| Variant | Required inputs | Optional inputs |
|---|---|---|
| US Source 1 (including DOB) | Full name, DOB, current address | Previous addresses, mobile phone, personal email, SSN |
| US Source 1 (including DOB and SSN) | Full name, DOB, current address, SSN | Previous addresses, mobile phone, personal email |
Age Verification: US Source 1 (including DOB)
This variant performs an age verification identity check against US data sources using the subject’s name, address, and date of birth (DOB). It verifies whether an individual meets a required age threshold by cross-referencing submitted personal information against trusted US consumer and public record databases. This module is typically used in industries where age-gating is a regulatory or business requirement, such as gaming, alcohol and tobacco sales, financial services, and any platform subject to COPPA (Children’s Online Privacy Protection Act) compliance. For the full list of capabilities returned by this variant, see Capabilities below.Age Verification: US Source 1 (including DOB and SSN)
This variant performs the same identity check as US Source 1 (including DOB) but requires the subject’s Social Security Number (SSN) as a mandatory input rather than an optional one. Requiring SSN increases the confidence of the verification match because SSN is a highly unique identifier. It enables stronger cross-referencing against consumer databases and improves the reliability of Trust USA risk assessments, which evaluate relationships between identity elements such as SSN, address, and phone number. If you can collect SSN from your users, you should prefer this variant for higher-assurance age verification. For the full list of capabilities returned by this variant, see Capabilities below. The capabilities are identical to US Source 1 (including DOB).Capabilities
All Age Verification variants return the same structured set of result codes grouped into capability categories. Each category surfaces specific risk signals, match outcomes, and compliance flags that downstream evaluation logic can act on.Subject risk codes
These codes flag high-level concerns about the identity record itself, independent of any individual data field match.| Code | Description |
|---|---|
resultcode.subject.deceased | The identity record is associated with a deceased individual. The subject’s personal information matches a record in a death index or similar mortality database. This is a critical fraud indicator, as deceased identities are commonly exploited for synthetic identity fraud. |
resultcode.thin.file | The subject has a “thin file”, meaning there are very few records available in consumer databases to verify against. This is common for younger individuals (aged 18–21), recent immigrants, or people with limited credit and public record history. A thin file does not indicate fraud, but it reduces the confidence of any verification match. |
resultcode.data.strength.alert | The overall strength of the data available for this identity is weak. This may indicate that the records found are sparse, inconsistent, or insufficient for a high-confidence verification. It serves as a general signal to apply additional scrutiny. |
Name risk codes
These codes indicate whether the submitted name matched the name on file in the data source.| Code | Description |
|---|---|
resultcode.last.name.does.not.match | The submitted last name does not match the last name in the reference data source. This could indicate a data entry error, a name change (such as after marriage), or a fraudulent submission. |
resultcode.first.name.does.not.match | The submitted first name does not match the reference record. Common causes include nicknames (e.g. “Bill” vs “William”), typographical errors, or deliberate misrepresentation. |
Address risk codes
Address risk codes are the most granular capability in this module. They cover match failures at the field level, deliverability issues, stability and velocity signals, and “warm address” flags that identify high-risk location types.- Address match codes:
| Code | Description |
|---|---|
resultcode.address.does.not.match | The submitted address does not match any address on file for the subject. This is a broad mismatch signal. |
resultcode.street.number.does.not.match | The street number portion of the address does not match. The street name may be correct, but the building number differs. |
resultcode.street.name.does.not.match | The street name does not match the reference record. The subject may live at a different address entirely, or there may be a spelling error. |
resultcode.address.within.tolerance | The address does not match exactly, but falls within an acceptable tolerance range. For example, the ZIP code may differ slightly but the address is geographically close to the reference. |
resultcode.city.does.not.match | The submitted city does not match the reference address. |
resultcode.state.does.not.match | The submitted state does not match the reference address. |
resultcode.zip.does.not.match | The submitted ZIP code does not match the reference record. |
- Address type and deliverability codes:
| Code | Description |
|---|---|
resultcode.input.address.is.po.box | The submitted address is a PO Box. PO Boxes are sometimes flagged because they can obscure the subject’s true residential location. |
resultcode.located.address.is.po.box | The address found in the reference data for this subject is a PO Box, even though the submitted address may be a street address. |
resultcode.input.address.is.not.deliverable | The submitted address is not a valid deliverable address according to USPS records. |
resultcode.located.address.is.not.deliverable | The located reference address for the subject is not deliverable. |
deliverable.input.invalid.delivery.address | The address cannot receive mail delivery. It may be a vacant lot, an unrecognised address, or otherwise invalid. |
deliverable.input.deliverable.after.dropping.bldg | The address becomes deliverable only after removing the building or unit number. This suggests the primary address is valid but the specific unit may not exist. |
deliverable.input.general.delivery.address | The address is a general delivery address, meaning mail is held at a post office for the recipient to collect rather than being delivered to a specific location. |
deliverable.input.missing.building.number | The address is missing a building or house number, making it incomplete. |
deliverable.input.invalid.premise.number | The premise (building) number in the address is not valid for the given street. |
deliverable.input.missing.box.number | The address appears to reference a PO Box or mailbox but is missing the box number. |
deliverable.input.invalid.box.number | The box number provided does not exist at the given post office or mail facility. |
deliverable.input.no.usps | The address has no USPS (United States Postal Service) record. It may be a new development, a rural address, or simply non-existent. |
deliverable.input.number.needs.correction | The street or building number in the address appears to contain an error and requires correction. |
deliverable.input.military.address | The address is a military address (APO/FPO/DPO), which follows a different delivery format. |
deliverable.input.business.address | The address is registered as a commercial or business address rather than a residential one. |
- Address risk and behaviour signals:
| Code | Description |
|---|---|
resultcode.newer.record.found | A more recent address record has been found for this subject, suggesting they may have moved. The submitted address may be outdated. |
resultcode.address.velocity.alert | The address has been used in an unusually high number of identity verification requests within a short time period. This velocity pattern may indicate that multiple fraudulent identities are being registered at the same location. |
resultcode.address.stability.alert | The subject’s address history shows a pattern of frequent changes. Low address stability can be a risk factor in fraud models. |
resultcode.address.longevity.alert | The subject has been associated with the submitted address for a very short period. A short tenure at an address can indicate recently fabricated identity data. |
resultcode.address.location.alert | The geographic location of the address raises a risk flag, for example if it falls in a region associated with higher fraud rates. |
resultcode.single.address.in.file | Only one address has ever been recorded for this subject. While not inherently suspicious, it may indicate a thin file or limited history. |
resultcode.alternate.address.alert | An alternate address was found for the subject that could not be verified or raises concern. |
resultcode.high.risk.address.alert | The address has been identified as high-risk based on historical fraud data or other intelligence. |
- Warm address alerts (located address):
| Code | Description |
|---|---|
resultcode.warm.address.alert | The located address (from reference data) is flagged as a warm address of unspecified type. |
resultcode.warm.address.alert.prison | The located address is a correctional facility. |
resultcode.warm.address.alert.hospital | The located address is a hospital. |
resultcode.warm.address.alert.mail.drop | The located address is a mail drop or commercial mailbox rental (e.g. a UPS Store mailbox). These are frequently used to create fictitious residential addresses. |
resultcode.warm.address.alert.hotel | The located address is a hotel or motel. |
resultcode.warm.address.alert.campground | The located address is a campground or RV park. |
resultcode.warm.address.alert.college.university | The located address is a college or university campus. |
resultcode.warm.address.alert.uspo | The located address is a United States Post Office. |
- Warm address alerts (input address):
| Code | Description |
|---|---|
resultcode.warm.input.address.alert | The submitted address is flagged as a warm address of unspecified type. |
resultcode.warm.input.address.alert.prison | The submitted address is a correctional facility. |
resultcode.warm.input.address.alert.hospital | The submitted address is a hospital. |
resultcode.warm.input.address.alert.mail.drop | The submitted address is a mail drop or commercial mailbox rental. |
resultcode.warm.input.address.alert.hotel | The submitted address is a hotel or motel. |
resultcode.warm.input.address.alert.campground | The submitted address is a campground or RV park. |
resultcode.warm.input.address.alert.college.university | The submitted address is a college or university campus. |
resultcode.warm.input.address.alert.uspo | The submitted address is a United States Post Office. |
DOB risk codes
These codes evaluate whether the submitted date of birth matches the reference data and whether age-related thresholds are met.| Code | Description |
|---|---|
resultcode.yob.does.not.match | The submitted year of birth does not match the reference record. |
resultcode.mob.does.not.match | The submitted month of birth does not match the reference record. |
resultcode.day.of.birth.does.not.match | The submitted day of birth does not match the reference record. |
resultcode.yob.within.one.year | The submitted year of birth is within one year of the reference record. This may indicate a typographical error rather than deliberate misrepresentation. |
resultcode.no.dob.available | No date of birth is available in the reference data for comparison. |
resultcode.no.mob.available | No month of birth is available in the reference data. The year may still be present. |
resultcode.day.of.birth.not.available | The day of birth is not present in the reference data. |
resultcode.age.below.minimum | The subject’s age (calculated from the submitted DOB) falls below the configured minimum age threshold. |
resultcode.age.above.maximum | The subject’s age exceeds the configured maximum age threshold. |
Score card result
The score card result provides a summary-level outcome for the entire identity verification check.| Code | Description |
|---|---|
id.success | The identity verification was successful. The submitted information sufficiently matched reference data to pass the configured thresholds. |
id.failure | The identity verification failed. The submitted information did not match reference data at the required confidence level. |
id.partial | A partial match was achieved. Some identity elements matched while others did not. This result typically requires further review or additional verification steps. |
Age match capabilities
These codes report the specific outcome of the age verification check against the configured age threshold.| Code | Description |
|---|---|
resultcode.of.age | The subject meets or exceeds the required minimum age threshold. |
resultcode.under.age | The subject is below the required minimum age threshold. |
resultcode.confirm.age | The system was unable to confirm the subject’s age. Insufficient data was available to make a definitive determination. |
Subject restricted capabilities
This category flags regulatory restrictions related to the subject’s age.| Code | Description |
|---|---|
resultcode.coppa.alert | The subject may be under 13 years of age, triggering a COPPA (Children’s Online Privacy Protection Act) alert. COPPA is a US federal law that requires operators of websites and online services to obtain verifiable parental consent before collecting personal information from children under 13. This alert signals that you must not collect, use, or disclose the child’s personal information without appropriate parental consent mechanisms in place. |
Alert list capabilities
These codes indicate that one or more of the subject’s identity elements match an entry on a known-risk or blacklist database. These are strong fraud indicators.| Code | Description |
|---|---|
resultcode.blacklist.alert.ssn | The submitted Social Security Number (SSN) appears on a blacklist. It may be associated with known fraudulent activity. |
resultcode.blacklist.alert.address | The submitted address appears on a blacklist. |
resultcode.blacklist.alert.ip | The IP address associated with the request appears on a blacklist. |
resultcode.blacklist.alert.phone | The submitted phone number appears on a blacklist. |
resultcode.blacklist.alert.email | The submitted email address appears on a blacklist. |
resultcode.blacklist.alert.domain | The email domain appears on a blacklist (e.g. a disposable email provider commonly used for fraud). |
resultcode.blacklist.alert.document.number | The submitted document number (e.g. driver’s licence or passport number) appears on a blacklist. |
resultcode.blacklist.alert.address.zip | The ZIP code of the submitted address appears on a blacklist. |
resultcode.blacklist.alert.located.ssn | The SSN found in the reference data (not the submitted SSN) appears on a blacklist. |
Trust USA risk capabilities
Trust USA risk codes are proprietary risk signals that evaluate the relationships between pairs of identity elements. Each code represents either a match or a mismatch between two specific data points (e.g. “does this SSN appear at this address?”). A prefix ofI indicates the relationship was evaluated using the input (submitted) data, while L indicates the check used located (reference) data.
These codes feed into a composite fraud risk assessment. The presence of multiple mismatch codes across different element pairs increases the overall fraud risk score.
Element pair codes
| Code | Elements evaluated | Description |
|---|---|---|
ADDR4 | Address (4-line) | Full address match at the 4-line level (street, city, state, ZIP). |
ADDR | Address | General address match. |
IADDR4 | Input address (4-line) | The submitted address matches at the 4-line level in cross-reference checks. |
IADDR | Input address | The submitted address was evaluated in cross-reference risk checks. |
IALTADDR | Input alternate address | An alternate address associated with the input identity was flagged. |
IALT | Input alternate data | Alternate identity data associated with the input was evaluated. |
IBADDR | Input business address | The input address was evaluated against business address records. |
IBDBA | Input business DBA | The input was cross-referenced against “Doing Business As” (DBA) records. |
IBDBANAME | Input business DBA name | The business DBA name associated with the input was evaluated. |
IBFEIN | Input business FEIN | The input was cross-referenced with a Federal Employer Identification Number (FEIN). |
IBNAME | Input business name | The input business name was evaluated. |
IDOC | Input document number | The submitted document number was evaluated in risk checks. |
IEMAILDOM | Input email domain | The domain of the submitted email was evaluated for risk. |
IEMAIL | Input email | The submitted email address was evaluated in risk checks. |
IEMAILIADDR | Input email + input address | Cross-reference between the submitted email and address. |
IEMAILIIPADDR | Input email + input IP address | Cross-reference between the submitted email and IP address. |
IEMAILIPHONE | Input email + input phone | Cross-reference between the submitted email and phone number. |
IEMAILISSN9 | Input email + input SSN (full) | Cross-reference between the submitted email and full SSN. |
IFIRST | Input first name | The submitted first name was evaluated in risk checks. |
IIPADDRIADDR | Input IP address + input address | Cross-reference between the IP address and the submitted address. |
IIPADDR | Input IP address | The IP address was evaluated for risk. |
IIPADDRIPHONE | Input IP address + input phone | Cross-reference between the IP address and phone number. |
IIPADDRISSN9 | Input IP address + input SSN (full) | Cross-reference between the IP address and full SSN. |
IIP | Input IP | General IP address risk signal. |
ILAST | Input last name | The submitted last name was evaluated in risk checks. |
ILNAME4 | Input last name (4-char) | The first four characters of the submitted last name were evaluated. Used for fuzzy matching. |
INAME2 | Input name (2-part) | The submitted first and last name combination was evaluated. |
INAME4 | Input name (4-part) | A four-part name (e.g. first, middle, last, suffix) was evaluated. |
INAME | Input name | General name risk evaluation. |
IPHONEIADDR | Input phone + input address | Cross-reference between the submitted phone number and address. |
IPHONEISSN9 | Input phone + input SSN (full) | Cross-reference between the submitted phone number and full SSN. |
IPHONE | Input phone | The submitted phone number was evaluated in risk checks. |
ISKU | Input SKU | A unique identifier or session key was evaluated. |
ISNAME | Input surname | The submitted surname was evaluated. |
ISNBR | Input street number | The submitted street number was evaluated. |
ISSN4 | Input SSN (last 4) | The last four digits of the submitted SSN were evaluated. |
ISSN9 | Input SSN (full 9-digit) | The full submitted SSN was evaluated. |
ISTRNZIP | Input street name + ZIP | Cross-reference between the submitted street name and ZIP code. |
IZIP | Input ZIP code | The submitted ZIP code was evaluated. |
LDOC | Located document number | The document number found in reference data was evaluated. |
LFIRST | Located first name | The first name in reference data was evaluated. |
LLAST | Located last name | The last name in reference data was evaluated. |
LNAME4 | Located name (4-char) | The first four characters of the located last name were evaluated. |
LPHONE | Located phone | The phone number in reference data was evaluated. |
LSAC | Located sub-area code | A sub-area code in the located data was evaluated. |
LSNAME | Located surname | The surname in reference data was evaluated. |
LSNBR | Located street number | The street number in reference data was evaluated. |
LSSN4 | Located SSN (last 4) | The last four digits of the SSN in reference data were evaluated. |
LSSN9 | Located SSN (full 9-digit) | The full SSN in reference data was evaluated. |
LZIP | Located ZIP code | The ZIP code in reference data was evaluated. |
NAME2 | Name (2-part) | A two-part name combination was evaluated using both input and located data. |
NAME4 | Name (4-part) | A four-part name was evaluated using both input and located data. |
NAME | Name | General name match evaluation across input and located data. |
PHONE | Phone | General phone match evaluation across input and located data. |
SSN9 | SSN (full 9-digit) | Full SSN match evaluation across input and located data. |
STRNZIP | Street name + ZIP | Street name and ZIP combination evaluated across input and located data. |
Trust USA result capabilities
The Trust USA result provides the overall risk determination based on the aggregated Trust USA risk codes.| Code | Description |
|---|---|
pass | The composite risk assessment indicates low fraud risk. The identity elements are consistent and do not trigger significant risk signals. |
fail | The composite risk assessment indicates high fraud risk. Multiple identity elements are inconsistent or match known-risk patterns. |
refer | The risk assessment is inconclusive. The identity could not be confidently classified as low or high risk and requires manual review or additional verification. |
Default outcomes
All Age Verification variants share the same default outcomes, which can be used in evaluation and routing logic within the journey designer.| Outcome | Condition | Description |
|---|---|---|
Of Age | Age match result includes resultcode.of.age | The subject meets or exceeds the required minimum age threshold. The journey can proceed. |
Under Age | Age match result includes resultcode.under.age | The subject is below the required minimum age threshold. The journey typically routes to rejection. |
Match Restricted | Subject restricted capabilities include resultcode.coppa.alert | The subject may be under 13 years of age, triggering COPPA restrictions. You must not collect, use, or disclose the child’s personal information without verifiable parental consent. |
Can Not Confirm Age | Age match result includes resultcode.confirm.age | The system was unable to confirm the subject’s age due to insufficient data. The journey may route to manual review or prompt the user to provide additional information. |
ERROR | Default (no conditions matched) | An unexpected error occurred during processing. This fallback outcome typically indicates a system-level issue. |
Input payload
The following is a sample payload used to submit subject details to the Age Verification module for processing.JSON
| Field | Required | Description |
|---|---|---|
identity.firstName | Yes | First name of the subject. |
identity.lastNames | Yes | Array containing the last name(s) of the subject. |
identity.dateOfBirth | No | Date of birth in YYYY-MM-DD format. |
identity.emails[].type | No | Type of email address (for example, "email"). |
identity.emails[].email | No | Email address of the subject. |
identity.phones[].type | No | Type of phone number (for example, "mobile"). |
identity.phones[].number | No | Phone number of the subject. |
identity.currentAddress.lines | No | Array of address lines. Accepts up to 2 items. |
identity.currentAddress.locality | No | Town or city. |
identity.currentAddress.dependentLocality | No | State or region. |
identity.currentAddress.postalCode | No | Postal or ZIP code. |
identity.currentAddress.country | No | Country code (for example, "US"). |