All data, services, and APIs are owned and operated by ICP. Any changes to data structures, verification rules, or service availability are at the sole discretion of the Federal Authority.
Platform Capabilities
- Identity Verification
- Biometric & Liveness
- Data & Monitoring
Customer Onboarding (KYC)
Verify new customers in real time using Emirates ID, passport, and biometric checks — through SDK or API integration.
Re-Verification (ReKYC)
Re-verify existing customers when their documents expire, status changes, or regulatory requirements mandate a refresh.
NFC Verification
Chip-based document verification using NFC — read and authenticate Emirates ID or passport data directly from the document chip.
Remote Verification
Verify customers remotely via a secure link — no SDK integration required on the customer’s device.
Industries Served
| Industry | Use Case |
|---|---|
| Banking & Financial Services | Account opening, loan origination, regulatory compliance (CBUAE) |
| Fintech & BNPL | Digital onboarding, credit risk assessment, continuous monitoring |
| Insurance | Policyholder verification, claims processing |
| Hotels & Tourism | Guest check-in, visa status validation |
| Telecom | SIM registration, subscriber verification |
| Government Services | Citizen and resident identity verification |
| Real Estate | Buyer/tenant identity checks |
Integration Options
Choose how you connect to the UAE KYC platform based on your use case.- SDK Integration
- API Integration
- Remote Verification
Embed the UAE KYC verification experience directly into your app. The SDK handles document scanning, biometric capture, and liveness checks.
Web SDK
Browser-based integration using React components.
Android SDK
Native Android and Huawei device support.
iOS SDK
Native iOS integration for iPhone and iPad.
Network & Security
UAE KYC operates within a secure, government-grade infrastructure. All communication between your systems and ICP is protected at multiple layers.Network Connectivity Options
Network Connectivity Options
| Option | Description |
|---|---|
| ADnet | Abu Dhabi Government network — for entities already on the AD government backbone |
| FedNet | UAE Federal Government network — for federal entities with existing FedNet access |
| MPLS Line | Dedicated private line — for large enterprises requiring direct, high-bandwidth connectivity |
| Site-to-site VPN | Encrypted tunnel between your network and the UAE KYC environment |
| IP Whitelisting | Public IP-based access — typically for smaller clients or sandbox/PoC testing |
business@uaekyc.ae if you are unsure which option applies.Transport Security
Transport Security
- TLS 1.3 is the only supported protocol — older versions are rejected
- All communication is end-to-end encrypted using SSL/TLS
- A second encryption layer uses hybrid encryption (ECDH + Ed25519)
- HTTP traffic is completely disallowed — HTTPS only
- Supported cipher suites:
AES_256_GCM_SHA384,AES_128_GCM_SHA256,CHACHA20_POLY1305_SHA256
SDK Security
SDK Security
- Journey tokens are short-lived (10 minutes) and UUID-based to prevent replay attacks
- Finite retry attempts on document extraction, face capture, and liveness — exceeding limits terminates the journey
- Handshake encryption using X25519 key exchange with AES-256-GCM for all SDK-server communication
- Secure memory: sensitive data is stored with mlock protection and zeroized on deallocation
- Image obfuscation: document and face images are pixel-level obfuscated using secure PRNG
- Android: FLAG_SECURE prevents screenshots; overlay detection blocks tapjacking
Client Proxy Setup
Client Proxy Setup
Many clients route UAE KYC traffic through an internal reverse proxy or WAF for additional control. Three setup options are available:
Proxy Overview
Architecture and requirements.
Manual Setup
Configure Nginx or Apache manually.
Docker Setup
Pre-built Docker container for quick deployment.
Response Integrity
Response Integrity
Every API response from UAE KYC can be cryptographically verified to ensure it has not been tampered with in transit.
Signature Verification Guide
Verify response signatures using your certificate.
Dashboard & Platform Guide
The UAE KYC Dashboard is your central portal for managing journeys, monitoring transactions, and configuring your integration.Environments
Sandbox vs Production setup and configuration.
Sandbox Residents
Create and manage test residents for sandbox integration.
User Management
Manage admin, support, and finance users on your account.
Quick Links
Getting Access
Step-by-step onboarding checklist — forms, network setup, credentials, and SDK integration.
Communication Flow
End-to-end sequence diagram showing how your systems interact with UAE KYC.
Error Codes
Complete reference for API, journey, identity, and AI error codes.
FAQ
Answers to common questions about SDK, API, sandbox testing, and troubleshooting.
UAE KYC is a service of the Federal Authority for Identity, Citizenship, Customs & Port Security (ICP), United Arab Emirates. All data, verification rules, API specifications, and service policies are subject to change at the discretion of ICP. All rights reserved.