Build With Polyguard

Embed Real Identity Verification in Your App.

Polyguard's SDK adds fused identity Trust Checks in minutes, not months.

Try PolyguardRead the Docs

What You Can Build

Polyguard's SDK gives your application real identity verification — not just another login step.

Account Creation

Verify new users are real people with real identities at signup. Prevent synthetic identity fraud, bot registrations, and duplicate accounts before they enter your system.

High-Value Transactions

Confirm identity before transfers, purchases, or contract signatures. Add a Trust Check at the moment it matters — when the stakes are highest.

Age Verification

Cryptographic age verification backed by government-issued documents. Not self-reported, not a checkbox — verified against a real identity document on a bound device.

Access Control

Verify identity before granting access to sensitive systems, documents, or environments. Replace passwords and security questions with fused identity Trust Checks.

Identity Verification for KYC / KYB

Build your own KYC or KYB solution on top of Polyguard's fused identity Trust Checks. Persistent identity verification with Transaction Affidavits provides the foundation your compliance workflows require.

Integration in Five Steps

From SDK install to production verification in an afternoon.

1

Integrate the SDK

Install @polyguard/sdk for JavaScript, or use the native Swift (iOS) and Kotlin (Android) SDKs. Drop-in integration with your existing frontend.

2

Trigger a Trust Check in Your User Flow

Add a verification trigger at any point in your application — account creation, transaction confirmation, access request. One API call initiates the Trust Check.

3

User Verifies on Polyguard Mobile

The user receives a push notification on Polyguard Mobile and completes a Trust Check — fused identity verification on their own device. Seconds, not minutes.

4

App Receives Signed Verification Token

Your application receives a cryptographically signed verification token via webhook or polling. The token contains the verification result, confidence scores, and attestation data — no raw biometric data.

5

Optionally Store a Transaction Affidavit

For regulated workflows, retrieve and store a full Transaction Affidavit — a litigation-ready record of the verification event, exportable for compliance reporting and audit trails.

SDK and API

One SDK, three platforms. Full REST API for server-side integration. Webhooks for real-time events.

JavaScript

@polyguard/sdk — ESM and IIFE builds. Works with React, Vue, Angular, and vanilla JS. Under 15KB gzipped.

iOS (Swift)

Native Swift SDK via Swift Package Manager. Supports iOS 16+. Integrates with AppAttest for device attestation.

Android (Kotlin)

Native Kotlin SDK via Maven Central. Supports API 26+. Integrates with Play Integrity for device attestation.

REST API + Webhooks

Full REST API for server-side verification management, result retrieval, and policy configuration. Webhooks deliver real-time verification events to your backend.

White-Label Options

Customize the verification flow with your branding. White-label Polyguard Mobile or embed the verification UI directly in your application.

integration.js 
import { Polyguard } from '@polyguard/sdk';

const pg = new Polyguard({
  apiKey: process.env.POLYGUARD_API_KEY,
});

// Trigger a Trust Check
const verification = await pg.verify({
  userId: 'user-123',
  factors: ['person', 'document',
            'device', 'location'],
  callbackUrl: '/api/verify-callback',
});

// Check result
if (verification.status === 'verified') {
  // Proceed with high-value action
  console.log(verification.confidence);
  console.log(verification.affidavitUrl);
}
webhook-handler.js 
// Webhook receives signed tokens
app.post('/api/verify-callback',
  async (req, res) => {
  const { token } = req.body;

  // Verify signature with JWKS
  const result = await pg
    .verifyToken(token);

  if (result.verified) {
    await grantAccess(result.userId);
  }
});

Privacy First Architecture

Polyguard is built on a fundamental principle: biometric data never leaves the user's device.

Biometrics Stay on Device

All biometric processing happens on the user's personal device via Polyguard Mobile. No biometric templates, facial embeddings, or raw biometric data are transmitted to or stored on Polyguard servers.

Signed Tokens, Not Raw Data

Your application receives cryptographically signed verification tokens — not biometric data. Tokens confirm identity without exposing any personal information to your infrastructure.

Device Attestation

Polyguard Mobile uses Apple AppAttest (iOS) and Google Play Integrity (Android) to confirm the verification is running on a genuine, unmodified device. Jailbroken and rooted devices are rejected.

No PII on Servers

Polyguard's Privacy First architecture means no personally identifiable information is stored on Polyguard servers. Verification results are attestations — mathematical proofs of identity, not copies of identity.

Built for Engineers

Clean APIs, comprehensive documentation, and a sandbox environment for development.

Sandbox Environment

Full-featured sandbox with test identities and simulated verifications. Build and test your integration without real identity documents or biometric data.

Comprehensive Documentation

API reference, integration guides, sample applications, and architecture diagrams. Everything you need to go from zero to production.

Dedicated Engineering Support

Direct access to Polyguard's engineering team during integration. Slack channel, office hours, and code review for your implementation.

Start Building with Polyguard

Add real identity verification to your application. Sandbox access is available now.

Try Polyguard Talk to Our Engineering Team