Step-up Authentication

What this use case solves

Detect whether a facial biometric is already associated with another active account in your operator's base — the "One Face, One Contract" principle. With a single API call, cross-reference the captured face against your registration base and block duplicate accounts at the point of action.

Use this use case when:

• The user attempts to execute an action (request the first withdrawal, cash-out) and you want to validate whether that biometric already belongs to another active account in your system.
• You need to perform retroactive ingestion of a historical base of selfies to identify existing duplicates (batch mode). This is the Biometric Base Import flow.
• Your business model requires each individual to have at most one active account per operator (or per country).
• You want to reduce the load on the manual video review desk, replacing human analysis with an automatic and deterministic decision.

Do not use this use case when:

• You need to validate the authenticity of an identity document → look at the onboarding use cases.
• You need to confirm that the person performing the transaction is the account holder (1:1 verification) → look at the transactional use cases.
• Your product allows multiple accounts per person by design (e.g., personal and business accounts) → evaluate the clientReferenceSegment configuration with the Unico team before enabling this rule. This field defines the search scope: the 1:N comparison runs only against records registered under the same segment, so distinct segments can coexist within a single operator without triggering false positives.

Capabilities involved

Pipeline executed within a single process:

LivenessMulti accounts 1:N

Capability	Required	Role in the flow
Liveness	Optional for API; required for Web and Native	Liveness check at capture time.
Multi accounts 1:N	Required	Performs segmented biometric search in the operator's base, cross-referencing the received face against all records in the same segment.

Prerequisites

• Bearer token — see Authentication.
• Sandbox credentials — see Environments.
• SDK or Web component installed — only for Web and SDK integrations. See SDKs and Tools.
• clientReference field filled in all requests — uniquely identifies the user in the operator's system. Must be unique in the client's database, have a maximum of 256 characters and contain no spaces. This field is the primary identifier for Multi accounts purposes.

Step-by-step implementation

Native

Integration via native SDK — capture runs inside your app using the Unico SDK for Android, iOS or Flutter.

1. Install the SDK — add the Unico SDK dependency for your platform. See the setup guide for Android, iOS or Flutter.
2. Create a process — call Create Process with the appropriate flow value and the user's identifier. Use the returned token to initialize the SDK.
3. Start the capture — the SDK renders the camera UI and performs liveness detection on-device, returning the captured payload.
4. Query the result — call Get Process to retrieve the capability results.
5. Apply business rules — evaluate the response fields to approve, deny or escalate.

Android

Native Android SDK for in-app capture.

View overview

iOS

Native iOS SDK for in-app capture.

View overview

Flutter

Cross-platform Flutter SDK for in-app capture.

View overview

Web

Integration via iFrame, Redirect or Native — Unico hosts the capture UI, and you receive the result via polling.

1. Create a process — call Create Process with the appropriate flow value and the user's identifier. The response includes a userRedirectUrl.
2. Redirect the user — send the user to userRedirectUrl. Unico renders the capture journey. Or webAppToken in native apps.
3. User completes the journey — after capture, the user is redirected back to your callbackUri.
4. Query the result — call Get Process to retrieve the capability results.
5. Apply business rules — evaluate the response fields to approve, deny or escalate.

Web

Quick integration via browser, no installation needed.

View overview

API

Direct API integration — capture the selfie using the Unico SDK or your own UI following the Capture Standard, then send the image directly to the Unico API.

1. Capture the selfie — use the Unico SDK for your platform, or build your own UI following the Capture Standard, to obtain a selfie image that meets liveness requirements.
2. Create a process — call Create Process with the user's identifier and the selfie as imagebase64.
3. Query the result — call Get Process to retrieve the capability results.
4. Apply business rules — evaluate the response fields to approve, deny or escalate.

API

Full control over the flow with back-to-back integration.

View overview