Skip to main content

Reprocessing and Biometric Base Import

This guide covers how to perform reprocessing or biometric base import on the Unico platform. It details the technical and operational requirements for an effective, secure integration following platform best practices.

Scope

This material covers two types of processes:

  • Reprocessing: reprocessing biometric records of users who have already been through the client's and Unico's base for re-evaluation or migration between systems.
  • Biometric Base Import: initial upload or update of a base containing selfies for identity verification and/or risk classification purposes.
  • Document Base Import: upload of a document base alongside selfies for Facematch or CPF Match verification purposes (Brazil only).

Prerequisites

  • The client must have an active contract or NDA signed with Unico and be in the integration phase (exception if approved by the governance team).
  • The project will follow formal TPS (transactions per second) agreements. See TPS agreement below.
  • Before obtaining production credentials, full integration homologation is mandatory to ensure data quality, payload compliance and stable performance.
  • A dedicated service account must be created for the reprocessing or import (e.g., "Reprocessing" or "Legacy_Import").
  • A dedicated API Key will be created specifically for the reprocessing/import.
  • (Optional) A dedicated subsidiary can be created for the reprocessing/import. This parameter is identified in the payload as subsidiaryId. See Payload parameters below.
  • The API Key and service account will be deactivated after the agreed period or processing completion.

Available capabilities

CapabilityDescription
Identity VerificationVerifies whether the submitted selfie belongs to the actual holder of the identifier.
Risk Fraud ClassificationChecks for a history of fraudulent behavior associated with that face.
FacematchVerifies whether the document photo matches the submitted selfie.
CPF Match BrazilBrazil onlyVerifies whether the provided CPF matches the CPF number printed on the document. Note: not all RGs have the CPF printed.
info

The capabilities listed above are the most commonly used in reprocessing flows. Other capabilities may be enabled depending on the client's needs and the API Key configuration — contact your Unico project manager to discuss the right setup for your use case.

Selfie requirements

  • Must be submitted in base64 format.
  • The image must follow the ICAO standard (light background, centered face, no accessories that obstruct identification, proper lighting).
  • Recommended dimensions: 1920x1080 or 1080x1920 ratio.
  • Maximum size: 800 KB (compress with JPEG 92 if needed).
  • Orientation: portrait.

Document requirements

  • Supported document types: see Document Capture & Reuse — Supported documents.
  • Images must include both the front and back of the document, fully visible with no cropping.
  • The document must be legible — clear, well-lit, and free of obstructions.

TPS agreement

  • The maximum agreed TPS for this project is 10 TPS.
  • Distribute requests evenly over time rather than sending them in large bursts.
  • This limit must not be exceeded without formal approval from the Unico team.
  • Requests above the limit may be automatically dropped or blocked.
  • If a temporary increase is needed, a formal prior agreement is required.

Integration

Endpoints

EnvironmentBase URLAccessNotes
Staginghttps://api.id.uat.unico.appOpenMandatory for testing
Productionhttps://api.id.unico.appOnly after approved homologationRequires strict TPS control

Required headers

Authorization: Bearer {access_token}
APIKEY: {your_api_key}
Content-Type: application/json

Payload parameters

{
  "subject": {
    "duiType": 1,
    "code": "11032395702",
    "name": "User Name",
    "email": "[email protected]",
    "phone": "21998571922",
    "birthDate": "30/07/1989",
    "gender": "M"
  },
  "useCase": "Reprocessamento/Importação",
  "subsidiaryId": "35d734c4-7fbb-4b2f-a1dc-7e1575514819",
  "imageBase64": "/9j/4AAQSkZJR...",
  "document": {
    "purpose": "Reprocessamento",
    "documentId": "doc-001",
    "files": [
      {
        "data": "doc_base64_frente",
        "faceDocumentMatch": true
      },
      {
        "data": "doc_base64_verso"
      }
    ]
  }
}
FieldTypeRequiredDescription
subjectobjectYesUser identification data.
subject.duiTypeintegerYesDocument type identifier. See duiType values below.
subject.codestringYesCPF or other user identifier.
subject.namestringYesUser's full name.
subject.emailstringNoUser's email.
subject.phonestringNoUser's phone number.
subject.birthDatestringNoUser's date of birth (DD/MM/YYYY).
subject.genderstringNoUser's gender (M or F).
useCasestringYesUse case name ("Reprocessamento" or "Importação de base").
subsidiaryIdstringNoSubsidiary UUID (provided by Unico).
imageBase64base64YesUser's selfie image converted to base64.
documentobjectNoDocument data associated with the process.
document.purposestringNoDocument purpose (e.g., "Reprocessamento").
document.documentIdstringNoDocument identifier.
document.filesarrayNoList of document image files.
document.files[].database64NoDocument image converted to base64.
document.files[].faceDocumentMatchbooleanNoIndicates whether the face in the document matches the submitted selfie.
duiType values
ValueDescription
0Unspecified
1Brazil — CPF
2Mexico — CURP
3Internal Unico identifier
4United States — SSN
5Brazil — Passport
6Argentina — Passport
7Argentina — DNI
8Nigeria — NIN
9Chile — RUN
10Ecuador — NI
11United States — Passport
12Guatemala — CUI
13Uruguay — CI
15Email address
16Indonesia — NIK
17Phone number
18United States — Driver's license

Important notes

  • The selfie must comply with the ICAO standard with proper quality and lighting.
  • The selfie must be in base64 format.
  • Avoid bulk submissions without TPS control — this can trigger rate limiting (see Error handling below).
  • Always test data and integration in the staging environment first.

Responses

Success — 200 OK

{
  "id": "80371b2a-3ac7-432e-866d-57fe37896ac6",
  "status": 3,
  "unicoId": {
    "result": "inconclusive"
  },
  "riskLevel": {
    "result": "inconclusive"
  }
}
FieldTypeDescription
idstringProcess identifier. Store it for future queries or if you implement 1:1 Validation later.
statusintegerTransaction status.
unicoId.resultstringIdentity Verification capability response.
riskLevel.resultstringRisk Fraud Classification result. Possible values: reproved, risk-critical, risk-high, inconclusive.

Image processing error

{
  "id": "80371b2a-3ac7-432e-866d-57fe37896ac6",
  "status": 5
}

Common errors

Codes in the 4xx range indicate validation errors with the provided data. Codes in the 5xx range indicate server-side failures.

HTTP CodeError TypeLikely CauseRecommended Action
400Bad RequestInvalid payloadValidate structure and content.
401UnauthorizedExpired or invalid tokenRegenerate token.
403ForbiddenIncorrect API Key or insufficient permissionsVerify credentials.
429Too Many RequestsRequest rate exceededWait and respect TPS limit.
500+Internal Server ErrorInternal failureRetry after a few seconds; open a ticket if persistent.

Error handling

  • Rate Limit (HTTP 429) must be carefully monitored. Request overload can block the pipeline.
  • Always respect the TPS agreed with Unico (see TPS agreement).
  • For persistent failures (5xx), reprocess with retry/backoff control.
Last updated on