Start a project
← All work
Product · 2023 Flagship

Digital Identity Onboarding & Document-Verification Flow

A leading Romanian retail bank

Overview

A digital identity-onboarding module for a leading Romanian retail bank’s self-service banking (SSS) platform. It guides a customer through capturing and verifying their identity document, then authenticates them against the bank’s directory and core services to grant a secure session.

The Challenge

Remote onboarding and re-authentication in retail banking must satisfy strict KYC and anti-fraud requirements while staying usable on consumer devices. The flow has to capture a physical ID document, validate it, cross-check the holder against bank records, and issue a trustworthy session, all without leaking sensitive data.

What We Built

A Next.js 14 App Router application (idlogin) with a clear separation of concerns: an app/ layer of route segments (idlogin, dashboard, status, client, error) plus API routes, a repositories/ layer for login and request (cerere) persistence, a services/ layer, and a lib/ security core (ldapauth, token, auth, fetch). Identity capture uses Regula’s document-reader web client and front-end document components for MRZ/ID extraction. Sessions are protected with iron-session and signed JWTs, requests validated with Joi and Zod, and data persisted to AWS DocumentDB. The codebase ships a structured error-code taxonomy (authentication, data, network, permission, system, and Regula-specific ranges) for predictable diagnostics, and runs containerised via docker-compose with a bundled DocumentDB TLS CA.

Technologies & Approach

Next.js + React + Tailwind for an SSR, bank-styled UI; Regula for document reading; LDAP (ldapts) for directory authentication; MongoDB/DocumentDB for storage; iron-session + jsonwebtoken for session and token security; image handling via sharp. The architecture cleanly isolates UI components, repositories, services and security primitives so the flow can be audited and extended.

Outcome / Impact

Delivered a production-oriented onboarding/login module that integrates document verification, directory authentication and secure sessions, one of several cooperating services in the bank’s self-service platform.

Capabilities Demonstrated

  • KYC-grade digital identity onboarding for regulated banking
  • ID-document capture and verification (Regula, MRZ/OCR)
  • Secure session and JWT/token management with iron-session
  • LDAP/directory authentication integration
  • Bank-styled SSR web apps in Next.js 14 with a structured error taxonomy
More work See all →
Client engagement 2025

Card-Issuing API Integration & Secure Card-Data Decryption (Python)

Banking/Fintech
Capability 2025

In-Browser ID/Document OCR with PaddleOCR ONNX Models

IoT/Computer Vision
Product 2025

Merchant Onboarding & Enrichment (Firebase + Genkit AI)

Crypto/Web3