Verification engine — operating at 99.99% uptime

Enterprise VerificationInfrastructure built for scale.

Stromont Consulting powers secure digital identity verification and KYC automation for banks, fintechs, telecom operators and government agencies — through a single, developer-first API layer.

ISO 27001 aligned
RBI / UIDAI compliant patterns
SOC 2 controls
GDPR ready
ID
Verification session
ses_8f9a3b21c0e7
Live
Applicant
IN · Tier-1
AR
Arjun Ramaswamy
Onboarding · KYC + KYB
Aadhaar XML
verified
PAN
verified
Face match
running
Liveness
queued
Risk score · 12 / 100ETA 2.1s
POST/verify/aadhaar200 · 184ms
{
  "status": "verified",
  "name_match": 0.98,
  "dob_match": true,
  "ref": "axn_91e2"
}
Face match
99.4%
+ liveness passed
API requests processed
0.0B+
Verification success rate
0.00%
Enterprise clients
0+
Avg response time
0 ms
Product surface

A complete verification stack, one API contract.

Fourteen production endpoints powering identity, financial, biometric and risk decisioning — composed into journeys you control.

GA

Aadhaar Verification

OTP, XML and offline modes with masking, consent and audit trail.

/v1/verify/aadhaarp95 · 180ms
GA

PAN Verification

NSDL-grade PAN validation with name match scoring.

/v1/verify/panp95 · 120ms
GA

GST Verification

GSTIN status, filing history and entity intelligence.

/v1/verify/gstp95 · 240ms
GA

Bank Account Verification

Penny-drop and IFSC validation with beneficiary match.

/v1/verify/bankp95 · 1.2s
GA

Mobile Verification

Number ownership, operator, port history and silent OTP.

/v1/verify/mobilep95 · 210ms
GA

Email Verification

Mailbox existence, disposable detection, deliverability score.

/v1/verify/emailp95 · 90ms
GA

OCR & Document Parsing

Structured extraction across 1500+ Indian document templates.

/v1/docs/parsep95 · 650ms
GA

Face Match API

1:1 and 1:N matching with sub-second response at scale.

/v1/face/matchp95 · 220ms
GA

Liveness Detection

Active and passive liveness — anti-spoof, mask, deepfake aware.

/v1/face/livenessp95 · 480ms
Live

Fraud Risk Engine

Device, network and behaviour signals into a unified risk verdict.

/v1/risk/scorep95 · 60ms
GA

KYC Workflow Automation

Configurable journeys with branching, fallbacks and reviewer queues.

/v1/journeysp95 ·
GA

AML Screening

PEP, sanctions and adverse-media screening with hit explainability.

/v1/aml/screenp95 · 320ms
GA

KYB Verification

MCA, CIN, beneficial owners, directors and signatory chain.

/v1/verify/businessp95 · 1.4s
GA

Digital Onboarding APIs

Drop-in flows for KYC, video KYC and re-KYC in regulated journeys.

/v1/onboardp95 ·
API infrastructure

A single pipeline from request to verdict.

Every verification flows through the same hardened pipeline — signed at the edge, orchestrated across providers, fused into a single decision, and streamed back with full audit context.

01
Ingest
Edge auth · mTLS · rate-shape
02
Orchestrate
Provider routing · fallback graph
03
Fuse
Risk · biometrics · document
04
Decide
Policy engine · reviewer queue
05
Stream
Webhook · audit ledger
200 · 12msrouted → axnscore 0.04approvewebhook ✓
POST/v1/verify/pan200 OK
{
  "pan": "ABCDE1234F",
  "name": "Arjun Ramaswamy",
  "consent": true
}
POST/v1/face/match200 OK
{
  "source": "img_8a2…",
  "target": "img_71f…",
  "threshold": 0.92
}
Signed mTLS
Edge-to-core mutual TLS with HSM-backed keys.
Idempotent
Safe retries with deterministic request keys.
Streamed verdicts
Webhook + server-sent events for long flows.
Audit-immutable
Append-only ledger of every decision input.
Operator console

The control surface your risk team will live in.

Real-time monitoring, granular permissions, immutable audit and live verification logs — in a console designed for regulated operations.

console.stmc.co.in/verifications
env · prod
Overview · last 24h

Verification operations

Sessions
184,203
+12.4%
Approved
98.71%
+0.2pp
Fraud flagged
412
-8.1%
Median latency
176 ms
stable
API requests
VerifyFace
Live activity
streaming
verify.pan2s ago
face.liveness6s ago
risk.flag12s ago
verify.aadhaar18s ago
verify.bank24s ago
Security & compliance

Trust isn't a feature — it's the substrate.

Built to meet the controls demanded by banks, regulators and government issuers from day one.

End-to-end encryption

TLS 1.3 in transit, AES-256 at rest, envelope keys rotated per region.

API authentication

Scoped keys, JWT + mTLS, signed webhooks, IP allowlists per environment.

Secure data handling

Field-level tokenization for Aadhaar, PAN and biometrics. Zero raw retention by default.

Immutable audit logs

Append-only ledger of every input, decision, reviewer action and consent artifact.

Access controls

RBAC + ABAC, SSO/SAML, SCIM, just-in-time elevation with full session capture.

Infrastructure security

Isolated VPCs, HSM-backed keys, continuous SCA/SAST, quarterly third-party pen tests.

ISO 27001SOC 2 Type IIPCI DSSGDPRRBIUIDAICompliance reports available under NDA
Industries served

Trusted across regulated sectors.

Stromont operates inside the compliance perimeter of the institutions that move money, identity and critical services.

Talk to industry team →
01

Banking

End-to-end KYC for account opening, lending and corporate onboarding.

View use cases →
02

NBFC & Lending

Sub-minute borrower verification with risk-tiered journeys.

View use cases →
03

Fintech

Wallet, payments and trading platforms onboarding at internet scale.

View use cases →
04

Insurance

Policy issuance, claims KYC and intermediary verification.

View use cases →
05

Telecom

SIM activation, MNP and reseller onboarding with UIDAI-aligned consent.

View use cases →
06

E-commerce

Seller verification, returns fraud and high-value buyer checks.

View use cases →
07

Logistics

Driver, fleet and last-mile partner KYC + background screening.

View use cases →
08

Government

Citizen-service onboarding with full audit and accessibility.

View use cases →
09

Enterprise SaaS

Embed verification inside HR, procurement and vendor systems.

View use cases →
Onboarding

From first call to production traffic in four weeks.

A disciplined onboarding programme run by an assigned solutions architect and a named customer engineer.

01

Consultation

Week 1

Discovery with our solutions team to map verification flows, regulatory scope and data boundaries.

02

API Access

Week 1

Sandbox keys, environment provisioning, SSO setup and dedicated Slack/Teams bridge.

03

Integration

Week 2–3

SDKs for backend, web and mobile. Drop-in journeys or fully composed APIs.

04

Testing

Week 3–4

Synthetic fixtures, edge-case packs, load testing and regulatory UAT with reviewer queues.

05

Go Live

Week 4+

Production cut-over, on-call coverage, fraud baselining and quarterly reviews.

Customer evidence

What risk and engineering leaders say.

“Stromont replaced four verification vendors with one orchestration layer. We cut onboarding drop-off by 31% in the first quarter and the audit story finally tells itself.”
PV
Priya Venkatesan
VP Risk · Tier-1 Indian private bank
The single best engineering experience we've had with a verification provider. Their idempotent contracts saved us during a peak surge.
Karan Mehta
Head of Platform · Consumer fintech
CASE STUDY →
Procurement, security and InfoSec all signed off in one cycle. That's a first.
Anita Rao
CISO · NBFC
CASE STUDY →
Talk to us

Bring verification in-house.

Tell us about your verification volume, regulatory scope and timelines. A solutions architect will respond within one business day.

Enterprise email
Connect@stmc.co.in
Chennai office
B 63, MTH Road
Chennai, Tamil Nadu, India
Compliance & legal
Stromont Consulting Private Limited
Master Services Agreement, DPA and security questionnaires available on request.
By submitting you agree to our processing of your business contact details for this enquiry.