Product Documentation

Customizing End User Consent

Custom Consent Language

authID allows customers to provide and display their own end user consent language for both document verification (“Proof”) and biometric (“Selfie”) flows.

This enables organizations to align consent messaging with their legal requirements, brand voice, and regional compliance obligations.

How It Works

  • Customers can supply custom consent text and link to legal documents for:

    • Proof (document verification)
    • Selfie (biometric capture)

  • The provided language will be displayed to end users during the consent step(s).

  • If no custom language is provided, authID default consent text will be used.

  • If no link to custom legal documents is provided, default documents hosted by authID will be used.

  • All custom consent language requests must be submitted through authID Customer Support and are subject to review and approval by authID legal counsel before being applied to a customer’s configuration.

Customer Responsibilities

When providing custom consent language, customers are responsible for ensuring that their text:

  • Clearly explains what the user is consenting to

  • Accurately describes how data is collected, used, and shared

  • Meets all applicable legal and regulatory requirements (e.g., GDPR, CCPA, BIPA)

  • Includes references or links to:

    • Terms and Conditions
    • Privacy Notice.

Supported Customization

Customers may customize:

  • Consent text
  • Links to legal documents
  • Localization (multiple languages)
    • if user selects the language not provided for customization, default (English) version of consent wording is displayed

Legal Document Link Requirements

Links included in customer-provided consent language (e.g., Terms and Conditions, Privacy Notice) must adhere to specific technical and content requirements.

The destination must be a static HTML page that contains the full legal content directly, rather than linking out to external documents or third-party resources.

For production use, both the Terms and Conditions and Privacy Notice links must resolve to the same base URL, differing only by an anchor (#hash) that navigates to the appropriate section (e.g., #terms, #privacy_notice). Additionally, localization is supported via a query parameter (?lang={code} or &lang={code}), which may be appended to the URL. All links must remain functional, secure (HTTPS), and consistent with the consent language. authID reserves the right to reject or require updates to any links that do not meet these requirements prior to approval.


Consent Record Retention

These requirements are in place because authID captures and retains a record of every end user consent as part of the transaction audit trail. To ensure that each stored consent remains accurate, verifiable, and legally defensible over time, the referenced legal content must be stable and reproducible. Using a single static HTML document with anchored sections ensures that the exact version of the Terms and Privacy Notice presented at the time of consent can be reliably reconstructed, even as content evolves.

Updated about 2 hours ago