Extract and Archive. Best practice.
Personal KYC data should not sit in your KYC Connect database forever. Using the API with the archive option will allow you to securely meet your data retention requirements.
Archived candidate Identities
When an Identity is archived in the KYC Connect Dashboard all raw KYC personal info (Identity attributes) will be deleted. Only metadata (e.g. status, history) and any certificates provided will remain.
If the Identity attribute data has been extracted using the API, candidate Identities can be automatically archived.
To further protect candidates' personal information you can encrypt the API return data.
🛈 If you wish to use AES encryption as an additional security layer on the extracted data, please contact Blockpass directly for more information about the protocols and keys you will require.
- Generate a AES key for this API request
- Encrypt the AES key to the Blockpass Cloud Dashboard RSA public key
- Include the encrypted AES key in the header of the API request
- The AES key is recovered using the Blockpass Cloud Dashboard private key
- The API response data is encrypted using the AES key provided
KYC API data description:
refId: Merchant reference ID (e.g. Your internal User ID)
blockPassID: Blockpass registration ID
status: Status of KYC application (
isArchived: KYC application archived status
true: All KYC applications' attributes were deleted by operator
false: Data are still available in KYC Connect database
inreviewDate: Start review date
waitingDate: Last submitted date
approvedDate: Approval date
willArchiveAtDate: KYC Connect will auto archive when date is reached (only returned if
Archive after extract datawas defined in
API keymanagement settings)