User Identity Verification

From WHMCS Documentation

Revision as of 17:04, 4 April 2023 by SarahK (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Validation.com will discontinue service on April 9, 2023. After this date, the WHMCS features that relate to Validation.com will cease to function. For more information, see Discontinuation of Validation.com Service below.

With user identity verification, your customers must supply identifying documents through the Client Area. Their verification status will display throughout the WHMCS Admin Area.

WHMCS can initiate this automatically after a failed fraud protection check or you can initiate it manually. It helps to streamline the process of managing fraudulent orders.

We added user identity verification support through Validation.com in WHMCS 8.2. WHMCS stores whether the identity was successfully verified while Validation.com's service supplies you with the options for performing that verification. For more information, see Validation.com's Data Processing Agreement.

Discontinuation of Validation.com Service

Validation.com has announced the following timeline for discontinuation of service:

  • Support for ID checks will end on April 7th, 2023.
  • Access to submissions will end on August 21st, 2023.
  • All data retention and access will end on September 1st, 2023.

If you use Validation.com, we strongly recommend taking the following actions at Configuration () > System Settings > Fraud Protection:

  • Before April 7th, 2023, disable Automatic Requests in the Validation.com configuration settings. This disables verification requests for orders that Validation.com marks as fraudulent.
  • Before August 21st, 2023, disable Verification Features in the Validation.com settings. This disables all user identity verification features in WHMCS.

If you do not disable the settings above, there will be no customer impact:

  • If the system flags an order as high risk by MaxMind or FraudLabs Pro, it will not prompt clients to complete identity verification. Instead, users will see the standard Fraud Check error message and the system will log an error at Configuration () > System Log.
  • If an admin attempts to initiate or review a submission, an An unexpected error occurred. error message will display.

Activating User Identity Verification

Because Validation.com's services cease on April 9, 2023, we strongly recommend against activating this feature.

Using User Identity Verification

In WHMCS 8.2 and later, orders are associated with the specific user account that placed the order through the WHMCS Client Area. If the order was placed through the Admin Area (and therefore by an admin), verification requests go to the account owner's user. For more information about users and accounts, see Users and Accounts.

After activating user identity verification, you can manually request verification from a customer through two locations, which will also display the verification status:

Additionally, if you enable Automatic Requests, WHMCS will automatically request identity confirmation for users when their orders are deemed to be high risk by your fraud protection module.

Users will see a notification at the top of the Client Area if the placed order requires verification. They can then securely submit their information (for example, a selfie and a photo of a driver's license) from within the Client Area.

Other Actions

Click Update API Credentials to update the credentials for your existing Validation.com configuration.

Click Deactivate Validation.com to permanently remove all stored Validation.com credentials from WHMCS. Only use this if you want to completely remove the connection between WHMCS and your Validation.com account.

If you only want to disable user identity verification temporarily, toggling Validation.com to OFF will retain your credentials in WHMCS while disabling the functionality.

Server Modules
cPanel/WHM - DirectAdmin - Plesk - Helm 3 - Helm 4 - Ensim - InterWorx - WebsitePanel - Cloudmin
Lxadmin - Virtualmin Pro - XPanel - HyperVM - SolusVM - Cloudmin - WHMSonic - VPS.Net
CentovaCast - SCPanel - MediaCP - GameCP - TCAdmin - Reseller Central - Auto Release - Heart Internet

Registrar Modules
Enom - ResellerClub - Nominet - OpenSRS - ResellOne - OnlineNIC - PlanetDomain - Affordable Domains
TPP Wholesale - TPPInternet - Stargate - Namecheap - NetEarthOne - Bizcn - InternetBS - GMO Internet
12Register - Registercom - DotDNS - WebNIC - Dot.TK - HexoNet - Realtime Register - Registereu
RRPProxy - ResellerCamp - TransIP - Heart Internet - IPMirror - NetRegistry - OVH - VentraIP Wholesale
Email - 101Domain

Fraud Modules
MaxMind - VariLogiX FraudCall - Telesign

Gateway Modules
2CheckOut - AsiaPay - Auth.net Echeck - Authorize.net - Authorize.net CIM - Bank Transfer - BidPay
BluePay - BluePay Echeck - BluePay Remote - Boleto - CashU - CC Avenue - ChronoPay - Direct Debit
EMatters - E-Path - eProcessingNetwork - eWAY Tokens - F2B - Finansbank - GarantiBank - Gate2Shop
Inpay - InternetSecure - IP.Pay - Kuveytturk - Modulo Moip - Mail In Payment - Merchant Partners
Merchant Warrior - IDEALMollie - Moneris - Moneris Vault - Skrill 1-Tap - NaviGate - NETbilling
Netregistry Pay - NoChex - Offline Credit Card - Optimal Payments - PagSeguro - Payflow Pro - Pay Junction
Paymate AU and NZ - Payment Express - PayPal - PayPal Card Payments - PayPal Express Checkout
PayPal Payments - PayPal Payments Pro - PayPoint.net (SecPay) - Payson - Planet Authorize - ProtX VSP Form
PSIGate - Quantum Gateway - Quantum Vault - SagePay - SagePay Tokens v2 - SecurePay
SecurePay AU - Secure Trading - TrustCommerce - USA ePay - WorldPay - WorldPay Invisible