SDK ↔ Validation Gateway

The SDK handles all communication with the Validation Gateway for you. You make two calls in your code — registerDevice() and validate() — and the SDK takes care of the secure session in between. All traffic goes through your proxy to ICP.

1. Register the device

The first time the SDK runs on a device, register it. This ties the device to your organization.

mbkyc.registerDevice("lobby-kiosk")

You can check status at any time with checkRegistration() — active, inactive, or not_found. A device must be active before it can validate.

2. Secure session

Before each verification the SDK opens a short-lived encrypted session with the Validation Gateway (an authenticated key exchange). You don’t call this yourself — the SDK does it automatically and re-opens it transparently when it expires, so long-running kiosks keep working.

Sessions are short-lived by design. The channel is encrypted and authenticated end to end; identity data is never sent in the clear.

3. Validate

Submit an Emirates ID or passport, optionally with a fingerprint. The SDK encrypts the request, sends it through your proxy, and returns the result.

val result = mbkyc.validate(
    EmiratesIdManual(
        idNumber = "784-XXXX-XXXXXXX-X",
        documentNumber = "...",
        nationality = "ARE",
    )
)

The result is the same shape in every SDK:

{
  "success": true,
  "data": { "status": "pass", "verified": true },
  "message": "Verification completed"
}

See Validation methods for the request types and Biometrics for adding a fingerprint.

You never construct session or encryption logic by hand — the SDK owns it. Authenticate your requests through the token signer; everything else on the channel is handled for you.

Authentication

Validation methods

⌘I

​1. Register the device

​2. Secure session

​3. Validate

1. Register the device

2. Secure session

3. Validate