7. KYC Integration [POST-MVP]¶
POST-MVP — not yet architected
KYC verification is planned but not part of the initial release, and its integration design is not finalized. This section is intentionally a stub. The full specification (the KYCProvider port interface, session/result schemas, per-tenant provider configuration, KYC APIs, and provider-specific flows such as Nafath) will be written here when KYC is designed.
Intended approach. KYC will follow the same ports & adapters pattern as palm verification (§8): a KYCProvider port in the core domain with pluggable vendor adapters — candidates are Nafath (Saudi government-grade), and Onfido / Sumsub / Jumio (global). The platform will surface KYC status; the product decides whether to gate on it (the platform does not enforce KYC — §13.2).
Live hooks already in the platform (these stay). Other, already-architected features account for KYC through the touchpoints below. They remain valid and do not depend on the deferred detail:
| Hook | Where |
|---|---|
Tenant settings kyc_required, kyc_provider, kyc_level, kyc_required_for_enrollment |
§4.5 |
User fields kyc_status (none/pending/verified/failed/expired) and kyc_data |
§5.5 |
| Palm-enrollment gating — platform surfaces KYC status, product decides | §13.2 |
KYC audit events (kyc_initiated, kyc_verified, kyc_failed) and webhook events (kyc.initiated, kyc.verified, kyc.failed) |
§16 |
KYC endpoints (/v1/kyc/*), marked [POST-MVP] |
§14.1 |
| Nafath status codes | §15 |