Orange Collective
Didit

Didit

Identity platform for fast human verification.

didit.meYYC Profile@DiditprotocolLinkedIn
Didit V3 — Product overview[1]

700+

B2B customers

Company-reported · millions of verifications/mo

~20%

MoM growth

300%+ NRR at month 6

$47B

Digital identity TAM

Grand View · 2025, → $135B by 2033

YC W26B2B · InfrastructureGroup Partner · Tyler Bosmeny

Thesis

Didit is an all-in-one identity platform — ID verification, biometrics, liveness, AML screening, and authentication — rebuilt from scratch instead of stitched together from 5–10 point vendors.[1][2] Hosted workflows for buyers who want a turnkey flow; standalone APIs for buyers who want to embed it; transparent pay-per-use pricing with a free tier on top.

The longer-term bet: identity is moving from a one-time onboarding check to continuous attribution — every action, every transaction, every agent acting on a human's behalf needs to be tied back to an accountable identity.[4][5] Didit is the unified layer the AI-era internet runs on.

  1. 01

    Identity stacks were built for a pre-AI internet. Most buyers today stitch together 5–10 vendors — one for doc check, one for biometrics, one for liveness, one for AML, one for authentication. Verifications take days, real users get stuck in random rejections, and attackers slip through the seams. Didit rebuilt the whole stack from first principles so verifications take seconds instead of days.[1][2]

  2. 02

    PLG distribution with transparent unit economics is the wedge. 500 free checks per feature per month on core KYC, pay-per-success billing, and per-feature pricing published on the website remove the procurement step the entire incumbent category depends on. Land on KYC; expand into AML, ongoing monitoring, and re-auth modules.[2]

  3. 03

    Trust is moving from onboarding to continuous attribution. As AI agents proliferate, buyers need to link every action back to an accountable human — and step-up risk-based checks at runtime, not just at signup. Sumsub launched AI Agent Verification in Jan 2026; Checkr embedded IDV inside the hiring workflow in Mar 2026. The market is signaling exactly the shift Didit is built for.[4][5]

  4. 04

    Owning the inference pipeline is the moat. Millions of verifications a month across 230+ countries and 7,000+ document types generate the feedback loop that improves models, thresholds, and flows. Vendors who orchestrate third-party APIs — instead of owning their own inference — cannot iterate at the same speed.[1][3]

  5. 05

    Two repeat founders. Identical twins. Building their second startup together. Alberto (Co-CEO, AI engineer) and Alejandro (CTO, mathematician) previously co-founded Gamium and incubated Didit inside it. Former professional tennis players from Barcelona, both with engineering / advanced mathematics degrees from UPC.

Problem

Identity verification was designed for a pre-AI internet. It can't keep up with how attackers, customers, or agents actually behave today.

Most companies that need to verify a real human run a Rube Goldberg machine of vendors: one provider for document capture, another for face match, another for liveness, another for AML screening, another for ongoing monitoring, another for re-authentication. Each integration is its own SDK, its own latency budget, its own contract minimum, its own data residency conversation.

The result on the front end is the user experience everyone has lived through: verifications that take days, random rejections with no human-readable explanation, and a workflow that's been quietly optimized for ops teams instead of customers.[1]

The result on the back end is worse. Deepfakes, synthetic identities, and agent-driven bot networks now move faster than any single vendor in the stack — and the seams between vendors are exactly where attackers operate. Adding more vendors to plug the gaps adds more seams, not fewer.

5–10

Vendors stitched together

In a typical pre-Didit identity stack

Days

Time to verify

Incumbent baseline · vs. seconds with Didit

7,000+

Doc types supported

Across 230+ countries · company-published

Why Now

Fraud just became AI-assisted. Identity is becoming the new auth layer.

The category's incumbents are publicly repositioning. Each move validates exactly where Didit is going.

Identity is no longer just about humans — every transaction, every action online now needs to be tied back to an accountable agent. Verifying who is acting, not just who signed up, is the next frontier.

SS

Sumsub[4]

AI Agent Verification · Jan 2026

Hiring is where identity moves from a one-time check to a workflow. The future of IDV is embedded inside the systems where decisions are made — not a standalone vendor in a tab.

CK

Checkr[5]

Identity Verification launch · Mar 2026

The threat surface has expanded beyond what point-vendor stacks were built to handle. Identity needs to be unified, AI-native, and tightly coupled to authentication — not stitched together at the application layer.

EN

Entrust[7]

On acquiring Onfido · 2024

Three structural shifts are pulling identity into a new shape — all at once.

AI-assisted fraud broke the assumptions. Deepfake video and audio, synthetic identity generators, and agent-driven bot farms now scale at marginal cost. The static doc-and-selfie check that worked in 2019 fails open against an attacker who can spin up a thousand convincing synthetic identities by lunchtime. Identity has to be continuous, biometric, and adversarially robust — or it isn't identity at all.

Incumbents are consolidating and retrofitting. Entrust acquired Onfido in 2024 to bolt IDV onto an authentication business.[7] Sumsub shipped AI Agent Verification ("Know Your Agent") in January 2026.[4] Checkr launched standalone IDV inside the hiring workflow in March 2026.[5] Each move concedes the same thing: identity is no longer a one-time check at signup — it's an embedded, continuous layer.

Pricing transparency reset the procurement floor. Stripe Identity publishes a per-check price.[6] Didit goes further — per-feature pricing, no contracts, no minimums, 500 free checks per feature per month — making it possible to ship identity in an afternoon instead of after a quarter-long enterprise procurement cycle.[2]

We built an all-in-one identity verification system from scratch. We optimized every millisecond to verify real humans in seconds while blocking fraud by default. Simple pay-per-use pricing — no contracts, no minimums.
Didit · Launch on YC[1]

How It Works

One stack. Five core modules. Two integration modes.

Designed to be the entire identity layer — not a feature inside someone else's product.

Step 01

Capture

Document capture, doc authenticity, OCR / extraction, and face capture in a single flow. 230+ countries and 7,000+ official document types supported out of the box.

Step 02

Verify

Passive liveness, face match 1:1 and 1:N face search, AML screening and ongoing monitoring — all running on Didit's own inference, not orchestrated through third-party APIs.

Step 03

Authenticate & re-auth

Reusable KYC and step-up checks at runtime. Identity becomes a continuous trust signal — not a one-time gate at signup.

Hosted workflows for turnkey buyers. Standalone APIs for embedded buyers.

Hosted workflows — pre-built "Core KYC" and "KYC + AML" flows priced per completed feature inside the verification. The fastest path from zero to verifying real humans in production. Embed a link or an iframe and ship.[2]

Standalone APIs — headless endpoints for ID verification, passive liveness, face match, face search, AML, age estimation, and proof of address. Priced per API call. For buyers who want to own the UX completely and call Didit as a service.[2]

Unified decisioning and audit. Whether the verification runs through a hosted flow or a stitched-together API call, the same decision engine and the same audit telemetry sit underneath. One source of truth, regardless of integration mode.

Public pricing — per feature, after free tier

Source: didit.me/pricing[2]

ID Verification

$0.15

Passive Liveness

$0.10

Face Match 1:1

$0.05

AML Screening

$0.20

AML Monitoring

$0.07 / user / yr

IP Analysis

$0.03

Illustrative unit math at posted prices: ~$0.30 per Core KYC (ID + liveness + face match), ~$0.50 per KYC + AML. Face search 1:N and reusable KYC are listed at $0 as platform hooks.[2]

Coverage & compliance posture

Company-published[3]
230+ countries7,000+ doc typesGDPRISOiBetaEU eIDAS-aligned

Self-asserted in current docs. Diligence priority: confirm audit scope, data residency, DPA terms, and convert each badge into a third-party attestation.

Market

A mid-teens-$B core market — with two adjacent ones the same architecture serves.

The narrow market is identity verification. The full picture is identity, AML, and authentication on one stack.

Identity verification (narrow). ~$13.8B–$15.7B in 2025, projected to ~$29B–$50B by 2030–2034 at a 13–16% CAGR depending on the analyst scope.[8]

Digital identity solutions (broader). ~$47B in 2025 → ~$135B by 2033 (Grand View). The category Didit's full platform plays in once authentication is included.[9]

AML software (adjacent). ~$1.7B in 2024 → ~$4.2B by 2030 (Grand View). The natural attach motion once KYC is landed — same buyer, same flow, same data plane.[10]

ICPs with high verification throughput and real regulatory pressure: fintech / neo-banks, crypto and on-ramps, marketplaces and gig, mobility, gambling and age-gated services, telco eSIM, travel and e-commerce. Each one has a known, ongoing, per-verification cost — and a procurement team that already buys this category.[1]

Identity verification

$13.8–15.7B

2025 base · → $29–50B by 2030–2034[8]

Digital identity (full)

$47B

2025 base · → $135B by 2033[9]

AML software

$1.7B

2024 base · → $4.2B by 2030[10]

We verify millions of humans monthly across 700+ B2B customers. ~20% MoM growth. 300%+ NRR at month 6. ~90% paid retention at month 6.
Didit company materials[1]

Competitive landscape

Six players in three buckets. Didit's position is the unified, dev-first, low-latency stack.

Each competitor category has a structural limitation. Didit's vertical integration and PLG motion are the answer to all three.

Persona

Configurable scale player

Configurable identity platform — KYB + fraud + compliance — for mid-market and enterprise. Workflow depth and ecosystem breadth are real. The gap: pricing and complexity make it heavy for SMB / dev-first buyers, and orchestration seams remain versus an owned, unified stack.[13]

Sumsub

Launched Agent Verification · Jan 2026

IDV + fraud + monitoring with strong EMEA and crypto footprint. Just launched AI Agent Verification ("Know Your Agent"), validating the continuous-attribution thesis. Less latency-first positioning than Didit; orchestration complexity persists.[4]

Alloy

$1.55B valuation (2022)

Risk decisioning and orchestration layer for FIs (KYC / KYB / AML). 250+ partner integrations. Strong FI relationships. Not a front-end verification stack — actually a complementary partner Didit can plug into, not a head-on competitor.[11]

Stripe Identity

Per-check pricing · $1.50

Payments-embedded IDV with Stripe's distribution. Simple embed for payments contexts. Limited AML / liveness / auth bundling; sets a visible per-check pricing floor but isn't suited for high-throughput, full-stack KYC.[6]

Veriff

Independent vendor

Video-first IDV, strong in EU and gaming. Solid fraud forensics and regional coverage. Pricing and contract norms keep procurement heavy; less PLG motion than Didit's pay-per-use, free-tier model.[14]

Checkr (IDV)

Launched IDV · Mar 2026

Hiring workflow with embedded IDV. Workflow-native distribution and clean HR-buyer alignment. Context-specific — not general dev-first identity infrastructure. Validates the workflow-embedded thesis from an adjacent angle.[5]

Unified stack with per-feature pricing. Dual integration — hosted plus API — for both turnkey and embedded buyers. Owning inference, not orchestration, so the data and iteration flywheel actually compounds.
Didit's position vs. the category[1][2]

Founder deep dive

Identical twins. Both ex-professional tennis players. Building their second startup together.

The origin. Alberto and Alejandro Rosas grew up in Barcelona. Both studied at Universitat Politècnica de Catalunya — Alberto in Electrical and Electronics Engineering, Alejandro in Advanced Mathematics and Mathematical Engineering. Alejandro also played college tennis at Cumberland University in the US. Performance, repetition, and obsessive iteration are the founder DNA — built first on the court, then in code.

Gamium — the first company. In 2021 the twins co-founded Gamium, a web3 / metaverse company focused on interoperable digital identity, social products, and decentralized identifiers. Telefónica partnered with them on early metaverse work. The bet on identity-as-infrastructure was already visible — they were building the substrate before the market needed it.

The pivot — and the second company. Didit incubated inside Gamium and spun out as a standalone identity platform in 2023. The thesis sharpened: forget the metaverse framing; the real opportunity is verifying real humans for every internet company that needs to. Built on the same first-principles design (wallet-based signatures, biometric capture, eIDAS-aligned flows), now repackaged as a developer-first IDV stack.

On the all-in-one architecture. "Existing identity systems are slow, insecure, and expensive — built for a pre-AI internet where deepfakes and bots weren't a threat. Companies stitch together 5–10 vendors to run identity checks, leading to verifications that take days, random rejections, and real users getting stuck while attackers get through. We built an all-in-one identity system from scratch. We optimized every millisecond."[1]

On the long-term shape. Identity becomes a continuous trust signal, not a one-time gate. Wallets, passwordless flows, AI agents acting on a human's behalf — all of them need the same attribution layer underneath. Didit is built to be that layer for every platform that touches a real human, not a vertical compliance product for one industry.

Why Y Combinator W26. Group partner Tyler Bosmeny. Joining YC at scale (700+ B2B customers, millions of verifications monthly) — the batch is distribution, network density, and a forcing function for the founders to compress US enterprise GTM into a single quarter. Didit was already an operating company; YC is the accelerant for the US expansion.

Founders & team

Alberto Rosas

Alberto Rosas

Repeat Founder

Co-Founder & Co-CEO

Co-CEO of Didit. AI engineer and product leader building the identity layer for the AI-era internet. Previously co-founded Gamium (web3 / metaverse identity), where Didit incubated. Engineering degree (UPC, Barcelona) and Master's in Mathematics. Former professional tennis player. Identical twin and co-founder with Alejandro.

Alejandro Rosas

Alejandro Rosas

Repeat Founder

Co-Founder & CTO

CTO of Didit. Mathematician and obsessive systems-builder — architecting Didit's identity infrastructure from first principles. M.Sc. in Advanced Mathematics & Mathematical Engineering (UPC). Earlier data science work at Oracle, math TA at New Mexico State. Co-founded Gamium with Alberto. Former professional tennis player. Identical twin.

Founder background

Identical twins · Barcelona

Both completed engineering / advanced mathematics at Universitat Politècnica de Catalunya (UPC).

Former pro tennis players

Performance, repetition, obsessive iteration — DNA from competitive sport translated into product engineering.

Co-founded Gamium in 2021

Web3 / metaverse identity platform — partnered with Telefónica. Didit incubated inside Gamium and spun out in 2023.

Group partner: Tyler Bosmeny

YC W26 batch. Joined YC as an already-scaling identity platform (700+ B2B customers, millions of monthly verifications).

Risks & mitigations

Risk

Regulatory and privacy exposure on biometrics, cross-border data, and AML — biometric IDV is one of the most heavily regulated categories in software and the surface area only grows as Didit scales globally.

Mitigation

Publish formal audit reports (SOC 2, ISO 27001), publish DPAs, run regional data processing (EU/US), default-minimal retention, and commission independent pen tests. Didit already publishes GDPR / ISO / iBeta-aligned positioning in docs; diligence is to convert that into externally verified attestation.

Risk

Pricing pressure from embedded platforms. Stripe Identity sits inside the Stripe checkout — and Checkr now embeds IDV inside hiring workflows — both with built-in distribution that Didit doesn't have at the same scale.

Mitigation

Compete on bundle depth (liveness + AML + auth in one stack), latency, and TCO versus a fragmented multi-vendor build. Volume-tier pricing and enterprise features beat per-check listing prices once verification volume is non-trivial. Stripe and Checkr are workflow-context products, not full identity infrastructure.

Risk

Model robustness against deepfakes and spoofs across the long tail of documents and geographies. Adversaries are now generative — every model release on either side shifts the equilibrium.

Mitigation

Continuous evaluations, internal red-team pipelines, rapid model updates, and stratified performance guarantees by document type and country. Owning inference (not orchestrating third-party APIs) is what makes the iteration loop tight enough to keep up.

Risk

Enterprise trust versus incumbents. Entrust/Onfido, Socure, and Persona have multi-year-old enterprise relationships, audit history, and procurement footprint that a W26 batch company doesn't.

Mitigation

Win the mid-market first with PLG. Publish independent benchmarks (NIST, iBeta), ship SLAs and customer references, and partner with risk orchestration platforms (Alloy and similar) instead of competing head-on at the decisioning layer.

What we're watching

  • External validation of the company-reported traction — 700+ B2B customers, ~20% MoM growth, 300%+ NRR at month 6, ~90% paid retention at month 6.
  • First independent third-party audit reports (SOC 2 Type 2, ISO 27001) and named US enterprise reference customers.
  • Performance against the new wave of "agent verification" products from Sumsub and incumbents — does Didit's unified stack become the default verification layer for AI agents acting on a human's behalf?
  • Margin durability at posted pay-per-use pricing as Didit's geographic mix expands and third-party data costs (sanctions/PEP, document libraries) compound.

References

  1. [1]Y Combinator — Didit company profile
  2. [2]Didit — Pricing (pay-per-use, modules, free tier)
  3. [3]Didit — Docs / Security & Coverage (company-published)
  4. [4]Sumsub — AI Agent Verification (Know Your Agent)
  5. [5]Checkr — Identity Verification product
  6. [6]Stripe — Identity pricing
  7. [7]TechCrunch — Entrust to acquire Onfido (2024)
  8. [8]Precedence Research — Identity Verification Market Size
  9. [9]Grand View Research — Digital Identity Solutions Market
  10. [10]Grand View Research — Anti-Money Laundering Market
  11. [11]TechCrunch — Alloy raises Series C extension at $1.55B valuation
  12. [12]TechCrunch — Socure raises $450M at $4.5B valuation
  13. [13]Persona — Product overview
  14. [14]Veriff — Product overview