Optional Features

KYC & Compliance

Know Your Customer (KYC) procedures are required by law for financial institutions operating under AML/CFT regulations. Mercuryo handles KYC verification on its side — you choose how deeply to integrate it.

SumSub is Mercuryo's primary KYC provider.

When KYC Is Required

KYC verification is mandatory for:

  • All Off-Ramp (sell) operations.
  • On-Ramp (buy) operations when:
    • The transaction amount exceeds the KYC threshold.
    • The user's country requires mandatory KYC.
    • The specific payment method requires KYC.

KYC Requirements by Feature and Country

Feature Country / Region Required Documents
crypto EU + EEA ID card / passport / residence permit / driving licence + questionnaire + selfie
crypto EU + EEA, and non-EU countries ID card / passport / residence permit / driving licence + selfie
crypto US ID card / passport / residence permit / driving licence + SSN + selfie
crypto RU (IP outside EEA) Passport / driving licence + proof of address + selfie
crypto RU (IP within EEA) Passport / driving licence + residence permit + selfie
crypto BR (DOC_FREE + selfie scenario) CPF + selfie
crypto BR (when DOC_FREE failed) ID card / passport / residence permit / driving licence + selfie
card + crypto EU ID card / passport + proof of address + selfie — required for Spend Card issuance
ssn US Proof of address (as data) + TIN

Available features:

  • crypto — enables all crypto buy/sell operations.
  • card — enables Spend Card issuance and usage. Required in addition to crypto for users in EU who want to issue a Spend Card.
  • ssn — simplified US flow using SSN; up to a transaction limit without documents. Full KYC (crypto) is required after the limit.

Identity Document Requirements

The document must contain:

  • Full name
  • MRZ code
  • Citizenship
  • Date of birth
  • Document number
  • Issuing authority
  • Date of issue

The document must:

  • Be unexpired
  • Be scanned or photographed clearly
  • Show all corners and sides
  • Have all information legible

Proof of Address

We do not accept bank statements from neobanks.

Integration Options

Option 1 — Standard In-Widget KYC

If you don't implement any KYC on your side, Mercuryo provides the SumSub interface directly in the widget. Users complete identity verification and a liveness test without leaving the widget.

No additional integration required. This is the default.

Option 2 — SumSub Share Token

If you already use SumSub for KYC on your platform, you can share verified users with Mercuryo. Users won't need to verify twice.

Note: This option requires approval from Mercuryo's Customer Success and Compliance teams, as SumSub charges for this service. Discuss it with your Mercuryo manager before proceeding.

Whitelisting prerequisite:

  1. Conclude a contract with SumSub for the Reusable KYC feature.
  2. Request a partner token from your Mercuryo integration manager.
  3. In your SumSub account: PartnersRecipientsAdd Recipient → enter the partner token.
  4. Ask your Mercuryo manager to verify the setup.

Processing rules:

  • The applicant must have completed ID document + liveness (selfie) verification with approved status on your side.
  • The share token flow is triggered by email match between your SumSub applicant and the Mercuryo user.
  • Mercuryo can accept a share token only once per applicant (SumSub architecture limitation).
  • Field sets may differ between systems — only document type and country are used for matching.

Steps:

  1. Generate share_token using the SumSub API: 
    POST https://api.sumsub.com/resources/accessTokens/-/shareToken
    Required parameters: applicantId, forClientId=Mercuryo
  2. Pass the generated value as share_token in the widget URL or in the sign-up request body.

See Authentication for how to pass share_token during sign-up.

How it works — video | SumSub sharing docs

Option 3 — Submit Documents via API

Manually send user documents to Mercuryo via API. Users still need to complete the liveness check in the widget.

Requires API-based Authentication.

Steps:

  1. Call GET /v1.6/sdk-partner/user/kyc-status to check if KYC is already complete.

    • If features[].status == "complete" for the needed feature — no action needed.

  2. Call POST /v1.6/sdk-partner/kyc/docs to upload documents.

    • Include: ID card, driving licence, passport, residence permit, proof of address (see API Reference for file naming conventions), feature, and country code.
    • The response contains kyc_access_token — use it as share_token.

  3. Authenticate the user: call POST /v1.6/sdk-partner/login to get init_token and init_token_type.

  4. Redirect the user to the widget with all tokens:

    https://exchange.mercuryo.io/?widget_id=YOUR_WIDGET_ID
  &init_token_type=sdk_partner_authorization
  &init_token=0a25dd714163a9006
  &share_token=YOUR_KYC_ACCESS_TOKEN

  5. The user completes any remaining documents and the liveness check in the widget.

  6. Poll GET /v1.6/sdk-partner/user/kyc-status for the result:

    Status Description
    complete KYC successfully completed
    incomplete SumSub has not started verification yet
    failed_attempt First attempt failed — user can retry
    failed Verification failed — contact Mercuryo Support
    under_review SumSub is reviewing the submitted documents

  7. Once complete, redirect the user to the widget to proceed with the transaction.

KYC for Spend Card

Issuing a Spend Card requires the card KYC feature in addition to crypto. For EU users, this means providing an ID card or passport, proof of address, and a selfie (card + crypto row in the table above).

The required documents vary by the user's country of citizenship — see the full list of eligible countries.

See Spend Card for full integration details.

Previous
User Pre-Authorization
Next
Customization