Skip to main content

Glossary

Terms used throughout the Zenoo API documentation, organized alphabetically.

A

AML (Anti-Money Laundering). Regulations and procedures to prevent the use of financial systems for money laundering. Zenoo automates AML compliance checks including Company Verification, Person Verification, and screening.

C

CDD (Customer Due Diligence). Standard identity verification and risk assessment required when onboarding a customer. Includes identity verification, screening, and company registry checks. Zenoo marks CDD as complete when all required checks pass. Circuit Breaker. A resilience pattern that prevents repeated calls to a failing provider. When a provider fails beyond a threshold, the circuit “opens” and requests fail fast instead of waiting for timeouts. After a cooldown period, a single test request is sent. If it succeeds, normal traffic resumes. Zenoo implements circuit breakers internally for all upstream providers. Company Verification. The process of verifying a company’s identity, legal status, and ownership structure. Zenoo’s Company Verification flow includes company registry verification, director and UBO extraction, and screening of all entities. Also known as KYB (Know Your Business) in regulatory terminology.

E

EDD (Enhanced Due Diligence). Additional verification required for high-risk customers. Triggered by screening hits (PEP, sanctions), high-risk jurisdictions, or complex ownership structures. EDD may require source of funds documentation, source of wealth evidence, or senior compliance review. Exponential Backoff. A retry strategy where the delay between attempts increases exponentially. For example: 5 seconds, 25 seconds, 125 seconds. This prevents overwhelming a recovering service with retry storms.

F

5AMLD (Fifth Anti-Money Laundering Directive). EU directive (effective January 2020) that expanded AML requirements to include cryptocurrency exchanges, art dealers, and tax advisors. Lowered the UBO threshold from 25% to narrower criteria in some jurisdictions. 6AMLD (Sixth Anti-Money Laundering Directive). EU directive (effective June 2021) that harmonized the definition of money laundering across member states, extended criminal liability, and increased penalties. FATF (Financial Action Task Force). The international body that sets AML/CFT standards. FATF recommendations form the regulatory baseline for customer due diligence, PEP screening, and sanctions compliance worldwide. FATF also publishes lists of high-risk and non-cooperative jurisdictions.

H

HMAC-SHA256 (Hash-based Message Authentication Code using SHA-256). The algorithm Zenoo uses for webhook signature verification. Your webhook endpoint receives a signature in the X-Zenoo-Signature header, computed as sha256=HMAC-SHA256(webhook_secret, request_body). HMT (His Majesty’s Treasury). The UK government department that maintains the UK sanctions list. HMT sanctions are separate from OFAC (US) and EU sanctions lists. Zenoo screens against HMT via WorldCheck.

I

Idempotency. The property that submitting the same request multiple times produces the same result. Zenoo supports idempotency via the external_reference field. If you submit a verification with the same external_reference twice, the second request returns the existing case instead of creating a duplicate.

K

KYB (Know Your Business). See Company Verification. KYC (Know Your Customer). See Person Verification. Company Registry Provider. A verification provider that connects to official government registries to verify company names, registration numbers, addresses, directors, and shareholders. Zenoo integrates with multiple registry providers — see the Zenoo Marketplace for the full list.

O

OCR (Optical Character Recognition). The technology used to extract text data from identity documents (passports, national IDs, driving licences) during Person Verification. OFAC (Office of Foreign Assets Control). The US Treasury department that administers and enforces economic sanctions. Maintains the SDN (Specially Designated Nationals) list. Zenoo screens against OFAC via WorldCheck.

P

PEP (Politically Exposed Person). An individual who holds or has held a prominent public function. Examples: heads of state, senior politicians, senior executives of state-owned enterprises, senior military officials. PEPs and their family members and close associates are subject to enhanced due diligence. Person Verification. The process of verifying an individual’s identity. Zenoo’s Person Verification flow includes document verification, biometric liveness detection, database lookups, and screening. Also known as KYC (Know Your Customer) in regulatory terminology. Pull Token. A short-lived token (valid for 24 hours by default) used to retrieve async verification results from the Zenoo API. Returned in the response to /init requests. Use it with the /sharable-payload/{pull_token} endpoint.

S

SDN (Specially Designated Nationals and Blocked Persons List). The OFAC-maintained list of individuals and entities whose assets are blocked and with whom US persons are prohibited from transacting. Zenoo screens against the SDN list via WorldCheck. SIC (Sensitive Industry Categories). A Zenoo classification flag indicating an entity is associated with a sensitive industry sector. hasSIC=true on a screening result means the entity’s industry warrants additional scrutiny. This is distinct from sanctions (hasSanction). Start Token. A token returned by the /init endpoint, used to construct a client-facing verification URL for interactive Person Verification flows (document capture, biometric liveness).

U

UBO (Ultimate Beneficial Owner). A natural person who ultimately owns or controls a legal entity, typically through ownership of 25% or more of shares or voting rights. Identifying UBOs is a core AML requirement under 5AMLD and FATF recommendations.

W

Webhook. An HTTP callback that Zenoo sends to your server when an event occurs (verification completed, journey abandoned, check failed). Your server receives a POST request with the event payload and must respond with 200 OK within 30 seconds. WorldCheck. The Refinitiv (LSEG) screening database used by Zenoo for PEP, sanctions, adverse media, and watchlist screening. WorldCheck aggregates data from government sanctions lists (OFAC, HMT, EU), PEP databases, adverse media sources, and law enforcement watchlists.

Next steps