User Management
Account Creation & Management
The platform provides a comprehensive user management system:
Registration Process
-
Registration Flow:
- Email-based registration with verification
- Optional wallet address integration
- Progressive profile completion
-
Profile Management:
- User profile with customizable fields
- Contact information management
- Preference settings
User Types & Roles
The system supports multiple user types with different permissions:
| User Type | Description | Default Permissions |
|---|---|---|
| Administrator | Platform administrators with full access | All system functions |
| Issuer | Creates and manages deals | Deal creation, investor management |
| Broker | Reviews and approves deals | Deal approval, compliance checks |
| Transfer Agent | Oversees secondary market transactions | Trade approval, ownership tracking |
| Investor | Participates in deals | Deal viewing, investment, portfolio management |
Identity Verification
The platform includes a multi-step identity verification system:
Basic Verification
- Email verification through one-time codes
- Phone number verification via SMS
- Document validation for identity confirmation
Advanced Verification
For higher security requirements, the platform supports:
- Biometric verification options (where applicable)
- Video identity verification through provider integrations
- Document authenticity checks with AI-powered validation
KYC/AML Integration
- Third-party Providers: Integration with Sumsub and ShuftiPro
- Verification Flow: Document upload, identity confirmation, sanctions screening
- Status Tracking: Pending, approved, rejected status management
Accreditation Verification
For certain regulatory frameworks (e.g., Reg D 506(c)), the platform supports:
- Income/Net Worth Verification: Document upload for financial statements
- Accreditation Status: Tracking of investor qualification status
- Periodic Re-verification: Automated reminders for status renewal
Technical Implementation
The user management system is built on:
- Database Schema: Normalized user data structure in PostgreSQL
- Authentication: JWT token-based authentication
- Password Security: Argon2id hashing with appropriate work factors
- Session Management: Secure session handling with inactivity timeouts
- Role Enforcement: Middleware checks for proper authorization