My Rightcheck API integration & OpenData verification services

UK pre-employment identity packets, DVS-style digital checks, and employer-ready payloads mapped to HR workflows

From $300 · Pay-per-call available

OpenData · Digital Verification Service (DVS) context · Protocol analysis · HRIS export patterns

Turn My Rightcheck candidate packets into auditable, machine-readable onboarding data your systems can act on

My Rightcheck exists so UK job seekers can complete pre-employment Right to Work steps without emailing scans. The underlying value for integrators is structured identity evidence (passport chip reads where supported, facial capture metadata, document types, checklist completion) moving from candidate devices to employer-controlled cases. We model that movement like an OpenData handoff: explicit consent, scoped fields, retention boundaries, and replayable audit logs.

Identity evidence objects — Passport, visa, and supporting ID artifacts represented as typed records with capture timestamps, not loose attachments in inboxes.
Case-scoped sharing keys — Employer-specific invitations map to bounded datasets recruiters need for statutory excuse evidence, parallel to account-to-account consent rails in OpenFinance.
Operational telemetry for HR — Stage transitions (draft, submitted, employer notified) give workforce teams SLA metrics comparable to payment-status webhooks.

Biometric passport capture path — Chip-assisted reads reduce manual MRZ typing errors; integration work focuses on normalizing chip-derived fields into your HRIS candidate profile without duplicating sensitive media.

Employer notification windows — Third-party listings describe sub-hour turnaround to recruiters; your stack can subscribe to equivalent status feeds once authorized channels are mapped.

Cross-platform parity — Android package com.t4connex.precheck.rightcheck and the GB iOS listing target the same compliance story; integration specs should treat both clients as first-class senders of the same payload shapes.

Contact page API integration instructions

Why recruiters care about the data, not only the PDF

Home Office guidance visible on GOV.UK continued to evolve across 2024–2025, including a 26 June 2025 employer guide refresh that leans on Digital Verification Service language and a supplementary code with a 1 December 2025 in-force date for certain digital British and Irish passport routes. When your HR stack stores only a flattened PDF, you lose the structured signals auditors expect from a certified IDSP journey.

My Rightcheck compresses candidate effort (guided prompts, secure upload, chip read where applicable). In October 2024 the public iOS release notes for the consumer app referenced version 2.22.5 with maintenance-focused updates—an example of the steady release cadence you should plan regression tests around.

Population: third-party summaries cite hundreds of thousands of installs and strong store ratings—expect heterogeneous devices and intermittent rural bandwidth.
Regions: United Kingdom hiring workflows first; any expansion must be re-scoped against local work-authorization law, not generic “global KYC.”

Feature modules we implement around My Rightcheck-class flows

Checklist-to-schema compiler

Employers vary the evidence bundle by nationality and visa class. We translate in-app guidance steps into JSON schemas your ATS understands, so recruiters stop re-keying answers already attested on the candidate phone.

Document lineage ledger

Each upload receives a content hash, capture channel (camera vs file), and parent case identifier. Fraud review teams use that lineage the same way finance teams trace settlement IDs across OpenBanking payment initiation messages.

Biometric read normalization

Chip-assisted passport flows emit structured fields (document number, nationality, expiry) that must be validated against HR policy tables before HRIS write-back—mirroring balance normalization after a PSD2-style account aggregation pull.

Employer notification bridge

When a candidate hits submit, recruiting pods expect Slack, ServiceNow, or Workday inbox signals. We map completion webhooks to those channels with idempotency keys so duplicate alerts do not reopen closed requisitions.

Retention and subject-rights hooks

UK GDPR and the Data Protection Act 2018 govern facial image handling described in Rightcheck family privacy disclosures. Engineering work includes TTL policies, export-on-request jobs, and deletion propagation across cold storage buckets.

Regression harness for store releases

Because consumer apps ship frequent patch releases, we maintain scripted smoke flows that assert critical upload and navigation paths still emit compatible multipart boundaries your ingestion service accepts.

Core benefits tied to measurable outcomes

Faster time-to-first-shift — Candidates complete guided capture in minutes; integrations push verified structured data straight into onboarding tasks instead of waiting for mailroom scans.
Lower email exfiltration risk — Replacing ad-hoc attachments with authenticated transfers shrinks the phishing surface area compliance officers worry about during SOC2 evidence collection.
Audit-ready evidence bundles — Export packs include timestamps, device attestation where available, and employer case identifiers so statutory excuse reviews survive regulator-style sampling.
Vendor-neutral storage — JSON and Parquet exports avoid locking your compliance archive to a single SaaS UI, the same architectural reason banks duplicate OpenFinance consents in-house warehouses.
Operational transparency — Stage dashboards show backlog age per candidate, giving workforce planners numeric targets instead of subjective “almost done” updates.

Screenshots

Each thumbnail opens a full-resolution capture in an overlay so hiring managers and engineers can review UI affordances without leaving this brief.

Data available for integration (OpenData perspective)

The rows below synthesize the publisher-facing app description, privacy disclosures referenced in ecosystem pages, and typical IDSP journeys. Field availability always depends on the employer’s configured check type and lawful basis—treat this table as a scoping baseline, not a guarantee of a public consumer API.

Data type	Source (screen / flow)	Granularity	Typical downstream use
Candidate profile basics (name, DOB, contact)	Guided “enter your details” steps before document capture	Single record per onboarding case	HRIS core hire record, emergency contact validation, duplicate hire detection
Passport / visa document images and derived text	Camera capture and manual review screens	Per document object with pages	Work authorization checks, visa expiry monitoring, travel desk notifications
Biometric passport chip payload (where used)	Device-on-passport NFC flow described in store marketing	Structured fields after parser validation	Machine-readable MRZ replacement, reduced OCR disputes, downstream AML tooling
Facial image or short video capture metadata	Liveness / face match stages (per privacy policy categories)	Media object + scores + capture device	Imposter defense, periodic reverification, insider threat programs with narrow scope
Employer case identifiers and share tokens	Invitation email or deep link that launches the app	String identifiers with optional TTL	ATS ticket linking, access revocation, correlating webhook batches
Progress checkpoints (draft, submitted, acknowledged)	Post-login status rail and push notifications	Event stream with ISO-8601 timestamps	SLA dashboards, recruiter nudges, workforce planning analytics

Typical integration scenarios

Scenario A — High-volume retail hiring spikes

Context: Seasonal stores onboard hundreds of temporary associates weekly.
Data involved: Case IDs, passport chip fields, facial match scores, submitted_at timestamps.
OpenData mapping: Treat each case as a consented dataset published to your workforce API gateway, where downstream POS provisioning systems poll only after verification_status = cleared.

Scenario B — Professional services with partner approval gates

Context: Risk committees require partner sign-off before laptops ship.
Data involved: Document bundle hashes, nationality codes, visa class enums.
OpenData mapping: Mirror OpenFinance “payment consent with mandate limits” by attaching dual-control approvals—partners receive signed JSON summaries, not raw biometrics, unless policy demands it.

Scenario C — Vendor-managed MSP programs

Context: Managed service providers coordinate contingent labor across clients.
Data involved: Multi-tenant employer IDs, recruiter email domains, webhook secrets.
OpenData mapping: Namespace cases per client legal entity exactly like account aggregation segregates AIS balances per bank.

Scenario D — Cross-system analytics for compliance leadership

Context: Heads of compliance want cohort metrics without accessing individual biometrics.
Data involved: Aggregated pass/fail ratios, average completion minutes, device OS mix.
OpenData mapping: Publish anonymized aggregates to a Snowflake or BigQuery lake with differential privacy noise where cell sizes are small—borrowing statistical disclosure control practices from regulated banking returns.

Scenario E — Post-offer reverification cadence

Context: Employers must reconfirm right to work when visas renew mid-contract.
Data involved: New document objects, superseded document pointers, audit reason codes.
OpenData mapping: Versioned records resemble statement revision histories in OpenBanking: immutable past snapshots with explicit “supersedes” edges for auditors.

Technical implementation sketches

Illustrative pseudocode only—final paths, headers, and auth depend on your contractual access model and any official employer APIs offered by the broader Rightcheck / T4 Communications ecosystem. We never ship undisclosed bypass mechanisms; we document what authorized clients may call.

Snippet 1 — Candidate case intake (REST-shaped)

POST /integrations/v1/rtw/cases
Authorization: Bearer <EMPLOYER_SERVICE_TOKEN>
Idempotency-Key: 7b2f6c1a-90de-4f21-9c11-0d6a2f4b8c01
Content-Type: application/json

{
  "candidate_email": "applicant@example.com",
  "role_reference": "REQ-44821",
  "required_evidence": ["PASSPORT_CHIP", "FACE_MATCH"],
  "callback_url": "https://hr.example.com/hooks/rtw"
}

201 Created
{
  "case_id": "CASE-9F3C21",
  "invite_expires_at": "2026-04-19T09:00:00Z",
  "deep_link": "https://apps.example/rtw/invite/CASE-9F3C21"
}

Snippet 2 — Webhook verification payload

POST /hr/hooks/rtw
X-Signature: sha256=7e70f1b4c0...
Content-Type: application/json

{
  "case_id": "CASE-9F3C21",
  "event": "documents.submitted",
  "submitted_at": "2026-04-12T11:02:18Z",
  "summary": {
    "nationality": "GBR",
    "document_expiry": "2031-08-14",
    "right_to_work": "unlimited"
  }
}

// Handler must reject replays:
// - verify HMAC with rotating secret
// - require monotonic event_id
// - 429 with Retry-After on burst duplicates

Snippet 3 — Subject access export job

POST /privacy/v1/data-subject/export
Authorization: Bearer <DPO_APPROVED_TOKEN>

{ "subject_email": "applicant@example.com" }

202 Accepted
{ "job_id": "EXP-22091" }

GET /privacy/v1/data-subject/export/EXP-22091
200 OK
{
  "status": "ready",
  "artifact_url": "s3://compliance-exports/EXP-22091.zip",
  "sha256": "b3c4…",
  "expires_at": "2026-04-15T00:00:00Z"
}

Compliance & privacy

UK employers remain statutorily responsible for correct Right to Work checks even when they delegate capture to certified Digital Verification Service providers. The UK GDPR and the Data Protection Act 2018 govern biometric and special-category data processing; lawful basis, data minimization, and transparency notices must be aligned with your DPO before any automation.

Where facial recognition data is stored on UK encrypted infrastructure, cross-border transfers require Transfer Impact Assessments mirroring Schrems II expectations seen in EU banking outsourcing. We document subprocessors, retention caps, and encryption states so your ISO 27001 control set stays consistent.

Home Office supplementary guidance for digital checks (including the code aligned with December 2025 timelines referenced in public policy pages) should be interpreted alongside your legal counsel; engineering cannot substitute for statutory advice.

Data flow / architecture

Candidate device (My Rightcheck or equivalent capture UI) encrypts uploads to the verification platform edge. An ingestion worker validates signatures, antivirus-scans binaries, and writes canonical objects to a WORM-capable object store. A decisioning service applies policy packs (visa rules, name change logic) and emits normalized records into your HRIS connector bus (Kafka or EventBridge). Downstream analytics projects read from curated views that strip raw biometric media unless a break-glass role is asserted.

Market positioning & user profile

Primary users are UK job seekers asked by recruiters to prove right to work before day one, paired with employer HR teams and staffing vendors coordinating those requests. Distribution skews toward Android and iOS smartphones with NFC hardware for chip reads. Employer-side platforms such as Rightcheck market REST connectivity into HR and ATS stacks; candidates experience that mandate through lightweight consumer apps like My Rightcheck. Positioning should emphasize lawful, consent-first automation—not shadow IT scraping of personal inboxes.

Similar apps & integration landscape

Teams researching My Rightcheck Right to Work API integration often evaluate adjacent certified journeys. The names below are independent vendors or companion products; including them clarifies how identity evidence travels across the UK hiring stack.

Rightcheck

Employer-facing IDSP consoles publish remote checks and advertise HRIS-facing APIs; data overlaps with My Rightcheck cases when recruiters originate invites from the same provider family.

Yoti

Digital ID wallets and age assurance signals feed partner portals; integration teams frequently normalize Yoti attestations alongside passport evidence in shared compliance lakes.

Onfido

Document plus biometric orchestration APIs power global hiring workflows; engineering patterns for webhook deduplication resemble those needed for UK-only RTW spikes.

Amiqus

Certified IDSP coverage spanning pre-employment checks produces structured screening packets HRIS vendors already map in government-sector deployments.

TrustID

Expert-reviewed document decisions return human-readable rationales that finance-grade audit teams appreciate when reconciling edge-case nationalities.

Veriff

Fraud database cross-checks and PEP screening enrich downstream risk scores even when the ultimate hire decision stays inside your Workday tenant.

Credas

Mobile-first capture experiences compete for the same candidate attention window, so UX telemetry from one vendor informs notification timing across all.

Xertilox

ATS and HRIS connectors emphasize reusable digital identity, a pattern multinational enterprises want when rotating between regional IDSPs.

Accurate Background

Screening bundles combine criminal history and identity proofs; data architects model those joins similarly to how banks link KYC files with transaction monitoring alerts.

Rightfoot

Developer-centric onboarding APIs illustrate how payroll and benefits startups expect JSON-first hooks—useful when your HR platform already speaks fintech-style integration contracts.

API integration instructions

Inventory lawful roles. Decide whether your organization acts as data controller for candidate data, processor for a client, or both; this mirrors OpenBanking TPP registration choices.
Map employer identifiers. Align ATS requisition IDs, cost centers, and legal entities to case namespaces before generating invites so webhooks remain interpretable six months later.
Define minimum necessary fields. HR business partners sign off on which JSON properties may enter SIEM systems versus which must stay in a restricted vault.
Implement signed callbacks. Rotate webhook secrets quarterly; store last-success cursor per case to tolerate at-least-once delivery semantics.
Build replay-safe consumers. Use idempotency keys on POST endpoints and deterministic upserts keyed by case_id + document_version.
Test against policy updates. Schedule regression whenever GOV.UK publishes new employer guidance PDFs, not only when mobile store versions increment.

What we deliver

Deliverables checklist

OpenAPI specifications for the integration surfaces you control
Protocol trace documenting TLS pinning, token lifetimes, and multipart boundaries observed during authorized testing
Runnable Python or Node services for ingestion, webhook verification, and HRIS write-back
JUnit/pytest suites covering happy path, partial upload resume, and signature mismatch errors
Runbooks for GDPR subject requests and Home Office audit reconstruction

Pricing models

Source code delivery from $300 — you receive repositories, infrastructure-as-code snippets, and documentation; settlement occurs after you validate against acceptance tests we co-author.

Pay-per-call hosted endpoints — ideal when your team wants metered access to our normalization layer without standing up new clusters; billing tracks successful verifications rather than idle sandboxes.

Engagement workflow

Joint scoping workshop: evidence types, HRIS targets, reporting cadence.
Authorized protocol analysis with packet captures redacted for PII.
Build sprint with weekly stakeholder demos in staging tenants.
Hardening: chaos tests on webhook latency, secret rotation drills.
Handover: knowledge transfer, on-call playbook, and 30-day hypercare.

About our studio

We are a technical services studio focused on authorized app interface integration, reverse-engineering documentation where licenses allow, and OpenData-style delivery pipelines. Engineers on the bench have shipped mobile SDKs, banking channel gateways, and compliance-heavy HR automation.

Protocol analysis for TLS-protected mobile APIs and attestation flows
Field-level encryption design for biometric adjacency workloads
Partner integrations with Workday, SAP SuccessFactors, and Greenhouse-style ATS buses
Documentation sets that satisfy procurement security questionnaires

Contact

Share your target app name (My Rightcheck) plus concrete requirements—evidence types, HRIS targets, and compliance constraints—via our contact page.

Open contact page

FAQ

Do you provide unofficial backdoors?

No. We document interfaces your organization is contractually permitted to use, or we help you negotiate vendor API access. Security reviews treat consent logs as first-class artifacts.

How do you handle biometric sensitivity?

We segregate raw media buckets behind hardware security modules where budgets allow, and we surface derived tokens to general microservices—similar to storing only payment tokens while PAN data stays vaulted.

Can this replace legal counsel?

Never. We supply engineering precision; your solicitors interpret Home Office codes and sector-specific collective agreements.

Original app overview (appendix)

My Rightcheck helps UK job applicants share the information employers need to complete pre-employment Right to Work checks so hiring and onboarding move faster. The experience walks candidates through exactly what each employer requires, prompts for structured personal details, and supports secure upload of identity documents—including chip-assisted passport capture where supported—so recruiters avoid risky email attachments.

After submission, the app enables candidates to share verified data safely with the employer that invited them, aligning with statutory expectations for digital verification in the United Kingdom. Marketing copy encourages downloading the app to prove right to work during onboarding and start work quickly.

Android package identifier: com.t4connex.precheck.rightcheck. This appendix condenses publicly stated product goals; authoritative policy text always lives on GOV.UK and your vendor agreements.