Skip to main content

Verification Outcomes

Understanding Verification Outcomes: Matched vs. Verified

Method distinguishes between two verification states, and understanding the difference matters:
StateMeaningUnlocks products?
Neither matched nor verifiedEntity created, not yet verifiedNo
Matched onlyMethod identified the person, but they haven’t proven identityNo
Matched + VerifiedFull identity confirmation completeYes
An Entity cannot reach Verified status without first being Matched. If matching fails, verification cannot proceed. In practical terms: matched means “we know who you are,” and verified means “you’ve proven you’re that person.” Both are required.

How Matching Works

When you create or update an Entity with PII (name, DOB, SSN, address, phone), Method attempts to correlate that information against its identity records. If the PII matches a known identity, the Entity becomes matched. This happens automatically when the Entity’s PII is processed — you don’t call a separate endpoint for matching. The Entity’s matched status is then checked when you create an identity verification session. If the Entity is not yet matched, the session creation will fail with MISSING_IDENTITY_MATCH. Matching can fail if:
  • The PII is incomplete (name + phone only, no DOB or SSN)
  • The PII has typos or formatting issues
  • The person has a thin file (limited credit/identity history)
See Maximizing Verification Success for how to improve match rates.

When Matching Fails

If Method cannot match the Entity’s PII to a known identity, creating an identity verification session will return a MISSING_IDENTITY_MATCH error. Your options:
  1. Collect more PII: Update the Entity with additional fields (DOB, SSN, address) and retry. More PII dramatically improves match rates.
  2. Verify the data: Check for typos, name variations (maiden names, Jr/Sr suffixes), or incorrect phone numbers.
Match failures are not the same as verification failures. A match failure means Method couldn’t identify the person at all. A verification failure (KBA wrong answers, SMS wrong code) means the person was identified but couldn’t prove they’re that person.You will need to create a new Entity if a user fails identity verification (e.g., incorrect KBA answers). The failed Entity cannot be reused for identity verification.

Checking Verification Status

The Entity object includes a verification field that reflects the current state: 
"verification": {
  "identity": {
    "verified": true,
    "matched": true,
    "latest_verification_session": "evf_xxx",
    "methods": []
  },
  "phone": {
    "verified": true,
    "latest_verification_session": "evf_yyy",
    "methods": []
  }
}
When verification is incomplete, the methods arrays will contain the available verification methods for that step (e.g., ["sms", "sna"] for phone, ["kba"] for identity). Once a step is completed, its methods array becomes empty. Use these fields to determine what actions are available for the Entity. See the Entity API Reference for full field documentation.

Maximizing Success

Improve match rates through better data collection.

Verification Sessions API

Full API reference for verification session endpoints.