Menu
Close
EmailContact
LoginLogin

Network Configuration for Assisted Video KYC

Open ports on the firewall for our set of IPs

You need to open certain ports at your firewall for the IDfy service to operate.

 

 

Allow UDP traffic at the proxy

This is relevant only if your Video KYC agents sit behind a web proxy. UDP is the foundation for real-time communication in the browser. The requirement for timeliness over reliability is the primary reason why the UDP protocol is a preferred transport for delivery of real-time data.

– An excerpt from High Performance Browser Networking

 

A typical HTTP based proxy cannot handle UDP traffic. You will need to:

 

 

Allow websockets at your firewall and proxy

Please ensure that your firewall and proxy:

 

 

 

Permit webhooks from our egress IPs

We use webhooks to send updates for every profile. Please ensure you allow incoming traffic from our egress IPs (section C in the table below)

 

 

Ensure there is adequate bandwidth for each live agent

Each live agent needs at least 1Mbps (up-link and down-link each)

 

Domain IP Table

Type Domains / IPs Ports
Section A – You need to whitelist the following IPs irrespective of your journeys
IDfy Webservers TCP: 443
Section B – You need to whitelist the following IPs if you are performing assisted video journeys
Media Server VM Public IPs

UDP: 5000-65000

UDP: 3478

TCP: 3478

Section C – You need to whitelist the following IPs if you are using webhooks
Webhooks from IDfy
  • 34.93.208.113
  • 34.93.62.124
  • 34.93.216.70
  • 34.93.143.189
TCP: 443
Section D – You need to whitelist the following IPs if you are using the review dashboard
Storage

In case you can\’t whitelist *.storage.pg.idfy.com reach out to the IDfy support team for your account-specific URL

TCP: 443
Section E – You need to support the following cyphers
Supported Ciphers
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA2
  • The above cipher suites are not supported in Windows Server 2012 (see more here). To bridge this gap, we shall add support for these additional cipher suites:
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA2
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA3
  • TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
 

Dummy Data Endpoint:

 

URL: https://test.kyc.idfy.com/healthz

 

Method: GET

Response:

{

“status”: “OK”

 

}

 

Main Sections