Payouts

KYC Verification

Verification Methods

Coinflow’s Built-In Verification

Verifying US Withdrawers

To verify US users via API, call the Register User endpoint with KycUsRequestBody. This triggers an instant database check using the user’s email, name, address, country, date of birth, and last 4 digits of their SSN.

If instant verification cannot be done, the API returns a 451 with a verificationLink and the withdrawer’s verification status will be pending. Direct the user to that link to complete verification by taking a selfie and entering their full SSN. Once complete, they’ll be redirected to the redirectLink provided in your request.

Verifying Non-US Withdrawers

For non-US users, use the same Register User endpoint with KycDocVRequestBody. This request typically includes only the user’s email and country and always returns a 451 requiring further verification. At this point, the withdrawer’s verification status will be pending.

The verificationLink in the response directs users to upload a photo ID and take a selfie. After successful verification, they’ll be redirected to the redirectLink provided in the request parameters.

Merchants using Coinflow’s prebuilt UI do not need to handle the extra verification steps or redirect. This is already built into Coinflow’s UI.


KYC Reliance

Merchants using their own KYC provider (other than Sumsub) can choose to share verified user data with Coinflow through our KYC attested endpoint. To be eligible for KYC reliance, merchants must first obtain approval from Coinflow’s compliance team. This ensures that your KYC process meets our compliance standards. To being:

  1. Request the Questionnaire
    Contact Coinflow for the KYC Reliance Questionnaire.
  2. Submit for Review
    Complete and submit the form. Final compliance approval is required before going live.
  3. Enable KYC Attestation feature in Sandbox
    Ask Coinflow to enable KYC attestation for your sandbox and include your sandbox merchant ID.
  4. Integrate the KYC Attested Endpoint
    After approval, integrate using the attested endpoint in your production environment.

If you are not approved for KYC reliance, you may choose to fall back on implementing passing external KYC data


Passing External KYC Data to Coinflow

Merchants using their own KYC provider (other than Sumsub) can pass verified user data to Coinflow via the register user via document endpoint. This creates a Coinflow verification record without requiring the user to re-enter information. Required fields to pass include: email, country, Front and back of photo ID.

Coinflow attempts to re-verify the submitted data. If we cannot verify it, the API returns a 451 response, indicating further verification is required. The user’s verification status remains pending until completed.

The response includes a verificationLink, where the user uploads a photo ID and takes a selfie. Upon completion, they are redirected to the redirectLink you provided.

Why a 451 Response May Occur

Not all KYC systems are standardized—different providers collect different fields and follow different rules. Even if your provider marks a user as verified, Coinflow may be unable to do the same. In such cases, we require fallback verification to meet compliance standards.

If you’re using Coinflow’s prebuilt UI (e.g. CoinflowWithdraw), you must call this endpoint before rendering the component, so the verification record exists in advance.


Sumsub Token Sharing with Coinflow

Merchants who have their own sumsub account can share the sumsub kyc data directly with Coinflow. This would require a tri-party data sharing agreement signed through Sumsub which will allow Coinflow to reuse the withdrawers existing kyc data you’ve already collected. Learn more about reusable KYC and how to get a triparty agreement set up through Sumsub.

To get started with Sumsub token sharing:

  1. Reach out to the Coinflow team with your sumsub client id

Once this agreement has been signed, follow these steps:

  1. Call Sumsub’s Generate Share Token endpoint to obtain a token.
  2. Call Coinflow’s Register User Via Share Token endpoint to pass KYC data.

If you’re using Coinflow’s prebuilt UI (e.g. CoinflowWithdraw), you must call this endpoint before rendering the component, so the verification record exists in advance.

Prior to reaching out to sumsub to sign the tri-party agreement, Merchants will need to reach out to Coinflow to get Coinflow’s sumsub client id.


Verification Method Comparison

Verification MethodWho It’s ForSetup RequiredFallback (451) Handling
Built-In VerificationAll merchantsCall Register UserHandled via a providedverificationLink
KYC RelianceMerchants w/ their own KYC provider (non-Sumsub) whose KYC policies have been approved by Coinflow ComplianceCall Attested KYCNot Expected
Pass External KYC DataMerchants w/ their own KYC provider (non-Sumsub)Call Register User via DocumentUser must re-verify with selfie + ID
Sumsub Token SharingMerchants with Sumsub accountTri-party agreement + Call Register User via Share TokenNot expected