Mobile SDK | Verifa

Verifa’s mobile SDKs provide native document capture, selfie collection, and liveness detection for iOS, Android, and React Native applications. The SDK handles the camera UI, image quality checks, and fraud signal collection with a native look and feel.

Platforms

Platform	Package	Min version
iOS	`VerifaSDK` (Swift Package Manager)	iOS 14+
Android	`com.verifa:sdk` (Maven Central)	API 24+ (Android 7.0)
React Native	`@verifa/react-native-sdk`	RN 0.72+

How it works

Your server creates a session via the API
Pass the session token to the mobile SDK
The SDK presents native capture screens
On completion, the SDK returns control to your app
Your server receives the result via webhook

Integration flow

Step 1: Create a session (server-side)

$ curl -X POST https://api.withverifa.com/api/v1/sessions \
>   -H "X-API-Key: vk_live_your_key_here" \
>   -H "Content-Type: application/json" \
>   -d '{
>     "external_ref": "user_abc123",
>     "country": "US"
>   }'

Pass the session id and token to your mobile app.

Step 2: Initialize the SDK

iOS (Swift)

Android (Kotlin)

React Native

1 import VerifaSDK
2 
3 let config = VerifaConfig(
4     sessionToken: "tok_abc123...",
5     environment: .production
6 )
7 
8 let verifa = Verifa(config: config)
9 
10 verifa.start(from: self) { result in
11     switch result {
12     case .completed(let sessionId):
13         print("Verification completed: \(sessionId)")
14     case .cancelled:
15         print("User cancelled")
16     case .error(let error):
17         print("Error: \(error)")
18     }
19 }

Step 3: Handle the result

The SDK callback tells you when capture is complete. The actual verification result comes via your server’s webhook:

1 {
2   "event": "session.approved",
3   "data": {
4     "session_id": "session_abc123",
5     "external_ref": "user_abc123",
6     "status": "approved"
7   }
8 }

Or poll from your server:

$ curl https://api.withverifa.com/api/v1/sessions/session_abc123/result \
>   -H "X-API-Key: vk_live_your_key_here"

SDK configuration

Fetch runtime config

The SDK fetches its configuration from the server on initialization:

GET /api/v1/sdk/config

This returns theming, feature flags, and required capture steps based on the session’s workflow.

Theming

Customize the SDK appearance to match your app:

1 let config = VerifaConfig(
2     sessionToken: "tok_abc123...",
3     environment: .production,
4     theme: VerifaTheme(
5         primaryColor: UIColor(hex: "#4f46e5"),
6         backgroundColor: .white,
7         cornerRadius: 12
8     )
9 )

Server-side theming is also available — configure in the dashboard under Settings > Organization (Theming section) and it applies to all SDK sessions.

Native fraud signals

The mobile SDK collects device-specific fraud signals not available in the web capture flow:

Signal	Description
Root/jailbreak detection	Detects rooted Android or jailbroken iOS devices
Emulator detection	Identifies virtual devices and emulators
Debugger detection	Detects attached debuggers
Screen recording	Detects active screen capture or recording
Camera injection	Detects virtual camera apps injecting fake video
Device attestation	Validates device integrity via platform APIs
Touch pressure	Analyzes touch pressure patterns (zero pressure = bot)
Gyroscope stability	Detects unnaturally stable gyroscope (no hand movement)
Install source	Detects sideloaded apps (not from official app store)

These signals are automatically submitted alongside the standard behavioral, device, and network signals.

Capture screens

The SDK presents these screens in sequence:

Consent — Biometric processing consent
Document type — Select ID type (passport, driver’s license, etc.)
Document capture — Native camera with alignment guides, auto-capture, and quality feedback
Selfie capture — Front-facing camera with face alignment
Liveness challenge — Randomized challenges (blink, smile, head turn)
Additional data — Email, phone, address (if required by workflow)

The SDK skips screens that aren’t required by the workflow’s data_requirements.

Permissions

The SDK requires camera permission. Request it before starting the SDK or let the SDK handle the system prompt:

Platform	Permission
iOS	`NSCameraUsageDescription` in Info.plist
Android	`android.permission.CAMERA` in AndroidManifest.xml

Error handling

Error	Cause	Resolution
`token_expired`	Session token TTL exceeded	Resume the session for a new token
`camera_unavailable`	No camera or permission denied	Prompt user to grant camera access
`network_error`	Lost connectivity during upload	SDK retries automatically
`session_completed`	Session already finished	Create a new session

Testing

In sandbox mode, the SDK allows you to select verification outcomes manually. Create sessions with a sandbox API key (vk_sandbox_*) to enable this.

Choosing an Integration Method — Compare SDK vs web capture vs API-only
Web Capture Flow — Hosted capture for web apps
Fraud Signals — All signals including mobile-specific
Sessions — Session lifecycle and result retrieval