The Fourthline API is an offering of Rabo Identity Services to identify users based on an identity document. Fourthline has a broad geographical coverage supporting over 3.500 different identity document types from 185 different countries.

This API offers extensive capabilities to identify users, verify the authenticity of the document, and reduce the risk of identity fraud.

To gain more certainty about the user's identity, the identity verification can be expanded with several options such as biometric, liveness, and/or location.

Facial recognition compares the photo on the ID with a selfie or live video taken by your customer, this is used to match the user identity with the provided document. Digital proof of address compares the geolocation of the user’s device with the location data provided. This can be used to determine if the address is valid, genuine, and uncompromised.

Attribute Overview

The final result of a successful verification contains multiple attributes, which reflect the outcome of the verification. The following attributes are derived from the identity document (if present on the document) and are returned as part of the user verification.

First name
Last name
Date of expiry
Issuing authority
Issuing country
Gender
Document number
Date of birth
Personal number
Date of issue
Document type
Nationality

Using the API

After your account set up is complete, subscribe the Fourthline API to your application. Through the Fourthline identity verification flow, users can identify themselves online based on their own legal identity document and biometrics. For each verification, a workflow must be created through the API, as explained in this page.

🚧
Before continuing, make sure that you have read and understood the differences between the Rabobank Environments

Step 1 - Create a workflow

Initiate a new workflow on the Fourthline API. An example request is provided below, where:

The providerClientId is a unique value for the verification of a specific user. This value must be unique per providerClientId and the obtained document number of the identity document. In case a different providerClientId is provided while using the same identity document, the user experiences an error in the flow, resulting in a 1036 error code (ID document number already used).
The identityData object can be populated with data that you have already obtained from the user. If this object is populated, the user does not need to add it in the UI. However, if left empty, the user needs to provide this information in the UI.

Request

The API supports the possibility to associate your own unique identifier to the dossier in order to link it to your own session.

POST https://api.rabobank.nl/openapi/ris/fourthline/workflows

{
  "workflow": {
    "workflowName": "IDV",
    "providerClientId": "7b6a9e91-1701-b24d-9476-efb5b24ee47e"
  },
  "session": {
    "target": "web"
  },
  "identityData": {
    "address": {
      "street": "Croeselaan",
      "streetNumber": 11,
      "postalCode": "3521CB",
      "city": "Utrecht",
      "country": "NLD"
    },
    "emailAndPhone": {
      "email": "example@rabobank.nl",
      "mobile": "+316123456789"
    }
  }
}

Response

After the workflow is successfully initiated, a session is created for that specific verification. The session is uniquely defined by the workflowId, which later can be used to fetch the case status and the CDD report. The response below is intended to be used to start the Web SDK session in the browser. Each session has:

A validationCode; this unique validation code must be used to start the Web SDK session. This links the workflow to the SDK session.
An expiryDateTime; after this time the validation code is no longer valid and a new workflow needs to be initiated.

{
    "workflowId": "f5d02f64-d053-4ab2-af5f-9b4be4281f19",
    "clientId": "a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6",
    "session": {
        "validationCode": "99992DFD",
        "expiryDateTime": "2024-08-06T20:42:02.4093721+00:00"
    }
}

Step 2 - Complete the steps in the Web SDK

As mentioned above, when creating the workflow. The ValidationCode must be used to start the SDK session in the browser. How the Web SDK is setup and integrated into your own application is covered at Web SDK Integration

Step 3 - Receiving webhooks

The verification process is asynchronous. So in order for your application to retrieve the final status of these verifications, webhooks can be configured. More information on how this can be setup, see the following documentation Webhooks. This configuration should be made and tested during the setup of your account.

Step 4 - Get the status of the verification

When the user has completed all the required steps in the flow, it's possible to retrieve the status of the request. A request and response example of a completed verifications is given below. This response contains the information on the status of the request and, when available, information about the verification itself. More information on how this can be setup, see the following documentation Webhooks

📘
When the webhook setup has been configured on your account, you receive incoming webhook notifications about the status of these requests.

Request

GET https://api.rabobank.nl/openapi/ris/fourthline/workflows/{{workflowId}}

Response

{
  "verificationId": "f5d02f64-d053-4ab2-af5f-9b4be4281f19",
  "verificationStatus": "new",
  "hash": "8f15a543ab4eff7d75629d680c9489b1",
  "data": {
    "modifiedDateTime": "2019-01-17T07:24:30Z",
    "clientNumberProvider": "ad45008c-222f-4783-80af-768abfd2a5b1",
    "riskCategory": "ACCEPTED",
    "analyst": "SNCA00001",
    "userData": {
      "document": {
        "device": {
          "deviceMetaData": {
            "ipAddress": "000.000.00.000"
          }
        },
        "person": {
          "name": "WILLEKE LISELOTTE DE BRUIJN",
          "type": "Natural Person",
          "gender": "Female",
          "initials": "WLB",
          "lastName": "DE BRUIJN",
          "birthDate": "1965-03-10",
          "firstName": "WILLEKE LISELOTTE",
          "middleName": "LISELOTTE",
          "nationality": "NLD",
          "placeOfBirth": "Utrecht",
          "countryOfBirth": "NLD"
        },
        "address": {
          "city": "Utrecht",
          "region": "Utrecht",
          "street": "Croeselaan",
          "country": "NLD",
          "postalCode": "3521CB",
          "streetNumber": 18,
          "secondAddressLine": "Croeselaan",
          "streetNumberPrefix": "A",
          "streetNumberSuffix": "A"
        },
        "documents": [
          {
            "files": [
              {
                "id": "bd96fb78-387c-4664-938a-949855362096",
                "side": "Front",
                "fileType": "MP4",
                "fileLocation": "documentvideo_front_normal.mp4"
              }
            ],
            "issueDate": "",
            "documentType": "Document Video",
            "documentNumber": "",
            "documentIssuingCountry": "",
            "expirationDate": ""
          },
          {
            "files": [
              {
                "id": "99493ac2-3749-4c5a-8178-c4c7c576c7d6",
                "side": "Front",
                "fileType": "JPEG",
                "fileLocation": "passport_front_normal.jpeg"
              },
              {
                "id": "12ebaa7e-a0f0-442f-992b-165612dbfd74",
                "side": "Front",
                "fileType": "JPEG",
                "fileLocation": "passport_front_tilted.jpeg"
              }
            ],
            "issueDate": "2021-08-30",
            "documentType": "Passport",
            "documentNumber": "SPECI2021",
            "documentIssuingCountry": "",
            "expirationDate": "2031-08-30"
          },
          {
            "files": [
              {
                "id": "99d3f5cb-5483-4bf4-b138-c83a39ea643b",
                "side": "Front",
                "fileType": "JPEG",
                "fileLocation": "selfie_secondary.jpeg"
              }
            ],
            "issueDate": "",
            "documentType": "Selfie",
            "documentNumber": "",
            "documentIssuingCountry": "",
            "expirationDate": ""
          },
          {
            "files": [
              {
                "id": "1a063850-9807-4c6a-8078-93c1fcfe9c13",
                "side": "Front",
                "fileType": "MP4",
                "fileLocation": "selfievideo_secondary.mp4"
              }
            ],
            "issueDate": "",
            "documentType": "Selfie Video",
            "documentNumber": "",
            "documentIssuingCountry": "",
            "expirationDate": ""
          }
        ],
        "emailAndPhone": {
          "email": "example@rabobank.nl",
          "mobile": "+316123456789"
        }
      }
    },
    "messages": []
  },
  "processType": "NaturalPersons",
  "dataValidationError": {},
  "riskInfo": {
    "statusCode": 200,
    "description": "Low"
  }
}

Step 5 - Retrieve the final CDD report

After the verification is completed successfully, you can retrieve the CDD report. The request below illustrates how the CDD report can be retrieved. This endpoint supports both PDF and ZIP formats.

GET https://api.rabobank.nl/openapi/ris/fourthline/workflows/{{workflowId}}/pdf

In the Rabobank Preproduction and Rabobank Production environments, message level encryption is applied to this specific response, due to the nature of processing sensitive PII data. For more information, read Message level encryption

🚧
Each response contains a X-Trace-Id header which can be used for troubleshooting failed transactions. Certain fields may not be available in the response body, this depends on the availability in the source and the type of request. Read the response schema object to understand which fields can be part of the response body.

All responses are signed by Rabobank, to validate the response read Validate signed responses