Gatekeeper

Identity orchestration infrastructure.

Gatekeeper orchestrates identity verification across multiple upstream providers and data sources. Customer and business onboarding flows through Gatekeeper, which routes identity operations to appropriate providers, validates submitted documents, integrates results from Brazilian corporate registries, and maintains the identity lifecycle for every customer on the platform.

Identity as an orchestrated service.

Identity verification in regulated payments requires several types of operation: document validation against issuing authorities, biometric verification, sanctions screening, politically exposed person screening, beneficial ownership verification for business customers, ongoing screening throughout the customer relationship. No single vendor handles all of these well. Gatekeeper orchestrates the operations across the providers best suited to each, presenting identity as a single coherent service to the rest of the platform. Individual customer onboarding passes through KYC procedures: identity document submission, document validation, biometric confirmation, sanctions screening. Business customer onboarding adds KYB procedures: corporate document submission (contrato social, ata de eleição, procuração where applicable), beneficial ownership verification through Brazilian corporate registries, representative authority validation. Once a customer is onboarded, Gatekeeper maintains the identity lifecycle. This includes periodic re-verification, sanctions screening run against ongoing watch list updates, and the workflows that trigger when identity status changes (lost or compromised documents, sanctions list changes, regulatory escalations). The identity record is treated as a living state, not a one-time onboarding artefact.

Routing to the right provider.

Gatekeeper integrates with multiple upstream identity providers, including specialised KYC services, document validation providers, Brazilian corporate registry APIs, and sanctions data sources. The orchestration layer routes each verification operation to the provider best suited to the specific check, integrates results, resolves discrepancies where they arise, and presents a unified identity profile to the rest of the platform. The specific upstream providers IPS uses are not exposed in public documentation. This is a deliberate operational discipline — exposing the providers publicly would give bad actors information useful for evading them. Partner banks and regulators with legitimate need to know the provider stack receive that information under appropriate information-sharing arrangements through the institutional access channel.

Identity data handled under LGPD.

Identity data is sensitive personal data under LGPD (Lei Geral de Proteção de Dados). Gatekeeper handles this data following the principles of minimisation, purpose limitation, and security. Identity data collected for KYC and KYB purposes is used only for those purposes; access within the platform is limited to functions that require it; data is encrypted in transit and at rest; retention follows the regulatory requirements applicable to financial services. For a fuller description of the data protection programme, see the Compliance section.

Institutional access

Technical specifications, integration guides, and architectural detail

Available to qualified counterparties — partner banks, payment infrastructure providers, and accredited compliance teams — through the institutional access process.

Read about