Skip to main content

Customer ID

Overview

The Customer ID feature enables merchants to maintain a consistent reference for individual end users across multiple verification requests. By linking all verifications to a unique customer profile, merchants can track verification history, streamline repeat verifications, and improve data management across their backoffice.

What is a Customer ID?

A Customer ID is a unique, persistent identifier that represents an individual customer profile within Shufti's system. Once generated, this identifier can be used across all future verification requests for the same customer, ensuring that:

  • All verifications are linked to a single customer profile.
  • Verification history is maintained and easily accessible.
  • Customer data remains organized and trackable.

Key Benefits

Consistent User Reference

Maintain a single identifier for returning customers across multiple verification sessions, eliminating confusion and data fragmentation.

Enhanced Verification Tracking

Associate all verification requests with the same customer profile, making it easier to review verification history and patterns.

Improved Data Management

Easily reference, retrieve, and manage customer profiles using their unique Customer ID, streamlining your operational workflows.

Fraud Prevention

Track and identify repeat verification attempts and patterns associated with the same customer, helping you detect and prevent fraudulent activities.

How It Works

First-Time Verification

When a customer undergoes verification for the first time, there are two ways the Customer ID can be assigned.

Without a Customer ID in the request

  1. Send a verification request without including a customer_unique_id parameter.
  2. Shufti automatically generates a unique customer_unique_id.
  3. The generated customer_unique_id is returned in the API response.
  4. Store this customer_unique_id in your system for future use.

With a Customer ID in the request

  1. Send a verification request including your own customer_unique_id parameter.
  2. Shufti creates a new customer profile with the provided customer_unique_id.
  3. The same customer_unique_id is returned in the API response.

Repeat Verifications

For subsequent verification requests for the same customer:

  1. Include the previously obtained customer_unique_id in the request payload.
  2. Shufti automatically associates the new verification with the existing customer profile.
  3. All verification data is linked to the same customer record.
  4. The same customer_unique_id is returned in the response.

Customer ID Management for Existing Users

Shufti provides a dedicated API endpoint for managing Customer IDs, allowing you to generate or associate Customer IDs with existing verification records.

Endpoint

POST https://api.shuftipro.com/customer/details

Authentication

Use Basic Authentication with your Client ID and Secret Key from your Shufti back office.

Use Cases

  • Generate a Customer ID for existing users: Send a reference ID from a previous verification. Shufti generates and returns a new customer_unique_id for that verification.
  • Associate your Customer ID with existing users: Send both a reference ID and your own customer_unique_id. Shufti stores your customer_unique_id and associates it with the verification record.

Request Payload

{
"reference": "{{reference_id}}",
"customer_unique_id": "{{alphanumeric_string}}"
}

Parameters

ParameterRequiredTypeDescription
referenceYesStringThe reference ID from a previous verification request.
customer_unique_idNoStringYour own unique customer identifier (6 to 64 alphanumeric characters). If not provided, Shufti generates a new Customer ID.

Managing Customers in the Backoffice

Beyond the API, every Customer ID has a customer profile in the backoffice where you can review verification history, manage the customer's status, control which data is used for future verifications, and collaborate with your team. This section covers the actions available on a customer profile.

Backoffice actions at a glance

ActionWhat it doesReversible
Blocklist a customerDeclines future verifications matching the blocklisted Customer ID or data.Yes, by removing the customer from the blocklist.
Whitelist a customerAccepts all future verifications for that Customer ID.Yes, by removing the customer from the whitelist.
Reset a customer profileMoves the profile to Verification Pending and deactivates past proofs so they are not used as context.Past proofs can be reactivated.
Mark a customer as InactiveAdds an INACTIVE label to the profile and to the Customer ID in related verifications.Yes, by marking the customer active again.
Mark a document as InactiveExcludes a specific document from comparison in future verifications.Yes, by marking the document active again.

Customer Status

Every customer profile carries a status that is derived from the customer's verification results. There are three possible statuses.

StatusMeaningCan transition to
Verification PendingDefault state. The profile exists but no verification has been completed yet. Also set after a profile reset.Approved, Rejected
ApprovedThe customer has at least one accepted verification result and no active blocklist flag.Verification Pending (after a reset)
RejectedAll completed verification attempts have failed and no accepted result exists.Approved (if a new attempt passes), Verification Pending (after a reset)

How the status behaves:

  • When a customer's verification is accepted, the status changes to Approved, meaning the customer is accepted and onboarded. Once a profile is Approved, the status does not change to Rejected even if later verifications fail.
  • If all of the customer's verifications are declined, the status is set to Rejected. A Rejected profile can move to Approved if a future verification passes.
  • A profile is set to Verification Pending when it is first created and the user has not completed verification yet. It is also set to Verification Pending whenever the profile is reset. After the next verification completes, the status updates according to the result.

Initiating a Verification for a Customer

You can create a new verification for a customer directly from their profile in the backoffice. Because the Customer ID is sent with the request, the resulting verification is tied to that specific customer.

There are two ways to start a verification from the profile:

  1. Create New Verification CTA.
  2. Initiate Re-verification CTA on a verification in the Verification History.

Using Create New Verification

When you choose this option, you can set up the verification in one of two ways:

  • Verification Journey Builder: Select the journey you want the customer to verify through.
  • Products: Go to the product tab, select the services you need, and configure the verification workflow.

With either method, the verification is created specifically for that customer because the Customer ID is included in the verification request.

Using Initiate Re-verification

When you click the Initiate Re-verification CTA on a verification in the Verification History, a verification request is initiated using the exact configuration of that earlier verification, and you receive a verification link for the customer.

Blocklisting a Customer

A customer can be added to the blocklist, or removed from it, manually from the backoffice. When you blocklist a customer, both the Customer ID and the data submitted by the user on their customer profile are blocklisted. As a result, any subsequent verification from the blocklisted Customer ID, or any verification that submits the blocklisted data, is declined.

The data that can be blocklisted includes:

  • Customer ID
  • Face image
  • Document number
  • Name and date of birth (as a combination)
  • IP address and device fingerprint (as a combination)
  • Email
  • Phone number
note

If you remove the customer from the blocklist, their verifications are performed normally again.

Whitelisting a Customer

A customer can be added to, or removed from, the whitelist manually from the backoffice. When you add a customer to the whitelist from their profile, their Customer ID is whitelisted and all subsequent verifications from that Customer ID are accepted. Whitelisting is based on the Customer ID only.

caution

A whitelisted Customer ID has all of its subsequent verifications accepted. Apply the whitelist deliberately and only to customers you have already established trust in.

note

If you remove the customer from the whitelist, their verifications are performed normally again.

Resetting a Customer Profile

You can reset a customer profile from the backoffice. When a profile is reset, the proofs and data submitted in the customer's past verifications become inactive and are no longer used as context in future verifications. You can reactivate these past proofs later if you want them used for context again.

Resetting a profile also changes the customer status to Verification Pending. The status then updates according to the result of the next verification.

Marking a Customer as Inactive

Marking a customer profile as Inactive adds an INACTIVE label to the customer profile and to the Customer ID shown in the verifications related to that Customer ID.

An Inactive status can mean, for example, that the customer is no longer active on your platform, that the Customer ID was a test, or that the user has deleted their account.

You can mark an inactive Customer ID as active again at any time from the backoffice.

Managing Verification Documents

The Verifications tab of the customer profile contains a Documents section that gathers every document the customer has submitted throughout their verification history, so you can review and analyze them in one place.

If there is a document you do not want used for comparison or context in future verifications, you can mark it as inactive. Inactive documents can be marked as active again whenever needed.

Duplicate Records

The Duplicate Records section of the customer profile lists linked records, that is, other records in which a user submitted the same data that appears in this customer profile. This helps you detect duplicate accounts in your system.

Comments

Shufti provides a comments feature so you can leave notes, communicate with team members, and upload attachments on a customer profile. If any anomaly is detected on a profile, you can use comments to raise it with your team, record your notes, and attach supporting files.

Activity Logs

Whenever an action is performed on a customer profile, an entry is created in the profile's activity logs. Logged actions include:

  • Creating a verification for the customer, and the resulting verification status.
  • Adding the customer to, or removing them from, the blocklist.
  • Adding the customer to, or removing them from, the whitelist.
  • Resetting the customer profile.
  • Marking the customer as Inactive, and marking the customer as active.

Each log entry records the action along with the date and time it occurred and the person who performed it, giving you a complete audit trail for every profile.


Best Practices

  • Always store Customer IDs: Implement persistent storage for Customer IDs in your database so they are available for future verification requests.
  • Include Customer IDs in repeat verifications: Always include the customer_unique_id parameter when initiating verifications for returning customers to maintain data consistency.
  • Monitor verification patterns: Use linked customer profiles to identify unusual verification patterns that may indicate fraudulent activity.
  • Validate the Customer ID format: Before sending requests, validate that Customer IDs meet the format requirements (6 to 64 alphanumeric characters).
  • Maintain a Customer ID mapping: Keep a mapping between your internal customer identifiers and Shufti Customer IDs for easy reference and troubleshooting.