Sensity is a suite of customizable verification tools including liveness detection and face matching, ID documents verification, financial documents anti-fraud, deepfake detection, and more. These tools can be combined to score the trust of a user's identity and the authenticity of their image, video and PDF files.

The steps in this guide briefly describes how to integrate Sensity API with your app and backend. To create verification tasks, receive notifications and retrieve the results of the analysis follow the next steps:

1. Create a developer account

To get started with Sensity, please send your request for creating a developer account via the www.sensity.ai website or by email to support@sensity.ai .

Once you have a Sensity developer account, request an API token to the /auth/tokens API endpoint with your credentials using HTTP BasicAuth.

You will receive a JSON object containing an authorization Bearer token that you can use in the SDKs to make subsequent calls to the API.

2. Integrate Sensity' API via SDKs

You can integrate Sensity via one of our SDKs:

1. Install and import one of the SDKs in your application

2. Create a verification tasks depending on your or user needs

3. Complete the life cycle of a verification task handling a completion event in your application flow. A verification can be successful or not. You have to handle the completion event, retrieve the data and act according to your applications purpose.

3. (Optional) Integrate the Liveness detection SDK

Sensity provides an additional client-side JavaScript SDK which offers much improved security gurantees with respect to the passive liveness checks implemented in the Sensity API alone, and provides an additional active liveness check which can be enabled optionally.

To learn how to integrate into your frontend the Liveness detection SDK is better described in its own section.

4. (Optional) Setup the Webhooks

We use webhooks to notify your backend when an event happens. Webhooks are useful to trigger actions for asynchronous events like when a verification task completes successfully or not. This is best described in the Webhooks section.

5. Retrieve data from the API

Use the Sensity API via our SDKs to retrieve specific data from the already completed verification tasks.

You can find more details on the endpoints and the response models in the API section of the documentation.

Sensity's API provides the following solutions that describe standard use cases. Each solution is composed of different services, each with its endpoint. API's users can serve customized use cases by grouping multiple services in their user flow.

Performs an analysis to prevent fraud employing face matching, liveness detection, and authenticity of the identity card.

This solution is composed by:

• ID Document Authentication
• Forensic Analysis
• Face Matching
• Liveness Detection

Supported input file formats

Input Type	Supported Formats
Image	jpg, png, tiff
Video	webp, mkv, flv, mov, mp4, avi
Document	pdf

Input file limitations

Limit	Max Value
File size	32 MB
Video duration	30 min
Video resolution	1080p
PDF size	20 MB

Runtime performance

Tested on a e2-standard-4 (GCP) with 4 Intel vCPU and 16GB RAM, with an image input for liveness and face matching

Solution	Latency + stdev (s)	RPS (1/s)
Identity verification	1.259 + 0.388	0.794

Extract data from documents, such as utility bills, invoices and payslips, in images or PDF files. Help users to automate verification and data entry, and support anti-fraud operations via computer vision and file forensics.

This solution is composed by:

• Data Extraction
• Forensic Analysis

Supported input formats

Input Type	Supported Formats
Image	jpg, png, tiff
Document	pdf

Input file limitations

Limit	Max Value
Image size	32 MB
PDF size	20 MB
PDF pages	50 pages

Performs an analysis designed to recognize the latest AI-based image, video and audio manipulation and generation.

This solution is composed by:

• Face manipulation
• AI Generated Image detection
• Forensic Analysis
• Voice Analysis

Supported input formats

Input Type	Supported Formats
Image	jpg, png, tiff, gif
Video	webp, mkv, flv, mov, mp4, avi
Audio	wav, mp3, m4a, ogg, aac

Input file limitations

Limit	Max Value
File size	32 MB
Video duration	30 min
Video resolution	1080p
Audio duration	20 min

JavaScript

This section explains how to integrate the Sensity API into your web application using our JavaScript SDK. The guide assumes you have followed the steps in Initial setup and already have a developer account with an API token ready to use.

1. Install

Create a .npmrc file in your project directory. Add the following line to the .npmrc file, replacing with the npm token provided by Sensity:

//registry.npmjs.org/:_authToken=<auth_token>

Install npm module:

npm install @sensityai/live-spoof-detection

2. Setup

Initialize the SDK and start the webcam to begin capturing video.

<!-- HTML for the webcam feed -->
<video id="webcam" autoplay playsinline style="width: 100%; height: auto;"></video>

<!-- HTML for displaying liveness tasks -->
<div id="livenessTask"></div>

// Import the LiveSpoofDetection module
var LiveSpoofDetection = require('@sensityai/live-spoof-detection');

// Provide video HTML element to LiveSpoofDetection
const webcamElement = document.getElementById('webcam');
const spoof = new LiveSpoofDetection(webcamElement);

// Start webcam
spoof.startVideo().then(videoStarted => {
  if(videoStarted) {
    console.log("Video started");
  } else {
    console.log("Video failed to load");
  }
});

To access the Sensity API, set up authentication credentials and make calls to different services. See docs for more information about API usage.

// Initializing the SDK
const spoof = new LiveSpoofDetection(webcamElement);

// Accessing the Sensity API
var SensityApi = spoof.SensityApi;
var defaultClient = SensityApi.ApiClient.instance;

// Optionally, set the base path if you're using a different environment
defaultClient.basePath = 'https://your.api.path';

// Set up authentication with your API token
var Bearer = defaultClient.authentications.Bearer;
Bearer.apiKey = 'API_KEY';

// Make calls to different services

3. Run Active Liveness

With the Liveness Detection SDK, additional active liveness checks can be enabled optionally. With active liveness, the verification process begins with a short series of challenges, where the user is asked to move their head in order to prove liveness. To enable, add the following once the video has been started:

<!-- HTML for displaying liveness tasks -->
<div id="livenessTask"></div>

// Div element for displaying liveness tasks
const livenessTask = document.getElementById("livenessTask");

// Run active liveness
spoof.startActiveLiveness(livenessTask);

Active liveness session has a timeout period that will cancel the session if the challenges are not performed in time. Active liveness is complete once the message Liveness is done is shown in the livenessTask element.

4. Passive Liveness

Passive liveness check allows users to submit photos or videos for liveness verification through the API. Here's how to integrate passive liveness checks into your application:

Take a liveness photo

Capture a photo using the webcam and send it to the liveness service for verification.

// Capture selfie photo and send it for liveness verification
spoof.takeSelfie().then((selfie) => {
  // We set up the SensityApi above
  var apiInstance = new SensityApi.LivenessDetectionApi();

  var task_id = null;
  var file = selfie["blob"];
  let opts = {
    sessionInfo: selfie["sessionInfo"],
  };

  var callback = function (error, data, response) {
    if (error) {
      console.error(error);
    } else {
      task_id = data.task_id;
      console.log("Job successfully sent");
    }
  };

  // We send taken photo as file parameter and expect to fetch that API task id
  apiInstance.createLivenessDetectionTaskFromFile(file, opts, callback);
});

Take a liveness video

Record a video using the webcam and send it to the liveness service for verification. You can set a duration of video by simply passing a parameter to takeVideo method.

// Start video recording and send it for liveness verification
spoof.takeVideo(duration_in_ms).then((video) => {
  // We set up the SensityApi above
  var apiInstance = new SensityApi.LivenessDetectionApi();

  var task_id = null;
  var file = video["blob"];
  let opts = {
    sessionInfo: video["sessionInfo"],
  };

  var callback = function (error, data, response) {
    if (error) {
      console.error(error);
    } else {
      task_id = data.task_id;
      console.log("Job successfully sent");
    }
  };

  // We send recorded video as file parameter and expect to fetch that API task id
  apiInstance.createLivenessDetectionTaskFromFile(file, opts, callback);
});

To stop the video recording before the allocated duration_in_ms use:

spoof.stopTakeVideo();

5. Retrieve the results

Once the task is done, you can retrieve the results using the task_id provided in the response returned by the API when you create the task.

  let apiInstance = new SensityApi.LivenessDetectionApi();

  let callback = (error, data, response) => {
    if (error) {
      console.error(error);
    } else {
      console.log("results ", JSON.stringify(response));
    }
  };

  apiInstance.getLivenessDetectionTask(task_id, callback);

Vue

After installation you can import the package within script tags.

<script>
  import LiveSpoofDetection from '@sensityai/live-spoof-detection';
</script>

You should create a webcam element and another empty div to display liveness tasks. You should give ref values to these elements to use them with sdk.

It is important to add a wrapper div has 'video-container' as class to camera element.

<template>
  <div>
    <div class="video-container">
      <video ref="webcam" autoplay playsinline></video>
    </div>
    <div ref="livenessTask"></div>
  </div>
</template>

Then you can initiate the sdk with camera element and use methods according to general Javascript documentation

<script>
import LiveSpoofDetection from '@sensityai/live-spoof-detection';

export default {
  mounted() {
    const webcamElement = this.$refs.webcam;
    const livenessTask = this.$refs.livenessTask;
    const spoof = new LiveSpoofDetection(webcamElement);
    ...
  },
}
</script>

React

After installation you can import the package at the beginning of the file.

import LiveSpoofDetection from "@sensityai/live-spoof-detection";

You should create a webcam element and another empty div to display liveness tasks. You should give ref values to these elements to use them with sdk.

It is important to add a wrapper div has 'video-container' as class to camera element.

<div className="App">
  <div class="video-container">
    <video
      ref="{webcam}"
      className="webcamVideo"
      autoplay
      playsinline
      width="{640}"
      height="{480}"
    ></video>
  </div>
  <div ref="{liveness}"></div>
</div>

Then you can initiate the sdk with camera element and use methods according to general Javascript documentation

function App() {
  const webcam = useRef();
  const liveness = useRef();

  useEffect(() => {
    const init = async () => {
      const webcamElement = webcam.current;
      const livenessTask = liveness.current;
      const spoof = new LiveSpoofDetection(webcamElement);
      ...
    }
    init();
  }, []);

  return (
    <div className="App">
      <div class="video-container">
        <video ref={webcam} className="webcamVideo" autoPlay playsInline width={640} height={480}></video>
      </div>
      <div ref={liveness}></div>
    </div>
  );
}

export default App;

You can use sensity_api SDK for your mobile application frameworks such as:

• React Native (Javascript)
• Flutter (Dart)

React Native

1. In the root of the folder where you want to install npm module, create an .npmrc file and add the following:

 //registry.npmjs.org/:_authToken={your_auth_token}

2. Run this command to install package with npm:

  npm install @sensityai/sensity_api

3. Import the package

import * as SensityApi from "@sensityai/sensity_api";
or;
var SensityApi = require("@sensityai/sensity_api");

4. Initiate the sdk

const App = () => {
  useEffect(() => {
    const client = SensityApi.ApiClient.instance;
    client.basePath = 'https://api.sensity.ai/';

    const Bearer = client.authentications.Bearer;
    Bearer.apiKey = 'YOUR_API_KEY';

    const apiInstance = new SensityApi.LivenessDetectionApi();
    apiInstance.getLivenessDetectionTask(TASK_ID);
    ...
  }, []);

5. Detailed documentation about services will be provided inside the npm package under the docs folder.

Flutter/Dart

1. First add the dart sdk that provided by sensity team to your flutter project folder.
2. Add dart sdk path to your pubspec.yaml file

dependencies:
  flutter:
    sdk: flutter
  dart_sdk:
    path: './packages/dart_sdk'

3. Run flutter pub get in your project folder.
4. Import sdk package to your flutter project.

import 'package:dart_sdk/api.dart';

5. Then create a class for using SDK services. For example AI Generated Image detection Service

class SdkService {
  final AIGeneratedImageDetectionApi aigeneratedimageDetectionApi = AIGeneratedImageDetectionApi();

  Future<TasksCreateTaskResponse?> createAIGeneratedImageDetectionTaskFromFile(Uint8List bytes, [String fileName = 'file']) {
    final file = http.MultipartFile.fromBytes(
      'file', // Important, this is the field name
      filename: fileName,
      bytes,
      contentType: MediaType.parse('multipart/form-data'),
    );

    return aigeneratedimageDetectionApi.createAIGeneratedImageDetectionTaskFromFile(file);
  }
}

6. Then it is possible to call sdk services inside your functions with SdkService class.

  final imageBytes = YOUR_IMAGE_IN_BYTES_FORMAT;
  final result = await SdkService().createAIGeneratedImageDetectionTaskFromFile(imageBytes);

7. Detailed documentation about services will be provided inside the dart package under the docs folder.

Once a verification task is created by a user, Sensity starts processing the data asynchronously. As the processing happens at a later time and not in the response to your code execution. We need a mechanism to notify your system about status changes of the verification task.

This is where webhook comes in place, as it can notify your system once a verification task is processed.

1. Webhook configuration

A Webhook is nothing else than a simple user-provided POST endpoint of a server. The server should support:

• POST requests in application/json type.

• If the server runs behind a firewall you should whitelist our IP address to allow incoming traffic from our servers. Get in contact with support@sensity.ai for more information.

You can use a service like webhook.site to test receiving webhook events. Or a tool such as ngrok to forward the requests to your local development server.

2. Event types

Sensity webbook service supports the following events:

• data_extraction_analysis_complete

• face_manipulation_analysis_complete

• face_matching_analysis_complete

• forensic_analysis_complete

• ai_generated_image_detection_analysis_complete

• id_detection_analysis_complete

• id_document_authentication_analysis_complete

• liveness_detection_analysis_complete

• voice_analysis_complete

When a verification task is done your server will receive an event with the resulting data of the task. An explanation of each event response is described in the GET endpoints response of the API reference and Models reference.

3. Register a webhook URL

To register a webhook, make a POST request to /webhooks/{event_name} using the name of the event and the URL you want to register.

Once the analysis has finished, a POST request will be sent by the API to the registered URL with the analysis result.

Note: if no webhook URL is registered before the task analysis is requested, Sensity API will retry to send the result message for a total of 10 retries. After the 10th consecutive failure, the result can only be retrieved through polling.

This section shows you how to create a express nodejs server and listen to incoming webhook events. This assumes you have already Register a webhook in the previous section.

1. Install the required dependencies

npm install express cors body-parser

2. Create the server and the webhook endpoint

Add the following code to index.js. This creates a server listening to incoming requests at http://localhost:3030/webhook.

const express = require("express");
const cors = require("cors");
const bodyParser = require("body-parser");

const app = express();
const port = 3000;

app.use(bodyParser.json());
app.use(cors());

app.post("/webhook", (req, res) => {
  // do logic here
  console.log(req.body);

  res.status(200).send("Success");
});

app.listen(port, () => {
  console.log(`Listening at http://localhost:${port}`);
});

3. Run the server & create a task

Run the express server with:

node index.js

And then create a task. You can do this with CURL as its explained in the API Reference examples or using one of the Client-side SDKs.

As soon as the verification task is completed you should see the results in the terminal output.

Listening at http://localhost:3000
{
  id: '808264ae-bd79-457e-89cc-b643e4f55517',
  status: 'completed',
  result: { live: 'Live' }
}

This section shows how to use the Sensity API endpoints to create and retrieve the results of a verification task using the provided endpoints. The guide assumes you have followed the steps in Initial setup and already have a developer account with an API token ready to use.

To create a specific analysis task you can send a POST request with /tasks/{task_name} and the task parameters.

You will receive a JSON response with the following fields:

{
  "report_id": "123456789",
  "success": true
}

• report_id represents the requested analysis
• success whether the task is successfully created or not

There are two ways to retrieve the results from the requested analysis:

1. Polling
2. Webhooks

Due to the asynchronous nature of the API, we strongly recommend using Webhooks.

Polling

To get the result of a task, make a GET request to /tasks/{task_name}/{report_id}.

You will receive a JSON object with a status field indicating the status of the task.

{
  "status": "message"
  // ... other task related fields
}

The possible message value for status is one of:

• completed: the other fields in the response will be populated with the analysis result.

• in_progress: the analysis is still running. Try to call the endpoint later to get the result.

• failed: something went wrong. Try to re-create the task and ask support if there are subsequent issues.

Webhooks

In this approach, the user associates a custom user-provided endpoint to an API analysis event. Once the event occurs, the API takes care of sending the result of the event to the endpoint.

How to set up a webhook server is discussed in the Webhooks server side SDK section.

We support URL input for some services by using the url parameter. You can check on each endpoint of the API if the url parameter is available. At the moment we support the following:

• A URL pointing to a media file
• Youtube URLs
• Instagram (only videos)
• Facebook (only videos)
• Tiktok
• Twitter or X (images and videos)
• Dailymotion

Management for the user's API tokens

Enrich data from the text in the documents provided to the analysis. Furthermore, we get the following results:

• Classify the document type into a set of known documents

• Find a set of keywords provided to the endpoint

• Find possible overlapping text boxes, to warn about possible fraud

• Font analysis, with a font list and its frequencies

• Extract meaningful data from the file according to the document type

Note: if you need to extract data from and verify the validity of ID documents, such that passports and national cards, please refer to the ID Document Authentication service. Data Extraction is meant for generic financial documents, such as invoices, bank statements, utility bills, etc.

Supported input files: image / pdf

This analysis detects potential AI manipulation of faces present in images and videos, as in the case of face swaps, face reenactment and lipsync.

Supported input files: image / video

Perform an analysis to authenticate a user by matching the person's face with the identity document uploaded.

Supported input files: image / pdf / video

This service uses forensic analysis techniques to determine whether the file was digitally created or manipulated. In particular, the test will find traces of suspect software editing, use of screenshot software, file dates mismatch, multiple versions of the files, and more.

Supported input files: image / video / pdf / audio

This analysis detects AI-generated photo-realistic images, created for example by Generative Adversarial Networks (GAN) and Diffusion Models (DM) like Stable Diffusion, MidJourney, Dalle-2 and others. An optional explanation of prediction is provided for some classes of model generators and if input is predicted as fake. Available explanation types:

• GANDetectorExplanations: Returns an overlay image. Images generated by this family of GANs can be recognized by the eyes and mouth fixed position.
• SignatureDBExplanations: If the image is found in Sensity's AI-Signatures DataBase, returns its original source, generation text prompt and generation timestamp.

Supported input files: image

This task analyses an ID image and verifies its authenticity by performing different security checks. For this task, the visual parts of the image and zones like the Machine Readable Zone (MRZ) are parsed.

Supported input files: image

This analysis performs a series of passive liveness checks on the face found in the input media. Its goal is to verify whether the face belongs to a real person in front of the camera vs. a face from a photo print, a digital device, or 2D/3D masks. For detection to work properly: look straight ahead, remove sunglasses or hat, make sure the light is good and avoid flash photography.

Supported input files: image / video

This analysis detects AI-generated voices and voice cloning in audio.

Supported input files: audio

Webhook management