commit 724f2d7ae8858ee81efe14eb04a36a59ec44de2b
parent 56099eb0ef16eecc8270c8d8bce03c7fbd8e276f
Author: Christian Grothoff <christian@grothoff.org>
Date: Fri, 13 Dec 2024 21:40:06 +0100
clarify fallback restrictions
Diffstat:
1 file changed, 11 insertions(+), 38 deletions(-)
diff --git a/taler-kyc-manual.rst b/taler-kyc-manual.rst
@@ -157,6 +157,8 @@ KYC Terminology
which determines the *outcome*. We generally distinguish between
"original" measures (defined globally in the exchange configuration) and
"custom" measures (defined specifically for an account by AML staff).
+ Additionally, only *origional* measures that have a *check* of type
+ "SKIP" and that require no inputs can be used as *FALLBACK* measures.
* **Outcome**: An `AmlOutcome` describes the account state that an account
ends up in due to either an AML staff action or an AML *program* doing some
@@ -455,7 +457,9 @@ sections must being with ``kyc-check-`` followed by an arbitrary
# Usually should point to a measure that requests
# AML staff to investigate. The fallback measure
# context always includes the reasons for the
- # failure.
+ # failure. Fallback measures MUST be *origional*
+ # measures and MUST use a check of
+ # type "SKIP" and MUST NOT require any inputs.
FALLBACK = MEASURE_NAME
The list of possible FORM names is fixed in the SPA
@@ -606,7 +610,9 @@ KYC check (such as the user being a politically exposed person).
AML programs will be given the KYC attributes in JSON format on standard
input, and must output the `AmlOutcome`. If AML programs fail (return non-zero
-status codes), a FALLBACK measure is automatically triggered.
+status codes), a FALLBACK measure is automatically triggered. FALLBACK
+measures MUST be *original* measures and MUST have a check of type "SKIP"
+and MUST NOT require any inputs.
AML programs are listed in the configuration file, one program per section:
@@ -631,7 +637,9 @@ AML programs are listed in the configuration file, one program per section:
# Usually points to a measure that asks AML staff
# to contact the systems administrator. The fallback measure
# context always includes the reasons for the
- # failure.
+ # failure. FALLBACK measures MUST be *original*
+ # measures with a check type of "SKIP" without any required
+ # inputs.
FALLBACK = MEASURE_NAME
Implementing your own AML programs
@@ -971,41 +979,6 @@ from ``https://git.taler.net/wallet-core.git/``, compile and copy the file
from the ``dist/prod``.
-AML Measures
-------------
-
-The exchange configuration specifies a set of
-**original** *measures* one per configuration section:
-
-.. code-block:: ini
-
- [kyc-measure-$MEASURE_NAME]
-
- # Possible check for this measure. Optional.
- # If not given, PROGRAM should be run immediately
- # (on an empty set of attributes).
- CHECK_NAME = IB_FORM
-
- # Context for the check. The context can be
- # just an empty JSON object if there is none.
- CONTEXT = {"choices":["individual","business"]}
-
- # Program to run on the context and check data to
- # determine the outcome and next measure.
- PROGRAM = taler-aml-program
-
-If no ``CHECK_NAME`` is provided at all, the AML ``PROGRAM`` is to be run
-immediately. This is useful if no client-interaction is required to arrive at
-a decision.
-
-.. note::
-
- The list of *measures* is not complete: AML staff may freely define new
- measures dynamically, usually by selecting checks, an AML program, and
- providing context.
-
-
-
.. _ExchangeTemplateCustomization:
KYC Process Template Customization
