LexisNexis InstantID v1.2

This package provides capabilities that extend the Avoka Transact platform for users wishing to:

  1. Provides real-time identity verification of US individuals using the LexisNexis InstantID service.
  2. Provides dynamic identity verification questions of US individuals using the LexisNexis InstantID Q&A service.

This package provides the following components

  1. LexisNexis InstantID

    This component provides ability to call LexisNexis InstantID service. It also provides capability to call InstantID Q&A service to further validate the user when INSUFFICIENT result returned.

  2. LexisNexis InstantID Q&A

    This component provides ability to call LexisNexis InstantID Q&A service only.

Installation Instructions

To install this package please walk through the following proceedure:

  1. Unzip the package to a directory on your computer
  2. Import each zip archive found in the services folder to Transact Manager under the Services >> All Services menu item.
  3. Review the Help Doc tab for each of the imported services and make any required adjustments to service parameters.
  4. Review the Service Connection requirements under the same Help Doc tab for each of the imported services and make any required configurations to the Service Connection. Service Connections can be configured in Transact Manager under the Services >> Service Connections menu item.
  5. Import each archive found in the libraries folder to Maestro. Importing these into the Organisation level libraries folder is recommended as this will make the components available to all projects, however they can be imported at the Project level if required.

Using InstantID

Drag a LexisNexis InstantID block and place it on the form. In the "Input Data" section, configure "InstantID Input Fields" through field references. Once validation performed, it will save the result data into the data fields inside this components as follows:

  1. executionStatus

    Execution Status.

  2. verifyStatus

    Identity Verification Status.

  3. errorMessage

    Error Message in the case of data error.

NOTE : Check LexisNexis Instant ID for possible values and explanation.

By default, after calling the InstantID service the it will call the default verification rule to determine the verification result (VERIFIED/INSUFFICIENT/FAILED). However, you can create your own verification rule and use it to determine the result by setting the Component property "Customer Verification Rule Name" in "Optional Data" category. Of course you need to make sure your customer verification rule groovy service has been deployed to TM successfully and returns the same result structure just like the default one.

NOTE : The default verification rule has quite a few threshold values as service parameters to determine verified/insufficient/failed status. If modifying these values would be enough to suit your business requirement, you don't have to write your own custom verification rule service. Just leave this property blank to use the default one.

This component also integrated with InstantID Q&A verification capability. You can select the "Enable Q&A When Insufficient" checkbox in "InstantID Q&A Support" Category. By doing so, the component will automatically call the InstantID Q&A service after InstantID result returns as INSUFFICIENT. When InstantID Q&A validation is complete, the final result will be updated into verifyStatus data field in this component.

Using InstantID Q&A

Drag a LexisNexis InstantID Q&A block and place it on the form. In the "Input Data" section, configure "InstantID Q&A Input Fields" through field references. In the rendered form, after user entered personal information and clicked Verify button, it will show up a set of questions for the user to answer. When all questions being answered, clicking Verify button again will either bring more challenge questions or come back with the final validation result. Once validation performed, it will save the result data into the data fields inside resultData block in the components as follows:

  1. executionStatus

    Execution Status.

  2. verifyStatus

    IDA Verification Status.

NOTE : verifyStatus is only available on final validation result. During questions/challenge questions stage, verifyStatus is blank. Check LexisNexis InstantID Q&A for possible value and explanation.

Licensing

Clients must ensure they are appropriately licenses in order to use this package. Organisations who wish to use this package are required to establish a commercial relationship with LexisNexis directly.

Compatibility

This package has the following compatibility requirements:

ModuleCompatibilityNotes
Transact Manager5.0.2 or above
Transact Maestro5.0.25 or above
InstantID API Version1.87

Release Notes

Version 1.2
  • Added translation support in Maestro.
  • Display error message in case of data error or system error.
Version 1.1
  • Fixed compatibility issue with Groovy 2.4.8 in TM 5.1

Maestro Assets

LexisNexis InstantID Library: exchange.lexisnexis.instantid Category: LexisNexis

Provides real-time identity verification of US individuals using the LexisNexis InstantID service.

Uses

Service Calls

Rule Templates

You may add your own logic to handle the following rule types triggered by this component:

  • On Verified : Gets executed when the identity verification is successful and complete
  • On Verify Insufficient : Gets executed when the identity verification result is insufficient
  • On Verify Failed : Gets executed upon identity verification terminal failure where the individual could not complete the verification requirements
  • On Data Error : Gets executed upon data error
  • On System Error : Gets executed upon system error

Properties

Property Category Description Type Default
InstantID Input Fields Input Data

Defines input mappings for the person data collected elsewhere in the form.

Field Refs:

  • firstName : First Name Field
  • lastName : Last Name Field
  • middleName : Middle Name Field
  • nameSuffix : Name Suffix Field
  • addressLine1 : US Address Line 1 Field
  • addressLine2 : US Address Line 2 Field
  • city : US City Field
  • zipcode : US Zip Code Field
  • stateCode : US State Code Field
  • dateOfBirth : Date Of Birth Date Field (YYYY-MM-DD)
  • ssn : SSN Field
  • ssnLast4 : SSN (last 4 digit) Field
  • gender : Gender Field
  • homePhone : Home Phone Number Field [US]
  • workPhone : Work Phone Number Field [US]
  • email : Email Field
  • driverLicenseNumber : Driver License Number Field
  • driverLicenseStateCode : Driver License State Field
  • income : Income Field
  • ownOrRent : Own Or Rent Field (Own|Rent) Field
 fieldRefMap
Custom Verification Rule Name Optional Data

If provided, will use this instead of standard verification rule service to interpret the verification result data. You need to make sure the groovy service exists on TM server

text
Enable Q&A When Insufficient InstantID Q&A Support

This will enable InstantID Q&A verification when InstantID validation result returns as INSUFFICIENT

boolean false
LexisNexis InstantID Q&A Library: exchange.lexisnexis.instantid Category: LexisNexis

Provides dynamic identity verification questions of US individuals using the LexisNexis InstantID Q&A service.

Used In

Service Calls

Rule Templates

You may add your own logic to handle the following rule types triggered by this component:

  • On Verified : Gets executed when the identity verification is successful and complete
  • On Verify Failed : Gets executed upon identity verification terminal failure where the individual could not complete the verification requirements
  • On Data Error : Gets executed upon data error
  • On System Error : Gets executed upon system error

Properties

Property Category Description Type Default
InstantID Q&A Input Fields Input Data

Defines input mappings for the person data collected elsewhere in the form.

Field Refs:

  • firstName : First Name Field
  • lastName : Last Name Field
  • middleName : Middle Name Field
  • nameSuffix : Name Suffix Field
  • namePrefix : Name Prefix Field
  • addressLine1 : US Address Line 1 Field
  • addressLine2 : US Address Line 2 Field
  • city : US City Field
  • zipcode : US Zip Code Field
  • stateCode : US State Code Field
  • dateOfBirth : Date Of Birth Date Field (YYYY-MM-DD)
  • ssn : SSN Field
  • ssnLast4 : SSN (last 4 digit) Field
  • homePhone : Home Phone Number Field [US]
  • workPhone : Work Phone Number Field [US]
  • email : Email Field
  • driverLicenseNumber : Driver License Number Field
  • driverLicenseStateCode : Driver License State Field
  • addressType : Address Type Field [primary|secondary|previous|vacation|business|other]
 fieldRefMap

Services

LexisNexis InstantID - Identity Verification v1

Provides real-time identity verification of US individuals using the LexisNexis InstantID service. Consumer InstantID validates and verifies a consumer’s identity information (name, address, phone, SSN (Social Security number), and DOB (date of birth)) across multiple databases using a powerful, proprietary search and comparison process.

Prevent Multiple Verification Attempt

When service parameter "preventMultiAttempt" set to true, it will prevent following verification request if any previous verification is FAILED in the same txn. If this is the case, it will not call InstantID web service, instead, will return FAILED response immediately. On TM server it will also write txn property "InstantID.multipleVerifyAfterFail"="true" in current txn.

Service Parameters Possible Values

GLBA Purpose

  • 0: (default) No Permissible Purpose For persons who do not have a GLBA permissible use.
  • 1: Transactions Authorized by Consumer As necessary to effect, administer, or enforce a transaction requested or authorized by the consumer.
  • 2: Law Enforcement Purpose To the extent specifically permitted or required under other provisions of laws and in accordance with the Right to Financial Privacy Act of 1978, to law enforcement agencies, self-regulatory organizations or for an investigation on a matter related to public safety.
  • 3: Use by Persons Holding a Legal or Beneficial Interest Relating to the Consumer Use by persons, or their representatives, holding a legal or beneficial interest relating to the consumer.
  • 5: Fraud Prevention or Detection To protect against or prevent actual or potential fraud, unauthorized transactions, claims or other liability.
  • 6: Required Institutional Risk Control For required institutional risk control, or for resolving customer disputes or inquiries
  • 7: Legal Compliance In complying with federal, state, or local laws, rules, and other applicable legal requirements.
  • 11: Transactions Authorized by Consumer (Application Verification Only) As necessary to effect, administer, or enforce a transaction requested or authorized by the consumer by verifying the identification information contained in applications
  • 12: Use by Persons Acting in a Fiduciary Capacity on Behalf of the Consumer Use by persons acting in a fiduciary or representative capacity on behalf of the consumer.
  • 99: Use of InstantID International for the UK You are affirming that your use of InstantID International for the UK is only for 1) vetting applications by a financial institution, or 2) meeting any obligations contained in the Money Laundering Regulations 1993, the Money Laundering Regulations 2001, and the rules made pursuant to section 146 of the Financial Services and Markets Act 2000.
DPPA Purpose
  • 0: No Permissible Purpose
  • 1: Court, Law Enforcement, or Government Agencies—Use by a court, law enforcement agency or other government agency or entity, acting directly on behalf of a government agency.
  • 2: Motor Vehicle Safety or Theft—Use for any matter regarding motor vehicle or driver safety or theft (except by motor vehicle manufacturers).
  • 3: Normal Course of Business—For use in the normal course of business but only to verify the accuracy of personal information submitted by the individual to the business; and if the submitted information is incorrect, to obtain the correct information, but only for the purposes of preventing fraud by, pursuing legal remedies against, or recovering on a debt or security interest against, the individual.
  • 4: Civil, Criminal, Administrative, or Arbitral Proceedings—Use in connection with a civil, criminal, administrative, or arbitral proceeding, including the service of process, investigation in anticipation of litigation, the execution or enforcement of judgments, or compliance with the orders of any court.
  • 5: Commercial Driver's License—Use by an employer or its agents or insurer to obtain or verify information relating to a holder of a commercial driver's license that is required under chapter 313 of title 49 of the United States Code.
  • 6: Insurance—Use by an insurer or insurance support organization, in connection with claims investigation activities or antifraud activities.
  • 7: Licensed Private Investigative or Security Services—Use by a licensed private investigative agency, or licensed security service, for a purpose permitted above.

Service Connection

Compatibility

Module Compatibility
Manager 5.0.2
InstantID 1.87
RedFlagsReport Version1

Service Parameters

Name Description Required Default
instantIdBillingCode BillingCode replaces the UserID on billing statement No
instantIdClientName Used as ReferenceCode returns in your billing statement Yes
instantIdDlPurpose DPPA Purpose Yes 0
instantIdGlbPurpose GLBA Purpose Yes 0
instantIdDobRadius (Optional) DOBRadius.Integer value for the number of years to consider for OFAC matches when UseDOBFilter is enabled (default is 2). No
instantIdUseDobFilter When true, the query considers only OFAC records where the DOB is within the number of years specified in DOBRadius. Default to false. No false
instantIdOptions InstantID request options. If provided, will be included as part of request No Version1
preventMultiAttempt Prevent multiple verification attempt. If true, will send failed response directly if failed before in same txn. No true
recordResponse Record response text as submission properties. No false

Inputs

Name Description Required
Personal Details Inputs:
  • firstName
  • middleName
  • lastName
  • nameSuffix
  • addressLine1
  • addressLine2
  • city
  • stateCode
  • zipcode
  • dateOfBirth
  • ssn
  • ssnLast4
  • driverLicenseNumber
  • driverLicenseStateCode
  • homePhone
  • workPhone
  • gender
  • email
  • income
  • ownOrRent
 Personal details of the individual being identified.

Date of birth is expected to be received in Avoka standard format (yyyy-MM-dd) E.g. 2016-07-21.

Address breakdown by addressLine1, addressLine2, city, stateCode, zipcode is required by this service. stateCode is expected to be the short code (e.g. NSW, VIC, QLD). About Social Security Number, client should make sure only send either ssn or ssnLast4, not both. In case of receiving both, service will only use ssn and clear ssnLast4 field when sending the request

 Yes
Custom Verification Rule Service Name:
  • vrname
 Optional. If provided, will use this instead of standard verification rule service to interpret the verification result data. You need to make sure this name exists in TM

 No

Outputs

Name Description
verifyStatus The status of the verification for this individual with possible values:
  • VERIFIED
  • INSUFFICIENT
  • FAILED
executionStatus The status of the service execution [ SUCCESS | DATA_ERROR | SYSTEM_ERROR ].

Successful execution will be denoted by a SUCCESS value. SYSTEM_ERROR indicates that there was an unrecoverable system fault and the form should fall-back gracefully to an alternative path.
errorMessage When a DATA_ERROR is experienced, this value may provide more detail on the nature of the error.
LexisNexis InstantID - Verification Rule v1

InstantID Verfication Rule Service. To determine if identity information get verified based on various verification result

Compatibility

Module Compatibility
Manager 5.0.2
InstantID 1.87

Service Parameters

Name Description Required Default
cviAcceptValue Any CVI number equals or higher than this will be treated as passed Yes 50
cviPartialAcceptValue Any CVI number equals or higher than this will be treated as partial accepted Yes 20
napAcceptValue Any NAP number equals or higher than this will be treated as passed Yes 12
napPartialAcceptValue Any NAP number equals or higher than this will be treated as partial accepted Yes 6
nasAcceptValue Any NAS number equals or higher than this will be treated as passed Yes 12
nasPartialAcceptValue Any NAS number equals or higher than this will be treated as partial accepted Yes 6
dobAcceptValue Any DOB match level number equals or higher than this will be treated as passed Yes 0
dobPartialAcceptValue Any DOB match level number equals or higher than this will be treated as partial accepted Yes 4
redFlagCodeList Red flag code list separated by comma. Result contains any of the red flag code defined here will always be treated as id check failed. No

Inputs

Name Description Required
cvi CVI value from InstantID verification result.

00: Nothing verified

10: Critical ID elements not verified, are associated with different person(s), or indications such as OFAC matches, deceased/invalid SSN, SSN issued prior to DOB, etc. exist

20: Minimal verification, critical ID elements not verified or associated with different person(s)

30: Several ID elements verified

40: Last name, address and SSN or phone verified; first name, phone or SSN verification failures

50: Full name, address, phone, SSN verified

 No
nap InstantID NAP Summary

0: Nothing found for input criteria

1: Input phone is associated with a different name and address

2: First name and Last name matched

3: First name and Address matched

4: First name and Phone matched

5: Last name and Address matched

6: Address and Phone matched

7: Last name and Phone matched

8: First name, Last name and Address matched

9: First name, Last name and Phone matched

10: First name, Address and Phone matched

11: Last name, Address and Phone matched

12: First name, Last name, Address and Phone matched

 No
nas InstantID NAS Summary

0: Nothing found for input criteria

1: Input SSN is associated with a different name and address.

2: Input First name and Last Name matched

3: Input First name and Address matched

4: Input First name and SSN matched

5: Input Last name and Address matched

6: Input Address and SSN matched

7: Input Last name and SSN matched

8: Input First name, Last name and Address matched

9: Input First name, Last name and SSN matched

10: Input First name, Address, and SSN matched

11: Input Last name, Address, and SSN matched

12: Input First name, Last name, Address and SSN matched

 No
dobMatch Confidence level of the match of the input DOB and the DOB that was found for the subject

0: No DOB found or no DOB submitted

1: Nothing matches

2: Only Day matches

3: Only Month Matches

4: Only Day and Month Match

5: Only Day and Year match

6: Only Year matches

7: Only Month and Year match

8: Month, Day, and year match

 No
redFlagList Risk codes from HighRiskIndicators in response, you can pre-define redFlagCodeList as service parameters,

so that if any of the risk codes gets returned is within this list, the verify result will be determined as FAILED.

Some of the possible red flag risk codes and description are detailed here

Fraud Alert Codes

93: Identity Theft Alert (CRA corrections database)

Credit Freeze Codes

91: Security Freeze (CRA corrections database)

Address Discrepancy Codes

04: The input name and SSN are verified, but not with the input address and phone

11: The input address may be invalid according to postal specifications

25: Unable to verify address

30: The input address may have been miskeyed

CZ: Address mismatch between city/state and zip code

PA: Potential address discrepancy ? the input address may be a previous address

SR: Address mismatch on secondary address range

ZI: Unable to verify zip code

Suspicious Documents Codes

06: The input SSN is invalid

41: The input driver's license number is invalid for the input DL State

DD: A different driver's license number has been found for the input applicant

DF: The input driver's license number is not found in the public record

DM: The input driver's license number may have been miskeyed

DV: Unable to verify driver's license number

Suspicious Address Codes

04: The input name and SSN are verified, but not with the input address and phone

19: Unable to verify name, address, SSN/TIN and phone

25: Unable to verify address

30: The input address may have been miskeyed

CZ: Address mismatch between city/state and zip code

PA: Potential address discrepancy ? the input address may be a previous address

SR: Address mismatch on secondary address range

ZI: Unable to verify zip code

Suspicious SSN Codes

02: The input SSN is reported as deceased

06: The input SSN is invalid

29: The input SSN/TIN may have been miskeyed

39: The input SSN is recently issued

71: The input SSN is not found in the public record

89: The input SSN was issued within the last three years

90: The input SSN was issued after age five (post?1990)

IT: The input SSN is an ITIN

MS: Multiple SSNs reported with applicant

Suspicious DOB Codes

03: The input SSN was issued prior to the input date?of?birth

28: Unable to verify date?of?birth

83: The input date?of?birth may have been miskeyed

High Risk Address Codes

11: The input address may be invalid according to postal specifications

12: The input zip code belongs to a post office box

14: The input address is a transient commercial or institutional address

40: The input zip code is a corporate?only, military zip code

50: The input address matches a prison address

PO: The primary input address is a P.O. Box

Suspicious Phone Codes

07: The input phone number may be disconnected

08: The input phone number is potentially invalid

09: The input phone number is a pager number

10: The input phone number is a mobile number

15: The input phone number matches a transient commercial or institutional address

16: The input phone number and input zip code combination is invalid

27: Unable to verify phone number

31: The input phone number may have been miskeyed

49: The input phone and address are geographically distant (>10 miles)

73: The input phone number is not found in the public record

74: The input phone number is associated with a different name and address

SSN Multiple Last Codes

38: The input SSN is associated with multiple last names

66: The input SSN is associated with a different last name, same first name

72: The input SSN is associated with a different name and address

MI: Multiple identities associated with input social

Missing Input Codes

77: The input name was missing

78: The input address was missing

79: The input SSN/TIN was missing or incomplete

80: The input phone was missing or incomplete

81: The input date?of?birth was missing or incomplete

Identity Theft Codes

93: Identity Theft Alert (CRA corrections database)

 No
responseText response text.

You can get access to full response text to get extra information you need to determine verify result We are not using it in standard verification rule.

 No

Outputs

Name Description
verifyStatus The status of the verification for this individual with possible values:
  • VERIFIED
  • INSUFFICIENT
  • FAILED
LexisNexis InstantID - QA v1

Provides dynamic identity verification questions of US individuals using the LexisNexis InstantID Q&A service.

Prevent Multiple Verification Attempt

When service parameter "preventMultiAttempt" set to true, it will prevent following verification request if any previous verification is FAILED in the same submission. If this is the case, it will not call InstantID Q&A web service, instead, will return FAILED response immediately. On TM server it will also write txn property "InstantIDQA.multipleVerifyAfterFail"="true" in current txn.

Service Connection

Compatibility

Module Compatibility
Manager 5.0.2

Service Parameters

Name Description Required Default
instantIdQaAccountName Account name for InstantID Q&A. You should get valid account name from LexisNexis Yes Providers:Avoka
instantIdQaMode testing|pilot. Set to pilot in production. Set to testing for testing purppose which will not be billed for transactions processed. Yes testing
instantIdQaRuleset Ruleset for InstantID Q&A Yes customers.avoka.testing.rh
instantIdDataErrorCodes A set of data error codes separated by comma. If defined, response within these codes will be treated as a DATA_ERROR No invalid_information
preventMultiAttempt Prevent multiple verification attempt. If true, will send failed response directly if failed before in same txn. No true
recordResponse Record response text as submission properties. No false

Inputs

Name Description Required
task the task to be performed. Can be "question|answer"

question means getting questions from InstantID Q&A

answer means sending answer to InstantID Q&A to validate

Yes
Personal Details Inputs:
  • firstName
  • middleName
  • lastName
  • nameSuffix
  • namePrefix
  • addressLine1
  • addressLine2
  • city
  • stateCode
  • zipcode
  • dateOfBirth
  • ssn
  • ssnLast4
  • driverLicenseNumber
  • driverLicenseStateCode
  • homePhone
  • workPhone
  • email
 Personal details of the individual being identified.

Date of birth is expected to be received in Avoka standard format (yyyy-MM-dd) E.g. 2016-07-21.

Address breakdown by addressLine1, addressLine2, city, stateCode, zipcode is required by this service. stateCode is expected to be the short code (e.g. NSW, VIC, QLD). About Social Security Number, client should make sure only send either ssn or ssnLast4, not both. In case of receiving both, service will only use ssn field value when sending the request

 Yes

Outputs

Name Description
questions returns a set of questions to challenge the user.

if questions returned, it means verifyStatus is not decided yet.
verifyStatus The status of the verification for this individual with possible values:
  • VERIFIED
  • FAILED
executionStatus The status of the service execution [ SUCCESS | SYSTEM_ERROR | DATA_ERROR ].

Successful execution will be denoted by a SUCCESS value. SYSTEM_ERROR indicates that there was an unrecoverable system fault and the form should fall-back gracefully to an alternative path.
errorMessage When a DATA_ERROR is experienced, this value may provide more detail on the nature of the error.

Service Connections

The following service connections are used by this package.

LexisNexis InstantID
Property Name Description Required
Type HTTP Endpoint Yes
Endpoint LexisNexis InstantID Identity Verification web service end point.
  • Test & Prod: https://wsonline.seisint.com/WsIdentity/InstantID?ver_=1.87/
    • /ul> Please Note this service is only available inside US. All other server outside US may not be able to access this service.
Yes
Username Username for InstantID web service Yes
Password Password for InstantID web service Yes
LexisNexis InstantID QA
Property Name Description Required
Type HTTP Endpoint Yes
Endpoint LexisNexis InstantID Q&A web service end point.
  • Test & Prod: https://netview.verid.com:443/carbon/ws
 Yes
Username Username for InstantID Q&A web service Yes
Password Password for InstantID Q&A web service Yes