One of Jumio’s strengths is that we provide various channels for integrating the identity verification journey into your onboarding workflow: a Web Client, Web SDK, Mobile SDKs and REST APIs. Each channel has unique advantages, and you can leverage one or more channels as needed.
Fraudsters are becoming more and more sophisticated, and no solution catches 100% of fraud. To minimize risk while maximizing convenience for users, it’s important to understand the benefits and limitations of each integration channel. Let’s take a closer look at each one.
Web Client
The Web Client is the easiest channel to integrate and maintain. You simply embed it in your web page or mobile WebView — or just provide a link to have it run in its own browser window — at the point in your onboarding workflow where you want your users to complete the identity verification steps. It provides a default user journey that runs inside a web browser on all types of devices.
The Web Client provides clear guidance to your end users and manages the interactions with their camera (including autocapture, which takes the picture automatically when it detects the ID is fully visible and in focus) and other device features. It even allows users to seamlessly switch to their mobile device when it’s time to take a photo of their ID and a selfie and then return to their computer to complete the journey. This is particularly useful for older computers that lack a camera or have a poor quality webcam, as a mobile device’s camera can produce much higher-quality images that increase success rates. Additionally, the Web Client provides visibility into the camera pipeline and can detect most camera injection attacks.
You can make some basic changes to the Web Client’s appearance, such as the colors of the screens and buttons, to help it blend into your workflow. Since the Web Client is hosted by Jumio, it requires no maintenance — you always get the latest and greatest functionality.
The Web Client is a good option if:
- Your user journey is web-focused
- You want to support web and mobile options with a single integration
- You want the easiest and fastest implementation process
- You want Jumio to provide the user interface and only need to make a few modifications such as screen and button colors
- You want Jumio to host the client and handle all maintenance
Web SDK
The Web SDK is designed for those who want full control over the user experience and want to host it themselves. With just a few lines of code, you can create your own instance of the Web Client and customize it to your requirements. Because you host this client yourself, you can integrate it with your analytics framework for greater insights into the customer journey, and you control updates and other maintenance. The Web SDK is framework agnostic, so you can work with it in your preferred integrated development environment (IDE).
The Web SDK is a good option if:
- Your user journey is web-focused
- You want to support web and mobile options with a single integration
- You want an easy and fast implementation process
- You want more control over the user interface
- You want to host the client yourself and manage all maintenance
- You want to use your own analytics framework
Mobile SDKs for Android and iOS
If your primary user interface is a mobile app, the Mobile SDKs provide everything you need for a fully customized, mobile-native experience for Android and iOS. They include plugins for React Native, Flutter and Apache Cordova. Because the user journey will take place on the user’s mobile device, it can support advanced security features like on-device barcode extraction and near-field communication (NFC). Additionally, the Mobile SDKs have direct access to the camera pipeline and can detect camera injection attacks with greater accuracy than the Web Client/SDK, making the Mobile SDKs the most secure integration channel. For more information on the benefits of the Mobile SDKs, see 11 Big-Time Benefits of Mobile SDK-Based Implementations for Online Identity Verification.
The Mobile SDKs are a good option if:
- Your user journey is mobile-focused
- You want to provide a mobile-native experience
- You want to take advantage of the most advanced security features
- You want more control over the user interface
REST APIs
Jumio provides REST APIs that enable you to send a photo of the user’s ID and their selfie image directly to Jumio for processing, rather than having users go through the Jumio user journey. This is useful for customers who already have another identity verification solution and want to route some of their traffic to Jumio to try out our services. However, because Jumio does not have control over the camera pipeline or the capture of these images, we cannot perform our most sophisticated anti-spoofing and liveness detection techniques. Therefore, this is the least secure approach and the most susceptible to spoofing, synthetic IDs, deepfakes and other sophisticated fraud attacks.
Another limitation is that the images provided through the REST APIs during the onboarding journey can’t be used for subsequent authentication. With the other channels, a biometric template is created during onboarding, and when a user returns to your platform, Jumio Authentication prompts them to take a fresh selfie and compares it to that template.
Quality control is also challenging with the API approach. In Jumio’s user journey, we reject unusable images and provide instant feedback to users to help them take a better image. For example, if the image is blurry or taken in low-light conditions, we give the user guidance on how to improve the image so they can try again. When you submit images via the APIs, however, you must ensure the quality is sufficient before you send them to us.
The REST APIs are a good option if:
- You want to provide your own user journey
- You are trying out Jumio’s services
- Your business is not a likely target of sophisticated fraud attacks
- You don’t need to implement biometric authentication for users returning to your platform
- You want to perform your own quality control over images before sending them to Jumio for processing
In summary, the integration channel you choose depends on your business requirements for customization, security, accuracy, and ease of implementation and maintenance. If you want a ready-made, zero-maintenance solution, you can use our Web Client. If you need more customization or want to host the client yourself, you can use the Web SDK. If you want higher security and a mobile-native experience, our Mobile SDKs are the right choice. And if you just want to try out our services and aren’t a likely target for sophisticated fraud attacks, you might try our REST APIs.
You can find more information on all our integration channels in the Jumio developer documentation. Or just contact us, and we’ll be happy to have a conversation about your business requirements and which channel might work best for you.
