Extract and Archive. Best practice.
Personal KYC data should not sit in your KYC Connect database forever. Using the API with the archive option will allow you to securely meet your data retention requirements.
Archived candidate Identities
When an Identity is archived in the KYC Connect Dashboard all raw KYC personal info (Identity attributes) will be deleted. Only metadata (e.g. status, history) and any certificates provided will remain.
If the Identity attribute data has been extracted using the API, candidate Identities can be automatically archived.
To further protect candidates' personal information you can encrypt the API return data.
🛈 If you wish to use AES encryption as an additional security layer on the extracted data, please contact Blockpass directly for more information about the protocols and keys you will require.
- Generate a AES key for this API request
- Encrypt the AES key to the Blockpass Cloud Dashboard RSA public key
- Include the encrypted AES key in the header of the API request
- The AES key is recovered using the Blockpass Cloud Dashboard private key
- The API response data is encrypted using the AES key provided
KYC API data description:
refId: Reference ID of user in Merchant's platform (e.g. Your internal User ID, uuid)
recordId: Reference ID of user in KYC Connect platform. This ID is different for each service registered by the user.
blockPassID: Blockpass registration ID. Unique for each user.
status: Status of KYC application
incomplete: Blockpass verifications pending
waiting: Merchant's review pending
inreview: in review by Merchant
approved: profile has been approved by Merchant
resubmit: Merchant has rejected one or more attributes
isArchived: KYC application archived status
true: All KYC applications' attributes were deleted by operator
false: Data are still available in KYC Connect database
inreviewDate: Start review date
waitingDate: Last submitted date
approvedDate: Approval date
willArchiveAtDate: KYC Connect will auto archive when date is reached (only returned if
Archive after extract datawas defined in
API keymanagement settings)