This chapter details the onboarding process for your end-clients—the individuals or entities interacting with your platform and utilizing ecrop’s services. All end-users, including emitters, investors, and security holders, must be registered with ecrop and undergo KYC/AML checks. You have two primary options for onboarding end-clients: leveraging ecrop’s OmniPersona app or using your own solution integrated with ecrop’s APIs.

Option A: End-Client Onboarding via OmniPersona

This is the simplest and most streamlined approach, leveraging ecrop’s existing infrastructure and user-friendly mobile app.

  1. End-Client Registration (Client-Initiated): Your end-clients download the OmniPersona app from the relevant app store and sign up, providing their first name, last name, email address, and a secure password. OmniPersona automatically generates and securely stores a private/public key pair for each user. This key pair is essential for the Proof of Action (PoA) mechanism used for transaction authentication.
  2. Store Customer Email and Webhook URL /omni-omni/v1/parties - POST: Before your client registers in OmniPersona, you must store their basic information (first name, last name, email address) and optionally a webhook URL in the ecrop system. This crucial step allows ecrop to link the end-client to your organization. Use the /omni-omni/v1/parties (POST) endpoint for this purpose. The email field will be used for matching during the end-client’s signup in OmniPersona, so ensure they use the same email address. The optional webhook URL will be called by ecrop (POST request) upon successful end-client approval, notifying your system and providing the newly created party ID.
  3. KYC/AML Process (Handled by ecrop): ecrop automatically initiates the KYC/AML process for the end-client upon successful registration in OmniPersona. This includes identity verification using PostIdent and AML checks. The user’s key pair generated in OmniPersona is used for authentication during the PostIdent process.
  4. Notification and Confirmation: Upon successful KYC/AML clearance, ecrop notifies your system via the provided webhook (if supplied in step 2). The notification will include the end-client’s party ID, which you can use for subsequent interactions with the ecrop APIs. The end-client also receives confirmation within the OmniPersona app.

Option B: End-Client Onboarding via Client System (API Integration)

This option provides more control over the user experience but requires more development effort on your side.

  1. Capture End-Client Information: Collect the necessary information from your end-clients within your own system. This includes the same information required for OmniPersona registration, plus any additional data you need.
  2. Create Party Entity /omni-omni/v1/parties - POST: Submit the collected information to ecrop using the /omni-omni/v1/parties (POST) endpoint.
  3. Key Pair Management (Client Responsibility): In this scenario, you are responsible for generating and securely storing the end-client’s private/public key pair. Include the public key in the request body when creating the party entity. This key pair will be used for transaction authentication using ecrop’s PoA mechanism. Refer to the [PoA Documentation] for details on implementing transaction signing.
  4. KYC/AML Process (Options):
    • Existing KYC/AML from Regulated German Financial Institution: If you can provide KYC/AML data from a regulated German financial institution (e.g., a bank or securities institute) for your end-client, ecrop can accept this existing KYC data.
    • PostIdent Integration: If you cannot provide pre-approved KYC data, ecrop requires the use of PostIdent for identity verification. You can integrate PostIdent into your own system using the PostIdent SDK or by redirecting users to the PostIdent website. However, similar to the OmniPersona flow, ecrop needs to interface with PostIdent directly to retrieve the verified identification data.
  5. Notification and Confirmation: Upon successful KYC/AML clearance, ecrop will notify you via a callback mechanism. The end-client will receive confirmation within your system.
AuthParty