New · KYC/AML compliance, built on the CapchaCloud evidence chain

Every KYC/AML check, plus the proof.

CapchaShield is a Cloudflare-native compliance layer for identity verification, sanctions/PEP screening, and transaction monitoring. Every institution needs these checks; most vendors only give you their verdict. CapchaShield gives you the verdict and an independently, cryptographically provable record of it — sealed into the same dual-anchored evidence chain (RFC-3161 + Bitcoin) that backs the rest of CapchaCloud.

Talk to us about early access See who it plugs into One-click evidence package

In active development. Native checks are Cloudflare-only (Workers, D1, R2, Workers AI) — no per-seat vendor license required to start. Certified-vendor adapters are code-complete and activate the moment you supply credentials for a vendor you've licensed.

Two tiers. You choose, per check.

No silent downgrades: if a tenant asks for a certified vendor and it isn't configured yet, CapchaShield says so — it never quietly substitutes the native tier and calls it equivalent.

Tier 1 — Native

Liveness-tested, Cloudflare-only

Built entirely on Workers, D1, R2, and Workers AI vision — no vendor license needed to turn it on. Randomized active-challenge video presence, Workers-AI face comparison, document triage. Honestly labeled: a real screening signal, never marketed as a certified biometric determination.

What it checks

ID document

Document capture and triage, or a full certified-vendor identity verification, depending on tier.

Video presence

Randomized active challenges (blink, turn, hold up a number) plus a tamper-evident session recording — liveness-tested, not "certified liveness."

Face match

Workers AI vision compares a live capture to the ID photo in one call — a coarse, honestly-labeled signal, not a forensic biometric match.

Sanctions screening

OFAC/UN/EU/UK list matching natively, or a licensed vendor's full sanctions database via ComplyAdvantage/LexisNexis.

PEP & adverse media

Licensed-data screening — no free authoritative source exists, so this tier is vendor-backed by design.

KYB & UBO

Business registry lookups natively; full beneficial-ownership resolution via Trulioo or a licensed KYB provider.

Device intelligence

Reuses CapchaCloud's existing edge risk signals — IP/geo, bot, and proxy detection — already live in production.

Transaction monitoring

Event capture and rule-based alerting natively; full behavioral AML monitoring via a licensed vendor like Alessa.

Case management

Every check groups into a case a compliance officer opens, notes, escalates, and closes with a disposition — CapchaShield's strongest native, license-free domain. Every action on a case is sealed just like a check, so the case's history is provable, not just a status column.

Who it plugs into

A pluggable adapter per vendor — bring your own license, CapchaShield calls their API and seals the result. Built against each vendor's real, researched API contract, not a guess.

VendorCategoryCoversStatus
SumsubIdentity / KYCID documentAdapter ready — add your API keys
JumioIdentity / LivenessID documentAdapter ready — add tenant credentials
VeriffIdentity / BiometricID documentAdapter ready — add per-integration credentials
OndatoIdentity / KYCID documentAdapter ready — add API credentials
Shufti ProIdentity / KYCID + face verificationAdapter ready — add API credentials
TruliooIdentity / KYBID document + business verificationAdapter ready — add API credentials
ComplyAdvantageAMLSanctions + PEP / adverse mediaAdapter ready — add API keys
LexisNexisAMLSanctions screeningAdapter ready — pending your signed integration guide
AlessaAMLTransaction monitoringPending a vendor integration guide (no public API exists yet)
FenergoCase management (CLM)Full client lifecyclePlanned — case-management module, not a single-check adapter

Also available as specialist add-ons: iProov (certified liveness/PAD) and Middesk (US business verification). Don't see your vendor? The adapter interface is generic — new vendors are a config change, not a rebuild.

One-click evidence package

Every check — native or vendor — can be exported as a single ZIP: the sealed verdict record, the chain-anchoring receipt, and the underlying evidence itself (ID photos, selfie captures, and session video), each hashed and listed in a manifest so a reviewer can independently verify every file. One download, ready for counsel, an examiner, or your own audit file. Scope it to a whole subject's history, or to one case — pulling just the checks and reviewer notes that happened inside it.

One click, and you've got what you need for the dispute

Any sealed transaction — a chargeback, an arbitration filing, small claims, or a regulatory complaint — can generate a single evidence packet: the sealed record, its public certificate (what's proven vs. self-attested vs. rail-corroborated), any settlement corroboration from the rail's own signed webhook, any third-party witness attestations, and — when a party carries a CapchaShield identity_corroboration — a note of that too. It comes as a ZIP with a SHA-256 manifest, plus a printable cover brief stating plainly what's proven and what isn't.

What this is not: not an automatic chargeback, arbitration, or lawsuit win — it assembles evidence, it doesn't adjudicate. CapchaCloud is not your acquirer or payment processor and cannot submit representment to Visa, Mastercard, or Nacha, or file anything with a court or regulator on your behalf — only you, your processor, or your counsel can do that. This packet is what you attach.

What CapchaShield does not claim

Building this now

CapchaShield is in active development on the same Cloudflare-native evidence spine as the rest of CapchaCloud. Tell us which checks and which vendor you need first.

Talk to us