Verify a person, anywhere, in under two minutes.
A drop-in identity kit for mobile and web. NFC chip reading, document capture and OCR (Latin, Arabic, Kurdish), passive liveness with face matching — orchestrated, hardened, and ready for production.
Five identity primitives, one orchestrator.
Synergy Identity SDK ships those five pieces as a single kit and gives you the orchestrator that sequences them, validates between steps, and recovers when one fails. Every primitive is exposed as its own service. The example flow is real, hardened in a national-bank production deployment.
Each one stands on its own.
Pull cryptographically-signed personal data straight off the chip.
A signed personal identity record from the chip itself — full name in Latin and Arabic, date of birth, expiry, issuing authority, gender, nationality. A high-resolution face photo from the secure data group is used as the reference image for face matching. For regionally-issued cards, additional data groups are parsed and exposed.
Camera capture with edge detection and perspective correction.
Real-time corner tracking auto-snaps when the document is stable. Per-frame de-skew gives you a flat document — not a photo of one. Modes are configurable per flow: single-page for an ID card front, multi-page for passport spreads or two-sided residence cards.
Latin and MRZ on-device. Arabic and Kurdish through a Vision API.
The fast on-device engine handles Latin script and MRZ bands offline. The Vision-API engine handles Arabic and Kurdish on the front of the card, where compound names and right-to-left labels need a stronger model. Outputs are cross-validated against the chip data so mismatches surface immediately.
Active, passive, or hybrid — multi-phase, no third-party redirect.
The user follows on-screen prompts — closer, back, hold steady — and the SDK collects multi-frame depth and position evidence. The check runs entirely from in-app assets in a sandboxed webview; no traffic leaves the device. Languages, thresholds, and phase configuration are all tunable per deployment.
Biometric comparison between a fresh selfie and a trusted reference.
The match runs during the liveness phase — the user does not take a separate selfie. The reference image is whatever you trust most, typically the chip face photo, falling back to the card-front capture if NFC is unavailable. Output is a match score and a pass/fail verdict.
Five primitives don't make an onboarding flow — until something sequences them.
Use the orchestrator as-is
The full regional flow, configured for your auth + branding. Fastest path to production.
Skip, reorder, inject
Drop steps you don't need. Reorder the ones you do. Inject your own (custom KYC fields, internal compliance gates).
Wire your own flow
Skip the orchestrator entirely. Call individual primitives from your own onboarding code. Three lines per primitive.
The kit was not built in San Francisco.
Arabic name handling
Compound names like "عبد الرزاق" stay as one part across chip read, OCR, display, and submission.
Kurdish field-label fallback
When Arabic OCR confidence is low, Kurdish labels on the same document are used to recover the same field structure.
Regional ID data parsing
Region-specific data groups (religion, blood type, registry) are exposed — most kits drop these.
Right-to-left UI
Every screen in the example flow is RTL-correct, including capture overlays and the face oval.
Identity data should be the most carefully-handled data your app touches.
Local where it can be
Chip reading, capture, MRZ extraction, and liveness all run on the device.
Keystore / Keychain
In-flight onboarding state lives in OS secure storage. Never in plain prefs.
No telemetry by default
The verification path has no analytics, no third-party SDKs, no redirects.
RASP-protected
Root, jailbreak, debugger, and tampering detection refuse to read on a compromised device.
Every API call carrying personal data rides an additional AES-CBC envelope on top of TLS — defense in depth against TLS-MITM and against logging at the load balancer.
Only Arabic OCR calls out to a Vision API. You can swap in your own provider if data residency requires it — the SDK is agnostic.
Onboarding state is cleared automatically on completion or abandonment. Nothing lingers in encrypted storage past its purpose.
A few lines for a full flow. More lines if you want more control.
Drop-in (full flow)
One call to IdentitySDK.onboard(...) returns a typed result with the ID card, scores, and status. Configurable per deployment with auth token, branding, and skip rules.
Primitive (direct call)
Skip the orchestrator and call any primitive on its own — NFCReaderService, DocumentCapture, OCRService, LivenessService, FaceMatchService. Wire them into a flow you already have.
Anywhere identity has to be verified remotely.
Bank account opening
Fintech onboarding
Mobile insurance claims
Crypto KYC
Gig-worker verification
Re-verification kiosks
Numbers from the production deployment.
What runs where.
| Primitive | Mobile | Tablet | Web |
|---|---|---|---|
| NFC ID Reading | ✓ | ✓ | — |
| Document Capture | ✓ | ✓ | roadmap |
| OCR (Latin / MRZ) | ✓ | ✓ | roadmap |
| OCR (Arabic / Kurdish) | ✓ | ✓ | roadmap |
| Liveness Detection | ✓ | ✓ | ✓ |
| Face Match | ✓ | ✓ | ✓ |
Verify a real person in your app this week.
Integration-ready today for Flutter. Native Android, iOS, and web are next on the roadmap. Talk to us to scope a pilot, get the docs, and try the example flow against your test environment.