KYC/AML Verification in Mobile Crypto App

NOVASOLUTIONS.TECHNOLOGY is engaged in the development, support and maintenance of iOS, Android, PWA mobile applications. We have extensive experience and expertise in publishing mobile applications in popular markets like Google Play, App Store, Amazon, AppGallery and others.
8+Years of work900+Completed projects100+In house employees19+Partners
Development and support of all types of mobile applications:
Information and entertainment mobile applications
News apps, games, reference guides, online catalogs, weather apps, fitness and health apps, travel apps, educational apps, social networks and messengers, quizzes, blogs and podcasts, forums, aggregators
E-commerce mobile applications
Online stores, B2B apps, marketplaces, online exchanges, cashback services, exchanges, dropshipping platforms, loyalty programs, food and goods delivery, payment systems.
Business process management mobile applications
CRM systems, ERP systems, project management, sales team tools, financial management, production management, logistics and delivery management, HR management, data monitoring systems
Electronic services mobile applications
Classified ads platforms, online schools, online cinemas, electronic service platforms, cashback platforms, video hosting, thematic portals, online booking and scheduling platforms, online trading platforms

These are just some of the types of mobile applications we work with, and each of them may have its own specific features and functionality, tailored to the specific needs and goals of the client.

Offered services
Showing 1 of 1 servicesAll 1735 services
KYC/AML Verification in Mobile Crypto App
Medium
~3-5 business days
FAQ
Our competencies:
Development stages
Latest works
  • image_mobile-applications_feedme_467_0.webp
    Development of a mobile application for FEEDME
    756
  • image_mobile-applications_xoomer_471_0.webp
    Development of a mobile application for XOOMER
    624
  • image_mobile-applications_rhl_428_0.webp
    Development of a mobile application for RHL
    1052
  • image_mobile-applications_zippy_411_0.webp
    Development of a mobile application for ZIPPY
    947
  • image_mobile-applications_affhome_429_0.webp
    Development of a mobile application for Affhome
    862
  • image_mobile-applications_flavors_409_0.webp
    Development of a mobile application for the FLAVORS company
    445
Show more works

KYC/AML Verification in Crypto Mobile Application

KYC in crypto app — not just "scan passport". Combination of document verification, liveness detection, sanctions screening (OFAC, EU) and integration with licensed provider. SDK choice affects UX, conversion, regulatory compliance.

Provider Selection

Established solutions: Sumsub, Onfido, Jumio, Persona, Veriff. For crypto commonly Sumsub or Onfido — both have mobile SDK and crypto experience.

Sumsub SDK (iOS and Android) works via applicant ID created on backend:

// Android — Sumsub SDK init
val snsMobileSDK = SNSMobileSDK.Builder(this, accessToken)
    .withHandlers(
        onStatusChanged = { newStatus, prevStatus ->
            when (newStatus) {
                SNSSDKState.Ready -> Log.d("KYC", "SDK ready")
                SNSSDKState.Failed.Unauthorized -> refreshToken()
                SNSSDKState.FinallyRejected -> showRejectedScreen()
                SNSSDKState.ApplicantSubmitted -> navigateToWaitingScreen()
                else -> {}
            }
        },
        onError = { error ->
            Sentry.captureException(RuntimeException("KYC error: ${error.description}"))
        }
    )
    .build()

snsMobileSDK.launch()

Access token lives 60 seconds — need backend endpoint to refresh (/kyc/token/refresh). If user gets stuck and token expires — SDK calls Unauthorized, need to refresh token invisibly.

Liveness Detection

Key for AML audit. Providers require confirming live human before camera, not photo or deepfake. Sumsub uses random gestures (head turn, blink). Onfido — passive analysis of skin texture and micro-movements.

In practice: users with poor lighting or old cameras often fail first attempt. Conversion drops 15–25% on budget devices. Solution — add lighting tips before liveness and give 3 attempts with failure explanation.

AML Checks

After identity verification — sanctions screening. Either built into KYC provider (Sumsub includes AML in tiers) or via Chainalysis, Elliptic, TRM Labs.

Chainalysis Reactor API checks wallet address against darknet marketplaces, mixing services, hacker addresses:

suspend fun checkWalletRisk(address: String): RiskScore {
    val response = chainalysisApi.getAddressRisk(
        address = address,
        outputType = "SUMMARY"
    )
    return RiskScore(
        score = response.risk,
        category = response.cluster?.category,
        isSanctioned = response.identifications
            .any { it.category == "sanctions" }
    )
}

If isSanctioned == true — block transaction and log for compliance. Not UX decision, legal requirement.

Verification Status Storage

KYC status (pending / approved / rejected / recheck_needed) on backend. Mobile caches locally, checks freshness on every start and after backgrounding (applicationWillEnterForeground / onResume).

Screen navigation depends on status. Unverified user sees limited functionality — view prices, no transactions. After submission — waiting screen with real-time status update via WebSocket or polling every 30 seconds.

Typical Errors

Most common — launch KYC SDK without checking camera availability and permissions. CAMERA permission can be revoked after first launch. Need explicit check before SDK start.

Second — not handling FinallyRejected separately from Declined. FinallyRejected means attempts exhausted, user must contact support. Declined — can try again.

KYC SDK + AML checks + UI for all statuses — 2–4 weeks. Cost estimated individually after provider choice and jurisdiction analysis.