Trust & Verification explains how Onyx decides when an action needs stronger account confidence.
It helps protect number features, payments, card actions, connected app assertions, account recovery, organization access, and regulated services without turning verification into a public badge.
Trust
Trust eligibility ladder
Select a trust state to see available actions, blocked actions, and the next account requirement.
Account access
Profile
Card
Regulated number
Complete setup
Why Trust Exists
Onyx connects mobile service, numbers, payments, identity, communication, and connected apps.
Those systems need stronger account confidence when an action can affect money, number ownership, recovery, regulated access, or another person's trust in the account. Trust exists to reduce fraud, impersonation, account takeover, payment abuse, and repeated verification across approved services.
Trust is not a public popularity score. It is a private account eligibility signal.
Trust States
Trust states describe the level of account confidence available for supported actions.
Basic means account setup is complete. Trusted means the account has enough healthy signals for common activity and communication. Verified means the account has stronger confidence through verification, recovery health, device continuity, contact trust, or review.
KYC Verified means the account completed regulated identity verification for supported regulated actions. Organization / Service Verified means the account represents an approved organization, developer, institution, or service identity.
What Trust Can Unlock
Trust helps your account access actions that need higher confidence.
Those actions include payment eligibility, card issuance, number activation, connected app assertions, organization visibility, communication trust, and account recovery. The exact requirement depends on the action, country, account type, transaction size, telecom rules, payment rules, and abuse controls.
Verification Requirements
Verification is requested when an action needs stronger evidence.
Actions may require identity verification, address verification, age verification, organization review, payment verification, or recovery confirmation. Requirements change based on local regulation, transaction size, service type, fraud review, account state, or recovery posture.
Onyx should connect the requirement to the affected action so you know why the step exists.
Verification States
Verification states help you understand progress.
A check can be not required, required, started, pending, awaiting information, completed, failed, expired, revoked, refresh required, or unavailable. Some states temporarily limit payments, wallet features, number activation, connected app permissions, or card issuance until the account is ready again.
Regulated Verification
Some regulated actions require identity review through trusted verification providers.
These checks support identity verification, age verification, jurisdiction eligibility, payment eligibility, fraud review, telecom compliance, and organization verification. Onyx receives the result needed to update account eligibility. Normal account flows should not expose raw documents, private review evidence, or provider internals.
Scoped Verification Results
Connected apps can request limited verification assertions through Onyx ID.
Examples are identity verified, age verified, payment eligible, jurisdiction eligible, and organization verified. Apps receive only the approved assertion, not identity documents, unrelated wallet activity, payment history, or private evidence.
Expiration And Refresh
Verification can expire or require refresh.
Refresh requirements depend on local regulation, document expiration, payment rules, telecom policy, organization review timing, fraud review, or account recovery. If a refresh is required, the affected action may pause until the check is complete.
Privacy
Verification protects access without turning private identity into public profile data.
Public profiles should not expose regulated verification status, verification provider details, identity documents, compliance records, or private review information. Connected apps should only receive approved assertions and approved trust visibility.