Give us a call
Call us at +41 41 555 20 40
Transfer the eMRTD passport files SOD
, and the Data Groups in raw binary form to your Server. See the readme of the Mobile SDKs on how to access these files.
To validate the document using the document validation service, your Server needs to send a POST request to the Document Validation Server (DocVal Server).
The OVDK Instance of the Document Validation Server can be reached via the following url:
https://kinegramdocval.lkis.de/v4/validate
Set the Content-Type
of the POST request to multipart/form-data
and provide the following values:
client_id text/plain Client ID
sod application/octet-stream SOD File
dg1 application/octet-stream Data Group 1 File
dg2 application/octet-stream Data Group 2 File
... ... ...
dg16 application/octet-stream Data Group 16 File
The fields client_id
and sod
are mandatory!
The Data Groups (dg1, dg2, …) are optional.
client_id
functions as an API Access key. Is configured by you, if the DocVal Service runs On-Premise. CUSTOMER may use Client ID “YOUR CLIENT ID” with the OVDK Instance of the DocVal Server.sod
is the SOD File from the chip in raw binary form.dg1
is the Data Group 1 File from the chip in raw binary form.dg2
is the Data Group 2 File from the chip in raw binary form.dg3
, dg4
, …, dg16
accordingly, for all further Data GroupsWith Passive Authentication the integrity and authenticity of the data (like MRZ info, photo of face) can be verified based on a list of trusted country certificates.
The DocVal server performs Passive Authentication. The integrity and authenticity of all Data Groups that are present in the request will be verified.
For each Data Group that is not present in the request, the integrity and authenticity of the Data Group can be verified using the information available in SOD Info
.
See security_mechanisms.html for a detailed description of Passive Authentication.
The DocVal server parses the SOD. The Data Groups (1, 2, 7, 11, 12), that are present, in the request will be parsed as described in ICAO Doc9303 Part 10
.
The result consists of the passive authentication result and the parsed files. See the file emrtd_result.html for an explanation of the result. At that point all data about a passport will be deleted. The DocVal server is designed to not store any passport data longer than needed.
You may test the endpoint with the resources in directory passport_pia_sample
.
curl --request POST \
--url https://kinegramdocval.lkis.de/v4/validate \
--header 'Content-Type: multipart/form-data' \
--form client_id="YOUR CLIENT ID" \
--form sod=@passport_pia_sample/sod.ef \
--form dg1=@passport_pia_sample/dg1.ef \
--form dg2=@passport_pia_sample/dg2.ef
Or with the resources in directory passport_peter_parker
.
curl --request POST \
--url https://kinegramdocval.lkis.de/v4/validate \
--header 'Content-Type: multipart/form-data' \
--form client_id="YOUR CLIENT ID" \
--form sod=@passport_peter_parker/sod.ef \
--form dg1=@passport_peter_parker/dg1.ef \
--form dg2=@passport_peter_parker/dg2.ef \
--form dg7=@passport_peter_parker/dg7.ef \
--form dg11=@passport_peter_parker/dg11.ef \
--form dg12=@passport_peter_parker/dg12.ef \
--form dg14=@passport_peter_parker/dg14.ef \
--form dg15=@passport_peter_parker/dg15.ef
Please note that with these test resources (passport_pia_sample, passport_peter_parker) the correct result for passive_authentication
is false as the document certificate
in the sod file is not valid because it was not issued by a trusted country certificate authority.
Or with the SOD resource in the directory passport_tim_vogel
:
curl --request POST \
--url https://kinegramdocval.lkis.de/v4/validate \
--header 'Content-Type: multipart/form-data' \
--form client_id="YOUR CLIENT ID" \
--form sod=@passport_tim_vogel/sod.ef
This sod
is from a genuine german passport. The correct result for passive_authentication
is therefore true. The result contains the hashes for the available Data Groups and the hash algorithm used (sod_info
). The authenticity and integrity of the Data Groups can be verified by your server.
Give us a call
Call us at +41 41 555 20 40
Contact by e-mail
Contact us via our contact form.
Personal meeting
Arrange a personal meeting.