diff --git a/feature/client-api/src/main/java/com/simprints/feature/clientapi/ClientApiViewModel.kt b/feature/client-api/src/main/java/com/simprints/feature/clientapi/ClientApiViewModel.kt
index ef1799cf24..63f2395485 100644
--- a/feature/client-api/src/main/java/com/simprints/feature/clientapi/ClientApiViewModel.kt
+++ b/feature/client-api/src/main/java/com/simprints/feature/clientapi/ClientApiViewModel.kt
@@ -5,6 +5,8 @@ import androidx.lifecycle.LiveData
 import androidx.lifecycle.MutableLiveData
 import androidx.lifecycle.ViewModel
 import androidx.lifecycle.viewModelScope
+import com.simprints.core.domain.externalcredential.ExternalCredential
+import com.simprints.core.domain.tokenization.TokenizableString
 import com.simprints.core.livedata.LiveDataEvent
 import com.simprints.core.livedata.LiveDataEventWithContent
 import com.simprints.core.livedata.send
@@ -21,6 +23,9 @@ import com.simprints.feature.clientapi.usecases.GetEnrolmentCreationEventForSubj
 import com.simprints.feature.clientapi.usecases.IsFlowCompletedWithErrorUseCase
 import com.simprints.feature.clientapi.usecases.SimpleEventReporter
 import com.simprints.infra.authstore.AuthStore
+import com.simprints.infra.config.store.models.Project
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.config.store.tokenization.TokenizationProcessor
 import com.simprints.infra.config.sync.ConfigManager
 import com.simprints.infra.logging.LoggingConstants.CrashReportTag.ORCHESTRATION
 import com.simprints.infra.logging.Simber
@@ -30,6 +35,7 @@ import com.simprints.infra.orchestration.data.ActionResponse
 import com.simprints.infra.orchestration.data.responses.AppConfirmationResponse
 import com.simprints.infra.orchestration.data.responses.AppEnrolResponse
 import com.simprints.infra.orchestration.data.responses.AppErrorResponse
+import com.simprints.infra.orchestration.data.responses.AppExternalCredential
 import com.simprints.infra.orchestration.data.responses.AppIdentifyResponse
 import com.simprints.infra.orchestration.data.responses.AppRefusalResponse
 import com.simprints.infra.orchestration.data.responses.AppVerifyResponse
@@ -53,6 +59,7 @@ class ClientApiViewModel @Inject internal constructor(
     private val configManager: ConfigManager,
     private val timeHelper: TimeHelper,
     private val persistentLogger: PersistentLogger,
+    private val tokenizationProcessor: TokenizationProcessor,
 ) : ViewModel() {
     val returnResponse: LiveData<LiveDataEventWithContent<Bundle>>
         get() = _returnResponse
@@ -115,7 +122,7 @@ class ClientApiViewModel @Inject internal constructor(
                     sessionId = currentSessionId,
                     enrolledGuid = enrolResponse.guid,
                     subjectActions = coSyncEnrolmentRecords,
-                    externalCredential = enrolResponse.externalCredential,
+                    externalCredential = enrolResponse.externalCredential?.toAppExternalCredential(tokenizationProcessor, getProject()),
                 ),
             ),
         )
@@ -140,6 +147,7 @@ class ClientApiViewModel @Inject internal constructor(
                     actionIdentifier = action.actionIdentifier,
                     sessionId = currentSessionId,
                     identifications = identifyResponse.identifications,
+                    isMultiFactorIdEnabled = identifyResponse.isMultiFactorIdEnabled,
                 ),
             ),
         )
@@ -162,7 +170,7 @@ class ClientApiViewModel @Inject internal constructor(
                     actionIdentifier = action.actionIdentifier,
                     sessionId = currentSessionId,
                     confirmed = confirmResponse.identificationOutcome,
-                    externalCredential = confirmResponse.externalCredential,
+                    externalCredential = confirmResponse.externalCredential?.toAppExternalCredential(tokenizationProcessor, getProject()),
                 ),
             ),
         )
@@ -264,4 +272,21 @@ class ClientApiViewModel @Inject internal constructor(
             body = "${action.actionIdentifier}\n$response",
         )
     }
+
+    private fun ExternalCredential.toAppExternalCredential(
+        tokenizationProcessor: TokenizationProcessor,
+        project: Project?,
+    ): AppExternalCredential? {
+        if (project == null) return null
+        val decryptedValue = tokenizationProcessor.decrypt(
+            encrypted = value,
+            tokenKeyType = TokenKeyType.ExternalCredential,
+            project = project,
+        ) as? TokenizableString.Raw ?: return null
+        return AppExternalCredential(
+            id = id,
+            value = decryptedValue,
+            type = type,
+        )
+    }
 }
diff --git a/feature/client-api/src/main/java/com/simprints/feature/clientapi/mappers/response/LibSimprintsResponseMapper.kt b/feature/client-api/src/main/java/com/simprints/feature/clientapi/mappers/response/LibSimprintsResponseMapper.kt
index ff314dc277..fe8243d9b7 100644
--- a/feature/client-api/src/main/java/com/simprints/feature/clientapi/mappers/response/LibSimprintsResponseMapper.kt
+++ b/feature/client-api/src/main/java/com/simprints/feature/clientapi/mappers/response/LibSimprintsResponseMapper.kt
@@ -4,9 +4,9 @@ import android.os.Bundle
 import androidx.core.os.bundleOf
 import com.simprints.core.DeviceID
 import com.simprints.core.PackageVersionName
-import com.simprints.core.domain.externalcredential.ExternalCredential
 import com.simprints.core.domain.response.AppErrorReason
 import com.simprints.infra.orchestration.data.ActionResponse
+import com.simprints.infra.orchestration.data.responses.AppExternalCredential
 import com.simprints.libsimprints.Constants
 import com.simprints.libsimprints.contracts.VersionsList
 import com.simprints.libsimprints.contracts.data.ConfidenceBand
@@ -15,6 +15,7 @@ import com.simprints.libsimprints.contracts.data.Identification
 import com.simprints.libsimprints.contracts.data.Identification.Companion.toJson
 import com.simprints.libsimprints.contracts.data.RefusalForm
 import com.simprints.libsimprints.contracts.data.Verification
+import org.json.JSONArray
 import org.json.JSONObject
 import javax.inject.Inject
 import com.simprints.libsimprints.Identification as LegacyIdentification
@@ -53,6 +54,11 @@ internal class LibSimprintsResponseMapper @Inject constructor(
             Constants.SIMPRINTS_BIOMETRICS_COMPLETE_CHECK to true,
         ).appendDataPerContractVersion(response) { version ->
             when {
+                response.isMultiFactorIdEnabled -> putString(
+                    Constants.SIMPRINTS_IDENTIFICATIONS,
+                    response.mapIdentificationsWithCredentials(),
+                )
+
                 version < VersionsList.INITIAL_REWORK -> putParcelableArrayList(
                     Constants.SIMPRINTS_IDENTIFICATIONS,
                     response.identifications
@@ -152,7 +158,7 @@ internal class LibSimprintsResponseMapper @Inject constructor(
         actions?.let { putString(Constants.SIMPRINTS_COSYNC_SUBJECT_ACTIONS, it) }
     }
 
-    private fun Bundle.appendExternalCredential(credential: ExternalCredential?) = apply {
+    private fun Bundle.appendExternalCredential(credential: AppExternalCredential?) = apply {
         if (credential != null) {
             val credentialJson =
                 JSONObject()
@@ -164,6 +170,21 @@ internal class LibSimprintsResponseMapper @Inject constructor(
         }
     }
 
+    private fun ActionResponse.IdentifyActionResponse.mapIdentificationsWithCredentials(): String = identifications
+        .map { identification ->
+            JSONObject()
+                .also { json ->
+                    json.put(KEY_GUID, identification.guid)
+                    json.put(KEY_CONFIDENCE_BAND, identification.matchConfidence.name)
+                    json.put(KEY_CONFIDENCE, identification.confidenceScore.toFloat())
+                    json.put(KEY_IS_LINKED_TO_CREDENTIAL, identification.isLinkedToScannedCredential ?: false)
+                    identification.isCredentialVerified?.let {
+                        json.put(KEY_IS_CREDENTIAL_VERIFIED, it)
+                    }
+                }
+        }.run(::JSONArray)
+        .toString()
+
     private fun AppErrorReason.libSimprintsResultCode() = when (this) {
         AppErrorReason.UNEXPECTED_ERROR -> Constants.SIMPRINTS_UNEXPECTED_ERROR
         AppErrorReason.ROOTED_DEVICE -> Constants.SIMPRINTS_ROOTED_DEVICE
@@ -204,5 +225,12 @@ internal class LibSimprintsResponseMapper @Inject constructor(
         internal const val SCANNED_CREDENTIAL = "scannedCredential"
         internal const val SCANNED_CREDENTIAL_VALUE = "value"
         internal const val SCANNED_CREDENTIAL_TYPE = "type"
+
+        // TODO [MS-1190] Move implementation to LibSimprints. These constats are copies of com.simprints.libsimprints.contracts.data.Identification
+        private const val KEY_GUID = "guid"
+        private const val KEY_CONFIDENCE = "confidence"
+        private const val KEY_CONFIDENCE_BAND = "confidenceBand"
+        private const val KEY_IS_LINKED_TO_CREDENTIAL = "isLinkedToCredential"
+        private const val KEY_IS_CREDENTIAL_VERIFIED = "isVerified"
     }
 }
diff --git a/feature/client-api/src/main/java/com/simprints/feature/clientapi/usecases/GetEnrolmentCreationEventForSubjectUseCase.kt b/feature/client-api/src/main/java/com/simprints/feature/clientapi/usecases/GetEnrolmentCreationEventForSubjectUseCase.kt
index cba8da95f5..766cabd0d3 100644
--- a/feature/client-api/src/main/java/com/simprints/feature/clientapi/usecases/GetEnrolmentCreationEventForSubjectUseCase.kt
+++ b/feature/client-api/src/main/java/com/simprints/feature/clientapi/usecases/GetEnrolmentCreationEventForSubjectUseCase.kt
@@ -39,7 +39,10 @@ internal class GetEnrolmentCreationEventForSubjectUseCase @Inject constructor(
             ?.fromSubjectToEnrolmentCreationEvent()
 
         if (recordCreationEvent == null) {
-            Simber.e("Couldn't find enrolment for subjectActions", IllegalStateException("No enrolment record found for subjectId: $subjectId"))
+            Simber.e(
+                "Couldn't find enrolment for subjectActions",
+                IllegalStateException("No enrolment record found for subjectId: $subjectId"),
+            )
             return null
         }
 
@@ -52,8 +55,7 @@ internal class GetEnrolmentCreationEventForSubjectUseCase @Inject constructor(
         moduleId = moduleId,
         attendantId = attendantId,
         biometricReferences = EnrolmentRecordCreationEvent.buildBiometricReferences(fingerprintSamples, faceSamples, encoder),
-        // TODO [CORE-3421] Review if EnrolmentRecordCreationEvent should contain List of external credentials, as it currently doesn't make sense
-        externalCredentials = externalCredentials
+        externalCredentials = externalCredentials,
     )
 
     companion object {
diff --git a/feature/client-api/src/test/java/com/simprints/feature/clientapi/ClientApiViewModelTest.kt b/feature/client-api/src/test/java/com/simprints/feature/clientapi/ClientApiViewModelTest.kt
index 830e788f23..4fe7c5a89b 100644
--- a/feature/client-api/src/test/java/com/simprints/feature/clientapi/ClientApiViewModelTest.kt
+++ b/feature/client-api/src/test/java/com/simprints/feature/clientapi/ClientApiViewModelTest.kt
@@ -4,6 +4,10 @@ import android.os.Bundle
 import androidx.arch.core.executor.testing.InstantTaskExecutorRule
 import androidx.test.ext.junit.runners.*
 import com.jraska.livedata.test
+import com.simprints.core.domain.externalcredential.ExternalCredential
+import com.simprints.core.domain.externalcredential.ExternalCredentialType
+import com.simprints.core.domain.tokenization.TokenizableString
+import com.simprints.core.domain.tokenization.asTokenizableRaw
 import com.simprints.core.tools.time.TimeHelper
 import com.simprints.core.tools.time.Timestamp
 import com.simprints.feature.clientapi.exceptions.InvalidRequestException
@@ -16,10 +20,14 @@ import com.simprints.feature.clientapi.usecases.GetEnrolmentCreationEventForSubj
 import com.simprints.feature.clientapi.usecases.IsFlowCompletedWithErrorUseCase
 import com.simprints.feature.clientapi.usecases.SimpleEventReporter
 import com.simprints.infra.authstore.AuthStore
+import com.simprints.infra.config.store.models.Project
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.config.store.tokenization.TokenizationProcessor
 import com.simprints.infra.config.sync.ConfigManager
 import com.simprints.infra.orchestration.data.ActionRequest
 import com.simprints.infra.orchestration.data.ActionRequestIdentifier
 import com.simprints.infra.orchestration.data.ActionResponse
+import com.simprints.infra.orchestration.data.responses.AppEnrolResponse
 import com.simprints.logging.persistent.PersistentLogger
 import com.simprints.testtools.common.coroutines.TestCoroutineRule
 import io.mockk.*
@@ -74,6 +82,9 @@ internal class ClientApiViewModelTest {
     @MockK
     lateinit var persistentLogger: PersistentLogger
 
+    @MockK
+    lateinit var tokenizationProcessor: TokenizationProcessor
+
     private lateinit var viewModel: ClientApiViewModel
 
     @Before
@@ -101,6 +112,7 @@ internal class ClientApiViewModelTest {
             configManager = configManager,
             timeHelper = timeHelper,
             persistentLogger = persistentLogger,
+            tokenizationProcessor = tokenizationProcessor,
         )
     }
 
@@ -162,7 +174,10 @@ internal class ClientApiViewModelTest {
     fun `handleIdentifyResponse saves correct events`() = runTest {
         viewModel.handleIdentifyResponse(
             mockRequest(),
-            mockk { every { identifications } returns emptyList() },
+            mockk {
+                every { identifications } returns emptyList()
+                every { isMultiFactorIdEnabled } returns false
+            },
         )
 
         coVerify {
@@ -246,6 +261,80 @@ internal class ClientApiViewModelTest {
         viewModel.returnResponse.test().assertHasValue()
     }
 
+    @Test
+    fun `handleEnrolResponse with externalCredential decrypts and includes it in response`() = runTest {
+        val mockGuid = "mockGuid"
+        val expectedCredentialId = "credentialId"
+        val expectedType = ExternalCredentialType.NHISCard
+        val credential = mockExternalCredential(expectedCredentialId, expectedType)
+        val project = mockk<Project>(relaxed = true)
+        setupDecryption(project, "decrypted-value".asTokenizableRaw())
+
+        viewModel.handleEnrolResponse(mockRequest(), mockEnrolResponseWithCredential(mockGuid, credential))
+
+        verify {
+            resultMapper.invoke(
+                match<ActionResponse.EnrolActionResponse> {
+                    it.externalCredential?.id == expectedCredentialId &&
+                        it.externalCredential?.type == expectedType
+                },
+            )
+        }
+    }
+
+    @Test
+    fun `handleEnrolResponse with externalCredential but encrypted decryption returns null credential`() = runTest {
+        val mockGuid = "mockGuid"
+        val expectedCredentialId = "credentialId"
+        val expectedType = ExternalCredentialType.NHISCard
+        val credential = mockExternalCredential(expectedCredentialId, expectedType)
+        val project = mockk<Project>(relaxed = true)
+        setupDecryption(project, mockk<TokenizableString.Tokenized>())
+
+        viewModel.handleEnrolResponse(mockRequest(), mockEnrolResponseWithCredential(mockGuid, credential))
+
+        verify {
+            resultMapper.invoke(
+                match<ActionResponse.EnrolActionResponse> {
+                    it.externalCredential == null
+                },
+            )
+        }
+    }
+
+    private fun mockEnrolResponseWithCredential(
+        mockGuid: String,
+        credential: ExternalCredential?,
+    ): AppEnrolResponse = mockk {
+        every { guid } returns mockGuid
+        every { externalCredential } returns credential
+    }
+
+    private fun mockExternalCredential(
+        mockId: String,
+        mockType: ExternalCredentialType,
+    ): ExternalCredential = mockk {
+        every { id } returns mockId
+        every { value } returns mockk()
+        every { type } returns mockType
+    }
+
+    private fun setupDecryption(
+        project: Project,
+        returnValue: TokenizableString,
+    ) {
+        val projectId = "projectId"
+        every { authStore.signedInProjectId } returns projectId
+        coEvery { configManager.getProject(projectId) } returns project
+        every {
+            tokenizationProcessor.decrypt(
+                encrypted = any(),
+                tokenKeyType = TokenKeyType.ExternalCredential,
+                project = project,
+            )
+        } returns returnValue
+    }
+
     private fun mockRequest(): ActionRequest = mockk {
         every { projectId } returns "projectId"
         every { actionIdentifier } returns ActionRequestIdentifier("action", "package", "", 1, 0L)
diff --git a/feature/client-api/src/test/java/com/simprints/feature/clientapi/mappers/response/CommCareResponseMapperTest.kt b/feature/client-api/src/test/java/com/simprints/feature/clientapi/mappers/response/CommCareResponseMapperTest.kt
index 0ce8ec2849..f9abf3fb49 100644
--- a/feature/client-api/src/test/java/com/simprints/feature/clientapi/mappers/response/CommCareResponseMapperTest.kt
+++ b/feature/client-api/src/test/java/com/simprints/feature/clientapi/mappers/response/CommCareResponseMapperTest.kt
@@ -60,6 +60,7 @@ class CommCareResponseMapperTest {
                         matchConfidence = AppMatchConfidence.LOW,
                     ),
                 ),
+                isMultiFactorIdEnabled = false,
             ),
         )
 
diff --git a/feature/client-api/src/test/java/com/simprints/feature/clientapi/mappers/response/LibSimprintsResponseMapperTest.kt b/feature/client-api/src/test/java/com/simprints/feature/clientapi/mappers/response/LibSimprintsResponseMapperTest.kt
index 15226739a1..5d3140035f 100644
--- a/feature/client-api/src/test/java/com/simprints/feature/clientapi/mappers/response/LibSimprintsResponseMapperTest.kt
+++ b/feature/client-api/src/test/java/com/simprints/feature/clientapi/mappers/response/LibSimprintsResponseMapperTest.kt
@@ -5,7 +5,7 @@ import com.google.common.truth.Truth.*
 import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.core.domain.response.AppErrorReason
 import com.simprints.core.domain.response.AppMatchConfidence
-import com.simprints.core.domain.tokenization.asTokenizableEncrypted
+import com.simprints.core.domain.tokenization.asTokenizableRaw
 import com.simprints.feature.clientapi.mappers.request.requestFactories.ConfirmIdentityActionFactory
 import com.simprints.feature.clientapi.mappers.request.requestFactories.EnrolActionFactory
 import com.simprints.feature.clientapi.mappers.request.requestFactories.EnrolLastBiometricsActionFactory
@@ -92,6 +92,7 @@ class LibSimprintsResponseMapperTest {
                         matchConfidence = AppMatchConfidence.LOW,
                     ),
                 ),
+                isMultiFactorIdEnabled = false,
             ),
         )
 
@@ -119,6 +120,7 @@ class LibSimprintsResponseMapperTest {
                         matchConfidence = AppMatchConfidence.MEDIUM,
                     ),
                 ),
+                isMultiFactorIdEnabled = false,
             ),
         )
 
@@ -135,7 +137,7 @@ class LibSimprintsResponseMapperTest {
 
     @Test
     fun `correctly maps confirm response`() {
-        val expectedValue = "expectedValue".asTokenizableEncrypted()
+        val expectedValue = "expectedValue".asTokenizableRaw()
         val expectedType = ExternalCredentialType.NHISCard
         val expectedJson = "{\"$SCANNED_CREDENTIAL_VALUE\":\"$expectedValue\",\"$SCANNED_CREDENTIAL_TYPE\":\"$expectedType\"}"
         val extras = mapper(
@@ -399,4 +401,146 @@ class LibSimprintsResponseMapperTest {
             )
         }
     }
+
+    @Test
+    fun `correctly maps enrol response with external credential`() {
+        val expectedValue = "expectedValue".asTokenizableRaw()
+        val expectedType = ExternalCredentialType.NHISCard
+        val expectedJson = "{\"$SCANNED_CREDENTIAL_VALUE\":\"$expectedValue\",\"$SCANNED_CREDENTIAL_TYPE\":\"$expectedType\"}"
+
+        val extras = mapper(
+            ActionResponse.EnrolActionResponse(
+                actionIdentifier = EnrolActionFactory.getIdentifier(),
+                sessionId = "sessionId",
+                enrolledGuid = "guid",
+                subjectActions = "subjects",
+                externalCredential = mockk {
+                    every { value } returns expectedValue
+                    every { type } returns expectedType
+                },
+            ),
+        )
+
+        assertThat(extras.getBoolean(HAS_CREDENTIAL)).isTrue()
+        assertThat(extras.getString(SCANNED_CREDENTIAL)).isEqualTo(expectedJson)
+    }
+
+    @Test
+    fun `correctly maps confirm response without external credential`() {
+        val extras = mapper(
+            ActionResponse.ConfirmActionResponse(
+                actionIdentifier = ConfirmIdentityActionFactory.getIdentifier(),
+                sessionId = "sessionId",
+                confirmed = true,
+                externalCredential = null,
+            ),
+        )
+
+        assertThat(extras.getString(Constants.SIMPRINTS_SESSION_ID)).isEqualTo("sessionId")
+        assertThat(extras.getString(Constants.SIMPRINTS_DEVICE_ID)).isEqualTo("deviceId")
+        assertThat(extras.getString(Constants.SIMPRINTS_APP_VERSION_NAME)).isEqualTo("appVersionName")
+        assertThat(extras.getBoolean(Constants.SIMPRINTS_BIOMETRICS_COMPLETE_CHECK)).isTrue()
+        assertThat(extras.getBoolean(HAS_CREDENTIAL)).isFalse()
+        assertThat(extras.keySet()).doesNotContain(SCANNED_CREDENTIAL)
+    }
+
+    @Test
+    fun `correctly maps identify response with multi-factor ID enabled`() {
+        val identification1 = AppMatchResult(
+            guid = "guid-1",
+            confidenceScore = 100,
+            matchConfidence = AppMatchConfidence.MEDIUM,
+            isLinkedToScannedCredential = true,
+            isCredentialVerified = true,
+        )
+        val identification2 = AppMatchResult(
+            guid = "guid-2",
+            confidenceScore = 75,
+            matchConfidence = AppMatchConfidence.LOW,
+            isLinkedToScannedCredential = false,
+            isCredentialVerified = null,
+        )
+
+        val expectedIdentifications = "[${identification1.toResponseJson()},${identification2.toResponseJson()}]"
+
+        val extras = mapper(
+            ActionResponse.IdentifyActionResponse(
+                actionIdentifier = IdentifyRequestActionFactory.getIdentifier(),
+                sessionId = "sessionId",
+                identifications = listOf(identification1, identification2),
+                isMultiFactorIdEnabled = true,
+            ),
+        )
+
+        assertThat(extras.getString(Constants.SIMPRINTS_SESSION_ID)).isEqualTo("sessionId")
+        assertThat(extras.getString(Constants.SIMPRINTS_DEVICE_ID)).isEqualTo("deviceId")
+        assertThat(extras.getString(Constants.SIMPRINTS_APP_VERSION_NAME)).isEqualTo("appVersionName")
+        assertThat(extras.getString(Constants.SIMPRINTS_IDENTIFICATIONS)).isEqualTo(expectedIdentifications)
+        assertThat(extras.getBoolean(Constants.SIMPRINTS_BIOMETRICS_COMPLETE_CHECK)).isTrue()
+    }
+
+    @Test
+    fun `mapIdentificationsWithCredentials omits isVerified when null`() {
+        val guid = "guid"
+        val extras = mapper(
+            ActionResponse.IdentifyActionResponse(
+                actionIdentifier = IdentifyRequestActionFactory.getIdentifier(),
+                sessionId = "sessionId",
+                identifications = listOf(
+                    AppMatchResult(
+                        guid = guid,
+                        confidenceScore = 80,
+                        matchConfidence = AppMatchConfidence.MEDIUM,
+                        isLinkedToScannedCredential = false,
+                        isCredentialVerified = null,
+                    ),
+                ),
+                isMultiFactorIdEnabled = true,
+            ),
+        )
+
+        val identificationsJson = extras.getString(Constants.SIMPRINTS_IDENTIFICATIONS)
+        assertThat(identificationsJson).contains("\"guid\":\"$guid\"")
+        assertThat(identificationsJson).contains("\"isLinkedToCredential\":false")
+        assertThat(identificationsJson).doesNotContain("isVerified")
+    }
+
+    @Test
+    fun `identify response uses legacy format when multi-factor ID is disabled`() {
+        val guid = "guid"
+        val confidenceScore = 100
+        val extras = mapper(
+            ActionResponse.IdentifyActionResponse(
+                actionIdentifier = IdentifyRequestActionFactory.getIdentifier(),
+                sessionId = "sessionId",
+                identifications = listOf(
+                    AppMatchResult(
+                        guid = guid,
+                        confidenceScore = confidenceScore,
+                        matchConfidence = AppMatchConfidence.MEDIUM,
+                        isLinkedToScannedCredential = true,
+                        isCredentialVerified = true,
+                    ),
+                ),
+                isMultiFactorIdEnabled = false,
+            ),
+        )
+
+        assertThat(extras.getParcelableArrayList<LegacyIdentification>(Constants.SIMPRINTS_IDENTIFICATIONS)).containsExactly(
+            LegacyIdentification(guid = guid, confidence = confidenceScore, tier = LegacyTier.TIER_2),
+        )
+    }
+
+    private fun AppMatchResult.toResponseJson(): String {
+        val jsonBuilder = StringBuilder()
+        jsonBuilder.append("{\"guid\":\"$guid\"")
+        jsonBuilder.append(",\"confidenceBand\":\"${matchConfidence.name}\"")
+        jsonBuilder.append(",\"confidence\":$confidenceScore")
+        jsonBuilder.append(",\"isLinkedToCredential\":$isLinkedToScannedCredential")
+        isCredentialVerified?.let {
+            jsonBuilder.append(",\"isVerified\":$it")
+        }
+        jsonBuilder.append("}")
+        return jsonBuilder.toString()
+    }
 }
diff --git a/feature/client-api/src/test/java/com/simprints/feature/clientapi/mappers/response/OdkResponseMapperTest.kt b/feature/client-api/src/test/java/com/simprints/feature/clientapi/mappers/response/OdkResponseMapperTest.kt
index fd0bd91826..6b1349d889 100644
--- a/feature/client-api/src/test/java/com/simprints/feature/clientapi/mappers/response/OdkResponseMapperTest.kt
+++ b/feature/client-api/src/test/java/com/simprints/feature/clientapi/mappers/response/OdkResponseMapperTest.kt
@@ -54,6 +54,7 @@ class OdkResponseMapperTest {
                         matchConfidence = AppMatchConfidence.LOW,
                     ),
                 ),
+                isMultiFactorIdEnabled = false,
             ),
         )
 
@@ -73,6 +74,7 @@ class OdkResponseMapperTest {
                 actionIdentifier = IdentifyRequestActionFactory.getIdentifier(),
                 sessionId = "sessionId",
                 identifications = listOf(),
+                isMultiFactorIdEnabled = false,
             ),
         )
 
diff --git a/feature/enrol-last-biometric/src/main/java/com/simprints/feature/enrollast/screen/EnrolLastBiometricViewModel.kt b/feature/enrol-last-biometric/src/main/java/com/simprints/feature/enrollast/screen/EnrolLastBiometricViewModel.kt
index c580af08cb..0522c2149d 100644
--- a/feature/enrol-last-biometric/src/main/java/com/simprints/feature/enrollast/screen/EnrolLastBiometricViewModel.kt
+++ b/feature/enrol-last-biometric/src/main/java/com/simprints/feature/enrollast/screen/EnrolLastBiometricViewModel.kt
@@ -25,6 +25,7 @@ import com.simprints.infra.enrolment.records.repository.domain.models.SubjectAct
 import com.simprints.infra.enrolment.records.repository.domain.models.SubjectQuery
 import com.simprints.infra.events.event.domain.models.BiometricReferenceCreationEvent
 import com.simprints.infra.events.event.domain.models.EnrolmentEventV4
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureValueEvent
 import com.simprints.infra.events.session.SessionEventRepository
 import com.simprints.infra.logging.LoggingConstants.CrashReportTag.ENROLMENT
 import com.simprints.infra.logging.Simber
@@ -136,21 +137,27 @@ internal class EnrolLastBiometricViewModel @Inject constructor(
 
     private suspend fun registerEvent(subject: Subject) {
         Simber.d("Register events for enrolments", tag = ENROLMENT)
-
-        val biometricReferenceIds = eventRepository
+        val events = eventRepository
             .getEventsInCurrentSession()
+
+        val biometricReferenceIds = events
             .filterIsInstance<BiometricReferenceCreationEvent>()
             .sortedByDescending { it.payload.createdAt }
             .map { it.payload.id }
 
+        val externalCredentialIds = events
+            .filterIsInstance<ExternalCredentialCaptureValueEvent>()
+            .map { it.payload.id }
+
         eventRepository.addOrUpdateEvent(
             EnrolmentEventV4(
-                timeHelper.now(),
-                subject.subjectId,
-                subject.projectId,
-                subject.moduleId,
-                subject.attendantId,
-                biometricReferenceIds,
+                createdAt = timeHelper.now(),
+                subjectId = subject.subjectId,
+                projectId = subject.projectId,
+                moduleId = subject.moduleId,
+                attendantId = subject.attendantId,
+                biometricReferenceIds = biometricReferenceIds,
+                externalCredentialIds = externalCredentialIds,
             ),
         )
     }
diff --git a/feature/enrol-last-biometric/src/test/java/com/simprints/feature/enrollast/screen/usecase/BuildSubjectUseCaseTest.kt b/feature/enrol-last-biometric/src/test/java/com/simprints/feature/enrollast/screen/usecase/BuildSubjectUseCaseTest.kt
index c43ae557c6..89f970bc80 100644
--- a/feature/enrol-last-biometric/src/test/java/com/simprints/feature/enrollast/screen/usecase/BuildSubjectUseCaseTest.kt
+++ b/feature/enrol-last-biometric/src/test/java/com/simprints/feature/enrollast/screen/usecase/BuildSubjectUseCaseTest.kt
@@ -155,6 +155,9 @@ class BuildSubjectUseCaseTest {
             documentImagePath = null,
             zoomedCredentialImagePath = null,
             credentialBoundingBox = null,
+            scanStartTime = Timestamp(1L),
+            scanEndTime = Timestamp(1L),
+            scannedValue = TokenizableString.Raw("test"),
         )
 
         val result = useCase(createParams(steps = emptyList(), scannedCredential = scannedCredential), isAddingCredential = true)
diff --git a/feature/external-credential/build.gradle.kts b/feature/external-credential/build.gradle.kts
index e13f5f8a32..411b4dc0e1 100644
--- a/feature/external-credential/build.gradle.kts
+++ b/feature/external-credential/build.gradle.kts
@@ -15,6 +15,7 @@ dependencies {
     implementation(project(":infra:enrolment-records:repository"))
     implementation(project(":infra:auth-store"))
     implementation(project(":infra:matching"))
+    implementation(project(":infra:events"))
     implementation(project(":infra:credential-store"))
     implementation(libs.androidX.cameraX.view)
     implementation(libs.mlkit.text.recognition)
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/ext/ResourceExt.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/ext/ResourceExt.kt
index fe00b7ee70..91e30bc556 100644
--- a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/ext/ResourceExt.kt
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/ext/ResourceExt.kt
@@ -7,22 +7,17 @@ import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.infra.resources.R as IDR
 
 fun Resources.getQuantityCredentialString(
-    @PluralsRes id: Int,
+    @StringRes id: Int,
     @StringRes specificCredentialRes: Int,
     @StringRes multipleCredentialsRes: Int,
     credentialTypes: List<ExternalCredentialType>,
 ): String {
-    val credentialsAmount = credentialTypes.size
-    val documentTypeRes = if (credentialsAmount == 1) {
+    val documentTypeRes = if (credentialTypes.size == 1) {
         specificCredentialRes
     } else {
         multipleCredentialsRes
     }
-    return getQuantityString(
-        id,
-        credentialsAmount,
-        getString(documentTypeRes),
-    )
+    return getString(id, documentTypeRes)
 }
 
 fun Resources.getCredentialFieldTitle(type: ExternalCredentialType): String = when (type) {
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/controller/ExternalCredentialViewModel.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/controller/ExternalCredentialViewModel.kt
index d7f60e8678..d9f7ed06db 100644
--- a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/controller/ExternalCredentialViewModel.kt
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/controller/ExternalCredentialViewModel.kt
@@ -7,17 +7,22 @@ import androidx.lifecycle.viewModelScope
 import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.core.livedata.LiveDataEventWithContent
 import com.simprints.core.livedata.send
+import com.simprints.core.tools.time.TimeHelper
+import com.simprints.core.tools.time.Timestamp
 import com.simprints.feature.externalcredential.ExternalCredentialSearchResult
 import com.simprints.feature.externalcredential.model.ExternalCredentialParams
+import com.simprints.feature.externalcredential.usecase.ExternalCredentialEventTrackerUseCase
 import com.simprints.infra.config.sync.ConfigManager
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSelectionEvent
 import dagger.hilt.android.lifecycle.HiltViewModel
 import kotlinx.coroutines.launch
 import javax.inject.Inject
-import kotlin.collections.orEmpty
 
 @HiltViewModel
 internal class ExternalCredentialViewModel @Inject internal constructor(
+    private val timeHelper: TimeHelper,
     private val configManager: ConfigManager,
+    private val eventsTracker: ExternalCredentialEventTrackerUseCase,
 ) : ViewModel() {
     private var isInitialized = false
     lateinit var params: ExternalCredentialParams
@@ -37,6 +42,12 @@ internal class ExternalCredentialViewModel @Inject internal constructor(
         get() = _externalCredentialTypes
     private val _externalCredentialTypes = MutableLiveData<List<ExternalCredentialType>>()
 
+    private lateinit var selectionStartTime: Timestamp
+    private lateinit var selectionEventId: String
+    private lateinit var captureStartTime: Timestamp
+    private var selectedSkipReason: ExternalCredentialSelectionEvent.SkipReason? = null
+    private var selectedSkipOtherText: String? = null
+
     init {
         viewModelScope.launch {
             val config = configManager.getProjectConfiguration()
@@ -45,12 +56,31 @@ internal class ExternalCredentialViewModel @Inject internal constructor(
         }
     }
 
+    fun selectionStarted() {
+        selectionStartTime = timeHelper.now()
+    }
+
+    fun skipOptionSelected(skipOption: ExternalCredentialSelectionEvent.SkipReason) {
+        selectedSkipReason = skipOption
+    }
+
+    fun skipOtherReasonChanged(otherText: String?) {
+        selectedSkipOtherText = otherText?.ifBlank { null }
+    }
+
     private fun updateState(state: (ExternalCredentialState) -> ExternalCredentialState) {
         this.state = state(this.state)
     }
 
     fun setSelectedExternalCredentialType(selectedType: ExternalCredentialType?) {
-        updateState { it.copy(selectedType = selectedType) }
+        viewModelScope.launch {
+            if (selectedType != null) {
+                val selectionEndTime = timeHelper.now()
+                selectionEventId = eventsTracker.saveSelectionEvent(selectionStartTime, selectionEndTime, selectedType)
+                captureStartTime = timeHelper.now()
+            }
+            updateState { it.copy(selectedType = selectedType) }
+        }
     }
 
     fun setExternalCredentialValue(value: String) {
@@ -66,6 +96,20 @@ internal class ExternalCredentialViewModel @Inject internal constructor(
     }
 
     fun finish(result: ExternalCredentialSearchResult) {
-        _finishEvent.send(result)
+        viewModelScope.launch {
+            if (result.scannedCredential == null) {
+                selectedSkipReason?.let { reason ->
+                    eventsTracker.saveSkippedEvent(selectionStartTime, reason, selectedSkipOtherText)
+                }
+            } else {
+                eventsTracker.saveCaptureEvents(
+                    captureStartTime,
+                    params.subjectId.orEmpty(),
+                    result.scannedCredential,
+                    selectionEventId,
+                )
+            }
+            _finishEvent.send(result)
+        }
     }
 }
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanocr/ExternalCredentialScanOcrViewModel.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanocr/ExternalCredentialScanOcrViewModel.kt
index 494ea24d1e..72e4f155b1 100644
--- a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanocr/ExternalCredentialScanOcrViewModel.kt
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanocr/ExternalCredentialScanOcrViewModel.kt
@@ -10,6 +10,8 @@ import com.simprints.core.domain.tokenization.TokenizableString
 import com.simprints.core.domain.tokenization.asTokenizableRaw
 import com.simprints.core.livedata.LiveDataEventWithContent
 import com.simprints.core.livedata.send
+import com.simprints.core.tools.time.TimeHelper
+import com.simprints.core.tools.time.Timestamp
 import com.simprints.feature.externalcredential.screens.scanocr.model.DetectedOcrBlock
 import com.simprints.feature.externalcredential.screens.scanocr.model.OcrCropConfig
 import com.simprints.feature.externalcredential.screens.scanocr.model.OcrDocumentType
@@ -37,6 +39,7 @@ import kotlinx.coroutines.launch
 
 internal class ExternalCredentialScanOcrViewModel @AssistedInject constructor(
     @Assisted val ocrDocumentType: OcrDocumentType,
+    private val timeHelper: TimeHelper,
     private val normalizeBitmapToPreviewUseCase: NormalizeBitmapToPreviewUseCase,
     private val cropDocumentFromPreviewUseCase: CropDocumentFromPreviewUseCase,
     private val getCredentialCoordinatesUseCase: GetCredentialCoordinatesUseCase,
@@ -69,6 +72,8 @@ internal class ExternalCredentialScanOcrViewModel @AssistedInject constructor(
         get() = _finishOcrEvent
     private val _finishOcrEvent = MutableLiveData<LiveDataEventWithContent<ScannedCredential>>()
 
+    private lateinit var startTime: Timestamp
+
     private fun updateState(state: (ScanOcrState) -> ScanOcrState) {
         this.state = state(this.state)
     }
@@ -79,6 +84,7 @@ internal class ExternalCredentialScanOcrViewModel @AssistedInject constructor(
     }
 
     fun ocrStarted() {
+        startTime = timeHelper.now()
         updateState {
             ScanOcrState.ScanningInProgress(
                 ocrDocumentType = ocrDocumentType,
@@ -121,17 +127,22 @@ internal class ExternalCredentialScanOcrViewModel @AssistedInject constructor(
             val credentialType = detectedBlock.documentType.asExternalCredentialType()
             val blockBoundingBox = detectedBlock.blockBoundingBox
             val zoomedCredentialImagePath = buildZoomedImagePath(detectedBlock)
+            val detectedValueRaw = detectedBlock.readoutValue.asTokenizableRaw()
             val credential = tokenizationProcessor.encrypt(
-                decrypted = detectedBlock.readoutValue.asTokenizableRaw(),
+                decrypted = detectedValueRaw,
                 tokenKeyType = TokenKeyType.ExternalCredential,
                 project = project,
             ) as TokenizableString.Tokenized
+
             val scannedCredential = ScannedCredential(
                 credential = credential,
                 credentialType = credentialType,
                 documentImagePath = detectedBlock.imagePath,
                 zoomedCredentialImagePath = zoomedCredentialImagePath,
                 credentialBoundingBox = blockBoundingBox,
+                scanStartTime = startTime,
+                scanEndTime = timeHelper.now(),
+                scannedValue = detectedValueRaw,
             )
             _finishOcrEvent.send(scannedCredential)
             detectedBlocks = emptyList()
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanqr/ExternalCredentialScanQrFragment.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanqr/ExternalCredentialScanQrFragment.kt
index 2f02b6e221..13996eebb8 100644
--- a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanqr/ExternalCredentialScanQrFragment.kt
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanqr/ExternalCredentialScanQrFragment.kt
@@ -43,7 +43,6 @@ import kotlinx.coroutines.flow.catch
 import kotlinx.coroutines.flow.collectLatest
 import kotlinx.coroutines.launch
 import javax.inject.Inject
-import kotlin.getValue
 import com.simprints.infra.resources.R as IDR
 
 @AndroidEntryPoint
@@ -144,6 +143,9 @@ internal class ExternalCredentialScanQrFragment : Fragment(R.layout.fragment_ext
                     documentImagePath = null,
                     credentialBoundingBox = null,
                     zoomedCredentialImagePath = null,
+                    scanStartTime = state.scanStartTime,
+                    scanEndTime = state.scanEndTime,
+                    scannedValue = state.qrCode,
                 )
                 findNavController().navigateSafely(
                     this@ExternalCredentialScanQrFragment,
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanqr/ExternalCredentialScanQrViewModel.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanqr/ExternalCredentialScanQrViewModel.kt
index 033a18bd92..17be0e35f2 100644
--- a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanqr/ExternalCredentialScanQrViewModel.kt
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanqr/ExternalCredentialScanQrViewModel.kt
@@ -7,6 +7,8 @@ import androidx.lifecycle.viewModelScope
 import com.simprints.core.domain.permission.PermissionStatus
 import com.simprints.core.domain.tokenization.TokenizableString
 import com.simprints.core.domain.tokenization.asTokenizableRaw
+import com.simprints.core.tools.time.TimeHelper
+import com.simprints.core.tools.time.Timestamp
 import com.simprints.feature.externalcredential.screens.scanqr.usecase.ExternalCredentialQrCodeValidatorUseCase
 import com.simprints.infra.authstore.AuthStore
 import com.simprints.infra.config.store.models.TokenKeyType
@@ -18,11 +20,13 @@ import javax.inject.Inject
 
 @HiltViewModel
 internal class ExternalCredentialScanQrViewModel @Inject constructor(
+    private val timeHelper: TimeHelper,
     private val externalCredentialQrCodeValidator: ExternalCredentialQrCodeValidatorUseCase,
     private val authStore: AuthStore,
     private val configManager: ConfigManager,
     private val tokenizationProcessor: TokenizationProcessor,
 ) : ViewModel() {
+    private lateinit var startTime: Timestamp
     private var state: ScanQrState = ScanQrState.ReadyToScan
         set(value) {
             field = value
@@ -46,7 +50,12 @@ internal class ExternalCredentialScanQrViewModel @Inject constructor(
                         tokenKeyType = TokenKeyType.ExternalCredential,
                         project = project,
                     ) as TokenizableString.Tokenized
-                    ScanQrState.QrCodeCaptured(qrCode = value.asTokenizableRaw(), qrCodeEncrypted = qrCodeEncrypted)
+                    ScanQrState.QrCodeCaptured(
+                        scanStartTime = startTime,
+                        scanEndTime = timeHelper.now(),
+                        qrCode = value.asTokenizableRaw(),
+                        qrCodeEncrypted = qrCodeEncrypted,
+                    )
                 }
             }
             updateState { newState }
@@ -55,7 +64,10 @@ internal class ExternalCredentialScanQrViewModel @Inject constructor(
 
     fun updateCameraPermissionStatus(permissionStatus: PermissionStatus) {
         val newState = when (permissionStatus) {
-            PermissionStatus.Granted -> ScanQrState.ReadyToScan
+            PermissionStatus.Granted -> {
+                startTime = timeHelper.now() // Reset scan timer
+                ScanQrState.ReadyToScan
+            }
             PermissionStatus.Denied -> ScanQrState.NoCameraPermission(shouldOpenPhoneSettings = false)
             PermissionStatus.DeniedNeverAskAgain -> ScanQrState.NoCameraPermission(shouldOpenPhoneSettings = true)
         }
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanqr/ScanQrState.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanqr/ScanQrState.kt
index 6ee7decf90..c3f2720756 100644
--- a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanqr/ScanQrState.kt
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/scanqr/ScanQrState.kt
@@ -1,6 +1,7 @@
 package com.simprints.feature.externalcredential.screens.scanqr
 
 import com.simprints.core.domain.tokenization.TokenizableString
+import com.simprints.core.tools.time.Timestamp
 
 sealed class ScanQrState {
     data object ReadyToScan : ScanQrState()
@@ -10,6 +11,8 @@ sealed class ScanQrState {
     ) : ScanQrState()
 
     data class QrCodeCaptured(
+        val scanStartTime: Timestamp,
+        val scanEndTime: Timestamp,
         val qrCode: TokenizableString.Raw,
         val qrCodeEncrypted: TokenizableString.Tokenized,
     ) : ScanQrState()
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/search/ExternalCredentialSearchFragment.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/search/ExternalCredentialSearchFragment.kt
index 11f6868b98..9df99a4d9b 100644
--- a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/search/ExternalCredentialSearchFragment.kt
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/search/ExternalCredentialSearchFragment.kt
@@ -202,6 +202,7 @@ internal class ExternalCredentialSearchFragment : Fragment(R.layout.fragment_ext
             viewModel.finish(state)
         }
         buttonRecapture.setOnClickListener {
+            viewModel.trackRecapture()
             findNavController().navigateSafely(
                 this@ExternalCredentialSearchFragment,
                 ExternalCredentialSearchFragmentDirections.actionExternalCredentialSearchToExternalCredentialSelectFragment(),
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/search/ExternalCredentialSearchViewModel.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/search/ExternalCredentialSearchViewModel.kt
index 8a704840af..d13785ac91 100644
--- a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/search/ExternalCredentialSearchViewModel.kt
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/search/ExternalCredentialSearchViewModel.kt
@@ -10,18 +10,21 @@ import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.core.domain.tokenization.TokenizableString
 import com.simprints.core.livedata.LiveDataEventWithContent
 import com.simprints.core.livedata.send
+import com.simprints.core.tools.time.TimeHelper
 import com.simprints.feature.externalcredential.ExternalCredentialSearchResult
 import com.simprints.feature.externalcredential.model.ExternalCredentialParams
 import com.simprints.feature.externalcredential.screens.search.model.ScannedCredential
 import com.simprints.feature.externalcredential.screens.search.model.SearchCredentialState
 import com.simprints.feature.externalcredential.screens.search.model.SearchState
 import com.simprints.feature.externalcredential.screens.search.usecase.MatchCandidatesUseCase
+import com.simprints.feature.externalcredential.usecase.ExternalCredentialEventTrackerUseCase
 import com.simprints.infra.authstore.AuthStore
 import com.simprints.infra.config.store.models.TokenKeyType
 import com.simprints.infra.config.store.tokenization.TokenizationProcessor
 import com.simprints.infra.config.sync.ConfigManager
 import com.simprints.infra.enrolment.records.repository.EnrolmentRecordRepository
 import com.simprints.infra.enrolment.records.repository.domain.models.SubjectQuery
+import com.simprints.infra.events.event.domain.models.ExternalCredentialConfirmationEvent.ExternalCredentialConfirmationResult
 import dagger.assisted.Assisted
 import dagger.assisted.AssistedFactory
 import dagger.assisted.AssistedInject
@@ -31,11 +34,13 @@ import com.simprints.infra.resources.R as IDR
 internal class ExternalCredentialSearchViewModel @AssistedInject constructor(
     @Assisted val scannedCredential: ScannedCredential,
     @Assisted val externalCredentialParams: ExternalCredentialParams,
+    private val timeHelper: TimeHelper,
     private val authStore: AuthStore,
     private val configManager: ConfigManager,
     private val matchCandidatesUseCase: MatchCandidatesUseCase,
     private val tokenizationProcessor: TokenizationProcessor,
     private val enrolmentRecordRepository: EnrolmentRecordRepository,
+    private val eventsTracker: ExternalCredentialEventTrackerUseCase,
 ) : ViewModel() {
     @AssistedFactory
     interface Factory {
@@ -57,6 +62,8 @@ internal class ExternalCredentialSearchViewModel @AssistedInject constructor(
     private val _stateLiveData = MutableLiveData(state)
     val stateLiveData: LiveData<SearchCredentialState> = _stateLiveData
 
+    private val confirmationStartTime = timeHelper.now()
+
     private fun updateState(state: (SearchCredentialState) -> SearchCredentialState) {
         this.state = state(this.state)
     }
@@ -129,11 +136,19 @@ internal class ExternalCredentialSearchViewModel @AssistedInject constructor(
         updateState { it.copy(searchState = SearchState.Searching) }
         val project = configManager.getProject(authStore.signedInProjectId)
         val candidates = enrolmentRecordRepository.load(SubjectQuery(projectId = project.id, externalCredential = credential))
+
+        val startTime = timeHelper.now()
         when {
-            candidates.isEmpty() -> updateState { it.copy(searchState = SearchState.CredentialNotFound) }
+            candidates.isEmpty() -> {
+                eventsTracker.saveSearchEvent(startTime, scannedCredential.credentialScanId, emptyList())
+                updateState { it.copy(searchState = SearchState.CredentialNotFound) }
+            }
+
             else -> {
                 val projectConfig = configManager.getProjectConfiguration()
                 val matches = matchCandidatesUseCase(candidates, credential, externalCredentialParams, project, projectConfig)
+                eventsTracker.saveSearchEvent(startTime, scannedCredential.credentialScanId, candidates)
+
                 updateState { state -> state.copy(searchState = SearchState.CredentialLinked(matchResults = matches)) }
             }
         }
@@ -149,20 +164,35 @@ internal class ExternalCredentialSearchViewModel @AssistedInject constructor(
         ExternalCredentialType.QRCode -> InputType.TYPE_CLASS_TEXT
     }
 
+    fun trackRecapture() {
+        viewModelScope.launch {
+            eventsTracker.saveConfirmation(
+                confirmationStartTime,
+                ExternalCredentialConfirmationResult.RECAPTURE,
+            )
+        }
+    }
+
     fun finish(state: SearchCredentialState) {
-        val matches = when (val searchState = state.searchState) {
-            SearchState.Searching,
-            SearchState.CredentialNotFound,
-            -> emptyList()
+        viewModelScope.launch {
+            eventsTracker.saveConfirmation(
+                confirmationStartTime,
+                ExternalCredentialConfirmationResult.CONTINUE,
+            )
+            val matches = when (val searchState = state.searchState) {
+                SearchState.Searching,
+                SearchState.CredentialNotFound,
+                -> emptyList()
 
-            is SearchState.CredentialLinked -> searchState.matchResults
+                is SearchState.CredentialLinked -> searchState.matchResults
+            }
+            _finishEvent.send(
+                ExternalCredentialSearchResult(
+                    flowType = externalCredentialParams.flowType,
+                    scannedCredential = state.scannedCredential,
+                    matchResults = matches,
+                ),
+            )
         }
-        _finishEvent.send(
-            ExternalCredentialSearchResult(
-                flowType = externalCredentialParams.flowType,
-                scannedCredential = state.scannedCredential,
-                matchResults = matches,
-            ),
-        )
     }
 }
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/search/model/ScannedCredential.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/search/model/ScannedCredential.kt
index 005f1e90fd..134340f857 100644
--- a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/search/model/ScannedCredential.kt
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/search/model/ScannedCredential.kt
@@ -4,22 +4,26 @@ import androidx.annotation.Keep
 import com.simprints.core.domain.externalcredential.ExternalCredential
 import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.core.domain.tokenization.TokenizableString
+import com.simprints.core.tools.time.Timestamp
+import com.simprints.core.tools.utils.randomUUID
 import com.simprints.feature.externalcredential.model.BoundingBox
 import java.io.Serializable
-import java.util.UUID
-import kotlin.toString
 
 @Keep
 data class ScannedCredential(
+    val credentialScanId: String = randomUUID(),
     val credential: TokenizableString.Tokenized,
     val credentialType: ExternalCredentialType,
     val documentImagePath: String?,
     val zoomedCredentialImagePath: String?,
     val credentialBoundingBox: BoundingBox?,
+    val scanStartTime: Timestamp,
+    val scanEndTime: Timestamp,
+    val scannedValue: TokenizableString.Raw,
 ) : Serializable
 
 fun ScannedCredential.toExternalCredential(subjectId: String) = ExternalCredential(
-    id = UUID.randomUUID().toString(),
+    id = credentialScanId,
     value = credential,
     subjectId = subjectId,
     type = credentialType,
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/select/ExternalCredentialSelectFragment.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/select/ExternalCredentialSelectFragment.kt
index 6ab288a498..630034402c 100644
--- a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/select/ExternalCredentialSelectFragment.kt
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/select/ExternalCredentialSelectFragment.kt
@@ -7,6 +7,7 @@ import android.widget.Button
 import android.widget.TextView
 import androidx.fragment.app.Fragment
 import androidx.fragment.app.activityViewModels
+import androidx.fragment.app.viewModels
 import androidx.navigation.fragment.findNavController
 import androidx.recyclerview.widget.LinearLayoutManager
 import com.google.android.material.bottomsheet.BottomSheetBehavior
@@ -74,7 +75,7 @@ internal class ExternalCredentialSelectFragment : Fragment(R.layout.fragment_ext
 
     private fun initViews(types: List<ExternalCredentialType>) {
         binding.title.text = resources.getQuantityCredentialString(
-            id = IDR.plurals.mfid_scan_action,
+            id = IDR.string.mfid_scan_action,
             specificCredentialRes = resources.getCredentialTypeRes(types.firstOrNull()),
             multipleCredentialsRes = IDR.string.mfid_type_any_document,
             credentialTypes = types,
@@ -87,6 +88,7 @@ internal class ExternalCredentialSelectFragment : Fragment(R.layout.fragment_ext
             fillRecyclerView(externalCredentialTypes)
             initViews(externalCredentialTypes)
             initListeners(externalCredentialTypes)
+            mainViewModel.selectionStarted()
         }
     }
 
@@ -136,7 +138,7 @@ internal class ExternalCredentialSelectFragment : Fragment(R.layout.fragment_ext
                     val confirmButton = view.findViewById<Button>(R.id.buttonSkip)
 
                     bodyText.text = resources.getQuantityCredentialString(
-                        id = IDR.plurals.mfid_dialog_skip_scan_body,
+                        id = IDR.string.mfid_skip_scan_dialog_body,
                         credentialTypes = credentialTypes,
                         specificCredentialRes = resources.getCredentialTypeRes(credentialTypes.firstOrNull()),
                         multipleCredentialsRes = IDR.string.mfid_type_any_document,
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/select/view/ExternalCredentialTypeAdapter.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/select/view/ExternalCredentialTypeAdapter.kt
index 358bfe1682..6898a68470 100644
--- a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/select/view/ExternalCredentialTypeAdapter.kt
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/select/view/ExternalCredentialTypeAdapter.kt
@@ -36,7 +36,7 @@ internal class ExternalCredentialTypeAdapter(
                 ExternalCredentialType.GhanaIdCard -> IDR.string.mfid_type_ghana_id_card
                 ExternalCredentialType.QRCode -> IDR.string.mfid_type_qr_code
             }.run(c::getString)
-            val text = c.resources.getQuantityString(IDR.plurals.mfid_scan_action, 1, credentialTypeText)
+            val text = c.resources.getString(IDR.string.mfid_scan_action, credentialTypeText)
             val image = when (credentialType) {
                 ExternalCredentialType.NHISCard -> R.drawable.ghana_nhis_card
                 ExternalCredentialType.GhanaIdCard -> R.drawable.ghana_id_card
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/skip/ExternalCredentialSkipFragment.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/skip/ExternalCredentialSkipFragment.kt
index edec286386..e0e7675cc3 100644
--- a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/skip/ExternalCredentialSkipFragment.kt
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/screens/skip/ExternalCredentialSkipFragment.kt
@@ -13,6 +13,7 @@ import com.simprints.feature.externalcredential.R
 import com.simprints.feature.externalcredential.databinding.FragmentExternalCredentialSkipBinding
 import com.simprints.feature.externalcredential.ext.getCredentialTypeString
 import com.simprints.feature.externalcredential.screens.controller.ExternalCredentialViewModel
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSelectionEvent
 import com.simprints.infra.uibase.viewbinding.viewBinding
 import dagger.hilt.android.AndroidEntryPoint
 import com.simprints.infra.resources.R as IDR
@@ -39,19 +40,15 @@ class ExternalCredentialSkipFragment : Fragment(R.layout.fragment_external_crede
     }
 
     private fun initViews(credentialTypes: List<ExternalCredentialType>) = with(binding) {
-        val dynamicTextReasonItemMap =
-            mapOf(
-                title to IDR.string.mfid_skip_title,
-                skipReasonDoesNotHaveDocument to IDR.string.mfid_skip_reason_does_not_have,
-                skipReasonDidNotBring to IDR.string.mfid_skip_reason_did_not_bring,
-                skipReasonIncorrect to IDR.string.mfid_skip_reason_incorrect,
-                skipReasonDoesNotWantToProvide to IDR.string.mfid_skip_reason_does_not_want_to_provide,
-                skipReasonDamaged to IDR.string.mfid_skip_reason_damaged,
-                skipReasonUnableToScan to IDR.string.mfid_skip_reason_unable_to_scan,
-            )
-        dynamicTextReasonItemMap.forEach { entry ->
-            val textView = entry.key
-            val stringRes = entry.value
+        mapOf(
+            title to IDR.string.mfid_skip_title,
+            skipReasonDoesNotHaveDocument to IDR.string.mfid_skip_reason_does_not_have,
+            skipReasonDidNotBring to IDR.string.mfid_skip_reason_did_not_bring,
+            skipReasonIncorrect to IDR.string.mfid_skip_reason_incorrect,
+            skipReasonDoesNotWantToProvide to IDR.string.mfid_skip_reason_does_not_want_to_provide,
+            skipReasonDamaged to IDR.string.mfid_skip_reason_damaged,
+            skipReasonUnableToScan to IDR.string.mfid_skip_reason_unable_to_scan,
+        ).forEach { (textView, stringRes) ->
             val credentialText = when (credentialTypes.size) {
                 1 -> resources.getCredentialTypeString(credentialTypes.first())
                 else -> getString(IDR.string.mfid_type_any_document)
@@ -62,6 +59,7 @@ class ExternalCredentialSkipFragment : Fragment(R.layout.fragment_external_crede
 
     private fun initListeners() = with(binding) {
         skipCredentialScanRadioGroup.setOnCheckedChangeListener { _, checkedId ->
+            mainViewModel.skipOptionSelected(viewIdToOption(checkedId))
             reasonTextInputLayout.isVisible = checkedId == R.id.skipReasonOther
 
             val isSkipButtonEnabled = when (checkedId) {
@@ -75,7 +73,9 @@ class ExternalCredentialSkipFragment : Fragment(R.layout.fragment_external_crede
         }
         reasonTextInput.addTextChangedListener(
             afterTextChanged = {
-                buttonSkip.isEnabled = it.toString().isNotEmpty()
+                val text = it.toString()
+                mainViewModel.skipOtherReasonChanged(text)
+                buttonSkip.isEnabled = text.isNotEmpty()
             },
         )
         buttonGoBack.setOnClickListener {
@@ -93,4 +93,14 @@ class ExternalCredentialSkipFragment : Fragment(R.layout.fragment_external_crede
             )
         }
     }
+
+    private fun viewIdToOption(checkedId: Int) = when (checkedId) {
+        R.id.skipReasonDoesNotHaveDocument -> ExternalCredentialSelectionEvent.SkipReason.DOES_NOT_HAVE_ID
+        R.id.skipReasonDidNotBring -> ExternalCredentialSelectionEvent.SkipReason.DID_NOT_BRING_ID
+        R.id.skipReasonIncorrect -> ExternalCredentialSelectionEvent.SkipReason.BROUGHT_INCORRECT_ID
+        R.id.skipReasonDoesNotWantToProvide -> ExternalCredentialSelectionEvent.SkipReason.NO_CONSENT
+        R.id.skipReasonDamaged -> ExternalCredentialSelectionEvent.SkipReason.ID_DAMAGED
+        R.id.skipReasonUnableToScan -> ExternalCredentialSelectionEvent.SkipReason.UNABLE_TO_SCAN
+        else -> ExternalCredentialSelectionEvent.SkipReason.OTHER
+    }
 }
diff --git a/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/usecase/ExternalCredentialEventTrackerUseCase.kt b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/usecase/ExternalCredentialEventTrackerUseCase.kt
new file mode 100644
index 0000000000..65a7e57218
--- /dev/null
+++ b/feature/external-credential/src/main/java/com/simprints/feature/externalcredential/usecase/ExternalCredentialEventTrackerUseCase.kt
@@ -0,0 +1,138 @@
+package com.simprints.feature.externalcredential.usecase
+
+import com.simprints.core.domain.externalcredential.ExternalCredential
+import com.simprints.core.domain.externalcredential.ExternalCredentialType
+import com.simprints.core.tools.time.TimeHelper
+import com.simprints.core.tools.time.Timestamp
+import com.simprints.feature.externalcredential.screens.scanocr.usecase.CalculateLevenshteinDistanceUseCase
+import com.simprints.feature.externalcredential.screens.search.model.ScannedCredential
+import com.simprints.feature.externalcredential.screens.search.model.toExternalCredential
+import com.simprints.infra.authstore.AuthStore
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.config.store.tokenization.TokenizationProcessor
+import com.simprints.infra.config.sync.ConfigManager
+import com.simprints.infra.enrolment.records.repository.domain.models.Subject
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureValueEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialConfirmationEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialConfirmationEvent.ExternalCredentialConfirmationResult
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSearchEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSelectionEvent
+import com.simprints.infra.events.session.SessionEventRepository
+import com.simprints.infra.logging.Simber
+import javax.inject.Inject
+
+internal class ExternalCredentialEventTrackerUseCase @Inject constructor(
+    private val timeHelper: TimeHelper,
+    private val authStore: AuthStore,
+    private val configManager: ConfigManager,
+    private val tokenizationProcessor: TokenizationProcessor,
+    private val eventRepository: SessionEventRepository,
+    private val calculateDistance: CalculateLevenshteinDistanceUseCase,
+) {
+    suspend fun saveSearchEvent(
+        startTime: Timestamp,
+        externalCredentialId: String,
+        candidates: List<Subject>,
+    ) {
+        eventRepository.addOrUpdateEvent(
+            ExternalCredentialSearchEvent(
+                createdAt = startTime,
+                endedAt = timeHelper.now(),
+                probeExternalCredentialId = externalCredentialId,
+                candidateIds = candidates.map { it.subjectId },
+            ),
+        )
+    }
+
+    suspend fun saveCaptureEvents(
+        startTime: Timestamp,
+        subjectId: String,
+        scannedCredential: ScannedCredential,
+        selectionEventId: String,
+    ) {
+        Simber.d("Saving External Credential Events for $scannedCredential")
+        val credential = scannedCredential.toExternalCredential(subjectId)
+        eventRepository.addOrUpdateEvent(
+            ExternalCredentialCaptureValueEvent(
+                createdAt = timeHelper.now(),
+                payloadId = scannedCredential.credentialScanId,
+                credential = credential,
+            ),
+        )
+
+        eventRepository.addOrUpdateEvent(
+            ExternalCredentialCaptureEvent(
+                startTime = startTime,
+                endTime = timeHelper.now(),
+                payloadId = scannedCredential.credentialScanId,
+                autoCaptureStartTime = scannedCredential.scanStartTime,
+                autoCaptureEndTime = scannedCredential.scanEndTime,
+                ocrErrorCount = calculateOcrErrorCount(scannedCredential),
+                capturedTextLength = getActualCapturedCredentialLength(scannedCredential),
+                credentialTextLength = getExpectedCredentialValueLength(credential),
+                selectionId = selectionEventId,
+            ),
+        )
+    }
+
+    private fun getActualCapturedCredentialLength(scannedCredential: ScannedCredential): Int = scannedCredential.scannedValue.value.length
+
+    private fun getExpectedCredentialValueLength(credential: ExternalCredential): Int = when (credential.type) {
+        ExternalCredentialType.NHISCard -> NHIS_CARD_ID_LENGTH
+        ExternalCredentialType.GhanaIdCard -> GHANA_ID_CARD_ID_LENGTH
+        ExternalCredentialType.QRCode -> QR_CODE_LENGTH
+    }
+
+    private suspend fun calculateOcrErrorCount(scannedCredential: ScannedCredential): Int {
+        val project = configManager.getProject(authStore.signedInProjectId)
+        val actualCredentialRaw = tokenizationProcessor.decrypt(
+            scannedCredential.credential,
+            TokenKeyType.ExternalCredential,
+            project,
+        )
+        return calculateDistance(
+            scannedCredential.scannedValue.value,
+            actualCredentialRaw.value,
+        )
+    }
+
+    suspend fun saveSelectionEvent(
+        startTime: Timestamp,
+        endTime: Timestamp,
+        selectedType: ExternalCredentialType,
+    ): String {
+        val event = ExternalCredentialSelectionEvent(startTime, endTime, selectedType)
+        eventRepository.addOrUpdateEvent(event)
+        return event.id
+    }
+
+    suspend fun saveSkippedEvent(
+        startTime: Timestamp,
+        skipReason: ExternalCredentialSelectionEvent.SkipReason,
+        skipOther: String?,
+    ) {
+        eventRepository.addOrUpdateEvent(
+            ExternalCredentialSelectionEvent(startTime, timeHelper.now(), skipReason, skipOther),
+        )
+    }
+
+    suspend fun saveConfirmation(
+        startTime: Timestamp,
+        result: ExternalCredentialConfirmationResult,
+    ) {
+        eventRepository.addOrUpdateEvent(
+            ExternalCredentialConfirmationEvent(
+                createdAt = startTime,
+                endedAt = timeHelper.now(),
+                result = result,
+            ),
+        )
+    }
+
+    companion object Companion {
+        private const val NHIS_CARD_ID_LENGTH = 8
+        private const val GHANA_ID_CARD_ID_LENGTH = 15
+        private const val QR_CODE_LENGTH = 6
+    }
+}
diff --git a/feature/external-credential/src/main/res/layout/dialog_skip_scan_confirm.xml b/feature/external-credential/src/main/res/layout/dialog_skip_scan_confirm.xml
index 77ff066c46..7a98e07ac1 100644
--- a/feature/external-credential/src/main/res/layout/dialog_skip_scan_confirm.xml
+++ b/feature/external-credential/src/main/res/layout/dialog_skip_scan_confirm.xml
@@ -27,7 +27,7 @@
                 style="@style/Text.Headline5"
                 android:layout_width="match_parent"
                 android:layout_height="wrap_content"
-                android:text="@string/mfid_dialog_skip_scan_title" />
+                android:text="@string/mfid_skip_scan_dialog_title" />
 
             <View
                 android:layout_width="match_parent"
@@ -52,7 +52,7 @@
             android:layout_width="match_parent"
             android:layout_height="wrap_content"
             android:layout_marginTop="16dp"
-            android:text="@string/mfid_dialog_skip_scan_confirm"
+            android:text="@string/mfid_skip_scan_dialog_confirm"
             android:textColor="@color/simprints_red" />
 
         <Button
diff --git a/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/controller/ExternalCredentialViewModelTest.kt b/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/controller/ExternalCredentialViewModelTest.kt
index 6bb1ac635d..669d457236 100644
--- a/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/controller/ExternalCredentialViewModelTest.kt
+++ b/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/controller/ExternalCredentialViewModelTest.kt
@@ -5,12 +5,21 @@ import com.google.common.truth.Truth.assertThat
 import com.jraska.livedata.test
 import com.simprints.core.domain.common.FlowType
 import com.simprints.core.domain.externalcredential.ExternalCredentialType
+import com.simprints.core.domain.tokenization.asTokenizableEncrypted
+import com.simprints.core.domain.tokenization.asTokenizableRaw
+import com.simprints.core.tools.time.TimeHelper
+import com.simprints.core.tools.time.Timestamp
 import com.simprints.feature.externalcredential.ExternalCredentialSearchResult
+import com.simprints.feature.externalcredential.model.BoundingBox
 import com.simprints.feature.externalcredential.model.ExternalCredentialParams
+import com.simprints.feature.externalcredential.screens.search.model.ScannedCredential
+import com.simprints.feature.externalcredential.usecase.ExternalCredentialEventTrackerUseCase
 import com.simprints.infra.config.sync.ConfigManager
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSelectionEvent
 import com.simprints.testtools.common.coroutines.TestCoroutineRule
 import io.mockk.MockKAnnotations
 import io.mockk.coEvery
+import io.mockk.coVerify
 import io.mockk.every
 import io.mockk.impl.annotations.MockK
 import io.mockk.mockk
@@ -26,6 +35,12 @@ internal class ExternalCredentialViewModelTest {
     @get:Rule
     val testCoroutineRule = TestCoroutineRule()
 
+    @MockK
+    lateinit var eventsTracker: ExternalCredentialEventTrackerUseCase
+
+    @MockK
+    lateinit var timeHelper: TimeHelper
+
     @MockK
     private lateinit var configManager: ConfigManager
     private lateinit var viewModel: ExternalCredentialViewModel
@@ -33,7 +48,12 @@ internal class ExternalCredentialViewModelTest {
     @Before
     fun setUp() {
         MockKAnnotations.init(this, relaxed = true)
-        viewModel = ExternalCredentialViewModel(configManager = configManager)
+        viewModel = ExternalCredentialViewModel(
+            configManager = configManager,
+            timeHelper = timeHelper,
+            eventsTracker = eventsTracker,
+        )
+        every { timeHelper.now() } returns Timestamp(1L)
     }
 
     @Test
@@ -46,6 +66,7 @@ internal class ExternalCredentialViewModelTest {
     fun `setSelectedExternalCredentialType updates state`() {
         val observer = viewModel.stateLiveData.test()
 
+        viewModel.selectionStarted()
         viewModel.setSelectedExternalCredentialType(ExternalCredentialType.GhanaIdCard)
 
         assertThat(observer.value()?.selectedType).isEqualTo(ExternalCredentialType.GhanaIdCard)
@@ -87,13 +108,68 @@ internal class ExternalCredentialViewModelTest {
     }
 
     @Test
-    fun `finish sends result to finishEvent`() {
-        val observer = viewModel.finishEvent.test()
-        val mockResult = mockk<ExternalCredentialSearchResult>(relaxed = true)
+    fun `finish sends result to finishEvent`() = runTest {
+        val mockResult = mockk<ExternalCredentialSearchResult>(relaxed = true) {
+            every { scannedCredential } returns null
+        }
         viewModel.finish(mockResult)
+        val observer = viewModel.finishEvent
+            .test()
+            .value()
+            .getContentIfNotHandled()
+
+        assertThat(observer).isNotNull()
+        assertThat(observer).isEqualTo(mockResult)
+    }
 
-        assertThat(observer.value()).isNotNull()
-        assertThat(observer.value()?.peekContent()).isEqualTo(mockResult)
+    @Test
+    fun `finish handles non-null scannedCredential in result`() = runTest {
+        val subjectId = "subjectId"
+        val flowType = FlowType.IDENTIFY
+        val params = createParams(subjectId, flowType)
+        val credentialSearchResult = mockk<ExternalCredentialSearchResult>(relaxed = true) {
+            every { scannedCredential } returns createScannedCredential()
+        }
+        viewModel.init(params)
+        viewModel.selectionStarted()
+        viewModel.setSelectedExternalCredentialType(ExternalCredentialType.QRCode) // init capture timer
+        viewModel.finish(credentialSearchResult)
+
+        val observer = viewModel.finishEvent
+            .test()
+            .value()
+            .getContentIfNotHandled()
+
+        assertThat(observer).isEqualTo(credentialSearchResult)
+    }
+
+    @Test
+    fun `finish saves success flow events`() = runTest {
+        val mockResult = mockk<ExternalCredentialSearchResult>(relaxed = true) {
+            every { scannedCredential } returns mockk(relaxed = true)
+        }
+        coEvery { eventsTracker.saveSelectionEvent(any(), any(), any()) } returns "selectionId"
+
+        viewModel.selectionStarted()
+        viewModel.init(createParams(subjectId = "subjectId", FlowType.IDENTIFY))
+        viewModel.setSelectedExternalCredentialType(ExternalCredentialType.QRCode) // init capture timer
+        viewModel.finish(mockResult)
+
+        coVerify { eventsTracker.saveSelectionEvent(any(), any(), any()) }
+        coVerify { eventsTracker.saveCaptureEvents(any(), any(), any(), any()) }
+    }
+
+    @Test
+    fun `finish saves skip event`() = runTest {
+        val mockResult = mockk<ExternalCredentialSearchResult>(relaxed = true) {
+            every { scannedCredential } returns null
+        }
+        viewModel.selectionStarted()
+        viewModel.skipOptionSelected(ExternalCredentialSelectionEvent.SkipReason.OTHER)
+        viewModel.skipOtherReasonChanged("other")
+        viewModel.finish(mockResult)
+
+        coVerify { eventsTracker.saveSkippedEvent(any(), any(), any()) }
     }
 
     @Test
@@ -102,28 +178,48 @@ internal class ExternalCredentialViewModelTest {
             ExternalCredentialType.NHISCard,
             ExternalCredentialType.GhanaIdCard,
         )
-        setupProjectConfig(allowedCredentials = allowedCredentials)
-        val viewModel = ExternalCredentialViewModel(configManager = configManager)
+        val viewModel = setupViewModel(allowedCredentials = allowedCredentials)
         val observer = viewModel.externalCredentialTypes.test()
         assertThat(observer.value()).isEqualTo(allowedCredentials)
     }
 
     @Test
     fun `init block sets empty list if no allowed credentials configured`() = runTest {
-        setupProjectConfig(allowedCredentials = emptyList())
-        val viewModel = ExternalCredentialViewModel(configManager = configManager)
+        val viewModel = setupViewModel(allowedCredentials = emptyList())
         val observer = viewModel.externalCredentialTypes.test()
         assertThat(observer.value()).isEmpty()
     }
 
-    private fun setupProjectConfig(allowedCredentials: List<ExternalCredentialType>) {
+    private fun setupViewModel(allowedCredentials: List<ExternalCredentialType>): ExternalCredentialViewModel {
         coEvery { configManager.getProjectConfiguration() } returns mockk {
             every { multifactorId } returns mockk {
                 every { allowedExternalCredentials } returns allowedCredentials
             }
         }
+        return ExternalCredentialViewModel(
+            configManager = configManager,
+            timeHelper = timeHelper,
+            eventsTracker = eventsTracker,
+        )
     }
 
+    private fun createScannedCredential(
+        credential: String = "credential",
+        credentialType: ExternalCredentialType = ExternalCredentialType.NHISCard,
+        documentImagePath: String? = "documentImagePath",
+        zoomedCredentialImagePath: String? = "zoomedCredentialImagePath",
+        credentialBoundingBox: BoundingBox? = BoundingBox(0, 0, 100, 100),
+    ) = ScannedCredential(
+        credential = credential.asTokenizableEncrypted(),
+        credentialType = credentialType,
+        documentImagePath = documentImagePath,
+        zoomedCredentialImagePath = zoomedCredentialImagePath,
+        credentialBoundingBox = credentialBoundingBox,
+        scanStartTime = Timestamp(1L),
+        scanEndTime = Timestamp(2L),
+        scannedValue = credential.asTokenizableRaw(),
+    )
+
     private fun createParams(
         subjectId: String,
         flowType: FlowType,
diff --git a/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/scanocr/ExternalCredentialScanOcrViewModelTest.kt b/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/scanocr/ExternalCredentialScanOcrViewModelTest.kt
index 85c0d90b86..bf70d7fc5c 100644
--- a/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/scanocr/ExternalCredentialScanOcrViewModelTest.kt
+++ b/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/scanocr/ExternalCredentialScanOcrViewModelTest.kt
@@ -5,6 +5,8 @@ import androidx.arch.core.executor.testing.InstantTaskExecutorRule
 import com.google.common.truth.Truth.*
 import com.jraska.livedata.test
 import com.simprints.core.domain.tokenization.TokenizableString
+import com.simprints.core.tools.time.TimeHelper
+import com.simprints.core.tools.time.Timestamp
 import com.simprints.feature.externalcredential.model.BoundingBox
 import com.simprints.feature.externalcredential.screens.scanocr.model.DetectedOcrBlock
 import com.simprints.feature.externalcredential.screens.scanocr.model.OcrCropConfig
@@ -28,6 +30,7 @@ import kotlinx.coroutines.test.runTest
 import org.junit.Before
 import org.junit.Rule
 import org.junit.Test
+import kotlin.concurrent.timer
 
 internal class ExternalCredentialScanOcrViewModelTest {
     @get:Rule
@@ -36,6 +39,9 @@ internal class ExternalCredentialScanOcrViewModelTest {
     @get:Rule
     val testCoroutineRule = TestCoroutineRule()
 
+    @MockK
+    private lateinit var timeHelper: TimeHelper
+
     @MockK
     private lateinit var normalizeBitmapToPreviewUseCase: NormalizeBitmapToPreviewUseCase
 
@@ -77,10 +83,13 @@ internal class ExternalCredentialScanOcrViewModelTest {
     fun setUp() {
         MockKAnnotations.init(this, relaxed = true)
         viewModel = initViewModel(documentType)
+
+        every { timeHelper.now() } returns Timestamp(1L)
     }
 
     private fun initViewModel(documentType: OcrDocumentType) = ExternalCredentialScanOcrViewModel(
         ocrDocumentType = documentType,
+        timeHelper = timeHelper,
         normalizeBitmapToPreviewUseCase = normalizeBitmapToPreviewUseCase,
         cropDocumentFromPreviewUseCase = cropDocumentFromPreviewUseCase,
         getCredentialCoordinatesUseCase = getCredentialCoordinatesUseCase,
@@ -151,6 +160,7 @@ internal class ExternalCredentialScanOcrViewModelTest {
         val finishObserver = viewModel.finishOcrEvent.test()
         val stateObserver = viewModel.stateLiveData.test()
 
+        viewModel.ocrStarted() // Initialises capture timing
         viewModel.processOcrResultsAndFinish()
 
         val scannedCredential = finishObserver.value()?.peekContent()
@@ -186,6 +196,7 @@ internal class ExternalCredentialScanOcrViewModelTest {
 
         val finishObserver = viewModel.finishOcrEvent.test()
 
+        viewModel.ocrStarted() // Initialises capture timing
         viewModel.processOcrResultsAndFinish()
 
         val scannedCredential = finishObserver.value()?.peekContent()
diff --git a/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/scanqr/ExternalCredentialScanQrViewModelTest.kt b/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/scanqr/ExternalCredentialScanQrViewModelTest.kt
index 18725a6c03..eaa430a722 100644
--- a/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/scanqr/ExternalCredentialScanQrViewModelTest.kt
+++ b/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/scanqr/ExternalCredentialScanQrViewModelTest.kt
@@ -6,6 +6,8 @@ import com.jraska.livedata.test
 import com.simprints.core.domain.permission.PermissionStatus
 import com.simprints.core.domain.tokenization.TokenizableString
 import com.simprints.core.domain.tokenization.asTokenizableRaw
+import com.simprints.core.tools.time.TimeHelper
+import com.simprints.core.tools.time.Timestamp
 import com.simprints.feature.externalcredential.screens.scanqr.usecase.ExternalCredentialQrCodeValidatorUseCase
 import com.simprints.infra.authstore.AuthStore
 import com.simprints.infra.config.store.models.Project
@@ -27,6 +29,9 @@ internal class ExternalCredentialScanQrViewModelTest {
     @get:Rule
     val instantExecutorRule = InstantTaskExecutorRule()
 
+    @MockK
+    private lateinit var timeHelper: TimeHelper
+
     @MockK
     private lateinit var validator: ExternalCredentialQrCodeValidatorUseCase
 
@@ -45,11 +50,14 @@ internal class ExternalCredentialScanQrViewModelTest {
     fun setUp() {
         MockKAnnotations.init(this, relaxed = true)
         viewModel = ExternalCredentialScanQrViewModel(
+            timeHelper = timeHelper,
             externalCredentialQrCodeValidator = validator,
             tokenizationProcessor = tokenizationProcessor,
             configManager = configManager,
             authStore = authStore,
         )
+
+        every { timeHelper.now() } returns Timestamp(1L)
     }
 
     @Test
@@ -77,9 +85,15 @@ internal class ExternalCredentialScanQrViewModelTest {
         coEvery { configManager.getProject(projectId) } returns mockProject
         coEvery { tokenizationProcessor.encrypt(any(), TokenKeyType.ExternalCredential, mockProject) } returns mockTokenizedCredential
 
+        viewModel.updateCameraPermissionStatus(permissionStatus = PermissionStatus.Granted) // inits the capture timing
         viewModel.updateCapturedValue(value)
 
-        val expected = ScanQrState.QrCodeCaptured(value.asTokenizableRaw(), mockTokenizedCredential)
+        val expected = ScanQrState.QrCodeCaptured(
+            scanStartTime = Timestamp(1L),
+            scanEndTime = Timestamp(1L),
+            qrCode = value.asTokenizableRaw(),
+            qrCodeEncrypted = mockTokenizedCredential,
+        )
         assertThat(observer.value()).isEqualTo(expected)
     }
 
diff --git a/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/search/ExternalCredentialSearchViewModelTest.kt b/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/search/ExternalCredentialSearchViewModelTest.kt
index 7f6c01ab90..e72cf4d9a9 100644
--- a/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/search/ExternalCredentialSearchViewModelTest.kt
+++ b/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/search/ExternalCredentialSearchViewModelTest.kt
@@ -8,12 +8,15 @@ import com.simprints.core.domain.common.FlowType
 import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.core.domain.tokenization.TokenizableString
 import com.simprints.core.domain.tokenization.asTokenizableRaw
+import com.simprints.core.tools.time.TimeHelper
+import com.simprints.core.tools.time.Timestamp
 import com.simprints.feature.externalcredential.model.CredentialMatch
 import com.simprints.feature.externalcredential.model.ExternalCredentialParams
 import com.simprints.feature.externalcredential.screens.search.model.ScannedCredential
 import com.simprints.feature.externalcredential.screens.search.model.SearchCredentialState
 import com.simprints.feature.externalcredential.screens.search.model.SearchState
 import com.simprints.feature.externalcredential.screens.search.usecase.MatchCandidatesUseCase
+import com.simprints.feature.externalcredential.usecase.ExternalCredentialEventTrackerUseCase
 import com.simprints.infra.authstore.AuthStore
 import com.simprints.infra.config.store.models.ProjectConfiguration
 import com.simprints.infra.config.store.models.TokenKeyType
@@ -37,6 +40,9 @@ internal class ExternalCredentialSearchViewModelTest {
     @get:Rule
     val testCoroutineRule = TestCoroutineRule()
 
+    @MockK
+    lateinit var timeHelper: TimeHelper
+
     @MockK
     lateinit var authStore: AuthStore
 
@@ -59,7 +65,7 @@ internal class ExternalCredentialSearchViewModelTest {
     lateinit var candidateMatch: CredentialMatch
 
     @MockK
-    lateinit var scannedCredential: ScannedCredential
+    lateinit var mockScannedCredential: ScannedCredential
 
     @MockK
     lateinit var externalCredentialParams: ExternalCredentialParams
@@ -70,6 +76,9 @@ internal class ExternalCredentialSearchViewModelTest {
     @MockK
     private lateinit var enrolmentRecordRepository: EnrolmentRecordRepository
 
+    @MockK
+    lateinit var eventsTracker: ExternalCredentialEventTrackerUseCase
+
     private lateinit var viewModel: ExternalCredentialSearchViewModel
 
     private val projectId = "projectId"
@@ -77,20 +86,25 @@ internal class ExternalCredentialSearchViewModelTest {
     @Before
     fun setUp() {
         MockKAnnotations.init(this, relaxed = true)
+        every { timeHelper.now() } returns Timestamp(1L)
         every { authStore.signedInProjectId } returns projectId
         coEvery { configManager.getProject(projectId) } returns project
         coEvery { configManager.getProjectConfiguration() } returns projectConfig
+        coJustRun { eventsTracker.saveSearchEvent(any(), any(), any()) }
+        coJustRun { eventsTracker.saveConfirmation(any(), any()) }
         viewModel = createViewModel()
     }
 
     fun createViewModel() = ExternalCredentialSearchViewModel(
-        scannedCredential = scannedCredential,
+        scannedCredential = mockScannedCredential,
         externalCredentialParams = externalCredentialParams,
+        timeHelper = timeHelper,
         authStore = authStore,
         configManager = configManager,
         matchCandidatesUseCase = matchCandidatesUseCase,
         tokenizationProcessor = tokenizationProcessor,
         enrolmentRecordRepository = enrolmentRecordRepository,
+        eventsTracker = eventsTracker,
     )
 
     @Test
@@ -103,9 +117,10 @@ internal class ExternalCredentialSearchViewModelTest {
         val observer = viewModel.stateLiveData.test()
 
         assertThat(observer.value()?.searchState).isEqualTo(SearchState.CredentialNotFound)
-        assertThat(observer.value()?.scannedCredential).isEqualTo(scannedCredential)
+        assertThat(observer.value()?.scannedCredential).isEqualTo(mockScannedCredential)
         assertThat(observer.value()?.isConfirmed).isFalse()
         assertThat(observer.value()?.displayedCredential).isEqualTo(decryptedCredential)
+        coVerify { eventsTracker.saveSearchEvent(any(), any(), any()) }
     }
 
     @Test
@@ -122,6 +137,7 @@ internal class ExternalCredentialSearchViewModelTest {
         val searchState = viewModel.stateLiveData.value?.searchState as SearchState.CredentialLinked
         assertThat(searchState.matchResults).hasSize(1)
         assertThat(searchState.matchResults.first()).isEqualTo(candidateMatch)
+        coVerify { eventsTracker.saveSearchEvent(any(), any(), any()) }
     }
 
     @Test
@@ -188,7 +204,7 @@ internal class ExternalCredentialSearchViewModelTest {
 
     @Test
     fun `getKeyBoardInputType returns number for NHIS card`() = runTest {
-        every { scannedCredential.credentialType } returns ExternalCredentialType.NHISCard
+        every { mockScannedCredential.credentialType } returns ExternalCredentialType.NHISCard
         viewModel = createViewModel()
         val result = viewModel.getKeyBoardInputType()
         assertThat(result).isEqualTo(InputType.TYPE_CLASS_NUMBER)
@@ -196,7 +212,7 @@ internal class ExternalCredentialSearchViewModelTest {
 
     @Test
     fun `getKeyBoardInputType returns text for Ghana ID card`() = runTest {
-        every { scannedCredential.credentialType } returns ExternalCredentialType.GhanaIdCard
+        every { mockScannedCredential.credentialType } returns ExternalCredentialType.GhanaIdCard
         viewModel = createViewModel()
         val result = viewModel.getKeyBoardInputType()
         assertThat(result).isEqualTo(InputType.TYPE_CLASS_TEXT)
@@ -204,7 +220,7 @@ internal class ExternalCredentialSearchViewModelTest {
 
     @Test
     fun `getKeyBoardInputType returns text for QR code`() = runTest {
-        every { scannedCredential.credentialType } returns ExternalCredentialType.QRCode
+        every { mockScannedCredential.credentialType } returns ExternalCredentialType.QRCode
         viewModel = createViewModel()
         val result = viewModel.getKeyBoardInputType()
         assertThat(result).isEqualTo(InputType.TYPE_CLASS_TEXT)
@@ -214,21 +230,21 @@ internal class ExternalCredentialSearchViewModelTest {
     fun `finish sends empty matches when credential not found`() = runTest {
         viewModel = createViewModel()
         val state = mockk<SearchCredentialState> {
-            every { scannedCredential } returns this@ExternalCredentialSearchViewModelTest.scannedCredential
+            every { scannedCredential } returns mockScannedCredential
             every { searchState } returns SearchState.CredentialNotFound
         }
         viewModel.finish(state)
         val finishEvent = viewModel.finishEvent.value?.peekContent()
         assertThat(finishEvent).isNotNull()
         assertThat(finishEvent?.matchResults).isEmpty()
-        assertThat(finishEvent?.scannedCredential).isEqualTo(scannedCredential)
+        assertThat(finishEvent?.scannedCredential).isEqualTo(mockScannedCredential)
     }
 
     @Test
     fun `finish sends empty matches when still searching`() = runTest {
         viewModel = createViewModel()
         val state = mockk<SearchCredentialState> {
-            every { scannedCredential } returns this@ExternalCredentialSearchViewModelTest.scannedCredential
+            every { scannedCredential } returns mockScannedCredential
             every { searchState } returns SearchState.Searching
         }
         viewModel.finish(state)
@@ -240,7 +256,7 @@ internal class ExternalCredentialSearchViewModelTest {
     @Test
     fun `finish sends match results when credential linked`() = runTest {
         val state = mockk<SearchCredentialState> {
-            every { scannedCredential } returns this@ExternalCredentialSearchViewModelTest.scannedCredential
+            every { scannedCredential } returns mockScannedCredential
             every { searchState } returns mockk<SearchState.CredentialLinked> {
                 every { matchResults } returns listOf(candidateMatch)
             }
@@ -250,7 +266,27 @@ internal class ExternalCredentialSearchViewModelTest {
         assertThat(finishEvent).isNotNull()
         assertThat(finishEvent?.matchResults).hasSize(1)
         assertThat(finishEvent?.matchResults?.first()).isEqualTo(candidateMatch)
-        assertThat(finishEvent?.scannedCredential).isEqualTo(scannedCredential)
+        assertThat(finishEvent?.scannedCredential).isEqualTo(mockScannedCredential)
+    }
+
+    @Test
+    fun `trackRecapture sends confirmation event`() = runTest {
+        viewModel.trackRecapture()
+
+        coVerify { eventsTracker.saveConfirmation(any(), any()) }
+    }
+
+    @Test
+    fun `finish sends confirmation event`() = runTest {
+        val state = mockk<SearchCredentialState> {
+            every { scannedCredential } returns mockScannedCredential
+            every { searchState } returns mockk<SearchState.CredentialLinked> {
+                every { matchResults } returns listOf(candidateMatch)
+            }
+        }
+        viewModel.finish(state)
+
+        coVerify { eventsTracker.saveConfirmation(any(), any()) }
     }
 
     @Test
@@ -258,7 +294,7 @@ internal class ExternalCredentialSearchViewModelTest {
         val encryptedCredential = mockk<TokenizableString.Tokenized>()
         val decryptedCredential = "decryptedValue".asTokenizableRaw()
 
-        every { scannedCredential.credential } returns encryptedCredential
+        every { mockScannedCredential.credential } returns encryptedCredential
         coEvery { tokenizationProcessor.decrypt(encryptedCredential, TokenKeyType.ExternalCredential, project) } returns decryptedCredential
         coEvery { enrolmentRecordRepository.load(any()) } returns emptyList()
 
diff --git a/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/search/model/ScannedCredentialTest.kt b/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/search/model/ScannedCredentialTest.kt
index b18c3c3724..bffc349cd3 100644
--- a/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/search/model/ScannedCredentialTest.kt
+++ b/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/screens/search/model/ScannedCredentialTest.kt
@@ -2,29 +2,31 @@ package com.simprints.feature.externalcredential.screens.search.model
 
 import com.google.common.truth.Truth.*
 import com.simprints.core.domain.externalcredential.ExternalCredentialType
+import com.simprints.core.domain.tokenization.TokenizableString
 import com.simprints.core.domain.tokenization.asTokenizableEncrypted
-import io.mockk.*
-import org.junit.Before
+import com.simprints.core.domain.tokenization.asTokenizableRaw
+import com.simprints.core.tools.time.Timestamp
 import org.junit.Test
-import java.util.UUID
 
 class ScannedCredentialTest {
     private val testUuid = "testUuid"
     private val subjectId = "subjectId"
 
-    @Before
-    fun setup() {
-        mockkStatic(UUID::class)
-        every { UUID.randomUUID().toString() } returns testUuid
-    }
-
     @Test
     fun `toExternalCredential maps fields correctly`() {
         val tokenizedValue = "tokenizedValue".asTokenizableEncrypted()
-        val scannedCredential = mockk<ScannedCredential> {
-            every { credential } returns tokenizedValue
-            every { credentialType } returns ExternalCredentialType.NHISCard
-        }
+        val scannedCredential = ScannedCredential(
+            credentialScanId = testUuid,
+            credential = tokenizedValue,
+            credentialType = ExternalCredentialType.NHISCard,
+            documentImagePath = null,
+            zoomedCredentialImagePath = null,
+            credentialBoundingBox = null,
+            scanStartTime = Timestamp(1L),
+            scanEndTime = Timestamp(2L),
+            scannedValue = "".asTokenizableRaw(),
+        )
+
         val result = scannedCredential.toExternalCredential(subjectId)
 
         assertThat(result.id).isEqualTo(testUuid)
diff --git a/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/usecase/ExternalCredentialEventTrackerUseCaseTest.kt b/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/usecase/ExternalCredentialEventTrackerUseCaseTest.kt
new file mode 100644
index 0000000000..e006fdcfcb
--- /dev/null
+++ b/feature/external-credential/src/test/java/com/simprints/feature/externalcredential/usecase/ExternalCredentialEventTrackerUseCaseTest.kt
@@ -0,0 +1,193 @@
+package com.simprints.feature.externalcredential.usecase
+
+import com.google.common.truth.Truth.*
+import com.simprints.core.domain.externalcredential.ExternalCredentialType
+import com.simprints.core.domain.tokenization.asTokenizableEncrypted
+import com.simprints.core.domain.tokenization.asTokenizableRaw
+import com.simprints.core.tools.time.TimeHelper
+import com.simprints.core.tools.time.Timestamp
+import com.simprints.feature.externalcredential.screens.scanocr.usecase.CalculateLevenshteinDistanceUseCase
+import com.simprints.feature.externalcredential.screens.search.model.ScannedCredential
+import com.simprints.infra.authstore.AuthStore
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.config.store.tokenization.TokenizationProcessor
+import com.simprints.infra.config.sync.ConfigManager
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureValueEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialConfirmationEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialConfirmationEvent.ExternalCredentialConfirmationResult
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSelectionEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSelectionEvent.SkipReason
+import com.simprints.infra.events.session.SessionEventRepository
+import io.mockk.*
+import io.mockk.impl.annotations.MockK
+import kotlinx.coroutines.test.runTest
+import org.junit.Before
+import org.junit.Test
+
+class ExternalCredentialEventTrackerUseCaseTest {
+    @MockK
+    private lateinit var timeHelper: TimeHelper
+
+    @MockK
+    private lateinit var authStore: AuthStore
+
+    @MockK
+    private lateinit var configManager: ConfigManager
+
+    @MockK
+    private lateinit var tokenizationProcessor: TokenizationProcessor
+
+    @MockK
+    private lateinit var eventRepository: SessionEventRepository
+
+    @MockK
+    private lateinit var calculateDistance: CalculateLevenshteinDistanceUseCase
+
+    private lateinit var useCase: ExternalCredentialEventTrackerUseCase
+
+    @Before
+    fun setUp() {
+        MockKAnnotations.init(this, relaxed = true)
+        useCase = ExternalCredentialEventTrackerUseCase(
+            timeHelper = timeHelper,
+            authStore = authStore,
+            configManager = configManager,
+            tokenizationProcessor = tokenizationProcessor,
+            eventRepository = eventRepository,
+            calculateDistance = calculateDistance,
+        )
+
+        every { timeHelper.now() } returns END_TIME
+
+        coEvery { authStore.signedInProjectId } returns ""
+        coEvery { configManager.getProject(any()) } returns mockk()
+        coEvery {
+            tokenizationProcessor.decrypt(any(), TokenKeyType.ExternalCredential, any())
+        } returns RAW_SCANNED_VALUE.asTokenizableRaw()
+
+        coEvery { calculateDistance(any(), any()) } returns DEFAULT_DISTANCE
+    }
+
+    @Test
+    fun `saveCaptureEvents should save external credential capture events`() = runTest {
+        val scannedCredential = makeScannedCredential(ExternalCredentialType.QRCode)
+        useCase.saveCaptureEvents(START_TIME, SUBJECT_ID, scannedCredential, SELECTION_ID)
+
+        val valueEventSlot = slot<ExternalCredentialCaptureValueEvent>()
+        coVerify(exactly = 1) { eventRepository.addOrUpdateEvent(capture(valueEventSlot)) }
+        with(valueEventSlot.captured) {
+            assertThat(payload.credential.id).isEqualTo(SCAN_ID)
+            assertThat(payload.credential.subjectId).isEqualTo(SUBJECT_ID)
+        }
+
+        val captureEventSlot = slot<ExternalCredentialCaptureEvent>()
+        coVerify(exactly = 1) { eventRepository.addOrUpdateEvent(capture(captureEventSlot)) }
+        with(captureEventSlot.captured) {
+            assertThat(payload.id).isEqualTo(SCAN_ID)
+            assertThat(payload.createdAt).isEqualTo(START_TIME)
+            assertThat(payload.endedAt).isEqualTo(END_TIME)
+            assertThat(payload.autoCaptureStartTime).isEqualTo(SCAN_START_TIME)
+            assertThat(payload.autoCaptureEndTime).isEqualTo(SCAN_END_TIME)
+            assertThat(payload.ocrErrorCount).isEqualTo(DEFAULT_DISTANCE)
+            assertThat(payload.capturedTextLength).isEqualTo(RAW_SCANNED_VALUE.length)
+        }
+    }
+
+    @Test
+    fun `saveCaptureEvents should correctly calculate length for NHISCard`() = runTest {
+        val scannedCredential = makeScannedCredential(ExternalCredentialType.NHISCard)
+        useCase.saveCaptureEvents(START_TIME, SUBJECT_ID, scannedCredential, SELECTION_ID)
+
+        val captureEventSlot = slot<ExternalCredentialCaptureEvent>()
+        coVerify(exactly = 1) { eventRepository.addOrUpdateEvent(capture(captureEventSlot)) }
+        assertThat(captureEventSlot.captured.payload.credentialTextLength).isEqualTo(8)
+    }
+
+    @Test
+    fun `saveCaptureEvents should correctly calculate length for GhanaIdCard`() = runTest {
+        val scannedCredential = makeScannedCredential(ExternalCredentialType.GhanaIdCard)
+        useCase.saveCaptureEvents(START_TIME, SUBJECT_ID, scannedCredential, SELECTION_ID)
+
+        val captureEventSlot = slot<ExternalCredentialCaptureEvent>()
+        coVerify(exactly = 1) { eventRepository.addOrUpdateEvent(capture(captureEventSlot)) }
+        assertThat(captureEventSlot.captured.payload.credentialTextLength).isEqualTo(15)
+    }
+
+    @Test
+    fun `saveCaptureEvents should correctly calculate length for QRCode`() = runTest {
+        val scannedCredential = makeScannedCredential(ExternalCredentialType.QRCode)
+        useCase.saveCaptureEvents(START_TIME, SUBJECT_ID, scannedCredential, SELECTION_ID)
+
+        val captureEventSlot = slot<ExternalCredentialCaptureEvent>()
+        coVerify(exactly = 1) { eventRepository.addOrUpdateEvent(capture(captureEventSlot)) }
+        assertThat(captureEventSlot.captured.payload.credentialTextLength).isEqualTo(6)
+    }
+
+    @Test
+    fun `saveSelectionEvent should save correct event`() = runTest {
+        useCase.saveSelectionEvent(START_TIME, END_TIME, ExternalCredentialType.QRCode)
+
+        val captureEventSlot = slot<ExternalCredentialSelectionEvent>()
+        coVerify(exactly = 1) { eventRepository.addOrUpdateEvent(capture(captureEventSlot)) }
+        with(captureEventSlot.captured) {
+            assertThat(payload.createdAt).isEqualTo(START_TIME)
+            assertThat(payload.endedAt).isEqualTo(END_TIME)
+            assertThat(payload.credentialType).isEqualTo(ExternalCredentialType.QRCode)
+            assertThat(payload.skipReason).isNull()
+            assertThat(payload.skipOther).isNull()
+        }
+    }
+
+    @Test
+    fun `saveSkippedEvent should save correct event`() = runTest {
+        useCase.saveSkippedEvent(START_TIME, SkipReason.OTHER, "other")
+
+        val captureEventSlot = slot<ExternalCredentialSelectionEvent>()
+        coVerify(exactly = 1) { eventRepository.addOrUpdateEvent(capture(captureEventSlot)) }
+        with(captureEventSlot.captured) {
+            assertThat(payload.createdAt).isEqualTo(START_TIME)
+            assertThat(payload.endedAt).isEqualTo(END_TIME)
+            assertThat(payload.credentialType).isNull()
+            assertThat(payload.skipReason).isEqualTo(SkipReason.OTHER)
+            assertThat(payload.skipOther).isEqualTo("other")
+        }
+    }
+
+    @Test
+    fun `saveConfirmation should save correct event`() = runTest {
+        useCase.saveConfirmation(START_TIME, ExternalCredentialConfirmationResult.CONTINUE)
+
+        val captureEventSlot = slot<ExternalCredentialConfirmationEvent>()
+        coVerify(exactly = 1) { eventRepository.addOrUpdateEvent(capture(captureEventSlot)) }
+        with(captureEventSlot.captured) {
+            assertThat(payload.createdAt).isEqualTo(START_TIME)
+            assertThat(payload.endedAt).isEqualTo(END_TIME)
+            assertThat(payload.result).isEqualTo(ExternalCredentialConfirmationResult.CONTINUE)
+        }
+    }
+
+    private fun makeScannedCredential(type: ExternalCredentialType) = ScannedCredential(
+        credentialScanId = "test-scan-id",
+        credential = RAW_SCANNED_VALUE.asTokenizableEncrypted(),
+        credentialType = type,
+        documentImagePath = null,
+        zoomedCredentialImagePath = null,
+        credentialBoundingBox = null,
+        scanStartTime = SCAN_START_TIME,
+        scanEndTime = SCAN_END_TIME,
+        scannedValue = RAW_SCANNED_VALUE.asTokenizableRaw(),
+    )
+
+    companion object Companion {
+        private val START_TIME = Timestamp(0L)
+        private val SCAN_START_TIME = Timestamp(3L)
+        private val SCAN_END_TIME = Timestamp(4L)
+        private val END_TIME = Timestamp(6L)
+        private const val SCAN_ID = "test-scan-id"
+        private const val SUBJECT_ID = "test-subject-id"
+        private const val RAW_SCANNED_VALUE = "scanned-value"
+        private const val DEFAULT_DISTANCE = 7
+        private const val SELECTION_ID = "selection_id"
+    }
+}
diff --git a/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/MapRefusalOrErrorResultUseCase.kt b/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/MapRefusalOrErrorResultUseCase.kt
index c4ac6f77e7..619aad1d04 100644
--- a/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/MapRefusalOrErrorResultUseCase.kt
+++ b/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/MapRefusalOrErrorResultUseCase.kt
@@ -59,7 +59,7 @@ internal class MapRefusalOrErrorResultUseCase @Inject constructor(
         is ValidateSubjectPoolResult ->
             result
                 .takeUnless { it.isValid }
-                ?.let { AppIdentifyResponse(emptyList(), eventRepository.getCurrentSessionScope().id) }
+                ?.let { AppIdentifyResponse(emptyList(), eventRepository.getCurrentSessionScope().id, isMultiFactorIdEnabled = false) }
 
         is SelectSubjectAgeGroupResult ->
             result
diff --git a/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/response/CreateIdentifyResponseUseCase.kt b/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/response/CreateIdentifyResponseUseCase.kt
index d72392e65f..8e80443f5b 100644
--- a/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/response/CreateIdentifyResponseUseCase.kt
+++ b/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/response/CreateIdentifyResponseUseCase.kt
@@ -24,6 +24,7 @@ internal class CreateIdentifyResponseUseCase @Inject constructor(
         projectConfiguration: ProjectConfiguration,
         results: List<Serializable>,
     ): AppResponse {
+        val isMultiFactorIdEnabled = projectConfiguration.multifactorId?.allowedExternalCredentials?.isNotEmpty() ?: false
         val credentialFaceMatchResults = credentialResultsMapper(results, projectConfiguration, isFace = true)
         val credentialFingerprintMatchResults = credentialResultsMapper(results, projectConfiguration, isFace = false)
 
@@ -37,6 +38,7 @@ internal class CreateIdentifyResponseUseCase @Inject constructor(
 
         return AppIdentifyResponse(
             sessionId = currentSessionId,
+            isMultiFactorIdEnabled = isMultiFactorIdEnabled,
             // Return the results with the highest confidence score
             identifications = if (bestFingerprintConfidence > bestFaceConfidence) {
                 fingerprintResults.distinctBy(AppMatchResult::guid)
@@ -54,7 +56,12 @@ internal class CreateIdentifyResponseUseCase @Inject constructor(
             ?.getSdkConfiguration(fingerprintMatchResult.sdk)
             ?.decisionPolicy
             ?.let { fingerprintDecisionPolicy ->
-                fingerprintMatchResult.results.mapToMatchResults(fingerprintDecisionPolicy, projectConfiguration)
+                fingerprintMatchResult.results.mapToMatchResults(
+                    decisionPolicy = fingerprintDecisionPolicy,
+                    projectConfiguration = projectConfiguration,
+                    isCredentialMatch = false,
+                    verificationMatchThreshold = null,
+                )
             }
     } ?: emptyList()
 
@@ -66,13 +73,20 @@ internal class CreateIdentifyResponseUseCase @Inject constructor(
             ?.getSdkConfiguration(faceMatchResult.sdk)
             ?.decisionPolicy
             ?.let { faceDecisionPolicy ->
-                faceMatchResult.results.mapToMatchResults(faceDecisionPolicy, projectConfiguration)
+                faceMatchResult.results.mapToMatchResults(
+                    decisionPolicy = faceDecisionPolicy,
+                    projectConfiguration = projectConfiguration,
+                    isCredentialMatch = false,
+                    verificationMatchThreshold = null,
+                )
             }
     } ?: emptyList()
 
     private fun List<MatchResultItem>.mapToMatchResults(
         decisionPolicy: DecisionPolicy,
+        verificationMatchThreshold: Float?,
         projectConfiguration: ProjectConfiguration,
+        isCredentialMatch: Boolean,
     ): List<AppMatchResult> {
         val goodResults = this
             .filter { it.confidence >= decisionPolicy.low }
@@ -82,7 +96,15 @@ internal class CreateIdentifyResponseUseCase @Inject constructor(
             .filter { it.confidence >= decisionPolicy.high }
             .ifEmpty { goodResults }
             .take(projectConfiguration.identification.maxNbOfReturnedCandidates)
-            .map { AppMatchResult(it.subjectId, it.confidence, decisionPolicy) }
+            .map {
+                AppMatchResult(
+                    guid = it.subjectId,
+                    confidenceScore = it.confidence,
+                    decisionPolicy = decisionPolicy,
+                    isCredentialMatch = isCredentialMatch,
+                    verificationMatchThreshold = verificationMatchThreshold,
+                )
+            }
     }
 
     /**
@@ -103,23 +125,26 @@ internal class CreateIdentifyResponseUseCase @Inject constructor(
             val credentialMatchItems = credentialSearchResult.matchResults.map { it.matchResult }
             val faceMatchItems = credentialMatchItems.filterIsInstance<FaceMatchResult.Item>()
             val fingerMatchItems = credentialMatchItems.filterIsInstance<FingerprintMatchResult.Item>()
-            val decisionPolicy = if (isFace) {
+            val (decisionPolicy, verificationMatchThreshold) = if (isFace) {
                 credentialSearchResult.matchResults.find { it.faceBioSdk != null }?.faceBioSdk?.let { sdk ->
-                    projectConfiguration.face
-                        ?.getSdkConfiguration(sdk)
-                        ?.decisionPolicy
+                    val config = projectConfiguration.face?.getSdkConfiguration(sdk)
+                    config?.decisionPolicy to config?.verificationMatchThreshold
                 }
             } else {
                 credentialSearchResult.matchResults.find { it.fingerprintBioSdk != null }?.fingerprintBioSdk?.let { sdk ->
-                    projectConfiguration.fingerprint
-                        ?.getSdkConfiguration(sdk)
-                        ?.decisionPolicy
+                    val config = projectConfiguration.fingerprint?.getSdkConfiguration(sdk)
+                    config?.decisionPolicy to config?.verificationMatchThreshold
                 }
-            }
+            } ?: (null to null)
+
             if (decisionPolicy == null) return@let emptyList()
             val matches = if (isFace) faceMatchItems else fingerMatchItems
             return@let matches
-                .mapToMatchResults(decisionPolicy, projectConfiguration)
-                .sortedByDescending(AppMatchResult::confidenceScore)
+                .mapToMatchResults(
+                    decisionPolicy = decisionPolicy,
+                    projectConfiguration = projectConfiguration,
+                    isCredentialMatch = true,
+                    verificationMatchThreshold = verificationMatchThreshold,
+                ).sortedByDescending(AppMatchResult::confidenceScore)
         }.orEmpty()
 }
diff --git a/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/response/CreateVerifyResponseUseCase.kt b/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/response/CreateVerifyResponseUseCase.kt
index 9ceb8ea8ba..bb75ce096d 100644
--- a/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/response/CreateVerifyResponseUseCase.kt
+++ b/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/response/CreateVerifyResponseUseCase.kt
@@ -4,12 +4,12 @@ import com.simprints.core.domain.response.AppErrorReason
 import com.simprints.infra.config.store.models.ProjectConfiguration
 import com.simprints.infra.logging.LoggingConstants.CrashReportTag.FINGER_MATCHING
 import com.simprints.infra.logging.Simber
+import com.simprints.infra.matching.FaceMatchResult
+import com.simprints.infra.matching.FingerprintMatchResult
 import com.simprints.infra.orchestration.data.responses.AppErrorResponse
 import com.simprints.infra.orchestration.data.responses.AppMatchResult
 import com.simprints.infra.orchestration.data.responses.AppResponse
 import com.simprints.infra.orchestration.data.responses.AppVerifyResponse
-import com.simprints.infra.matching.FaceMatchResult
-import com.simprints.infra.matching.FingerprintMatchResult
 import java.io.Serializable
 import javax.inject.Inject
 
@@ -45,6 +45,7 @@ internal class CreateVerifyResponseUseCase @Inject constructor() {
                                 confidenceScore = it.confidence,
                                 decisionPolicy = sdkConfiguration.decisionPolicy,
                                 verificationMatchThreshold = sdkConfiguration.verificationMatchThreshold,
+                                isCredentialMatch = false,
                             )
                         }
                 }
@@ -68,6 +69,7 @@ internal class CreateVerifyResponseUseCase @Inject constructor() {
                                 confidenceScore = it.confidence,
                                 decisionPolicy = faceConfiguration.decisionPolicy,
                                 verificationMatchThreshold = faceConfiguration.verificationMatchThreshold,
+                                isCredentialMatch = false,
                             )
                         }
                 }
diff --git a/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/response/EnrolSubjectUseCase.kt b/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/response/EnrolSubjectUseCase.kt
index 7f318cf907..9d7a7c6fdc 100644
--- a/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/response/EnrolSubjectUseCase.kt
+++ b/feature/orchestrator/src/main/java/com/simprints/feature/orchestrator/usecases/response/EnrolSubjectUseCase.kt
@@ -7,6 +7,7 @@ import com.simprints.infra.enrolment.records.repository.domain.models.Subject
 import com.simprints.infra.enrolment.records.repository.domain.models.SubjectAction
 import com.simprints.infra.events.event.domain.models.BiometricReferenceCreationEvent
 import com.simprints.infra.events.event.domain.models.EnrolmentEventV4
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureValueEvent
 import com.simprints.infra.events.session.SessionEventRepository
 import javax.inject.Inject
 
@@ -19,20 +20,27 @@ internal class EnrolSubjectUseCase @Inject constructor(
         subject: Subject,
         project: Project,
     ) {
-        val biometricReferenceIds = eventRepository
+        val events = eventRepository
             .getEventsInCurrentSession()
+
+        val biometricReferenceIds = events
             .filterIsInstance<BiometricReferenceCreationEvent>()
             .sortedByDescending { it.payload.createdAt }
             .map { it.payload.id }
 
+        val externalCredentialIds = events
+            .filterIsInstance<ExternalCredentialCaptureValueEvent>()
+            .map { it.payload.id }
+
         eventRepository.addOrUpdateEvent(
             EnrolmentEventV4(
-                timeHelper.now(),
-                subject.subjectId,
-                subject.projectId,
-                subject.moduleId,
-                subject.attendantId,
-                biometricReferenceIds,
+                createdAt = timeHelper.now(),
+                subjectId = subject.subjectId,
+                projectId = subject.projectId,
+                moduleId = subject.moduleId,
+                attendantId = subject.attendantId,
+                biometricReferenceIds = biometricReferenceIds,
+                externalCredentialIds = externalCredentialIds,
             ),
         )
         enrolmentRecordRepository.performActions(listOf(SubjectAction.Creation(subject)), project)
diff --git a/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/AddCallbackEventUseCaseTest.kt b/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/AddCallbackEventUseCaseTest.kt
index d5beabaa42..fae3556619 100644
--- a/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/AddCallbackEventUseCaseTest.kt
+++ b/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/AddCallbackEventUseCaseTest.kt
@@ -70,6 +70,7 @@ class AddCallbackEventUseCaseTest {
             AppIdentifyResponse(
                 listOf(AppMatchResult("guid", 0, AppMatchConfidence.HIGH)),
                 "sessionId",
+                isMultiFactorIdEnabled = false,
             ),
         )
 
diff --git a/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/UpdateDailyActivityUseCaseTest.kt b/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/UpdateDailyActivityUseCaseTest.kt
index b753742b1f..5d83449464 100644
--- a/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/UpdateDailyActivityUseCaseTest.kt
+++ b/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/UpdateDailyActivityUseCaseTest.kt
@@ -59,7 +59,7 @@ class UpdateDailyActivityUseCaseTest {
 
     @Test
     fun `Update daily activity on identify response`() = runTest {
-        useCase(AppIdentifyResponse(emptyList(), "guid"))
+        useCase(AppIdentifyResponse(emptyList(), "guid", isMultiFactorIdEnabled = false))
 
         coVerify { recentUserActivityManager.updateRecentUserActivity(any()) }
     }
diff --git a/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/response/CreateEnrolResponseUseCaseTest.kt b/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/response/CreateEnrolResponseUseCaseTest.kt
index 8b3480774e..df5c2419a2 100644
--- a/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/response/CreateEnrolResponseUseCaseTest.kt
+++ b/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/response/CreateEnrolResponseUseCaseTest.kt
@@ -106,6 +106,7 @@ internal class CreateEnrolResponseUseCaseTest {
     fun `correctly processes external credential result`() = runTest {
         val externalCredentialType = ExternalCredentialType.GhanaIdCard
         val scannedCredentialMock = mockk<ScannedCredential> {
+            every { credentialScanId } returns "scanId"
             every { credential } returns credentialEncrypted
             every { credentialType } returns externalCredentialType
         }
diff --git a/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/response/CreateIdentifyResponseUseCaseTest.kt b/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/response/CreateIdentifyResponseUseCaseTest.kt
index bba4630fe7..22d51a8680 100644
--- a/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/response/CreateIdentifyResponseUseCaseTest.kt
+++ b/feature/orchestrator/src/test/java/com/simprints/feature/orchestrator/usecases/response/CreateIdentifyResponseUseCaseTest.kt
@@ -39,6 +39,7 @@ class CreateIdentifyResponseUseCaseTest {
     fun `Returns no identifications if no decision policy`() = runTest {
         val result = useCase(
             mockk {
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { face?.getSdkConfiguration((any()))?.decisionPolicy } returns null
                 every { fingerprint?.getSdkConfiguration((any()))?.decisionPolicy } returns null
             },
@@ -52,6 +53,7 @@ class CreateIdentifyResponseUseCaseTest {
     fun `Returns only face identifications over the low confidence`() = runTest {
         val result = useCase(
             mockk {
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { identification.maxNbOfReturnedCandidates } returns 2
                 every { face?.getSdkConfiguration((any()))?.decisionPolicy } returns DecisionPolicy(20, 50, 100)
                 every { fingerprint?.getSdkConfiguration((any()))?.decisionPolicy } returns null
@@ -67,6 +69,7 @@ class CreateIdentifyResponseUseCaseTest {
     fun `Returns exactly N best face identifications over the low confidence`() = runTest {
         val result = useCase(
             mockk {
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { identification.maxNbOfReturnedCandidates } returns 2
                 every { face?.getSdkConfiguration((any()))?.decisionPolicy } returns DecisionPolicy(20, 50, 100)
                 every { fingerprint?.getSdkConfiguration((any()))?.decisionPolicy } returns null
@@ -82,6 +85,7 @@ class CreateIdentifyResponseUseCaseTest {
     fun `Returns only high confidence face identifications if there are any`() = runTest {
         val result = useCase(
             mockk {
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { identification.maxNbOfReturnedCandidates } returns 2
                 every { face?.getSdkConfiguration((any()))?.decisionPolicy } returns DecisionPolicy(20, 50, 100)
                 every { fingerprint?.getSdkConfiguration((any()))?.decisionPolicy } returns null
@@ -97,6 +101,7 @@ class CreateIdentifyResponseUseCaseTest {
     fun `Returns only fingerprint identifications over the low confidence`() = runTest {
         val result = useCase(
             mockk {
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { identification.maxNbOfReturnedCandidates } returns 2
                 every { face?.getSdkConfiguration((any()))?.decisionPolicy } returns null
                 every { fingerprint?.getSdkConfiguration((any()))?.decisionPolicy } returns DecisionPolicy(
@@ -116,6 +121,7 @@ class CreateIdentifyResponseUseCaseTest {
     fun `Returns exactly N best fingerprint identifications over the low confidence`() = runTest {
         val result = useCase(
             mockk {
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { identification.maxNbOfReturnedCandidates } returns 2
                 every { face?.getSdkConfiguration((any()))?.decisionPolicy } returns null
                 every { fingerprint?.getSdkConfiguration((any()))?.decisionPolicy } returns DecisionPolicy(
@@ -135,6 +141,7 @@ class CreateIdentifyResponseUseCaseTest {
     fun `Returns only high confidence fingerprint identifications if there are any`() = runTest {
         val result = useCase(
             mockk {
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { identification.maxNbOfReturnedCandidates } returns 2
                 every { face?.getSdkConfiguration((any()))?.decisionPolicy } returns null
                 every { fingerprint?.getSdkConfiguration((any()))?.decisionPolicy } returns DecisionPolicy(
@@ -154,6 +161,7 @@ class CreateIdentifyResponseUseCaseTest {
     fun `Returns fingerprint matches if both modalities available and fingerprint has higher confidence`() = runTest {
         val result = useCase(
             mockk {
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { identification.maxNbOfReturnedCandidates } returns 2
                 every { face?.getSdkConfiguration((any()))?.decisionPolicy } returns DecisionPolicy(20, 50, 100)
                 every { fingerprint?.getSdkConfiguration((any()))?.decisionPolicy } returns DecisionPolicy(
@@ -176,6 +184,7 @@ class CreateIdentifyResponseUseCaseTest {
     fun `Returns face matches if both modalities available and face has higher confidence`() = runTest {
         val result = useCase(
             mockk {
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { identification.maxNbOfReturnedCandidates } returns 2
                 every { face?.getSdkConfiguration((any()))?.decisionPolicy } returns DecisionPolicy(20, 50, 100)
                 every { fingerprint?.getSdkConfiguration((any()))?.decisionPolicy } returns DecisionPolicy(
@@ -200,6 +209,7 @@ class CreateIdentifyResponseUseCaseTest {
         val (faceBigConfidence, bigConfidence) = "faceBigConfidence" to 99f
         val faceMatches = listOf<CredentialMatch>(
             mockk {
+                every { verificationThreshold } returns 0.0f
                 every { matchResult } returns FaceMatchResult.Item(
                     subjectId = faceSmallConfidence,
                     confidence = smallConfidence,
@@ -230,10 +240,19 @@ class CreateIdentifyResponseUseCaseTest {
 
         val result = useCase(
             mockk {
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { identification.maxNbOfReturnedCandidates } returns 5
                 every { face?.getSdkConfiguration(FaceConfiguration.BioSdk.RANK_ONE)?.decisionPolicy } returns DecisionPolicy(20, 50, 100)
+                every { face?.getSdkConfiguration(FaceConfiguration.BioSdk.RANK_ONE)?.verificationMatchThreshold } returns 0.0f
                 every { fingerprint?.getSdkConfiguration(FingerprintConfiguration.BioSdk.SECUGEN_SIM_MATCHER)?.decisionPolicy } returns
                     DecisionPolicy(20, 50, 100)
+                every {
+                    fingerprint
+                        ?.getSdkConfiguration(
+                            FingerprintConfiguration.BioSdk.SECUGEN_SIM_MATCHER,
+                        )?.verificationMatchThreshold
+                } returns
+                    0.0f
             },
             results = listOf(
                 mockk<ExternalCredentialSearchResult> {
@@ -253,6 +272,7 @@ class CreateIdentifyResponseUseCaseTest {
         val (fingerprintBigConfidence, bigConfidence) = "fingerprintBigConfidence" to 99f
         val fingerprintMatches = listOf<CredentialMatch>(
             mockk {
+                every { verificationThreshold } returns 0.0f
                 every { matchResult } returns FingerprintMatchResult.Item(
                     subjectId = fingerprintSmallConfidence,
                     confidence = smallConfidence,
@@ -283,10 +303,19 @@ class CreateIdentifyResponseUseCaseTest {
 
         val result = useCase(
             mockk {
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { identification.maxNbOfReturnedCandidates } returns 5
                 every { face?.getSdkConfiguration(FaceConfiguration.BioSdk.RANK_ONE)?.decisionPolicy } returns DecisionPolicy(20, 50, 100)
+                every { face?.getSdkConfiguration(FaceConfiguration.BioSdk.RANK_ONE)?.verificationMatchThreshold } returns 0.0f
                 every { fingerprint?.getSdkConfiguration(FingerprintConfiguration.BioSdk.SECUGEN_SIM_MATCHER)?.decisionPolicy } returns
                     DecisionPolicy(20, 50, 100)
+                every {
+                    fingerprint
+                        ?.getSdkConfiguration(
+                            FingerprintConfiguration.BioSdk.SECUGEN_SIM_MATCHER,
+                        )?.verificationMatchThreshold
+                } returns
+                    0.0f
             },
             results = listOf(
                 mockk<ExternalCredentialSearchResult> {
@@ -320,7 +349,9 @@ class CreateIdentifyResponseUseCaseTest {
         val result = useCase(
             mockk {
                 every { identification.maxNbOfReturnedCandidates } returns 5
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { face?.getSdkConfiguration(FaceConfiguration.BioSdk.RANK_ONE)?.decisionPolicy } returns DecisionPolicy(20, 50, 100)
+                every { face?.getSdkConfiguration(FaceConfiguration.BioSdk.RANK_ONE)?.verificationMatchThreshold } returns 0.0f
                 every { fingerprint?.getSdkConfiguration((any()))?.decisionPolicy } returns null
             },
             results = listOf(
@@ -349,6 +380,7 @@ class CreateIdentifyResponseUseCaseTest {
 
         val credentialFingerprintMatches = listOf<CredentialMatch>(
             mockk {
+                every { verificationThreshold } returns 0.0f
                 every { matchResult } returns FingerprintMatchResult.Item(
                     subjectId = sharedGuid,
                     confidence = credentialConfidence,
@@ -360,10 +392,18 @@ class CreateIdentifyResponseUseCaseTest {
 
         val result = useCase(
             mockk {
+                every { multifactorId?.allowedExternalCredentials } returns null
                 every { identification.maxNbOfReturnedCandidates } returns 5
                 every { face?.getSdkConfiguration((any()))?.decisionPolicy } returns null
                 every { fingerprint?.getSdkConfiguration(FingerprintConfiguration.BioSdk.SECUGEN_SIM_MATCHER)?.decisionPolicy } returns
                     DecisionPolicy(20, 50, 100)
+                every {
+                    fingerprint
+                        ?.getSdkConfiguration(
+                            FingerprintConfiguration.BioSdk.SECUGEN_SIM_MATCHER,
+                        )?.verificationMatchThreshold
+                } returns
+                    0.0f
             },
             results = listOf(
                 mockk<ExternalCredentialSearchResult> {
diff --git a/feature/select-subject/src/main/java/com/simprints/feature/selectsubject/screen/SelectSubjectViewModel.kt b/feature/select-subject/src/main/java/com/simprints/feature/selectsubject/screen/SelectSubjectViewModel.kt
index 1d04b34ef7..46b70e2f7f 100644
--- a/feature/select-subject/src/main/java/com/simprints/feature/selectsubject/screen/SelectSubjectViewModel.kt
+++ b/feature/select-subject/src/main/java/com/simprints/feature/selectsubject/screen/SelectSubjectViewModel.kt
@@ -21,6 +21,8 @@ import com.simprints.infra.config.store.tokenization.TokenizationProcessor
 import com.simprints.infra.config.sync.ConfigManager
 import com.simprints.infra.enrolment.records.repository.EnrolmentRecordRepository
 import com.simprints.infra.enrolment.records.repository.domain.models.SubjectQuery
+import com.simprints.infra.events.event.domain.models.EnrolmentUpdateEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureValueEvent
 import com.simprints.infra.events.event.domain.models.GuidSelectionEvent
 import com.simprints.infra.events.session.SessionEventRepository
 import com.simprints.infra.logging.LoggingConstants.CrashReportTag.SESSION
@@ -120,6 +122,7 @@ internal class SelectSubjectViewModel @AssistedInject constructor(
         viewModelScope.launch {
             val addedCredential = try {
                 addExternalCredentialToSubjectUseCase(scannedCredential, subjectId = params.subjectId, projectId = params.projectId)
+                saveCredentialSelectionEvent(params.subjectId)
                 scannedCredential
             } catch (e: Exception) {
                 Simber.e("Failed to attach scanned credential", e, tag = SESSION)
@@ -138,6 +141,26 @@ internal class SelectSubjectViewModel @AssistedInject constructor(
         _finish.send(SelectSubjectResult(isSubjectIdSaved = true, savedCredential = null))
     }
 
+    private suspend fun saveCredentialSelectionEvent(subjectId: String) = with(sessionCoroutineScope) {
+        try {
+            val externalCredentialIdsToAdd = eventRepository
+                .getEventsInCurrentSession()
+                .filterIsInstance<ExternalCredentialCaptureValueEvent>()
+                .map { it.payload.id }
+
+            Simber.d("Adding credentials $externalCredentialIdsToAdd to subject $subjectId", tag = SESSION)
+            eventRepository.addOrUpdateEvent(
+                EnrolmentUpdateEvent(
+                    timeHelper.now(),
+                    subjectId = subjectId,
+                    externalCredentialIdsToAdd = externalCredentialIdsToAdd,
+                ),
+            )
+        } catch (t: Throwable) {
+            Simber.e("Failed to save Enrolment Update Event", t, tag = SESSION)
+        }
+    }
+
     private suspend fun saveSelectionEvent(subjectId: String): Boolean = with(sessionCoroutineScope) {
         try {
             val event = GuidSelectionEvent(timeHelper.now(), subjectId)
diff --git a/feature/select-subject/src/test/java/com/simprints/feature/selectsubject/screen/SelectSubjectViewModelTest.kt b/feature/select-subject/src/test/java/com/simprints/feature/selectsubject/screen/SelectSubjectViewModelTest.kt
index f3dcf07fa1..d18a4d25cf 100644
--- a/feature/select-subject/src/test/java/com/simprints/feature/selectsubject/screen/SelectSubjectViewModelTest.kt
+++ b/feature/select-subject/src/test/java/com/simprints/feature/selectsubject/screen/SelectSubjectViewModelTest.kt
@@ -162,6 +162,7 @@ internal class SelectSubjectViewModelTest {
         val tokenizedValue = "tokenizedValue".asTokenizableEncrypted()
         val type = ExternalCredentialType.NHISCard
         val scannedCredential = mockk<ScannedCredential> {
+            every { credentialScanId } returns "credentialId"
             every { credential } returns tokenizedValue
             every { credentialType } returns type
         }
@@ -222,6 +223,7 @@ internal class SelectSubjectViewModelTest {
         val tokenizedValue = "tokenizedValue".asTokenizableEncrypted()
         val type = ExternalCredentialType.NHISCard
         val scannedCredential = mockk<ScannedCredential> {
+            every { credentialScanId } returns "credentialId"
             every { credential } returns tokenizedValue
             every { credentialType } returns type
         }
diff --git a/infra/config-store/src/main/java/com/simprints/infra/config/store/remote/models/ApiMultiFactorIdConfiguration.kt b/infra/config-store/src/main/java/com/simprints/infra/config/store/remote/models/ApiMultiFactorIdConfiguration.kt
index e85b27bb49..89212b9d5e 100644
--- a/infra/config-store/src/main/java/com/simprints/infra/config/store/remote/models/ApiMultiFactorIdConfiguration.kt
+++ b/infra/config-store/src/main/java/com/simprints/infra/config/store/remote/models/ApiMultiFactorIdConfiguration.kt
@@ -3,23 +3,35 @@ package com.simprints.infra.config.store.remote.models
 import androidx.annotation.Keep
 import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.infra.config.store.models.MultiFactorIdConfiguration
+import com.simprints.infra.config.store.remote.models.ApiExternalCredentialType.GHANA_CARD
+import com.simprints.infra.config.store.remote.models.ApiExternalCredentialType.NHIS_CARD
+import com.simprints.infra.config.store.remote.models.ApiExternalCredentialType.QR_CODE
 
 @Keep
 internal data class ApiMultiFactorIdConfiguration(
-    val allowedExternalCredentials: List<ApiExternalCredentialType>
+    val allowedExternalCredentials: List<ApiExternalCredentialType>,
 ) {
     fun toDomain(): MultiFactorIdConfiguration = MultiFactorIdConfiguration(
-        allowedExternalCredentials = allowedExternalCredentials.map { it.toDomain() }
+        allowedExternalCredentials = allowedExternalCredentials.map { it.toDomain() },
     )
 }
 
 @Keep
 enum class ApiExternalCredentialType {
-    NHIS_CARD, GhanaIdCard, QRCode;
+    NHIS_CARD,
+    GHANA_CARD,
+    QR_CODE,
+    ;
 
     fun toDomain(): ExternalCredentialType = when (this) {
         NHIS_CARD -> ExternalCredentialType.NHISCard
-        GhanaIdCard -> ExternalCredentialType.GhanaIdCard
-        QRCode -> ExternalCredentialType.QRCode
+        GHANA_CARD -> ExternalCredentialType.GhanaIdCard
+        QR_CODE -> ExternalCredentialType.QRCode
     }
 }
+
+fun ExternalCredentialType.fromDomainToApi(): ApiExternalCredentialType = when (this) {
+    ExternalCredentialType.NHISCard -> NHIS_CARD
+    ExternalCredentialType.GhanaIdCard -> GHANA_CARD
+    ExternalCredentialType.QRCode -> QR_CODE
+}
diff --git a/infra/core/src/main/java/com/simprints/core/tools/time/Timestamp.kt b/infra/core/src/main/java/com/simprints/core/tools/time/Timestamp.kt
index 687a0bfe68..8b10b97f48 100644
--- a/infra/core/src/main/java/com/simprints/core/tools/time/Timestamp.kt
+++ b/infra/core/src/main/java/com/simprints/core/tools/time/Timestamp.kt
@@ -1,12 +1,14 @@
 package com.simprints.core.tools.time
 
 import androidx.annotation.Keep
+import java.io.Serializable
 
 @Keep
 data class Timestamp(
     val ms: Long,
     val isTrustworthy: Boolean = false,
     val msSinceBoot: Long? = null,
-) : Comparable<Timestamp> {
+) : Comparable<Timestamp>,
+    Serializable {
     override fun compareTo(other: Timestamp): Int = ms.compareTo(other.ms)
 }
diff --git a/infra/enrolment-records/repository/src/main/java/com/simprints/infra/enrolment/records/repository/local/RealmEnrolmentRecordLocalDataSource.kt b/infra/enrolment-records/repository/src/main/java/com/simprints/infra/enrolment/records/repository/local/RealmEnrolmentRecordLocalDataSource.kt
index d4106749e1..37427298d0 100644
--- a/infra/enrolment-records/repository/src/main/java/com/simprints/infra/enrolment/records/repository/local/RealmEnrolmentRecordLocalDataSource.kt
+++ b/infra/enrolment-records/repository/src/main/java/com/simprints/infra/enrolment/records/repository/local/RealmEnrolmentRecordLocalDataSource.kt
@@ -236,15 +236,18 @@ internal class RealmEnrolmentRecordLocalDataSource @Inject constructor(
                             val referencesToDelete = action.referenceIdsToRemove.toSet() // to make lookup O(1)
                             val faceSamplesMap = dbSubject.faceSamples.groupBy { it.referenceId in referencesToDelete }
                             val fingerprintSamplesMap = dbSubject.fingerprintSamples.groupBy { it.referenceId in referencesToDelete }
-                            val allExternalCredentials = (dbSubject.externalCredentials + action.externalCredentialsToAdd.map { it.toRealmDb() }).distinctBy { it.id }.toSet()
+                            val allExternalCredentials =
+                                (dbSubject.externalCredentials + action.externalCredentialsToAdd.map { it.toRealmDb() })
+                                    .distinctBy { it.id }
+                                    .toSet()
 
                             // Append new samples to the list of samples that remain after removing
                             dbSubject.faceSamples = (
                                 faceSamplesMap[false].orEmpty() + action.faceSamplesToAdd.map { it.toRealmDb() }
-                                ).toRealmList()
+                            ).toRealmList()
                             dbSubject.fingerprintSamples = (
                                 fingerprintSamplesMap[false].orEmpty() + action.fingerprintSamplesToAdd.map { it.toRealmDb() }
-                                ).toRealmList()
+                            ).toRealmList()
                             dbSubject.externalCredentials = allExternalCredentials.toRealmList()
 
                             faceSamplesMap[true]?.forEach { realm.delete(it) }
diff --git a/infra/enrolment-records/repository/src/main/java/com/simprints/infra/enrolment/records/repository/local/RoomEnrolmentRecordLocalDataSource.kt b/infra/enrolment-records/repository/src/main/java/com/simprints/infra/enrolment/records/repository/local/RoomEnrolmentRecordLocalDataSource.kt
index e215a7fcc7..5fe58b49e9 100644
--- a/infra/enrolment-records/repository/src/main/java/com/simprints/infra/enrolment/records/repository/local/RoomEnrolmentRecordLocalDataSource.kt
+++ b/infra/enrolment-records/repository/src/main/java/com/simprints/infra/enrolment/records/repository/local/RoomEnrolmentRecordLocalDataSource.kt
@@ -308,7 +308,7 @@ internal class RoomEnrolmentRecordLocalDataSource @Inject constructor(
                 referencesToDelete.size != dbSubject.biometricTemplates.size ||
                     action.faceSamplesToAdd.isNotEmpty() ||
                     action.fingerprintSamplesToAdd.isNotEmpty() ||
-                    action.externalCredentialsToAdd.isNotEmpty()
+                    action.externalCredentialsToAdd.isNotEmpty(),
             ) {
                 val errorMsg =
                     "Cannot delete all samples for subject ${action.subjectId} without adding new ones"
diff --git a/infra/enrolment-records/repository/src/main/java/com/simprints/infra/enrolment/records/repository/local/RoomEnrolmentRecordQueryBuilder.kt b/infra/enrolment-records/repository/src/main/java/com/simprints/infra/enrolment/records/repository/local/RoomEnrolmentRecordQueryBuilder.kt
index d13a826f38..c997829a51 100644
--- a/infra/enrolment-records/repository/src/main/java/com/simprints/infra/enrolment/records/repository/local/RoomEnrolmentRecordQueryBuilder.kt
+++ b/infra/enrolment-records/repository/src/main/java/com/simprints/infra/enrolment/records/repository/local/RoomEnrolmentRecordQueryBuilder.kt
@@ -149,9 +149,9 @@ internal class RoomEnrolmentRecordQueryBuilder @Inject constructor() {
             args.add(it)
         }
 
-        query.externalCredential?.let {
+        query.externalCredential?.let { tokenizedCredential ->
             clauses.add("${credentialAlias}$EXTERNAL_CREDENTIAL_VALUE_COLUMN = ?")
-            args.add(it.value)
+            args.add(tokenizedCredential.value)
         }
 
         var whereClauseResult = if (clauses.isNotEmpty()) "WHERE ${clauses.joinToString(" AND ")}" else ""
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEnrolmentPayloadV4.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEnrolmentPayloadV4.kt
index 28368915c6..24d4c99723 100644
--- a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEnrolmentPayloadV4.kt
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEnrolmentPayloadV4.kt
@@ -14,20 +14,21 @@ internal data class ApiEnrolmentPayloadV4(
     val moduleId: String,
     val attendantId: String,
     val biometricReferenceIds: List<String>,
+    val externalCredentialIds: List<String>,
 ) : ApiEventPayload(startTime) {
     constructor(domainPayload: EnrolmentEventV4.EnrolmentPayload) : this(
-        domainPayload.createdAt.fromDomainToApi(),
-        domainPayload.subjectId,
-        domainPayload.projectId,
-        domainPayload.moduleId.value,
-        domainPayload.attendantId.value,
-        domainPayload.biometricReferenceIds,
+        startTime = domainPayload.createdAt.fromDomainToApi(),
+        subjectId = domainPayload.subjectId,
+        projectId = domainPayload.projectId,
+        moduleId = domainPayload.moduleId.value,
+        attendantId = domainPayload.attendantId.value,
+        biometricReferenceIds = domainPayload.biometricReferenceIds,
+        externalCredentialIds = domainPayload.externalCredentialIds,
     )
 
     override fun getTokenizedFieldJsonPath(tokenKeyType: TokenKeyType): String? = when (tokenKeyType) {
         TokenKeyType.AttendantId -> "attendantId"
         TokenKeyType.ModuleId -> "moduleId"
-        TokenKeyType.ExternalCredential -> "externalCredential"
-        TokenKeyType.Unknown -> null
+        else -> null
     }
 }
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEnrolmentUpdatePayload.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEnrolmentUpdatePayload.kt
new file mode 100644
index 0000000000..2adebe0e1c
--- /dev/null
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEnrolmentUpdatePayload.kt
@@ -0,0 +1,20 @@
+package com.simprints.infra.eventsync.event.remote.models
+
+import androidx.annotation.Keep
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.events.event.domain.models.EnrolmentUpdateEvent.EnrolmentUpdatePayload
+
+@Keep
+internal data class ApiEnrolmentUpdatePayload(
+    override val startTime: ApiTimestamp,
+    val subjectId: String,
+    val externalCredentialIdsToAdd: List<String>,
+) : ApiEventPayload(startTime) {
+    constructor(domainPayload: EnrolmentUpdatePayload) : this(
+        domainPayload.createdAt.fromDomainToApi(),
+        domainPayload.subjectId,
+        domainPayload.externalCredentialIdsToAdd,
+    )
+
+    override fun getTokenizedFieldJsonPath(tokenKeyType: TokenKeyType): String? = null
+}
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEventPayload.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEventPayload.kt
index 0bf9a3677c..54ace30792 100644
--- a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEventPayload.kt
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEventPayload.kt
@@ -13,6 +13,7 @@ import com.simprints.infra.events.event.domain.models.ConnectivitySnapshotEvent.
 import com.simprints.infra.events.event.domain.models.ConsentEvent.ConsentPayload
 import com.simprints.infra.events.event.domain.models.EnrolmentEventV2
 import com.simprints.infra.events.event.domain.models.EnrolmentEventV4
+import com.simprints.infra.events.event.domain.models.EnrolmentUpdateEvent.EnrolmentUpdatePayload
 import com.simprints.infra.events.event.domain.models.EventPayload
 import com.simprints.infra.events.event.domain.models.EventType.AGE_GROUP_SELECTION
 import com.simprints.infra.events.event.domain.models.EventType.ALERT_SCREEN
@@ -39,10 +40,16 @@ import com.simprints.infra.events.event.domain.models.EventType.CANDIDATE_READ
 import com.simprints.infra.events.event.domain.models.EventType.COMPLETION_CHECK
 import com.simprints.infra.events.event.domain.models.EventType.CONNECTIVITY_SNAPSHOT
 import com.simprints.infra.events.event.domain.models.EventType.CONSENT
+import com.simprints.infra.events.event.domain.models.EventType.ENROLMENT_UPDATE
 import com.simprints.infra.events.event.domain.models.EventType.ENROLMENT_V2
 import com.simprints.infra.events.event.domain.models.EventType.ENROLMENT_V4
 import com.simprints.infra.events.event.domain.models.EventType.EVENT_DOWN_SYNC_REQUEST
 import com.simprints.infra.events.event.domain.models.EventType.EVENT_UP_SYNC_REQUEST
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_CAPTURE
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_CAPTURE_VALUE
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_CONFIRMATION
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_SEARCH
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_SELECTION
 import com.simprints.infra.events.event.domain.models.EventType.FACE_CAPTURE
 import com.simprints.infra.events.event.domain.models.EventType.FACE_CAPTURE_BIOMETRICS
 import com.simprints.infra.events.event.domain.models.EventType.FACE_CAPTURE_CONFIRMATION
@@ -63,6 +70,11 @@ import com.simprints.infra.events.event.domain.models.EventType.SCANNER_CONNECTI
 import com.simprints.infra.events.event.domain.models.EventType.SCANNER_FIRMWARE_UPDATE
 import com.simprints.infra.events.event.domain.models.EventType.SUSPICIOUS_INTENT
 import com.simprints.infra.events.event.domain.models.EventType.VERO_2_INFO_SNAPSHOT
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureEvent.ExternalCredentialCapturePayload
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureValueEvent.ExternalCredentialCaptureValuePayload
+import com.simprints.infra.events.event.domain.models.ExternalCredentialConfirmationEvent.ExternalCredentialConfirmationPayload
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSearchEvent.ExternalCredentialSearchPayload
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSelectionEvent.ExternalCredentialSelectionPayload
 import com.simprints.infra.events.event.domain.models.GuidSelectionEvent.GuidSelectionPayload
 import com.simprints.infra.events.event.domain.models.IntentParsingEvent.IntentParsingPayload
 import com.simprints.infra.events.event.domain.models.InvalidIntentEvent.InvalidIntentPayload
@@ -170,4 +182,10 @@ internal fun EventPayload.fromDomainToApi(): ApiEventPayload = when (this.type)
     LICENSE_CHECK -> ApiLicenseCheckEventPayload(this as LicenseCheckEvent.LicenseCheckEventPayload)
     AGE_GROUP_SELECTION -> ApiAgeGroupSelectionPayload(this as AgeGroupSelectionEvent.AgeGroupSelectionPayload)
     BIOMETRIC_REFERENCE_CREATION -> ApiBiometricReferenceCreationPayload(this as BiometricReferenceCreationPayload)
+    ENROLMENT_UPDATE -> ApiEnrolmentUpdatePayload(this as EnrolmentUpdatePayload)
+    EXTERNAL_CREDENTIAL_SELECTION -> ApiExternalCredentialSelectionPayload(this as ExternalCredentialSelectionPayload)
+    EXTERNAL_CREDENTIAL_CAPTURE -> ApiExternalCredentialCapturePayload(this as ExternalCredentialCapturePayload)
+    EXTERNAL_CREDENTIAL_CAPTURE_VALUE -> ApiExternalCredentialCaptureValuePayload(this as ExternalCredentialCaptureValuePayload)
+    EXTERNAL_CREDENTIAL_SEARCH -> ApiExternalCredentialSearchPayload(this as ExternalCredentialSearchPayload)
+    EXTERNAL_CREDENTIAL_CONFIRMATION -> ApiExternalCredentialConfirmationPayload(this as ExternalCredentialConfirmationPayload)
 }
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEventPayloadType.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEventPayloadType.kt
index e2a4908b20..141a6ad0a5 100644
--- a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEventPayloadType.kt
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiEventPayloadType.kt
@@ -27,10 +27,16 @@ import com.simprints.infra.events.event.domain.models.EventType.CANDIDATE_READ
 import com.simprints.infra.events.event.domain.models.EventType.COMPLETION_CHECK
 import com.simprints.infra.events.event.domain.models.EventType.CONNECTIVITY_SNAPSHOT
 import com.simprints.infra.events.event.domain.models.EventType.CONSENT
+import com.simprints.infra.events.event.domain.models.EventType.ENROLMENT_UPDATE
 import com.simprints.infra.events.event.domain.models.EventType.ENROLMENT_V2
 import com.simprints.infra.events.event.domain.models.EventType.ENROLMENT_V4
 import com.simprints.infra.events.event.domain.models.EventType.EVENT_DOWN_SYNC_REQUEST
 import com.simprints.infra.events.event.domain.models.EventType.EVENT_UP_SYNC_REQUEST
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_CAPTURE
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_CAPTURE_VALUE
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_CONFIRMATION
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_SEARCH
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_SELECTION
 import com.simprints.infra.events.event.domain.models.EventType.FACE_CAPTURE
 import com.simprints.infra.events.event.domain.models.EventType.FACE_CAPTURE_BIOMETRICS
 import com.simprints.infra.events.event.domain.models.EventType.FACE_CAPTURE_CONFIRMATION
@@ -88,6 +94,12 @@ internal enum class ApiEventPayloadType {
     LicenseCheck,
     AgeGroupSelection,
     BiometricReferenceCreation,
+    EnrolmentUpdate,
+    ExternalCredentialSelection,
+    ExternalCredentialCaptureValue,
+    ExternalCredentialCapture,
+    ExternalCredentialSearch,
+    ExternalCredentialConfirmation,
 }
 
 internal fun EventType.fromDomainToApi(): ApiEventPayloadType = when (this) {
@@ -143,6 +155,12 @@ internal fun EventType.fromDomainToApi(): ApiEventPayloadType = when (this) {
     LICENSE_CHECK -> ApiEventPayloadType.LicenseCheck
     AGE_GROUP_SELECTION -> ApiEventPayloadType.AgeGroupSelection
     BIOMETRIC_REFERENCE_CREATION -> ApiEventPayloadType.BiometricReferenceCreation
+    ENROLMENT_UPDATE -> ApiEventPayloadType.EnrolmentUpdate
+    EXTERNAL_CREDENTIAL_SELECTION -> ApiEventPayloadType.ExternalCredentialSelection
+    EXTERNAL_CREDENTIAL_CAPTURE_VALUE -> ApiEventPayloadType.ExternalCredentialCaptureValue
+    EXTERNAL_CREDENTIAL_CAPTURE -> ApiEventPayloadType.ExternalCredentialCapture
+    EXTERNAL_CREDENTIAL_SEARCH -> ApiEventPayloadType.ExternalCredentialSearch
+    EXTERNAL_CREDENTIAL_CONFIRMATION -> ApiEventPayloadType.ExternalCredentialConfirmation
 }
 
 internal fun ApiEventPayloadType.fromApiToDomain(): EventType = when (this) {
@@ -180,4 +198,10 @@ internal fun ApiEventPayloadType.fromApiToDomain(): EventType = when (this) {
     ApiEventPayloadType.BiometricReferenceCreation -> BIOMETRIC_REFERENCE_CREATION
     ApiEventPayloadType.Callout -> throw UnsupportedOperationException("")
     ApiEventPayloadType.Callback -> throw UnsupportedOperationException("")
+    ApiEventPayloadType.EnrolmentUpdate -> ENROLMENT_UPDATE
+    ApiEventPayloadType.ExternalCredentialSelection -> EXTERNAL_CREDENTIAL_SELECTION
+    ApiEventPayloadType.ExternalCredentialCaptureValue -> EXTERNAL_CREDENTIAL_CAPTURE_VALUE
+    ApiEventPayloadType.ExternalCredentialCapture -> EXTERNAL_CREDENTIAL_CAPTURE
+    ApiEventPayloadType.ExternalCredentialSearch -> EXTERNAL_CREDENTIAL_SEARCH
+    ApiEventPayloadType.ExternalCredentialConfirmation -> EXTERNAL_CREDENTIAL_CONFIRMATION
 }
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialCapturePayload.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialCapturePayload.kt
new file mode 100644
index 0000000000..214901dcdc
--- /dev/null
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialCapturePayload.kt
@@ -0,0 +1,32 @@
+package com.simprints.infra.eventsync.event.remote.models
+
+import androidx.annotation.Keep
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureEvent.ExternalCredentialCapturePayload
+
+@Keep
+internal data class ApiExternalCredentialCapturePayload(
+    override val startTime: ApiTimestamp,
+    val id: String,
+    val endTime: ApiTimestamp?,
+    val autoCaptureStartTime: ApiTimestamp,
+    val autoCaptureEndTime: ApiTimestamp,
+    val ocrErrorCount: Int,
+    val capturedTextLength: Int,
+    val credentialTextLength: Int,
+    val selectionId: String,
+) : ApiEventPayload(startTime) {
+    constructor(domainPayload: ExternalCredentialCapturePayload) : this(
+        startTime = domainPayload.createdAt.fromDomainToApi(),
+        endTime = domainPayload.endedAt?.fromDomainToApi(),
+        id = domainPayload.id,
+        autoCaptureStartTime = domainPayload.autoCaptureStartTime.fromDomainToApi(),
+        autoCaptureEndTime = domainPayload.autoCaptureEndTime.fromDomainToApi(),
+        ocrErrorCount = domainPayload.ocrErrorCount,
+        capturedTextLength = domainPayload.capturedTextLength,
+        credentialTextLength = domainPayload.credentialTextLength,
+        selectionId = domainPayload.selectionId,
+    )
+
+    override fun getTokenizedFieldJsonPath(tokenKeyType: TokenKeyType): String? = null
+}
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialCaptureValuePayload.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialCaptureValuePayload.kt
new file mode 100644
index 0000000000..48d2a3753a
--- /dev/null
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialCaptureValuePayload.kt
@@ -0,0 +1,28 @@
+package com.simprints.infra.eventsync.event.remote.models
+
+import androidx.annotation.Keep
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureValueEvent.ExternalCredentialCaptureValuePayload
+import com.simprints.infra.eventsync.event.remote.models.subject.ApiExternalCredential
+import com.simprints.infra.eventsync.event.remote.models.subject.fromDomainToApi
+
+@Keep
+internal data class ApiExternalCredentialCaptureValuePayload(
+    override val startTime: ApiTimestamp,
+    val id: String,
+    val credential: ApiExternalCredential,
+) : ApiEventPayload(startTime) {
+    constructor(domainPayload: ExternalCredentialCaptureValuePayload) : this(
+        startTime = domainPayload.createdAt.fromDomainToApi(),
+        id = domainPayload.id,
+        credential = domainPayload.credential.fromDomainToApi(),
+    )
+
+    override fun getTokenizedFieldJsonPath(tokenKeyType: TokenKeyType): String? = when (tokenKeyType) {
+        TokenKeyType.ExternalCredential -> "credential.value"
+        TokenKeyType.AttendantId,
+        TokenKeyType.ModuleId,
+        TokenKeyType.Unknown,
+        -> null
+    }
+}
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialConfirmationPayload.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialConfirmationPayload.kt
new file mode 100644
index 0000000000..04ec17adad
--- /dev/null
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialConfirmationPayload.kt
@@ -0,0 +1,35 @@
+package com.simprints.infra.eventsync.event.remote.models
+
+import androidx.annotation.Keep
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.events.event.domain.models.ExternalCredentialConfirmationEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialConfirmationEvent.ExternalCredentialConfirmationResult
+import com.simprints.infra.eventsync.event.remote.models.ApiExternalCredentialConfirmationPayload.ApiExternalCredentialConfirmationResult
+
+@Keep
+internal data class ApiExternalCredentialConfirmationPayload(
+    override val startTime: ApiTimestamp,
+    val endTime: ApiTimestamp?,
+    val result: ApiExternalCredentialConfirmationResult,
+    val userInteractedWithImage: Boolean? = null,
+) : ApiEventPayload(startTime) {
+    constructor(domainPayload: ExternalCredentialConfirmationEvent.ExternalCredentialConfirmationPayload) : this(
+        startTime = domainPayload.createdAt.fromDomainToApi(),
+        endTime = domainPayload.endedAt?.fromDomainToApi(),
+        result = domainPayload.result.fromDomainToApi(),
+        userInteractedWithImage = domainPayload.userInteractedWithImage,
+    )
+
+    @Keep
+    enum class ApiExternalCredentialConfirmationResult {
+        CONTINUE,
+        RECAPTURE,
+    }
+
+    override fun getTokenizedFieldJsonPath(tokenKeyType: TokenKeyType): String? = null
+}
+
+internal fun ExternalCredentialConfirmationResult.fromDomainToApi(): ApiExternalCredentialConfirmationResult = when (this) {
+    ExternalCredentialConfirmationResult.CONTINUE -> ApiExternalCredentialConfirmationResult.CONTINUE
+    ExternalCredentialConfirmationResult.RECAPTURE -> ApiExternalCredentialConfirmationResult.RECAPTURE
+}
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialSearchPayload.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialSearchPayload.kt
new file mode 100644
index 0000000000..b0b2ae1832
--- /dev/null
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialSearchPayload.kt
@@ -0,0 +1,31 @@
+package com.simprints.infra.eventsync.event.remote.models
+
+import androidx.annotation.Keep
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSearchEvent
+
+@Keep
+internal data class ApiExternalCredentialSearchPayload(
+    override val startTime: ApiTimestamp,
+    val endTime: ApiTimestamp?,
+    val id: String,
+    val probeExternalCredentialId: String,
+    val result: ApiExternalCredentialSearchResult,
+) : ApiEventPayload(startTime) {
+    constructor(domainPayload: ExternalCredentialSearchEvent.ExternalCredentialSearchPayload) : this(
+        startTime = domainPayload.createdAt.fromDomainToApi(),
+        endTime = domainPayload.endedAt?.fromDomainToApi(),
+        id = domainPayload.id,
+        probeExternalCredentialId = domainPayload.probeExternalCredentialId,
+        result = ApiExternalCredentialSearchResult(
+            candidateIds = domainPayload.result.candidateIds,
+        ),
+    )
+
+    @Keep
+    data class ApiExternalCredentialSearchResult(
+        val candidateIds: List<String>,
+    )
+
+    override fun getTokenizedFieldJsonPath(tokenKeyType: TokenKeyType): String? = null
+}
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialSelectionPayload.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialSelectionPayload.kt
new file mode 100644
index 0000000000..1af14bb9bd
--- /dev/null
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/ApiExternalCredentialSelectionPayload.kt
@@ -0,0 +1,51 @@
+package com.simprints.infra.eventsync.event.remote.models
+
+import androidx.annotation.Keep
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.config.store.remote.models.ApiExternalCredentialType
+import com.simprints.infra.config.store.remote.models.fromDomainToApi
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSelectionEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSelectionEvent.SkipReason
+import com.simprints.infra.eventsync.event.remote.models.ApiExternalCredentialSelectionPayload.ApiExternalCredentialSkipReason
+
+@Keep
+internal data class ApiExternalCredentialSelectionPayload(
+    override val startTime: ApiTimestamp,
+    val endTime: ApiTimestamp?,
+    val id: String,
+    val credentialType: ApiExternalCredentialType?,
+    val skipReason: ApiExternalCredentialSkipReason?,
+    val skipOther: String?,
+) : ApiEventPayload(startTime) {
+    constructor(domainPayload: ExternalCredentialSelectionEvent.ExternalCredentialSelectionPayload) : this(
+        startTime = domainPayload.createdAt.fromDomainToApi(),
+        endTime = domainPayload.endedAt?.fromDomainToApi(),
+        id = domainPayload.id,
+        credentialType = domainPayload.credentialType?.fromDomainToApi(),
+        skipReason = domainPayload.skipReason?.toApiExternalCredentialSkipReason(),
+        skipOther = domainPayload.skipOther,
+    )
+
+    @Keep
+    enum class ApiExternalCredentialSkipReason {
+        DOES_NOT_HAVE_ID,
+        DID_NOT_BRING_ID,
+        BROUGHT_INCORRECT_ID,
+        NO_CONSENT,
+        ID_DAMAGED,
+        UNABLE_TO_SCAN,
+        OTHER,
+    }
+
+    override fun getTokenizedFieldJsonPath(tokenKeyType: TokenKeyType): String? = null
+}
+
+internal fun SkipReason.toApiExternalCredentialSkipReason(): ApiExternalCredentialSkipReason = when (this) {
+    SkipReason.DOES_NOT_HAVE_ID -> ApiExternalCredentialSkipReason.DOES_NOT_HAVE_ID
+    SkipReason.DID_NOT_BRING_ID -> ApiExternalCredentialSkipReason.DID_NOT_BRING_ID
+    SkipReason.BROUGHT_INCORRECT_ID -> ApiExternalCredentialSkipReason.BROUGHT_INCORRECT_ID
+    SkipReason.NO_CONSENT -> ApiExternalCredentialSkipReason.NO_CONSENT
+    SkipReason.ID_DAMAGED -> ApiExternalCredentialSkipReason.ID_DAMAGED
+    SkipReason.UNABLE_TO_SCAN -> ApiExternalCredentialSkipReason.UNABLE_TO_SCAN
+    SkipReason.OTHER -> ApiExternalCredentialSkipReason.OTHER
+}
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordCreationPayload.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordCreationPayload.kt
index dc5b0e7178..8a552a4a4e 100644
--- a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordCreationPayload.kt
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordCreationPayload.kt
@@ -4,7 +4,6 @@ import androidx.annotation.Keep
 import com.fasterxml.jackson.annotation.JsonInclude
 import com.fasterxml.jackson.annotation.JsonInclude.Include
 import com.simprints.core.domain.tokenization.asTokenizableEncrypted
-import com.simprints.infra.config.store.remote.models.ApiExternalCredentialType
 import com.simprints.infra.events.event.domain.models.subject.EnrolmentRecordCreationEvent
 import com.simprints.infra.eventsync.event.remote.models.subject.biometricref.ApiBiometricReference
 import com.simprints.infra.eventsync.event.remote.models.subject.biometricref.fromApiToDomain
@@ -17,7 +16,7 @@ internal data class ApiEnrolmentRecordCreationPayload(
     val moduleId: String,
     val attendantId: String,
     val biometricReferences: List<ApiBiometricReference>?,
-    val externalCredential: ApiExternalCredential?,
+    val externalCredentials: List<ApiExternalCredential>?,
 ) : ApiEnrolmentRecordEventPayload(ApiEnrolmentRecordPayloadType.EnrolmentRecordCreation)
 
 internal fun ApiEnrolmentRecordCreationPayload.fromApiToDomain() = EnrolmentRecordCreationEvent.EnrolmentRecordCreationPayload(
@@ -26,5 +25,5 @@ internal fun ApiEnrolmentRecordCreationPayload.fromApiToDomain() = EnrolmentReco
     moduleId = moduleId.asTokenizableEncrypted(),
     attendantId = attendantId.asTokenizableEncrypted(),
     biometricReferences = biometricReferences?.map { it.fromApiToDomain() } ?: emptyList(),
-    externalCredentials = externalCredential?.let { listOf(it.fromApiToDomain(subjectId)) } ?: emptyList()
+    externalCredentials = externalCredentials?.map { it.fromApiToDomain(subjectId) } ?: emptyList(),
 )
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordUpdatePayload.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordUpdatePayload.kt
index 414c9ab056..2e972b74b0 100644
--- a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordUpdatePayload.kt
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordUpdatePayload.kt
@@ -1,7 +1,6 @@
 package com.simprints.infra.eventsync.event.remote.models.subject
 
 import androidx.annotation.Keep
-import com.simprints.core.domain.externalcredential.ExternalCredential
 import com.simprints.infra.events.event.domain.models.subject.EnrolmentRecordUpdateEvent
 import com.simprints.infra.eventsync.event.remote.models.subject.biometricref.ApiBiometricReference
 import com.simprints.infra.eventsync.event.remote.models.subject.biometricref.fromApiToDomain
@@ -11,13 +10,12 @@ internal data class ApiEnrolmentRecordUpdatePayload(
     val subjectId: String,
     val biometricReferencesAdded: List<ApiBiometricReference>?,
     val biometricReferencesRemoved: List<String>?,
-    val externalCredentialAdded: ApiExternalCredential?,
+    val externalCredentialsAdded: List<ApiExternalCredential>?,
 ) : ApiEnrolmentRecordEventPayload(ApiEnrolmentRecordPayloadType.EnrolmentRecordUpdate)
 
 internal fun ApiEnrolmentRecordUpdatePayload.fromApiToDomain() = EnrolmentRecordUpdateEvent.EnrolmentRecordUpdatePayload(
     subjectId,
     biometricReferencesAdded?.map { it.fromApiToDomain() }.orEmpty(),
     biometricReferencesRemoved.orEmpty(),
-    externalCredentialAdded?.fromApiToDomain(subjectId),
+    externalCredentialsAdded?.map { it.fromApiToDomain(subjectId) }.orEmpty(),
 )
-
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiExternalCredential.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiExternalCredential.kt
index e0815cac93..e49afdded8 100644
--- a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiExternalCredential.kt
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiExternalCredential.kt
@@ -3,17 +3,24 @@ package com.simprints.infra.eventsync.event.remote.models.subject
 import com.simprints.core.domain.externalcredential.ExternalCredential
 import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.core.domain.tokenization.asTokenizableEncrypted
+import com.simprints.infra.config.store.remote.models.ApiExternalCredentialType
+import com.simprints.infra.config.store.remote.models.fromDomainToApi
 
 data class ApiExternalCredential(
     val id: String,
-    val type: String,
+    val type: ApiExternalCredentialType,
     val value: String,
 )
 
-
 internal fun ApiExternalCredential.fromApiToDomain(subjectId: String) = ExternalCredential(
     id = id,
     value = value.asTokenizableEncrypted(),
     subjectId = subjectId,
-    type = ExternalCredentialType.valueOf(type)
+    type = type.toDomain(),
+)
+
+internal fun ExternalCredential.fromDomainToApi() = ApiExternalCredential(
+    id = id,
+    value = value.value,
+    type = type.fromDomainToApi(),
 )
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/sync/common/SubjectFactory.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/sync/common/SubjectFactory.kt
index 45ebcc9f33..9e28301c3c 100644
--- a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/sync/common/SubjectFactory.kt
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/sync/common/SubjectFactory.kt
@@ -56,6 +56,7 @@ class SubjectFactory @Inject constructor(
         val removedBiometricReferences = payload.biometricReferencesRemoved.toSet() // to make lookup O(1)
         val addedFaceSamples = extractFaceSamplesFromBiometricReferences(payload.biometricReferencesAdded)
         val addedFingerprintSamples = extractFingerprintSamplesFromBiometricReferences(payload.biometricReferencesAdded)
+        val externalCredentialsAdded = payload.externalCredentialsAdded
 
         return existingSubject.copy(
             faceSamples = existingSubject.faceSamples
@@ -64,6 +65,9 @@ class SubjectFactory @Inject constructor(
             fingerprintSamples = existingSubject.fingerprintSamples
                 .filterNot { it.referenceId in removedBiometricReferences }
                 .plus(addedFingerprintSamples),
+            externalCredentials = existingSubject.externalCredentials
+                .plus(externalCredentialsAdded)
+                .distinctBy { it.value.value },
         )
     }
 
@@ -75,18 +79,16 @@ class SubjectFactory @Inject constructor(
         fingerprintResponse: FingerprintCaptureResult?,
         faceResponse: FaceCaptureResult?,
         externalCredential: ExternalCredential?,
-    ): Subject {
-        return buildSubject(
-            subjectId = subjectId,
-            projectId = projectId,
-            attendantId = attendantId,
-            moduleId = moduleId,
-            createdAt = Date(timeHelper.now().ms),
-            fingerprintSamples = fingerprintResponse?.let { extractFingerprintSamples(it) }.orEmpty(),
-            faceSamples = faceResponse?.let { extractFaceSamples(it) }.orEmpty(),
-            externalCredentials = externalCredential?.let {  listOf(it) } ?: emptyList(),
-        )
-    }
+    ): Subject = buildSubject(
+        subjectId = subjectId,
+        projectId = projectId,
+        attendantId = attendantId,
+        moduleId = moduleId,
+        createdAt = Date(timeHelper.now().ms),
+        fingerprintSamples = fingerprintResponse?.let { extractFingerprintSamples(it) }.orEmpty(),
+        faceSamples = faceResponse?.let { extractFaceSamples(it) }.orEmpty(),
+        externalCredentials = externalCredential?.let { listOf(it) } ?: emptyList(),
+    )
 
     fun buildSubject(
         subjectId: String,
@@ -107,7 +109,7 @@ class SubjectFactory @Inject constructor(
         updatedAt = updatedAt,
         fingerprintSamples = fingerprintSamples,
         faceSamples = faceSamples,
-        externalCredentials = externalCredentials
+        externalCredentials = externalCredentials,
     )
 
     private fun extractFingerprintSamples(fingerprintResponse: FingerprintCaptureResult) =
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/sync/down/tasks/BaseEventDownSyncTask.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/sync/down/tasks/BaseEventDownSyncTask.kt
index 75f8cfee9a..33e7e19fa3 100644
--- a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/sync/down/tasks/BaseEventDownSyncTask.kt
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/sync/down/tasks/BaseEventDownSyncTask.kt
@@ -42,7 +42,6 @@ internal abstract class BaseEventDownSyncTask(
     protected val timeHelper: TimeHelper,
     protected val eventRepository: EventRepository,
 ) {
-
     abstract suspend fun fetchEvents(
         operation: EventDownSyncOperation,
         scope: CoroutineScope,
@@ -277,7 +276,7 @@ internal abstract class BaseEventDownSyncTask(
                 faceSamplesToAdd = subjectFactory.extractFaceSamplesFromBiometricReferences(biometricReferencesAdded),
                 fingerprintSamplesToAdd = subjectFactory.extractFingerprintSamplesFromBiometricReferences(biometricReferencesAdded),
                 referenceIdsToRemove = biometricReferencesRemoved,
-                externalCredentialsToAdd = externalCredentialAdded?.let { listOf(it) } ?: emptyList()
+                externalCredentialsToAdd = externalCredentialsAdded,
             ),
         )
     }
diff --git a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/sync/up/tasks/EventUpSyncTask.kt b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/sync/up/tasks/EventUpSyncTask.kt
index 58efb54f81..17f3964b03 100644
--- a/infra/event-sync/src/main/java/com/simprints/infra/eventsync/sync/up/tasks/EventUpSyncTask.kt
+++ b/infra/event-sync/src/main/java/com/simprints/infra/eventsync/sync/up/tasks/EventUpSyncTask.kt
@@ -17,7 +17,9 @@ import com.simprints.infra.events.EventRepository
 import com.simprints.infra.events.event.domain.models.BiometricReferenceCreationEvent
 import com.simprints.infra.events.event.domain.models.EnrolmentEventV2
 import com.simprints.infra.events.event.domain.models.EnrolmentEventV4
+import com.simprints.infra.events.event.domain.models.EnrolmentUpdateEvent
 import com.simprints.infra.events.event.domain.models.Event
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureValueEvent
 import com.simprints.infra.events.event.domain.models.PersonCreationEvent
 import com.simprints.infra.events.event.domain.models.face.FaceCaptureBiometricsEvent
 import com.simprints.infra.events.event.domain.models.fingerprint.FingerprintCaptureBiometricsEvent
@@ -334,11 +336,15 @@ internal class EventUpSyncTask @Inject constructor(
                 it is PersonCreationEvent ||
                 it is FingerprintCaptureBiometricsEvent ||
                 it is FaceCaptureBiometricsEvent ||
-                it is BiometricReferenceCreationEvent
+                it is BiometricReferenceCreationEvent ||
+                it is EnrolmentUpdateEvent ||
+                it is ExternalCredentialCaptureValueEvent
         }
 
         config.canSyncAnalyticsDataToSimprints() -> events.filterNot {
-            it is FingerprintCaptureBiometricsEvent || it is FaceCaptureBiometricsEvent
+            it is FingerprintCaptureBiometricsEvent ||
+                it is FaceCaptureBiometricsEvent ||
+                it is ExternalCredentialCaptureValueEvent
         }
 
         else -> emptyList()
diff --git a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/EventValidationUtils.kt b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/EventValidationUtils.kt
index 8d0e66f0f5..175c1de6ed 100644
--- a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/EventValidationUtils.kt
+++ b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/EventValidationUtils.kt
@@ -392,7 +392,8 @@ fun validateEnrolmentEventV4ApiModel(json: JSONObject) {
         assertThat(getString("moduleId")).isNotNull()
         assertThat(getString("attendantId")).isNotNull()
         assertThat(getJSONArray("biometricReferenceIds")).isNotNull()
-        assertThat(length()).isEqualTo(6)
+        assertThat(getJSONArray("externalCredentialIds")).isNotNull()
+        assertThat(length()).isEqualTo(7)
     }
 }
 
@@ -724,4 +725,68 @@ fun validateBiometricReferenceCreationEventApiModel(json: JSONObject) {
     }
 }
 
+fun validateEnrolmentUpdateEventApiModel(json: JSONObject) {
+    validateCommonParams(json, "EnrolmentUpdate", 0)
+    with(json.getJSONObject("payload")) {
+        validateTimestamp(getJSONObject("startTime"))
+        assertThat(getString("subjectId")).isNotNull()
+        assertThat(getString("externalCredentialIdsToAdd")).isNotNull()
+    }
+}
+
+fun validateExternalCredentialSelectionEventApiModel(json: JSONObject) {
+    validateCommonParams(json, "ExternalCredentialSelection", 0)
+    with(json.getJSONObject("payload")) {
+        validateTimestamp(getJSONObject("startTime"))
+        validateTimestamp(getJSONObject("endTime"))
+        assertThat(getString("id")).isNotNull()
+        assertThat(getString("skipReason")).isNotNull()
+        assertThat(getString("skipOther")).isNotNull()
+    }
+}
+
+fun validateExternalCredentialCaptureValueEventApiModel(json: JSONObject) {
+    validateCommonParams(json, "ExternalCredentialCaptureValue", 0)
+    with(json.getJSONObject("payload")) {
+        validateTimestamp(getJSONObject("startTime"))
+        assertThat(getString("id")).isNotNull()
+        assertThat(getString("credential")).isNotNull()
+    }
+}
+
+fun validateExternalCredentialCaptureEventApiModel(json: JSONObject) {
+    validateCommonParams(json, "ExternalCredentialCapture", 0)
+    with(json.getJSONObject("payload")) {
+        validateTimestamp(getJSONObject("startTime"))
+        assertThat(getString("id")).isNotNull()
+        assertThat(getString("endTime")).isNotNull()
+        assertThat(getString("autoCaptureStartTime")).isNotNull()
+        assertThat(getString("autoCaptureEndTime")).isNotNull()
+        assertThat(getString("ocrErrorCount")).isNotNull()
+        assertThat(getString("capturedTextLength")).isNotNull()
+        assertThat(getString("credentialTextLength")).isNotNull()
+        assertThat(getString("selectionId")).isNotNull()
+    }
+}
+
+fun validateExternalCredentialSearchApiModel(json: JSONObject) {
+    validateCommonParams(json, "ExternalCredentialSearch", 0)
+    with(json.getJSONObject("payload")) {
+        validateTimestamp(getJSONObject("startTime"))
+        assertThat(getString("id")).isNotNull()
+        assertThat(getString("endTime")).isNotNull()
+        assertThat(getString("probeExternalCredentialId")).isNotNull()
+        assertThat(getJSONObject("result")).isNotNull()
+        assertThat(getJSONObject("result").getJSONArray("candidateIds").length()).isGreaterThan(0)
+    }
+}
+
+fun validateExternalCredentialConfirmationApiModel(json: JSONObject) {
+    validateCommonParams(json, "ExternalCredentialConfirmation", 0)
+    with(json.getJSONObject("payload")) {
+        validateTimestamp(getJSONObject("startTime"))
+        assertThat(getString("result")).isNotNull()
+    }
+}
+
 private fun <T> Array<T>.valuesAsStrings(): List<String> = this.map { it.toString() }
diff --git a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordCreationEventTest.kt b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordCreationEventTest.kt
index e5911dcfbc..1456f98a7f 100644
--- a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordCreationEventTest.kt
+++ b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordCreationEventTest.kt
@@ -5,6 +5,7 @@ import com.simprints.core.domain.externalcredential.ExternalCredential
 import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.core.domain.fingerprint.IFingerIdentifier
 import com.simprints.core.domain.tokenization.asTokenizableEncrypted
+import com.simprints.infra.config.store.remote.models.ApiExternalCredentialType
 import com.simprints.infra.events.event.domain.models.subject.EnrolmentRecordCreationEvent
 import com.simprints.infra.events.event.domain.models.subject.FingerprintReference
 import com.simprints.infra.events.event.domain.models.subject.FingerprintTemplate
@@ -29,10 +30,12 @@ class ApiEnrolmentRecordCreationEventTest {
                     "NEC_1",
                 ),
             ),
-            externalCredential = ApiExternalCredential(
-                id = "id",
-                type = ExternalCredentialType.NHISCard.toString(),
-                value = "value"
+            externalCredentials = listOf(
+                ApiExternalCredential(
+                    id = "id",
+                    type = ApiExternalCredentialType.NHIS_CARD,
+                    value = "value",
+                ),
             ),
         )
         val expectedPayload = EnrolmentRecordCreationEvent.EnrolmentRecordCreationPayload(
@@ -54,8 +57,8 @@ class ApiEnrolmentRecordCreationEventTest {
                     id = "id",
                     value = "value".asTokenizableEncrypted(),
                     subjectId = "subjectId",
-                    type = ExternalCredentialType.NHISCard
-                )
+                    type = ExternalCredentialType.NHISCard,
+                ),
             ),
         )
 
diff --git a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordMoveEventTest.kt b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordMoveEventTest.kt
index a8d04ff6b6..ab91b997b3 100644
--- a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordMoveEventTest.kt
+++ b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordMoveEventTest.kt
@@ -5,6 +5,7 @@ import com.simprints.core.domain.externalcredential.ExternalCredential
 import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.core.domain.fingerprint.IFingerIdentifier
 import com.simprints.core.domain.tokenization.asTokenizableEncrypted
+import com.simprints.infra.config.store.remote.models.ApiExternalCredentialType
 import com.simprints.infra.events.event.domain.models.subject.EnrolmentRecordMoveEvent
 import com.simprints.infra.events.event.domain.models.subject.FingerprintReference
 import com.simprints.infra.events.event.domain.models.subject.FingerprintTemplate
@@ -33,8 +34,8 @@ class ApiEnrolmentRecordMoveEventTest {
                 ApiExternalCredential(
                     id = "id",
                     value = "value",
-                    type = ExternalCredentialType.NHISCard.toString()
-                )
+                    type = ApiExternalCredentialType.NHIS_CARD,
+                ),
             ),
             ApiEnrolmentRecordMovePayload.ApiEnrolmentRecordDeletionInMove(
                 "subjectId",
@@ -62,8 +63,8 @@ class ApiEnrolmentRecordMoveEventTest {
                     id = "id",
                     value = "value".asTokenizableEncrypted(),
                     subjectId = "subjectId",
-                    type = ExternalCredentialType.NHISCard
-                )
+                    type = ExternalCredentialType.NHISCard,
+                ),
             ),
             EnrolmentRecordMoveEvent.EnrolmentRecordDeletionInMove(
                 "subjectId",
diff --git a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordUpdateEventTest.kt b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordUpdateEventTest.kt
index 8c6a45e736..98e24e00e4 100644
--- a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordUpdateEventTest.kt
+++ b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/remote/models/subject/ApiEnrolmentRecordUpdateEventTest.kt
@@ -5,6 +5,7 @@ import com.simprints.core.domain.externalcredential.ExternalCredential
 import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.core.domain.fingerprint.IFingerIdentifier
 import com.simprints.core.domain.tokenization.asTokenizableEncrypted
+import com.simprints.infra.config.store.remote.models.ApiExternalCredentialType
 import com.simprints.infra.events.event.domain.models.subject.EnrolmentRecordUpdateEvent
 import com.simprints.infra.events.event.domain.models.subject.FaceReference
 import com.simprints.infra.events.event.domain.models.subject.FaceTemplate
@@ -36,11 +37,13 @@ class ApiEnrolmentRecordUpdateEventTest {
                 ),
             ),
             biometricReferencesRemoved = listOf("fpRefId2"),
-            externalCredentialAdded = ApiExternalCredential(
-                id = "id",
-                type = ExternalCredentialType.NHISCard.toString(),
-                value = "value"
-            )
+            externalCredentialsAdded = listOf(
+                ApiExternalCredential(
+                    id = "id",
+                    type = ApiExternalCredentialType.NHIS_CARD,
+                    value = "value",
+                ),
+            ),
         )
         val expectedPayload = EnrolmentRecordUpdateEvent.EnrolmentRecordUpdatePayload(
             subjectId = "subjectId",
@@ -57,12 +60,14 @@ class ApiEnrolmentRecordUpdateEventTest {
                 ),
             ),
             biometricReferencesRemoved = listOf("fpRefId2"),
-            externalCredentialAdded = ExternalCredential(
-                id = "id",
-                value = "value".asTokenizableEncrypted(),
-                subjectId = "subjectId",
-                type = ExternalCredentialType.NHISCard
-            )
+            externalCredentialsAdded = listOf(
+                ExternalCredential(
+                    id = "id",
+                    value = "value".asTokenizableEncrypted(),
+                    subjectId = "subjectId",
+                    type = ExternalCredentialType.NHISCard,
+                ),
+            ),
         )
 
         assertThat(apiPayload.fromApiToDomain()).isEqualTo(expectedPayload)
diff --git a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/usecases/MapDomainEventScopeToApiUseCaseTest.kt b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/usecases/MapDomainEventScopeToApiUseCaseTest.kt
index 883d28bfda..15d5550b9b 100644
--- a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/usecases/MapDomainEventScopeToApiUseCaseTest.kt
+++ b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/usecases/MapDomainEventScopeToApiUseCaseTest.kt
@@ -9,14 +9,12 @@ import com.simprints.infra.events.event.domain.models.scope.EventScope
 import com.simprints.infra.events.event.domain.models.scope.EventScopePayload
 import com.simprints.infra.events.event.domain.models.scope.EventScopeType
 import com.simprints.infra.eventsync.event.remote.models.ApiEvent
-import com.simprints.infra.eventsync.event.remote.models.fromDomainToApi
 import io.mockk.*
 import io.mockk.impl.annotations.MockK
 import org.junit.Assert.assertEquals
 import org.junit.Before
 import org.junit.Test
 
-
 internal class MapDomainEventScopeToApiUseCaseTest {
     @MockK
     lateinit var mapDomainEventToApiUseCase: MapDomainEventToApiUseCase
@@ -36,7 +34,7 @@ internal class MapDomainEventScopeToApiUseCaseTest {
     fun `should map events using use case`() {
         val scope = createBlankSessionScope()
         val events = listOf(
-            mockk<Event>()
+            mockk<Event>(),
         )
         val resultEvent = mockk<ApiEvent>()
         every { mapDomainEventToApiUseCase(any(), any()) } returns resultEvent
@@ -50,7 +48,7 @@ internal class MapDomainEventScopeToApiUseCaseTest {
     fun `should map fields correctly`() {
         val scope = createBlankSessionScope()
         val events = listOf(
-            mockk<Event>()
+            mockk<Event>(),
         )
         val resultEvent = mockk<ApiEvent>()
         every { mapDomainEventToApiUseCase(any(), any()) } returns resultEvent
@@ -61,7 +59,6 @@ internal class MapDomainEventScopeToApiUseCaseTest {
             assertEquals(startTime.unixMs, scope.createdAt.ms)
             assertEquals(endTime, scope.endedAt)
         }
-
     }
 
     private fun createBlankSessionScope() = EventScope(
diff --git a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/usecases/MapDomainEventToApiUseCaseTest.kt b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/usecases/MapDomainEventToApiUseCaseTest.kt
index f7fa756e4e..294f6a4cf5 100644
--- a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/usecases/MapDomainEventToApiUseCaseTest.kt
+++ b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/event/usecases/MapDomainEventToApiUseCaseTest.kt
@@ -28,8 +28,14 @@ import com.simprints.infra.events.sampledata.createEnrolmentCalloutEventV2
 import com.simprints.infra.events.sampledata.createEnrolmentCalloutEventV3
 import com.simprints.infra.events.sampledata.createEnrolmentEventV2
 import com.simprints.infra.events.sampledata.createEnrolmentEventV4
+import com.simprints.infra.events.sampledata.createEnrolmentUpdateEvent
 import com.simprints.infra.events.sampledata.createEventDownSyncRequestEvent
 import com.simprints.infra.events.sampledata.createEventUpSyncRequestEvent
+import com.simprints.infra.events.sampledata.createExternalCredentialCaptureEvent
+import com.simprints.infra.events.sampledata.createExternalCredentialCaptureValueEvent
+import com.simprints.infra.events.sampledata.createExternalCredentialConfirmationEvent
+import com.simprints.infra.events.sampledata.createExternalCredentialSearchEvent
+import com.simprints.infra.events.sampledata.createExternalCredentialSelectionEvent
 import com.simprints.infra.events.sampledata.createFaceCaptureBiometricsEvent
 import com.simprints.infra.events.sampledata.createFaceCaptureConfirmationEvent
 import com.simprints.infra.events.sampledata.createFaceCaptureEvent
@@ -61,40 +67,7 @@ import com.simprints.infra.events.sampledata.createVerificationCalloutEventV2
 import com.simprints.infra.events.sampledata.createVerificationCalloutEventV3
 import com.simprints.infra.events.sampledata.createVero2InfoSnapshotEvent
 import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.AgeGroupSelection
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.AlertScreen
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.Authentication
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.Authorization
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.BiometricReferenceCreation
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.Callback
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.Callout
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.CandidateRead
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.CompletionCheck
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.ConnectivitySnapshot
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.Consent
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.Enrolment
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.EventDownSyncRequest
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.EventUpSyncRequest
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.FaceCapture
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.FaceCaptureBiometrics
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.FaceCaptureConfirmation
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.FaceFallbackCapture
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.FaceOnboardingComplete
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.FingerprintCapture
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.FingerprintCaptureBiometrics
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.GuidSelection
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.IntentParsing
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.InvalidIntent
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.LicenseCheck
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.OneToManyMatch
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.OneToOneMatch
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.PersonCreation
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.Refusal
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.SampleUpSyncRequest
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.ScannerConnection
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.ScannerFirmwareUpdate
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.SuspiciousIntent
-import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.Vero2InfoSnapshot
+import com.simprints.infra.eventsync.event.remote.models.ApiEventPayloadType.*
 import com.simprints.infra.eventsync.event.validateAgeGroupSelectionEventApiModel
 import com.simprints.infra.eventsync.event.validateAlertScreenEventApiModel
 import com.simprints.infra.eventsync.event.validateAuthenticationEventApiModel
@@ -112,6 +85,12 @@ import com.simprints.infra.eventsync.event.validateConsentEventApiModel
 import com.simprints.infra.eventsync.event.validateDownSyncRequestEventApiModel
 import com.simprints.infra.eventsync.event.validateEnrolmentEventV2ApiModel
 import com.simprints.infra.eventsync.event.validateEnrolmentEventV4ApiModel
+import com.simprints.infra.eventsync.event.validateEnrolmentUpdateEventApiModel
+import com.simprints.infra.eventsync.event.validateExternalCredentialCaptureEventApiModel
+import com.simprints.infra.eventsync.event.validateExternalCredentialCaptureValueEventApiModel
+import com.simprints.infra.eventsync.event.validateExternalCredentialConfirmationApiModel
+import com.simprints.infra.eventsync.event.validateExternalCredentialSearchApiModel
+import com.simprints.infra.eventsync.event.validateExternalCredentialSelectionEventApiModel
 import com.simprints.infra.eventsync.event.validateFaceCaptureBiometricsEventApiModel
 import com.simprints.infra.eventsync.event.validateFaceCaptureConfirmationEventApiModel
 import com.simprints.infra.eventsync.event.validateFaceCaptureEventApiModel
@@ -596,6 +575,60 @@ internal class MapDomainEventToApiUseCaseTest {
         validateBiometricReferenceCreationEventApiModel(json)
     }
 
+    @Test
+    fun validate_enrolmentUpdateEventApiModel() {
+        val event = createEnrolmentUpdateEvent()
+        val apiEvent = useCase(event, project)
+        val json = JSONObject(jackson.writeValueAsString(apiEvent))
+
+        validateEnrolmentUpdateEventApiModel(json)
+    }
+
+    @Test
+    fun validate_externalCredentialSelectionEventApiModel() {
+        val event = createExternalCredentialSelectionEvent()
+        val apiEvent = useCase(event, project)
+        val json = JSONObject(jackson.writeValueAsString(apiEvent))
+
+        validateExternalCredentialSelectionEventApiModel(json)
+    }
+
+    @Test
+    fun validate_externalCredentialCaptureValueEventApiModel() {
+        val event = createExternalCredentialCaptureValueEvent()
+        val apiEvent = useCase(event, project)
+        val json = JSONObject(jackson.writeValueAsString(apiEvent))
+
+        validateExternalCredentialCaptureValueEventApiModel(json)
+    }
+
+    @Test
+    fun validate_externalCredentialCaptureEventApiModel() {
+        val event = createExternalCredentialCaptureEvent()
+        val apiEvent = useCase(event, project)
+        val json = JSONObject(jackson.writeValueAsString(apiEvent))
+
+        validateExternalCredentialCaptureEventApiModel(json)
+    }
+
+    @Test
+    fun validate_externalCredentialSearchEventApiModel() {
+        val event = createExternalCredentialSearchEvent()
+        val apiEvent = useCase(event, project)
+        val json = JSONObject(jackson.writeValueAsString(apiEvent))
+
+        validateExternalCredentialSearchApiModel(json)
+    }
+
+    @Test
+    fun validate_externalCredentialConfirmationEventApiModel() {
+        val event = createExternalCredentialConfirmationEvent()
+        val apiEvent = useCase(event, project)
+        val json = JSONObject(jackson.writeValueAsString(apiEvent))
+
+        validateExternalCredentialConfirmationApiModel(json)
+    }
+
     @Test
     fun `when event contains tokenized attendant id, then ApiEvent should contain tokenizedField`() {
         validateUserIdTokenization(attendantId = "attendantId".asTokenizableEncrypted())
@@ -698,6 +731,12 @@ internal class MapDomainEventToApiUseCaseTest {
             LicenseCheck -> validate_licenseCheckEventApiModel()
             AgeGroupSelection -> validate_ageGroupSelectionEventApiModel()
             BiometricReferenceCreation -> validate_biometricReferenceCreationEventApiModel()
+            EnrolmentUpdate -> validate_enrolmentUpdateEventApiModel()
+            ExternalCredentialSelection -> validate_externalCredentialSelectionEventApiModel()
+            ExternalCredentialCaptureValue -> validate_externalCredentialCaptureValueEventApiModel()
+            ExternalCredentialCapture -> validate_externalCredentialCaptureEventApiModel()
+            ExternalCredentialSearch -> validate_externalCredentialSearchEventApiModel()
+            ExternalCredentialConfirmation -> validate_externalCredentialConfirmationEventApiModel()
             null -> TODO()
         }.safeSealedWhens
     }
diff --git a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/sync/down/tasks/CommCareEventSyncTaskTest.kt b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/sync/down/tasks/CommCareEventSyncTaskTest.kt
index f2c2416b78..7a44a0b38f 100644
--- a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/sync/down/tasks/CommCareEventSyncTaskTest.kt
+++ b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/sync/down/tasks/CommCareEventSyncTaskTest.kt
@@ -70,8 +70,8 @@ class CommCareEventSyncTaskTest {
                     id = "id",
                     value = "value".asTokenizableEncrypted(),
                     subjectId = "subjectId",
-                    type = ExternalCredentialType.NHISCard
-                )
+                    type = ExternalCredentialType.NHISCard,
+                ),
             ),
         )
         val ENROLMENT_RECORD_MOVE_MODULE = EnrolmentRecordMoveEvent(
@@ -85,8 +85,8 @@ class CommCareEventSyncTaskTest {
                     id = "id",
                     value = "value".asTokenizableEncrypted(),
                     subjectId = "subjectId",
-                    type = ExternalCredentialType.NHISCard
-                )
+                    type = ExternalCredentialType.NHISCard,
+                ),
             ),
             EnrolmentRecordMoveEvent.EnrolmentRecordDeletionInMove(
                 subjectId = "subjectId",
@@ -106,8 +106,8 @@ class CommCareEventSyncTaskTest {
                     id = "id",
                     value = "value".asTokenizableEncrypted(),
                     subjectId = "subjectId",
-                    type = ExternalCredentialType.NHISCard
-                )
+                    type = ExternalCredentialType.NHISCard,
+                ),
             ),
             EnrolmentRecordMoveEvent.EnrolmentRecordDeletionInMove(
                 subjectId = "subjectId",
@@ -117,14 +117,16 @@ class CommCareEventSyncTaskTest {
             ),
         )
         val ENROLMENT_RECORD_UPDATE = EnrolmentRecordUpdateEvent(
-            "subjectId",
-            listOf(FaceReference("id", listOf(FaceTemplate("template")), "format")),
-            listOf("referenceIdToDelete"),
-            externalCredentialAdded = ExternalCredential(
-                id = "id",
-                value = "value".asTokenizableEncrypted(),
-                subjectId = "subjectId",
-                type = ExternalCredentialType.NHISCard
+            subjectId = "subjectId",
+            biometricReferencesAdded = listOf(FaceReference("id", listOf(FaceTemplate("template")), "format")),
+            biometricReferencesRemoved = listOf("referenceIdToDelete"),
+            externalCredentialsAdded = listOf(
+                ExternalCredential(
+                    id = "id",
+                    value = "value".asTokenizableEncrypted(),
+                    subjectId = "subjectId",
+                    type = ExternalCredentialType.NHISCard,
+                ),
             ),
         )
     }
diff --git a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/sync/down/tasks/SimprintsEventDownSyncTaskTest.kt b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/sync/down/tasks/SimprintsEventDownSyncTaskTest.kt
index 42c1a4c137..b7764841c9 100644
--- a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/sync/down/tasks/SimprintsEventDownSyncTaskTest.kt
+++ b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/sync/down/tasks/SimprintsEventDownSyncTaskTest.kt
@@ -1,6 +1,6 @@
 package com.simprints.infra.eventsync.sync.down.tasks
 
-import com.google.common.truth.Truth.assertThat
+import com.google.common.truth.Truth.*
 import com.simprints.core.domain.externalcredential.ExternalCredential
 import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.core.domain.face.FaceSample
@@ -14,7 +14,9 @@ import com.simprints.infra.config.sync.ConfigManager
 import com.simprints.infra.enrolment.records.repository.EnrolmentRecordRepository
 import com.simprints.infra.enrolment.records.repository.domain.models.Subject
 import com.simprints.infra.enrolment.records.repository.domain.models.SubjectAction
-import com.simprints.infra.enrolment.records.repository.domain.models.SubjectAction.*
+import com.simprints.infra.enrolment.records.repository.domain.models.SubjectAction.Creation
+import com.simprints.infra.enrolment.records.repository.domain.models.SubjectAction.Deletion
+import com.simprints.infra.enrolment.records.repository.domain.models.SubjectAction.Update
 import com.simprints.infra.events.EventRepository
 import com.simprints.infra.events.event.domain.models.downsync.EventDownSyncRequestEvent
 import com.simprints.infra.events.event.domain.models.scope.EventScope
@@ -40,9 +42,7 @@ import com.simprints.infra.eventsync.sync.common.SubjectFactory
 import com.simprints.infra.eventsync.sync.down.tasks.BaseEventDownSyncTask.Companion.EVENTS_BATCH_SIZE
 import com.simprints.testtools.common.coroutines.TestCoroutineRule
 import com.simprints.testtools.unit.EncodingUtilsImplForTests
-import io.mockk.MockKAnnotations
-import io.mockk.coEvery
-import io.mockk.coVerify
+import io.mockk.*
 import io.mockk.impl.annotations.MockK
 import kotlinx.coroutines.CancellationException
 import kotlinx.coroutines.channels.Channel
@@ -72,8 +72,8 @@ class SimprintsEventDownSyncTaskTest {
                     id = "id",
                     value = "value".asTokenizableEncrypted(),
                     subjectId = "subjectId",
-                    type = ExternalCredentialType.NHISCard
-                )
+                    type = ExternalCredentialType.NHISCard,
+                ),
             ),
         )
         val ENROLMENT_RECORD_MOVE_MODULE = EnrolmentRecordMoveEvent(
@@ -87,8 +87,8 @@ class SimprintsEventDownSyncTaskTest {
                     id = "id",
                     value = "value".asTokenizableEncrypted(),
                     subjectId = "subjectId",
-                    type = ExternalCredentialType.NHISCard
-                )
+                    type = ExternalCredentialType.NHISCard,
+                ),
             ),
             EnrolmentRecordMoveEvent.EnrolmentRecordDeletionInMove(
                 "subjectId",
@@ -108,8 +108,8 @@ class SimprintsEventDownSyncTaskTest {
                     id = "id",
                     value = "value".asTokenizableEncrypted(),
                     subjectId = "subjectId",
-                    type = ExternalCredentialType.NHISCard
-                )
+                    type = ExternalCredentialType.NHISCard,
+                ),
             ),
             EnrolmentRecordMoveEvent.EnrolmentRecordDeletionInMove(
                 "subjectId",
@@ -129,8 +129,8 @@ class SimprintsEventDownSyncTaskTest {
                     id = "id",
                     value = "value".asTokenizableEncrypted(),
                     subjectId = "subjectId",
-                    type = ExternalCredentialType.NHISCard
-                )
+                    type = ExternalCredentialType.NHISCard,
+                ),
             ),
             EnrolmentRecordMoveEvent.EnrolmentRecordDeletionInMove(
                 "subjectId",
@@ -143,12 +143,14 @@ class SimprintsEventDownSyncTaskTest {
             subjectId = "subjectId",
             biometricReferencesAdded = listOf(FaceReference("id", listOf(FaceTemplate("template")), "format")),
             biometricReferencesRemoved = listOf("referenceIdToDelete"),
-            externalCredentialAdded = ExternalCredential(
-                id = "id",
-                value = "value".asTokenizableEncrypted(),
-                subjectId = "subjectId",
-                type = ExternalCredentialType.NHISCard
-            )
+            externalCredentialsAdded = listOf(
+                ExternalCredential(
+                    id = "id",
+                    value = "value".asTokenizableEncrypted(),
+                    subjectId = "subjectId",
+                    type = ExternalCredentialType.NHISCard,
+                ),
+            ),
         )
     }
 
@@ -560,9 +562,9 @@ class SimprintsEventDownSyncTaskTest {
                         id = "id",
                         value = "value".asTokenizableEncrypted(),
                         subjectId = "subjectId",
-                        type = ExternalCredentialType.NHISCard
-                    )
-                )
+                        type = ExternalCredentialType.NHISCard,
+                    ),
+                ),
             ),
         )
 
diff --git a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/sync/down/tasks/SubjectFactoryTest.kt b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/sync/down/tasks/SubjectFactoryTest.kt
index 35154ae213..fc33c754b5 100644
--- a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/sync/down/tasks/SubjectFactoryTest.kt
+++ b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/sync/down/tasks/SubjectFactoryTest.kt
@@ -65,7 +65,7 @@ class SubjectFactoryTest {
             attendantId = ATTENDANT_ID,
             moduleId = MODULE_ID,
             biometricReferences = listOf(FINGERPRINT_REFERENCE, faceReference),
-            externalCredentials = emptyList()
+            externalCredentials = emptyList(),
         )
         val result = factory.buildSubjectFromCreationPayload(payload)
         val expected = Subject(
@@ -100,7 +100,7 @@ class SubjectFactoryTest {
             attendantId = ATTENDANT_ID,
             moduleId = MODULE_ID,
             biometricReferences = listOf(FINGERPRINT_REFERENCE, faceReference),
-            externalCredential = null
+            externalCredential = null,
         )
         val result = factory.buildSubjectFromMovePayload(payload)
 
@@ -161,6 +161,7 @@ class SubjectFactoryTest {
                     referenceId = "referenceId-finger-4",
                 ),
             ),
+            externalCredentials = listOf(EXTERNAL_CREDENTIAL),
         )
 
         val payload = EnrolmentRecordUpdatePayload(
@@ -183,7 +184,7 @@ class SubjectFactoryTest {
                     templates = listOf(FaceTemplate(template = BASE_64_BYTES.toString())),
                 ),
             ),
-            externalCredentialAdded = EXTERNAL_CREDENTIAL
+            externalCredentialsAdded = listOf(EXTERNAL_CREDENTIAL),
         )
         val result = factory.buildSubjectFromUpdatePayload(subject, payload)
 
@@ -218,6 +219,7 @@ class SubjectFactoryTest {
                     referenceId = "referenceId-finger-6",
                 ),
             ),
+            externalCredentials = listOf(EXTERNAL_CREDENTIAL),
         )
         assertThat(result).isEqualTo(expected)
     }
@@ -247,7 +249,7 @@ class SubjectFactoryTest {
                     referenceId = REFERENCE_ID,
                 ),
             ),
-            externalCredentials = listOf(EXTERNAL_CREDENTIAL)
+            externalCredentials = listOf(EXTERNAL_CREDENTIAL),
         )
 
         val result = factory.buildSubjectFromCaptureResults(
@@ -286,7 +288,7 @@ class SubjectFactoryTest {
                     ),
                 ),
             ),
-            externalCredential = EXTERNAL_CREDENTIAL
+            externalCredential = EXTERNAL_CREDENTIAL,
         )
         assertThat(result).isEqualTo(expected)
     }
@@ -313,7 +315,7 @@ class SubjectFactoryTest {
                     referenceId = REFERENCE_ID,
                 ),
             ),
-            externalCredentials = listOf(EXTERNAL_CREDENTIAL)
+            externalCredentials = listOf(EXTERNAL_CREDENTIAL),
         )
 
         val result = factory.buildSubject(
@@ -323,7 +325,7 @@ class SubjectFactoryTest {
             moduleId = expected.moduleId,
             fingerprintSamples = expected.fingerprintSamples,
             faceSamples = expected.faceSamples,
-            externalCredentials = expected.externalCredentials
+            externalCredentials = expected.externalCredentials,
         )
         assertThat(result).isEqualTo(expected)
     }
@@ -362,7 +364,7 @@ class SubjectFactoryTest {
             id = EXTERNAL_CREDENTIAL_ID,
             value = EXTERNAL_CREDENTIAL_VALUE,
             subjectId = SUBJECT_ID,
-            type = EXTERNAL_CREDENTIAL_TYPE
+            type = EXTERNAL_CREDENTIAL_TYPE,
         )
     }
 }
diff --git a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/testtools/RemoteTestingHelper.kt b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/testtools/RemoteTestingHelper.kt
index d029848cbf..0cdbe50524 100644
--- a/infra/event-sync/src/test/java/com/simprints/infra/eventsync/testtools/RemoteTestingHelper.kt
+++ b/infra/event-sync/src/test/java/com/simprints/infra/eventsync/testtools/RemoteTestingHelper.kt
@@ -18,7 +18,9 @@ internal class RemoteTestingHelper {
             ApiEventPayloadType.FingerprintCaptureBiometrics, ApiEventPayloadType.FaceCaptureBiometrics,
             ApiEventPayloadType.EventDownSyncRequest, ApiEventPayloadType.EventUpSyncRequest, ApiEventPayloadType.LicenseCheck,
             ApiEventPayloadType.AgeGroupSelection, ApiEventPayloadType.BiometricReferenceCreation, ApiEventPayloadType.SampleUpSyncRequest,
-            null,
+            ApiEventPayloadType.EnrolmentUpdate, ApiEventPayloadType.ExternalCredentialSelection,
+            ApiEventPayloadType.ExternalCredentialCaptureValue, ApiEventPayloadType.ExternalCredentialCapture,
+            ApiEventPayloadType.ExternalCredentialSearch, ApiEventPayloadType.ExternalCredentialConfirmation, null,
             -> {
                 // ADD TEST FOR NEW EVENT IN THIS CLASS
             }
diff --git a/infra/events/src/debug/java/com/simprints/infra/events/sampledata/EventFactoryUtils.kt b/infra/events/src/debug/java/com/simprints/infra/events/sampledata/EventFactoryUtils.kt
index b12eb638f4..17925d2d93 100644
--- a/infra/events/src/debug/java/com/simprints/infra/events/sampledata/EventFactoryUtils.kt
+++ b/infra/events/src/debug/java/com/simprints/infra/events/sampledata/EventFactoryUtils.kt
@@ -27,8 +27,15 @@ import com.simprints.infra.events.event.domain.models.ConsentEvent.ConsentPayloa
 import com.simprints.infra.events.event.domain.models.ConsentEvent.ConsentPayload.Type.INDIVIDUAL
 import com.simprints.infra.events.event.domain.models.EnrolmentEventV2
 import com.simprints.infra.events.event.domain.models.EnrolmentEventV4
+import com.simprints.infra.events.event.domain.models.EnrolmentUpdateEvent
 import com.simprints.infra.events.event.domain.models.Event
 import com.simprints.infra.events.event.domain.models.EventType
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureValueEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialConfirmationEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialConfirmationEvent.ExternalCredentialConfirmationResult
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSearchEvent
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSelectionEvent
 import com.simprints.infra.events.event.domain.models.FingerComparisonStrategy
 import com.simprints.infra.events.event.domain.models.GuidSelectionEvent
 import com.simprints.infra.events.event.domain.models.IntentParsingEvent
@@ -87,12 +94,14 @@ import com.simprints.infra.events.event.domain.models.scope.EventScopeType
 import com.simprints.infra.events.event.domain.models.scope.Location
 import com.simprints.infra.events.event.domain.models.upsync.EventUpSyncRequestEvent
 import com.simprints.infra.events.sampledata.SampleDefaults.CREATED_AT
+import com.simprints.infra.events.sampledata.SampleDefaults.CREDENTIAL_ID
 import com.simprints.infra.events.sampledata.SampleDefaults.DEFAULT_BIOMETRIC_DATA_SOURCE
 import com.simprints.infra.events.sampledata.SampleDefaults.DEFAULT_METADATA
 import com.simprints.infra.events.sampledata.SampleDefaults.DEFAULT_MODULE_ID
 import com.simprints.infra.events.sampledata.SampleDefaults.DEFAULT_PROJECT_ID
 import com.simprints.infra.events.sampledata.SampleDefaults.DEFAULT_USER_ID
 import com.simprints.infra.events.sampledata.SampleDefaults.ENDED_AT
+import com.simprints.infra.events.sampledata.SampleDefaults.EXTERNAL_CREDENTIAL
 import com.simprints.infra.events.sampledata.SampleDefaults.GUID1
 import com.simprints.infra.events.sampledata.SampleDefaults.GUID2
 
@@ -378,6 +387,7 @@ fun createEnrolmentEventV4() = EnrolmentEventV4(
     DEFAULT_MODULE_ID,
     DEFAULT_USER_ID,
     listOf(GUID1, GUID2),
+    listOf(CREDENTIAL_ID),
 )
 
 fun createFingerprintCaptureEvent() = FingerprintCaptureEvent(
@@ -531,3 +541,48 @@ fun createBiometricReferenceCreationEvent() = BiometricReferenceCreationEvent(
     modality = BiometricReferenceCreationEvent.BiometricReferenceModality.FACE,
     captureIds = listOf(GUID1, GUID2),
 )
+
+fun createEnrolmentUpdateEvent() = EnrolmentUpdateEvent(
+    createdAt = CREATED_AT,
+    subjectId = GUID1,
+    externalCredentialIdsToAdd = listOf(CREDENTIAL_ID),
+)
+
+fun createExternalCredentialSelectionEvent() = ExternalCredentialSelectionEvent(
+    createdAt = CREATED_AT,
+    endedAt = CREATED_AT,
+    skipReason = ExternalCredentialSelectionEvent.SkipReason.OTHER,
+    skipOther = DEFAULT_METADATA,
+)
+
+fun createExternalCredentialCaptureValueEvent() = ExternalCredentialCaptureValueEvent(
+    createdAt = CREATED_AT,
+    payloadId = CREDENTIAL_ID,
+    credential = EXTERNAL_CREDENTIAL,
+)
+
+fun createExternalCredentialCaptureEvent() = ExternalCredentialCaptureEvent(
+    startTime = CREATED_AT,
+    payloadId = CREDENTIAL_ID,
+    endTime = CREATED_AT,
+    autoCaptureStartTime = CREATED_AT,
+    autoCaptureEndTime = CREATED_AT,
+    ocrErrorCount = 0,
+    capturedTextLength = 0,
+    credentialTextLength = 0,
+    selectionId = GUID1,
+)
+
+fun createExternalCredentialSearchEvent() = ExternalCredentialSearchEvent(
+    createdAt = CREATED_AT,
+    endedAt = CREATED_AT,
+    probeExternalCredentialId = GUID1,
+    candidateIds = listOf(GUID1, GUID2),
+)
+
+fun createExternalCredentialConfirmationEvent() = ExternalCredentialConfirmationEvent(
+    createdAt = CREATED_AT,
+    endedAt = CREATED_AT,
+    result = ExternalCredentialConfirmationResult.CONTINUE,
+    userInteractedWithImage = true,
+)
diff --git a/infra/events/src/debug/java/com/simprints/infra/events/sampledata/SampleDefaults.kt b/infra/events/src/debug/java/com/simprints/infra/events/sampledata/SampleDefaults.kt
index 677831bd2d..7a349d360f 100644
--- a/infra/events/src/debug/java/com/simprints/infra/events/sampledata/SampleDefaults.kt
+++ b/infra/events/src/debug/java/com/simprints/infra/events/sampledata/SampleDefaults.kt
@@ -1,6 +1,9 @@
 package com.simprints.infra.events.sampledata
 
+import com.simprints.core.domain.externalcredential.ExternalCredential
+import com.simprints.core.domain.externalcredential.ExternalCredentialType
 import com.simprints.core.domain.modality.Modes
+import com.simprints.core.domain.tokenization.asTokenizableEncrypted
 import com.simprints.core.domain.tokenization.asTokenizableRaw
 import com.simprints.core.tools.time.Timestamp
 import com.simprints.infra.events.event.domain.models.callout.BiometricDataSource
@@ -28,4 +31,13 @@ object SampleDefaults {
     val TIME1 = System.currentTimeMillis()
 
     val DEFAULT_MODES = listOf(Modes.FINGERPRINT)
+    const val CREDENTIAL_ID = "CREDENTIAL_ID"
+    val CREDENTIAL_TYPE = ExternalCredentialType.NHISCard
+    val CREDENTIAL_VALUE = "CREDENTIAL_VALUE".asTokenizableEncrypted()
+    val EXTERNAL_CREDENTIAL = ExternalCredential(
+        id = CREDENTIAL_ID,
+        value = CREDENTIAL_VALUE,
+        subjectId = GUID1,
+        type = CREDENTIAL_TYPE,
+    )
 }
diff --git a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EnrolmentEventV4.kt b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EnrolmentEventV4.kt
index 01cb57dc1f..a223c54076 100644
--- a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EnrolmentEventV4.kt
+++ b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EnrolmentEventV4.kt
@@ -22,6 +22,7 @@ data class EnrolmentEventV4(
         moduleId: TokenizableString,
         attendantId: TokenizableString,
         biometricReferenceIds: List<String>,
+        externalCredentialIds: List<String>,
     ) : this(
         UUID.randomUUID().toString(),
         EnrolmentPayload(
@@ -32,6 +33,7 @@ data class EnrolmentEventV4(
             moduleId = moduleId,
             attendantId = attendantId,
             biometricReferenceIds = biometricReferenceIds,
+            externalCredentialIds = externalCredentialIds,
         ),
         ENROLMENT_V4,
     )
@@ -57,6 +59,7 @@ data class EnrolmentEventV4(
         val moduleId: TokenizableString,
         val attendantId: TokenizableString,
         val biometricReferenceIds: List<String>,
+        val externalCredentialIds: List<String>,
         override val endedAt: Timestamp? = null,
         override val type: EventType = ENROLMENT_V4,
     ) : EventPayload() {
diff --git a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EnrolmentUpdateEvent.kt b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EnrolmentUpdateEvent.kt
new file mode 100644
index 0000000000..f7d0c6aeb4
--- /dev/null
+++ b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EnrolmentUpdateEvent.kt
@@ -0,0 +1,50 @@
+package com.simprints.infra.events.event.domain.models
+
+import androidx.annotation.Keep
+import com.simprints.core.ExcludedFromGeneratedTestCoverageReports
+import com.simprints.core.domain.tokenization.TokenizableString
+import com.simprints.core.tools.time.Timestamp
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.events.event.domain.models.EventType.ENROLMENT_UPDATE
+import java.util.UUID
+
+@Keep
+@ExcludedFromGeneratedTestCoverageReports("Data struct")
+data class EnrolmentUpdateEvent(
+    override val id: String = UUID.randomUUID().toString(),
+    override val payload: EnrolmentUpdatePayload,
+    override val type: EventType,
+    override var scopeId: String? = null,
+    override var projectId: String? = null,
+) : Event() {
+    constructor(
+        createdAt: Timestamp,
+        subjectId: String,
+        externalCredentialIdsToAdd: List<String>,
+    ) : this(
+        UUID.randomUUID().toString(),
+        EnrolmentUpdatePayload(createdAt, EVENT_VERSION, subjectId, externalCredentialIdsToAdd),
+        ENROLMENT_UPDATE,
+    )
+
+    override fun getTokenizableFields(): Map<TokenKeyType, TokenizableString> = emptyMap()
+
+    override fun setTokenizedFields(map: Map<TokenKeyType, TokenizableString>) = this // No tokenized fields
+
+    @Keep
+    @ExcludedFromGeneratedTestCoverageReports("Data struct")
+    data class EnrolmentUpdatePayload(
+        override val createdAt: Timestamp,
+        override val eventVersion: Int,
+        val subjectId: String,
+        val externalCredentialIdsToAdd: List<String>,
+        override val endedAt: Timestamp? = null,
+        override val type: EventType = ENROLMENT_UPDATE,
+    ) : EventPayload() {
+        override fun toSafeString(): String = "subjectId: $subjectId, credentials: $externalCredentialIdsToAdd"
+    }
+
+    companion object Companion {
+        const val EVENT_VERSION = 0
+    }
+}
diff --git a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/Event.kt b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/Event.kt
index 66119a3c73..0846658873 100644
--- a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/Event.kt
+++ b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/Event.kt
@@ -30,10 +30,16 @@ import com.simprints.infra.events.event.domain.models.EventType.Companion.CANDID
 import com.simprints.infra.events.event.domain.models.EventType.Companion.COMPLETION_CHECK_KEY
 import com.simprints.infra.events.event.domain.models.EventType.Companion.CONNECTIVITY_SNAPSHOT_KEY
 import com.simprints.infra.events.event.domain.models.EventType.Companion.CONSENT_KEY
+import com.simprints.infra.events.event.domain.models.EventType.Companion.ENROLMENT_UPDATE_KEY
 import com.simprints.infra.events.event.domain.models.EventType.Companion.ENROLMENT_V2_KEY
 import com.simprints.infra.events.event.domain.models.EventType.Companion.ENROLMENT_V4_KEY
 import com.simprints.infra.events.event.domain.models.EventType.Companion.EVENT_DOWN_SYNC_REQUEST_KEY
 import com.simprints.infra.events.event.domain.models.EventType.Companion.EVENT_UP_SYNC_REQUEST_KEY
+import com.simprints.infra.events.event.domain.models.EventType.Companion.EXTERNAL_CREDENTIAL_CAPTURE_KEY
+import com.simprints.infra.events.event.domain.models.EventType.Companion.EXTERNAL_CREDENTIAL_CAPTURE_VALUE_KEY
+import com.simprints.infra.events.event.domain.models.EventType.Companion.EXTERNAL_CREDENTIAL_CONFIRMATION_KEY
+import com.simprints.infra.events.event.domain.models.EventType.Companion.EXTERNAL_CREDENTIAL_SEARCH_KEY
+import com.simprints.infra.events.event.domain.models.EventType.Companion.EXTERNAL_CREDENTIAL_SELECTION_KEY
 import com.simprints.infra.events.event.domain.models.EventType.Companion.FACE_CAPTURE_BIOMETRICS_KEY
 import com.simprints.infra.events.event.domain.models.EventType.Companion.FACE_CAPTURE_CONFIRMATION_KEY
 import com.simprints.infra.events.event.domain.models.EventType.Companion.FACE_CAPTURE_KEY
@@ -137,6 +143,12 @@ import com.simprints.infra.events.event.domain.models.upsync.EventUpSyncRequestE
     JsonSubTypes.Type(value = AgeGroupSelectionEvent::class, name = AGE_GROUP_SELECTION_KEY),
     JsonSubTypes.Type(value = BiometricReferenceCreationEvent::class, name = BIOMETRIC_REFERENCE_CREATION_KEY),
     JsonSubTypes.Type(value = SampleUpSyncRequestEvent::class, name = SAMPLE_UP_SYNC_REQUEST),
+    JsonSubTypes.Type(value = EnrolmentUpdateEvent::class, name = ENROLMENT_UPDATE_KEY),
+    JsonSubTypes.Type(value = ExternalCredentialSelectionEvent::class, name = EXTERNAL_CREDENTIAL_SELECTION_KEY),
+    JsonSubTypes.Type(value = ExternalCredentialCaptureValueEvent::class, name = EXTERNAL_CREDENTIAL_CAPTURE_VALUE_KEY),
+    JsonSubTypes.Type(value = ExternalCredentialCaptureEvent::class, name = EXTERNAL_CREDENTIAL_CAPTURE_KEY),
+    JsonSubTypes.Type(value = ExternalCredentialSearchEvent::class, name = EXTERNAL_CREDENTIAL_SEARCH_KEY),
+    JsonSubTypes.Type(value = ExternalCredentialConfirmationEvent::class, name = EXTERNAL_CREDENTIAL_CONFIRMATION_KEY),
 )
 abstract class Event {
     abstract val id: String
diff --git a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EventPayload.kt b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EventPayload.kt
index 9cd815e5f1..2ce01dac51 100644
--- a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EventPayload.kt
+++ b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EventPayload.kt
@@ -12,7 +12,13 @@ import com.simprints.infra.events.event.domain.models.CandidateReadEvent.Candida
 import com.simprints.infra.events.event.domain.models.CompletionCheckEvent.CompletionCheckPayload
 import com.simprints.infra.events.event.domain.models.ConnectivitySnapshotEvent.ConnectivitySnapshotPayload
 import com.simprints.infra.events.event.domain.models.ConsentEvent.ConsentPayload
+import com.simprints.infra.events.event.domain.models.EnrolmentUpdateEvent.EnrolmentUpdatePayload
 import com.simprints.infra.events.event.domain.models.EventType.Companion
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureEvent.ExternalCredentialCapturePayload
+import com.simprints.infra.events.event.domain.models.ExternalCredentialCaptureValueEvent.ExternalCredentialCaptureValuePayload
+import com.simprints.infra.events.event.domain.models.ExternalCredentialConfirmationEvent.*
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSearchEvent.*
+import com.simprints.infra.events.event.domain.models.ExternalCredentialSelectionEvent.*
 import com.simprints.infra.events.event.domain.models.GuidSelectionEvent.GuidSelectionPayload
 import com.simprints.infra.events.event.domain.models.IntentParsingEvent.IntentParsingPayload
 import com.simprints.infra.events.event.domain.models.InvalidIntentEvent.InvalidIntentPayload
@@ -115,6 +121,12 @@ import com.simprints.infra.events.event.domain.models.upsync.EventUpSyncRequestE
     JsonSubTypes.Type(value = AgeGroupSelectionPayload::class, name = Companion.AGE_GROUP_SELECTION_KEY),
     JsonSubTypes.Type(value = BiometricReferenceCreationPayload::class, name = Companion.BIOMETRIC_REFERENCE_CREATION_KEY),
     JsonSubTypes.Type(value = SampleUpSyncRequestPayload::class, name = Companion.SAMPLE_UP_SYNC_REQUEST),
+    JsonSubTypes.Type(value = EnrolmentUpdatePayload::class, name = Companion.ENROLMENT_UPDATE_KEY),
+    JsonSubTypes.Type(value = ExternalCredentialSelectionPayload::class, name = Companion.EXTERNAL_CREDENTIAL_SELECTION_KEY),
+    JsonSubTypes.Type(value = ExternalCredentialCaptureValuePayload::class, name = Companion.EXTERNAL_CREDENTIAL_CAPTURE_VALUE_KEY),
+    JsonSubTypes.Type(value = ExternalCredentialCapturePayload::class, name = Companion.EXTERNAL_CREDENTIAL_CAPTURE_KEY),
+    JsonSubTypes.Type(value = ExternalCredentialSearchPayload::class, name = Companion.EXTERNAL_CREDENTIAL_SEARCH_KEY),
+    JsonSubTypes.Type(value = ExternalCredentialConfirmationPayload::class, name = Companion.EXTERNAL_CREDENTIAL_CONFIRMATION_KEY),
 )
 abstract class EventPayload {
     abstract val type: EventType
diff --git a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EventType.kt b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EventType.kt
index 505b0b4a88..f40f370c22 100644
--- a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EventType.kt
+++ b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/EventType.kt
@@ -154,6 +154,24 @@ enum class EventType {
 
     // key added: BIOMETRIC_REFERENCE_CREATION_KEY
     BIOMETRIC_REFERENCE_CREATION,
+
+    // key added: ENROLMENT_UPDATE_KEY
+    ENROLMENT_UPDATE,
+
+    // key added: EXTERNAL_CREDENTIAL_CAPTURE_KEY
+    EXTERNAL_CREDENTIAL_CAPTURE,
+
+    // key added: EXTERNAL_CREDENTIAL_SELECTION_KEY
+    EXTERNAL_CREDENTIAL_SELECTION,
+
+    // key added: EXTERNAL_CREDENTIAL_CAPTURE_VALUE_KEY
+    EXTERNAL_CREDENTIAL_CAPTURE_VALUE,
+
+    // key added: EXTERNAL_CREDENTIAL_SEARCH_KEY
+    EXTERNAL_CREDENTIAL_SEARCH,
+
+    // key added: EXTERNAL_CREDENTIAL_CONFIRMATION_KEY
+    EXTERNAL_CREDENTIAL_CONFIRMATION,
     ;
 
     companion object {
@@ -206,5 +224,11 @@ enum class EventType {
         const val LICENSE_CHECK_KEY = "LICENSE_CHECK"
         const val AGE_GROUP_SELECTION_KEY = "AGE_GROUP_SELECTION"
         const val BIOMETRIC_REFERENCE_CREATION_KEY = "BIOMETRIC_REFERENCE_CREATION"
+        const val ENROLMENT_UPDATE_KEY = "ENROLMENT_UPDATE"
+        const val EXTERNAL_CREDENTIAL_SELECTION_KEY = "EXTERNAL_CREDENTIAL_SELECTION"
+        const val EXTERNAL_CREDENTIAL_CAPTURE_KEY = "EXTERNAL_CREDENTIAL_CAPTURE"
+        const val EXTERNAL_CREDENTIAL_CAPTURE_VALUE_KEY = "EXTERNAL_CREDENTIAL_CAPTURE_VALUE"
+        const val EXTERNAL_CREDENTIAL_SEARCH_KEY = "EXTERNAL_CREDENTIAL_SEARCH"
+        const val EXTERNAL_CREDENTIAL_CONFIRMATION_KEY = "EXTERNAL_CREDENTIAL_CONFIRMATION"
     }
 }
diff --git a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialCaptureEvent.kt b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialCaptureEvent.kt
new file mode 100644
index 0000000000..5701decf3f
--- /dev/null
+++ b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialCaptureEvent.kt
@@ -0,0 +1,73 @@
+package com.simprints.infra.events.event.domain.models
+
+import androidx.annotation.Keep
+import com.simprints.core.ExcludedFromGeneratedTestCoverageReports
+import com.simprints.core.domain.tokenization.TokenizableString
+import com.simprints.core.tools.time.Timestamp
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_CAPTURE
+import java.util.UUID
+
+@Keep
+@ExcludedFromGeneratedTestCoverageReports("Data struct")
+data class ExternalCredentialCaptureEvent(
+    override val id: String = UUID.randomUUID().toString(),
+    override val payload: ExternalCredentialCapturePayload,
+    override val type: EventType,
+    override var scopeId: String? = null,
+    override var projectId: String? = null,
+) : Event() {
+    constructor(
+        startTime: Timestamp,
+        endTime: Timestamp,
+        payloadId: String,
+        autoCaptureStartTime: Timestamp,
+        autoCaptureEndTime: Timestamp,
+        ocrErrorCount: Int,
+        capturedTextLength: Int,
+        credentialTextLength: Int,
+        selectionId: String,
+    ) : this(
+        id = UUID.randomUUID().toString(),
+        payload = ExternalCredentialCapturePayload(
+            createdAt = startTime,
+            eventVersion = EVENT_VERSION,
+            id = payloadId,
+            endedAt = endTime,
+            autoCaptureStartTime = autoCaptureStartTime,
+            autoCaptureEndTime = autoCaptureEndTime,
+            ocrErrorCount = ocrErrorCount,
+            capturedTextLength = capturedTextLength,
+            credentialTextLength = credentialTextLength,
+            selectionId = selectionId,
+        ),
+        type = EXTERNAL_CREDENTIAL_CAPTURE,
+    )
+
+    override fun getTokenizableFields(): Map<TokenKeyType, TokenizableString> = emptyMap()
+
+    override fun setTokenizedFields(map: Map<TokenKeyType, TokenizableString>) = this // No tokenized field
+
+    @Keep
+    @ExcludedFromGeneratedTestCoverageReports("Data struct")
+    data class ExternalCredentialCapturePayload(
+        override val createdAt: Timestamp,
+        override val eventVersion: Int,
+        val id: String,
+        val autoCaptureStartTime: Timestamp,
+        val autoCaptureEndTime: Timestamp,
+        val ocrErrorCount: Int,
+        val capturedTextLength: Int,
+        val credentialTextLength: Int,
+        val selectionId: String,
+        override val endedAt: Timestamp? = null,
+        override val type: EventType = EXTERNAL_CREDENTIAL_CAPTURE,
+    ) : EventPayload() {
+        override fun toSafeString(): String = "capture ID: $id, ocrErrors: $ocrErrorCount, captured text length: $capturedTextLength" +
+            "credential length: $credentialTextLength, selection id: $selectionId"
+    }
+
+    companion object {
+        const val EVENT_VERSION = 0
+    }
+}
diff --git a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialCaptureValueEvent.kt b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialCaptureValueEvent.kt
new file mode 100644
index 0000000000..14634e64e0
--- /dev/null
+++ b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialCaptureValueEvent.kt
@@ -0,0 +1,65 @@
+package com.simprints.infra.events.event.domain.models
+
+import androidx.annotation.Keep
+import com.simprints.core.ExcludedFromGeneratedTestCoverageReports
+import com.simprints.core.domain.externalcredential.ExternalCredential
+import com.simprints.core.domain.tokenization.TokenizableString
+import com.simprints.core.tools.time.Timestamp
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_CAPTURE_VALUE
+import java.util.UUID
+
+@Keep
+@ExcludedFromGeneratedTestCoverageReports("Data struct")
+data class ExternalCredentialCaptureValueEvent(
+    override val id: String = UUID.randomUUID().toString(),
+    override val payload: ExternalCredentialCaptureValuePayload,
+    override val type: EventType,
+    override var scopeId: String? = null,
+    override var projectId: String? = null,
+) : Event() {
+    constructor(
+        createdAt: Timestamp,
+        payloadId: String,
+        credential: ExternalCredential,
+    ) : this(
+        id = UUID.randomUUID().toString(),
+        payload = ExternalCredentialCaptureValuePayload(
+            createdAt = createdAt,
+            eventVersion = EVENT_VERSION,
+            id = payloadId,
+            credential = credential,
+        ),
+        type = EXTERNAL_CREDENTIAL_CAPTURE_VALUE,
+    )
+
+    override fun getTokenizableFields(): Map<TokenKeyType, TokenizableString> = mapOf(
+        TokenKeyType.ExternalCredential to payload.credential.value,
+    )
+
+    override fun setTokenizedFields(map: Map<TokenKeyType, TokenizableString>) = this.copy(
+        payload = payload.copy(
+            credential = payload.credential.copy(
+                value = map[TokenKeyType.ExternalCredential] as? TokenizableString.Tokenized
+                    ?: payload.credential.value,
+            ),
+        ),
+    )
+
+    @Keep
+    @ExcludedFromGeneratedTestCoverageReports("Data struct")
+    data class ExternalCredentialCaptureValuePayload(
+        override val createdAt: Timestamp,
+        override val eventVersion: Int,
+        val id: String,
+        val credential: ExternalCredential,
+        override val endedAt: Timestamp? = null,
+        override val type: EventType = EXTERNAL_CREDENTIAL_CAPTURE_VALUE,
+    ) : EventPayload() {
+        override fun toSafeString(): String = "id $id, credential: $credential"
+    }
+
+    companion object {
+        const val EVENT_VERSION = 0
+    }
+}
diff --git a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialConfirmationEvent.kt b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialConfirmationEvent.kt
new file mode 100644
index 0000000000..09b4b0cc97
--- /dev/null
+++ b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialConfirmationEvent.kt
@@ -0,0 +1,59 @@
+package com.simprints.infra.events.event.domain.models
+
+import androidx.annotation.Keep
+import com.simprints.core.domain.tokenization.TokenizableString
+import com.simprints.core.tools.time.Timestamp
+import com.simprints.core.tools.utils.randomUUID
+import com.simprints.infra.config.store.models.TokenKeyType
+
+@Keep
+data class ExternalCredentialConfirmationEvent(
+    override val id: String = randomUUID(),
+    override val payload: ExternalCredentialConfirmationPayload,
+    override val type: EventType,
+    override var scopeId: String? = null,
+    override var projectId: String? = null,
+) : Event() {
+    constructor(
+        createdAt: Timestamp,
+        endedAt: Timestamp,
+        result: ExternalCredentialConfirmationResult,
+        userInteractedWithImage: Boolean? = null,
+    ) : this(
+        id = randomUUID(),
+        payload = ExternalCredentialConfirmationPayload(
+            createdAt = createdAt,
+            endedAt = endedAt,
+            eventVersion = EVENT_VERSION,
+            result = result,
+            userInteractedWithImage = userInteractedWithImage,
+        ),
+        type = EventType.EXTERNAL_CREDENTIAL_CONFIRMATION,
+    )
+
+    @Keep
+    data class ExternalCredentialConfirmationPayload(
+        override val createdAt: Timestamp,
+        override val endedAt: Timestamp? = null,
+        override val eventVersion: Int,
+        val result: ExternalCredentialConfirmationResult,
+        val userInteractedWithImage: Boolean?,
+        override val type: EventType = EventType.EXTERNAL_CREDENTIAL_CONFIRMATION,
+    ) : EventPayload() {
+        override fun toSafeString(): String = "result: $result"
+    }
+
+    @Keep
+    enum class ExternalCredentialConfirmationResult {
+        CONTINUE,
+        RECAPTURE,
+    }
+
+    override fun getTokenizableFields(): Map<TokenKeyType, TokenizableString> = emptyMap()
+
+    override fun setTokenizedFields(map: Map<TokenKeyType, TokenizableString>) = this // No tokenized field
+
+    companion object {
+        const val EVENT_VERSION = 0
+    }
+}
diff --git a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialSearchEvent.kt b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialSearchEvent.kt
new file mode 100644
index 0000000000..f5f30a1130
--- /dev/null
+++ b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialSearchEvent.kt
@@ -0,0 +1,64 @@
+package com.simprints.infra.events.event.domain.models
+
+import androidx.annotation.Keep
+import com.simprints.core.domain.tokenization.TokenizableString
+import com.simprints.core.tools.time.Timestamp
+import com.simprints.core.tools.utils.randomUUID
+import com.simprints.infra.config.store.models.TokenKeyType
+import com.simprints.infra.events.event.domain.models.EventType.EXTERNAL_CREDENTIAL_SEARCH
+
+@Keep
+data class ExternalCredentialSearchEvent(
+    override val id: String = randomUUID(),
+    override val payload: ExternalCredentialSearchPayload,
+    override val type: EventType,
+    override var scopeId: String? = null,
+    override var projectId: String? = null,
+) : Event() {
+    constructor(
+        id: String = randomUUID(),
+        createdAt: Timestamp,
+        endedAt: Timestamp,
+        probeExternalCredentialId: String,
+        candidateIds: List<String>,
+    ) : this(
+        id = id,
+        payload = ExternalCredentialSearchPayload(
+            id = id,
+            createdAt = createdAt,
+            endedAt = endedAt,
+            eventVersion = EVENT_VERSION,
+            probeExternalCredentialId = probeExternalCredentialId,
+            result = ExternalCredentialSearchResult(
+                candidateIds = candidateIds,
+            ),
+        ),
+        type = EXTERNAL_CREDENTIAL_SEARCH,
+    )
+
+    @Keep
+    data class ExternalCredentialSearchPayload(
+        override val createdAt: Timestamp,
+        override val endedAt: Timestamp? = null,
+        override val eventVersion: Int,
+        val id: String,
+        val probeExternalCredentialId: String,
+        val result: ExternalCredentialSearchResult,
+        override val type: EventType = EXTERNAL_CREDENTIAL_SEARCH,
+    ) : EventPayload() {
+        override fun toSafeString(): String = "results: $result, probe ID: $probeExternalCredentialId"
+    }
+
+    @Keep
+    data class ExternalCredentialSearchResult(
+        val candidateIds: List<String>,
+    )
+
+    override fun getTokenizableFields(): Map<TokenKeyType, TokenizableString> = emptyMap()
+
+    override fun setTokenizedFields(map: Map<TokenKeyType, TokenizableString>) = this // No tokenized field
+
+    companion object {
+        const val EVENT_VERSION = 0
+    }
+}
diff --git a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialSelectionEvent.kt b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialSelectionEvent.kt
new file mode 100644
index 0000000000..60e0efa838
--- /dev/null
+++ b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/ExternalCredentialSelectionEvent.kt
@@ -0,0 +1,96 @@
+package com.simprints.infra.events.event.domain.models
+
+import androidx.annotation.Keep
+import com.simprints.core.domain.externalcredential.ExternalCredentialType
+import com.simprints.core.domain.tokenization.TokenizableString
+import com.simprints.core.tools.time.Timestamp
+import com.simprints.core.tools.utils.randomUUID
+import com.simprints.infra.config.store.models.TokenKeyType
+
+@Keep
+data class ExternalCredentialSelectionEvent(
+    override val id: String = randomUUID(),
+    override val payload: ExternalCredentialSelectionPayload,
+    override val type: EventType,
+    override var scopeId: String? = null,
+    override var projectId: String? = null,
+) : Event() {
+    constructor(
+        createdAt: Timestamp,
+        endedAt: Timestamp,
+        credentialType: ExternalCredentialType,
+    ) : this(
+        createdAt = createdAt,
+        endedAt = endedAt,
+        credentialType = credentialType,
+        skipReason = null,
+        skipOther = null,
+    )
+
+    constructor(
+        createdAt: Timestamp,
+        endedAt: Timestamp,
+        skipReason: SkipReason,
+        skipOther: String?,
+    ) : this(
+        createdAt = createdAt,
+        endedAt = endedAt,
+        credentialType = null,
+        skipReason = skipReason,
+        skipOther = skipOther.takeIf { skipReason == SkipReason.OTHER },
+    )
+
+    constructor(
+        id: String = randomUUID(),
+        createdAt: Timestamp,
+        endedAt: Timestamp,
+        credentialType: ExternalCredentialType?,
+        skipReason: SkipReason?,
+        skipOther: String?,
+    ) : this(
+        id = id,
+        payload = ExternalCredentialSelectionPayload(
+            createdAt = createdAt,
+            endedAt = endedAt,
+            eventVersion = EVENT_VERSION,
+            id = id,
+            credentialType = credentialType,
+            skipReason = skipReason,
+            skipOther = skipOther,
+        ),
+        type = EventType.EXTERNAL_CREDENTIAL_SELECTION,
+    )
+
+    @Keep
+    data class ExternalCredentialSelectionPayload(
+        override val createdAt: Timestamp,
+        override val endedAt: Timestamp? = null,
+        override val eventVersion: Int,
+        val id: String,
+        val credentialType: ExternalCredentialType?,
+        val skipReason: SkipReason?,
+        val skipOther: String?,
+        override val type: EventType = EventType.EXTERNAL_CREDENTIAL_SELECTION,
+    ) : EventPayload() {
+        override fun toSafeString(): String = "credentialType: $credentialType, skipReason: $skipReason, skipOther: $skipOther"
+    }
+
+    @Keep
+    enum class SkipReason {
+        DOES_NOT_HAVE_ID,
+        DID_NOT_BRING_ID,
+        BROUGHT_INCORRECT_ID,
+        NO_CONSENT,
+        ID_DAMAGED,
+        UNABLE_TO_SCAN,
+        OTHER,
+    }
+
+    override fun getTokenizableFields(): Map<TokenKeyType, TokenizableString> = emptyMap()
+
+    override fun setTokenizedFields(map: Map<TokenKeyType, TokenizableString>) = this // No tokenized field
+
+    companion object {
+        const val EVENT_VERSION = 0
+    }
+}
diff --git a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/subject/EnrolmentRecordUpdateEvent.kt b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/subject/EnrolmentRecordUpdateEvent.kt
index 34c9196462..af513be965 100644
--- a/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/subject/EnrolmentRecordUpdateEvent.kt
+++ b/infra/events/src/main/java/com/simprints/infra/events/event/domain/models/subject/EnrolmentRecordUpdateEvent.kt
@@ -15,14 +15,14 @@ data class EnrolmentRecordUpdateEvent(
         subjectId: String,
         biometricReferencesAdded: List<BiometricReference>,
         biometricReferencesRemoved: List<String>,
-        externalCredentialAdded: ExternalCredential?,
+        externalCredentialsAdded: List<ExternalCredential>,
     ) : this(
         UUID.randomUUID().toString(),
         EnrolmentRecordUpdatePayload(
             subjectId = subjectId,
             biometricReferencesAdded = biometricReferencesAdded,
             biometricReferencesRemoved = biometricReferencesRemoved,
-            externalCredentialAdded = externalCredentialAdded,
+            externalCredentialsAdded = externalCredentialsAdded,
         ),
     )
 
@@ -31,6 +31,6 @@ data class EnrolmentRecordUpdateEvent(
         val subjectId: String,
         val biometricReferencesAdded: List<BiometricReference>,
         val biometricReferencesRemoved: List<String>,
-        val externalCredentialAdded: ExternalCredential?,
+        val externalCredentialsAdded: List<ExternalCredential>,
     )
 }
diff --git a/infra/events/src/test/java/com/simprints/infra/events/event/domain/models/EnrolmentEventV4Test.kt b/infra/events/src/test/java/com/simprints/infra/events/event/domain/models/EnrolmentEventV4Test.kt
index 15c7bf54be..ac1c2d986c 100644
--- a/infra/events/src/test/java/com/simprints/infra/events/event/domain/models/EnrolmentEventV4Test.kt
+++ b/infra/events/src/test/java/com/simprints/infra/events/event/domain/models/EnrolmentEventV4Test.kt
@@ -3,9 +3,11 @@ package com.simprints.infra.events.event.domain.models
 import com.google.common.truth.Truth.assertThat
 import com.simprints.infra.events.event.domain.models.EventType.ENROLMENT_V4
 import com.simprints.infra.events.sampledata.SampleDefaults.CREATED_AT
+import com.simprints.infra.events.sampledata.SampleDefaults.CREDENTIAL_ID
 import com.simprints.infra.events.sampledata.SampleDefaults.DEFAULT_MODULE_ID
 import com.simprints.infra.events.sampledata.SampleDefaults.DEFAULT_PROJECT_ID
 import com.simprints.infra.events.sampledata.SampleDefaults.DEFAULT_USER_ID
+import com.simprints.infra.events.sampledata.SampleDefaults.EXTERNAL_CREDENTIAL
 import com.simprints.infra.events.sampledata.SampleDefaults.GUID1
 import com.simprints.infra.events.sampledata.SampleDefaults.GUID2
 import org.junit.Test
@@ -20,6 +22,7 @@ class EnrolmentEventV4Test {
             DEFAULT_MODULE_ID,
             DEFAULT_USER_ID,
             listOf(GUID2),
+            listOf(CREDENTIAL_ID),
         )
 
         assertThat(event.id).isNotNull()
diff --git a/infra/events/src/test/java/com/simprints/infra/events/event/domain/models/EventPayloadTest.kt b/infra/events/src/test/java/com/simprints/infra/events/event/domain/models/EventPayloadTest.kt
index 6e1391fc34..ac441a3c13 100644
--- a/infra/events/src/test/java/com/simprints/infra/events/event/domain/models/EventPayloadTest.kt
+++ b/infra/events/src/test/java/com/simprints/infra/events/event/domain/models/EventPayloadTest.kt
@@ -43,6 +43,7 @@ import com.simprints.infra.events.event.domain.models.fingerprint.FingerprintCap
 import com.simprints.infra.events.event.domain.models.fingerprint.FingerprintCaptureEvent
 import com.simprints.infra.events.sampledata.FACE_TEMPLATE_FORMAT
 import com.simprints.infra.events.sampledata.SampleDefaults.CREATED_AT
+import com.simprints.infra.events.sampledata.SampleDefaults.CREDENTIAL_ID
 import com.simprints.infra.events.sampledata.SampleDefaults.DEFAULT_BIOMETRIC_DATA_SOURCE
 import com.simprints.infra.events.sampledata.SampleDefaults.DEFAULT_METADATA
 import com.simprints.infra.events.sampledata.SampleDefaults.DEFAULT_MODULE_ID
@@ -217,6 +218,7 @@ class EventPayloadTest {
             moduleId = DEFAULT_MODULE_ID,
             attendantId = DEFAULT_USER_ID,
             biometricReferenceIds = listOf(GUID1, GUID2),
+            externalCredentialIds = listOf(CREDENTIAL_ID),
         ),
         GuidSelectionEvent(CREATED_AT, GUID1),
         IntentParsingEvent(CREATED_AT, COMMCARE),
diff --git a/infra/events/src/test/java/com/simprints/infra/events/event/local/migrations/EventMigrationTest.kt b/infra/events/src/test/java/com/simprints/infra/events/event/local/migrations/EventMigrationTest.kt
index 8410831378..13f3e1e9f1 100644
--- a/infra/events/src/test/java/com/simprints/infra/events/event/local/migrations/EventMigrationTest.kt
+++ b/infra/events/src/test/java/com/simprints/infra/events/event/local/migrations/EventMigrationTest.kt
@@ -47,7 +47,7 @@ class EventMigrationTest {
             }
             close()
         }
-        val db = helper.runMigrationsAndValidate(TEST_DB, 14, true, *ALL_MIGRATIONS)
+        val db = helper.runMigrationsAndValidate(TEST_DB, 16, true, *ALL_MIGRATIONS)
         db.query("SELECT * FROM $TABLE_NAME").use { cursor ->
             while (cursor.moveToNext()) {
                 val eventJson = cursor.getStringWithColumnName("eventJson")!!
@@ -112,6 +112,7 @@ class EventMigrationTest {
             EventMigration12to13(),
             EventMigration13to14(),
             EventMigration14to15(),
+            EventMigration15to16(),
         )
         val tokenizeSerializationModule = SimpleModule().apply {
             addSerializer(TokenizableString::class.java, TokenizationClassNameSerializer())
diff --git a/infra/events/src/test/java/com/simprints/infra/events/event/local/models/DbEventTest.kt b/infra/events/src/test/java/com/simprints/infra/events/event/local/models/DbEventTest.kt
index e210fda3c2..886e5b7868 100644
--- a/infra/events/src/test/java/com/simprints/infra/events/event/local/models/DbEventTest.kt
+++ b/infra/events/src/test/java/com/simprints/infra/events/event/local/models/DbEventTest.kt
@@ -320,4 +320,44 @@ class DbEventTest {
 
         assertThat(original).isEqualTo(transformed)
     }
+
+    @Test
+    fun convert_ExternalCredentialSelectionEvent() {
+        val original = createExternalCredentialSelectionEvent()
+        val transformed = original.fromDomainToDb().fromDbToDomain()
+
+        assertThat(original).isEqualTo(transformed)
+    }
+
+    @Test
+    fun convert_ExternalCredentialCaptureEvent() {
+        val original = createExternalCredentialCaptureEvent()
+        val transformed = original.fromDomainToDb().fromDbToDomain()
+
+        assertThat(original).isEqualTo(transformed)
+    }
+
+    @Test
+    fun convert_ExternalCredentialCaptureValueEvent() {
+        val original = createExternalCredentialCaptureValueEvent()
+        val transformed = original.fromDomainToDb().fromDbToDomain()
+
+        assertThat(original).isEqualTo(transformed)
+    }
+
+    @Test
+    fun convert_ExternalCredentialSearchEvent() {
+        val original = createExternalCredentialSearchEvent()
+        val transformed = original.fromDomainToDb().fromDbToDomain()
+
+        assertThat(original).isEqualTo(transformed)
+    }
+
+    @Test
+    fun convert_ExternalCredentialConfirmationEvent() {
+        val original = createExternalCredentialConfirmationEvent()
+        val transformed = original.fromDomainToDb().fromDbToDomain()
+
+        assertThat(original).isEqualTo(transformed)
+    }
 }
diff --git a/infra/events/src/test/resources/all-events/enrolment_update_v0.json b/infra/events/src/test/resources/all-events/enrolment_update_v0.json
new file mode 100644
index 0000000000..7be0dc2c77
--- /dev/null
+++ b/infra/events/src/test/resources/all-events/enrolment_update_v0.json
@@ -0,0 +1,14 @@
+{
+  "id": "f9cb378f-eb6d-4c6f-86e8-c1621c7e2ddd",
+  "type": "ENROLMENT_UPDATE",
+  "payload": {
+    "type": "ENROLMENT_UPDATE",
+    "eventVersion": 0,
+    "subjectId": "9aa64aff-46b5-4ab4-90b5-82c0e6d9725f",
+    "createdAt": 1078967890,
+    "endedAt": 0,
+    "externalCredentialIdsToAdd": [
+      "dbc27bdb-cab3-463e-9004-68065e05f812"
+    ]
+  }
+}
diff --git a/infra/events/src/test/resources/all-events/enrolment_v4.json b/infra/events/src/test/resources/all-events/enrolment_v4.json
index d4b3824cf1..976b1a39ee 100644
--- a/infra/events/src/test/resources/all-events/enrolment_v4.json
+++ b/infra/events/src/test/resources/all-events/enrolment_v4.json
@@ -23,6 +23,9 @@
     },
     "biometricReferenceIds": [
       "94828488-47ce-4c76-8ace-33d69b2a6d75"
+    ],
+    "externalCredentialIds": [
+      "dbc27bdb-cab3-463e-9004-68065e05f812"
     ]
   }
 }
diff --git a/infra/events/src/test/resources/all-events/external_credential_capture_v0.json b/infra/events/src/test/resources/all-events/external_credential_capture_v0.json
new file mode 100644
index 0000000000..f976af861e
--- /dev/null
+++ b/infra/events/src/test/resources/all-events/external_credential_capture_v0.json
@@ -0,0 +1,27 @@
+{
+  "id": "f9cb378f-eb6d-4c6f-86e8-c1621c7e2d12",
+  "type": "EXTERNAL_CREDENTIAL_CAPTURE",
+  "payload": {
+    "type": "EXTERNAL_CREDENTIAL_CAPTURE",
+    "id": "dbc27bdb-cab3-463e-9004-68065e05f8ab",
+    "createdAt": 178967890,
+    "autoCaptureStartTime": {
+      "ms": 178967890,
+      "isTrustworthy": false,
+      "msSinceBoot": null
+    },
+    "autoCaptureEndTime": {
+      "ms": 178967891,
+      "isTrustworthy": false,
+      "msSinceBoot": null
+    },
+    "endedAt": 178967891,
+    "ocrErrorCount": 0,
+    "capturedTextLength": 0,
+    "credentialTextLength": 0,
+    "selectionId": "dbc27bdb-cab3-463e-9004-68065e05f8ec",
+    "externalCredentialIdsToAdd": [
+      "dbc27bdb-cab3-463e-9004-68065e05f812"
+    ]
+  }
+}
diff --git a/infra/events/src/test/resources/all-events/external_credential_capture_value_v0.json b/infra/events/src/test/resources/all-events/external_credential_capture_value_v0.json
new file mode 100644
index 0000000000..4ebb8bf667
--- /dev/null
+++ b/infra/events/src/test/resources/all-events/external_credential_capture_value_v0.json
@@ -0,0 +1,19 @@
+{
+  "id": "f9cb378f-eb6d-4c6f-86e8-c1621c7e2d34",
+  "type": "EXTERNAL_CREDENTIAL_CAPTURE_VALUE",
+  "payload": {
+    "type": "EXTERNAL_CREDENTIAL_CAPTURE_VALUE",
+    "id": "dbc27bdb-cab3-463e-9004-68065e05f8ec",
+    "createdAt": 1078967890,
+    "endedAt": 0,
+    "credential": {
+      "id": "dbc27bdb-cab3-463e-9004-68065e05f812",
+      "value": {
+        "className": "TokenizableString.Tokenized",
+        "value": "value"
+      },
+      "subjectId": "9aa64aff-46b5-4ab4-90b5-82c0e6d9725f",
+      "type": "NHISCard"
+    }
+  }
+}
diff --git a/infra/events/src/test/resources/all-events/external_credential_confirmation_v0.json b/infra/events/src/test/resources/all-events/external_credential_confirmation_v0.json
new file mode 100644
index 0000000000..812e515b67
--- /dev/null
+++ b/infra/events/src/test/resources/all-events/external_credential_confirmation_v0.json
@@ -0,0 +1,12 @@
+{
+  "id": "0c78469d-15fe-4a65-8e0c-698f996ed115",
+  "type": "EXTERNAL_CREDENTIAL_CONFIRMATION",
+  "payload": {
+    "type": "EXTERNAL_CREDENTIAL_CONFIRMATION",
+    "id": "dbc27bdb-cab3-463e-9004-68065e05f8ab",
+    "createdAt": 178967890,
+    "endedAt": 178967891,
+    "result": "CONTINUE",
+    "userInteractedWithImage": true
+  }
+}
diff --git a/infra/events/src/test/resources/all-events/external_credential_search_v0.json b/infra/events/src/test/resources/all-events/external_credential_search_v0.json
new file mode 100644
index 0000000000..62e22f9f24
--- /dev/null
+++ b/infra/events/src/test/resources/all-events/external_credential_search_v0.json
@@ -0,0 +1,17 @@
+{
+  "id": "18baadd9-e67f-44af-bc04-de3279591f1f",
+  "type": "EXTERNAL_CREDENTIAL_SEARCH",
+  "payload": {
+    "type": "EXTERNAL_CREDENTIAL_SEARCH",
+    "id": "dbc27bdb-cab3-463e-9004-68065e05f8ab",
+    "createdAt": 178967890,
+    "endedAt": 178967891,
+    "result": {
+      "candidateIds": [
+        "c12345a9-4b6d-4a3f-bb5c-82f7f9a6d2c1",
+        "a98765c2-1234-4ef8-9abc-3e8a5f1b2e77"
+      ]
+    },
+    "probeExternalCredentialId": "e1f5c9d7-3a6b-47c9-bd6a-8f1c2e4a5b33"
+  }
+}
diff --git a/infra/events/src/test/resources/all-events/external_credential_selection_v0.json b/infra/events/src/test/resources/all-events/external_credential_selection_v0.json
new file mode 100644
index 0000000000..bda4c2715a
--- /dev/null
+++ b/infra/events/src/test/resources/all-events/external_credential_selection_v0.json
@@ -0,0 +1,21 @@
+{
+  "id": "2aae55d8-e679-49bb-99d4-53c13792a31c",
+  "type": "EXTERNAL_CREDENTIAL_SELECTION",
+  "payload": {
+    "type": "EXTERNAL_CREDENTIAL_SELECTION",
+    "id": "2aae55d8-e679-49bb-99d4-53c13792a31c",
+    "createdAt": 178967890,
+    "autoCaptureStartTime": {
+      "ms": 178967890,
+      "isTrustworthy": false,
+      "msSinceBoot": null
+    },
+    "autoCaptureEndTime": {
+      "ms": 178967891,
+      "isTrustworthy": false,
+      "msSinceBoot": null
+    },
+    "endedAt": 178967891,
+    "skipReason": "NO_CONSENT"
+  }
+}
diff --git a/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/ActionResponse.kt b/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/ActionResponse.kt
index e7f26b3910..cbb24033ad 100644
--- a/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/ActionResponse.kt
+++ b/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/ActionResponse.kt
@@ -1,8 +1,8 @@
 package com.simprints.infra.orchestration.data
 
 import com.simprints.core.ExcludedFromGeneratedTestCoverageReports
-import com.simprints.core.domain.externalcredential.ExternalCredential
 import com.simprints.core.domain.response.AppErrorReason
+import com.simprints.infra.orchestration.data.responses.AppExternalCredential
 import com.simprints.infra.orchestration.data.responses.AppMatchResult
 
 @ExcludedFromGeneratedTestCoverageReports("Data struct")
@@ -16,7 +16,7 @@ sealed class ActionResponse(
         override val sessionId: String,
         val enrolledGuid: String,
         val subjectActions: String?,
-        val externalCredential: ExternalCredential?,
+        val externalCredential: AppExternalCredential?,
     ) : ActionResponse(actionIdentifier, sessionId)
 
     @ExcludedFromGeneratedTestCoverageReports("Data struct")
@@ -24,6 +24,7 @@ sealed class ActionResponse(
         override val actionIdentifier: ActionRequestIdentifier,
         override val sessionId: String,
         val identifications: List<AppMatchResult>,
+        val isMultiFactorIdEnabled: Boolean,
     ) : ActionResponse(actionIdentifier, sessionId)
 
     @ExcludedFromGeneratedTestCoverageReports("Data struct")
@@ -31,7 +32,7 @@ sealed class ActionResponse(
         override val actionIdentifier: ActionRequestIdentifier,
         override val sessionId: String,
         val confirmed: Boolean,
-        val externalCredential: ExternalCredential?,
+        val externalCredential: AppExternalCredential?,
     ) : ActionResponse(actionIdentifier, sessionId)
 
     @ExcludedFromGeneratedTestCoverageReports("Data struct")
diff --git a/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/responses/AppExternalCredential.kt b/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/responses/AppExternalCredential.kt
new file mode 100644
index 0000000000..532a536dd4
--- /dev/null
+++ b/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/responses/AppExternalCredential.kt
@@ -0,0 +1,15 @@
+package com.simprints.infra.orchestration.data.responses
+
+import androidx.annotation.Keep
+import com.simprints.core.ExcludedFromGeneratedTestCoverageReports
+import com.simprints.core.domain.externalcredential.ExternalCredentialType
+import com.simprints.core.domain.tokenization.TokenizableString
+import java.io.Serializable
+
+@Keep
+@ExcludedFromGeneratedTestCoverageReports("Data class")
+data class AppExternalCredential(
+    val id: String,
+    val value: TokenizableString.Raw,
+    val type: ExternalCredentialType,
+) : Serializable
diff --git a/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/responses/AppIdentifyResponse.kt b/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/responses/AppIdentifyResponse.kt
index a9f348697e..6b22f9f81a 100644
--- a/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/responses/AppIdentifyResponse.kt
+++ b/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/responses/AppIdentifyResponse.kt
@@ -10,4 +10,5 @@ import kotlinx.parcelize.Parcelize
 data class AppIdentifyResponse(
     val identifications: List<AppMatchResult>,
     val sessionId: String,
+    val isMultiFactorIdEnabled: Boolean,
 ) : AppResponse()
diff --git a/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/responses/AppMatchResult.kt b/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/responses/AppMatchResult.kt
index f88f5bc87f..76fade9547 100644
--- a/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/responses/AppMatchResult.kt
+++ b/infra/orchestrator-data/src/main/java/com/simprints/infra/orchestration/data/responses/AppMatchResult.kt
@@ -14,6 +14,8 @@ data class AppMatchResult(
     val confidenceScore: Int,
     val matchConfidence: AppMatchConfidence,
     val verificationSuccess: Boolean? = null,
+    val isLinkedToScannedCredential: Boolean? = null,
+    val isCredentialVerified: Boolean? = null,
 ) : Parcelable {
     // Temporarily using match confidence as a proxy for tiers.
     val tier: AppResponseTier
@@ -28,12 +30,19 @@ data class AppMatchResult(
         guid: String,
         confidenceScore: Float,
         decisionPolicy: DecisionPolicy,
+        isCredentialMatch: Boolean,
         verificationMatchThreshold: Float? = null,
     ) : this(
         guid = guid,
         confidenceScore = confidenceScore.toInt(),
         matchConfidence = computeMatchConfidence(confidenceScore.toInt(), decisionPolicy),
         verificationSuccess = computeVerificationSuccess(confidenceScore.toInt(), verificationMatchThreshold),
+        isLinkedToScannedCredential = isCredentialMatch,
+        isCredentialVerified = if (isCredentialMatch) {
+            computeVerificationSuccess(confidenceScore.toInt(), verificationMatchThreshold)
+        } else {
+            null
+        },
     )
 
     companion object {
diff --git a/infra/orchestrator-data/src/test/java/com/simprints/infra/orchestration/data/responses/AppMatchResultTest.kt b/infra/orchestrator-data/src/test/java/com/simprints/infra/orchestration/data/responses/AppMatchResultTest.kt
index 3e59185383..12bf961d1e 100644
--- a/infra/orchestrator-data/src/test/java/com/simprints/infra/orchestration/data/responses/AppMatchResultTest.kt
+++ b/infra/orchestrator-data/src/test/java/com/simprints/infra/orchestration/data/responses/AppMatchResultTest.kt
@@ -14,12 +14,14 @@ class AppMatchResultTest {
                 guid = "guid",
                 confidenceScore = 25.0f,
                 decisionPolicy = DecisionPolicy(low = 10, medium = 20, high = 30),
+                isCredentialMatch = false,
             ),
         ).isEqualTo(
             AppMatchResult(
                 guid = "guid",
                 confidenceScore = 25,
                 matchConfidence = AppMatchConfidence.MEDIUM,
+                isLinkedToScannedCredential = false,
             ),
         )
     }
@@ -44,6 +46,7 @@ class AppMatchResultTest {
                     guid = "guid",
                     confidenceScore = score,
                     decisionPolicy = DecisionPolicy(low = 20, medium = 40, high = 60),
+                    isCredentialMatch = false,
                 ).tier,
             ).isEqualTo(expected)
         }