fraud.

One API for KYC, KYB, Transaction Monitoring, and Wallet Screening. Integrate in 5 minutes.

Start freeTalk to us
Ask an AI to summarise this page