This section contains supporting materials on the terminology and key concepts of the NeuroVision platform and the KYC module.
Glossary of Terms
General Concepts
KYC (Know Your Customer) is a procedure for remote verification of a user’s identity using documents and photographs, with anti-fraud checks and additional database checks. In the NeuroVision platform, this is a separate module with its own API and WebSDK.
KYC session — a single user verification according to a given scheme (e.g., “passport + selfie with document”). All image uploads, recognition results, errors, and statuses are tied to the sessionId.
Schema (schemaId) is a KYC verification scenario: a set of steps (document, selfie, Liveness, database checks, etc.) and settings (limits, anti-fraud, callbacks). It is mandatory to specify schemaId in WebSDK.
Scenario (scenarioId) is the deprecated name for the verification schema; use schemaId for new integrations.
Client — the end-user of your service (an individual) undergoing KYC verification. Do not confuse with the integrator’s account on the NeuroVision side.
WebSDK and Frontend
WebSDK — A JavaScript library for embedding the KYC widget into a website or SPA (React, etc.). It is responsible for camera capture, image uploading, and communication with the KYC backend.
KYC Widget is a ready-made popup/modal window where the user completes all KYC steps: takes a photo of their document, takes a selfie, and passes Liveness.
KYCWidget.setupKYC(...) is the main method for initializing the widget in the browser. It accepts a config (schemaId, clientKey, theme, callbacks) and opens the widget.
schemaId — the identifier of the verification scheme configured in the Personal Account. A mandatory parameter for WebSDK.
clientKey (WebSDK) — a string up to 36 characters, set on your side and transmitted to the widget in encrypted form. It is used to link KYC sessions to your users/applications and for subsequent filtering in the API.
clientUser — an optional string of up to 36 characters, previously used as an additional client identifier. It is usually not required in new integrations; clientKey is sufficient.
closeCb — a callback function that is called when the widget is closed (success, error, or manual closing).
successCb(payload) — callback invoked upon successful completion of the KYC scenario. The payload contains brief information about the session; detailed data is retrieved via the REST API /kyc/session/status.
Theme (theme) — widget appearance: light or dark. Can be used for visual consistency with your product.
REST API and backend
REST API KYC — a set of HTTP methods for creating sessions, uploading images, checking status, and retrieving a list of sessions. Main methods:
/kyc/session/create, /kyc/process, /kyc/session/status, /kyc/sessions, /kyc/sessions/filter.
/kyc/process — a method that accepts images (document, selfie, etc.), recognizes them, and saves the result in the session. It can operate in sync and async modes.
/kyc/session/status — method for obtaining the current session status and detailed results for each step (document, selfie, face comparison, etc.).
/kyc/sessions — a list of all KYC sessions with brief information and nested results.
/kyc/sessions/filter — selection of sessions by filters: status, errors, date range, clientKey, schemaId, database checks, etc.
JWT token is a temporary access token returned by the /user/login method. It is passed in the Authorization: Bearer ... header and is used in all protected API methods. :contentReference[oaicite:11]{index=11}
Persistent token / access token — a long-term token created via /token/create and listed in /tokens. Convenient for server integrations and service tasks.
Webhook (callback URL) is your HTTP endpoint to which the platform can send notifications about the completion of a KYC session. The request body can be encrypted; decryption is performed on your side using a pre-agreed key.
Identifiers and Entities
sessionId — unique identifier of the KYC session. Used in all requests to the status and logs API.
clientId — the client’s identifier in the KYC system (may differ from your userId).
clientKey (in API responses) — the original value (up to 36 characters) that you set during backend encryption. It allows you to link the KYC session with your user or application.
Person list is a logical collection of records about individuals (persons) with whom new images can be compared: /person, /persons, /person/list/*.
Person — an entry in the list of persons: includes data (fields), information about the individual, and, if necessary, vector representations.
Source group — a logical group of image/video stream sources. Managed by methods /source/groups, /source/group/create, /source/group/update, etc.
Data source (source) — a specific source of images linked to a group (e.g., a camera, integration, project). It can have settings for automatic face addition and features that need to be identified (feature_check).
Liveness and Face Handling
Liveness (liveness check) — a set of algorithms that confirm that a live person is in front of the camera, not a photograph, video, or synthetic image (deepfake). Analysis of frame sequences, micro-movements, textures, and artifacts is used.
Active Liveness is a mode where the user performs actions (head turns, changes in gaze direction, etc.), and the system checks the correctness of command execution.
Passive Liveness is a mode in which one or more frames without explicit tasks are sufficient, while the system identifies signs of real presence.
Face Matching is the assessment of the similarity of two or more faces in different images (document ↔ selfie, selfie ↔ selfie, selfie with document ↔ document). In KYC results, this is a separate block with a match percentage.
Face vector is a numerical representation of a face image (a set of numbers) used for fast searching of similar faces. In the API, it is called embeddings and is used, for example, in /vector/search.
Fusion vector — a unified vector representation of a face from multiple images of a person. It is created using the /person/fusion method to improve search robustness.
OCR, Documents, and Antifraud
OCR (Optical Character Recognition) — recognition of text fields in a document (full name, dates, document number, place of birth, etc.) from an image. The ocr block in KYC responses contains the fields title, value, conf, and status.
MRZ (Machine Readable Zone) — machine-readable zone of a document (usually two or three lines at the bottom of a passport/ID), containing encrypted data and checksums.
Antifraud checks are a set of detectors that identify forged documents and images: screen photos (display), photocopies (image printed), editing (image edited), face swapping, logical inconsistencies, etc.
Black list — a list of undesirable persons or records; if a match is found with the user’s person or data, the error [fraud] black list is issued.
KYC error codes are standardized text codes (e.g., [general] bad image, [document] text fields not visible, [fraud] mobile device) that explain the reason for an unsuccessful verification. A complete list is provided in a separate error reference.
External Databases and Scoring
External database checks — additional requests to government registries, tax and court databases, sanctions lists, and other data sources (bankruptcies, sanctions, debts, etc.). These checks may affect the overall status of the KYC session.
Financial scoring is an assessment of risks based on data from credit bureaus and additional sources (e.g., default scoring for short-term loans).
KYC session status — the final verification status: success, failed, idle, sometimes suspicious. An overall success is only possible if all critical checks (document, face, Liveness, anti-fraud, external databases) are passed successfully.