Adyen's verification through bank report service uses Adyen's Open Banking Gateway to retrieve bank account reports from third-party banks.
For example, you consider hiring an unregistered user on a contract-basis for services, such as food-delivery or as a courier. You want to make sure the person is who they say they are before you enter into an agreement with them for their services.
You can verify users through Account Information Service Providers (AISPs) such as Plaid or Tink. The user can authorize their bank to share a bank account verification report with you, providing know your customer (KYC) verification quickly and securely.
Requirements
You need the following role, which your Adyen contact can set up for you:
- Role for OpenBanking account verification use case - EXTERNAL
In addition to this role, you need to provide Adyen the following information to configure and display your company name and logo within the widget when you hand over control to Adyen's Open Banking Gateway.
| Information | Required? | Shown to users? |
|---|---|---|
| Company name | Yes | No |
| Logo | No, but recommended | Yes |
| Application name | Yes | Yes |
| Legal entity name | Yes | No |
| Website | Yes | No |
| Address | Yes | No |
How it works
When you want to verify a user through a redirect, use the following flow.
- Make a call to the Routes generation endpoint to receive a list of account verification routes. You can use these routes to receive a report token to exchange for a bank account report. Reference this bank account report to verify the identity of your user.
The routes generation endpoint dynamically compiles and returns a list of the best AISPs available for account verification based on the location of the bank where the user (the external account holder) is registered, and the redirect URL where you want to receive the report token. - Redirect the user to the AISP's bank selection and authentication/authorization flow. After the user completes the authentication flow and authorizes their bank to generate and share a report, the merchant receives a report token (or error info) at the redirect URL the merchant specified in the routes generation request.
- Use the report token to call the verification report endpoint. This call retrieves a report containing information about the account holder and account number (ACH, EFT, IBAN) the user has agreed to share with the merchant.
Generate a list of routes
Make a POST /routes call specifying these request parameters:
| Parameter | Description |
|---|---|
country |
The location where the customer's bank account is registered. Adyen uses this information to determine the best provider for the given location, and to configure the open banking flow for that respective location. |
locale |
The language to configure for the verification flow user interface. This information is used to configure the open banking flow with the same language for a seamless customer experience. |
state |
Optional value to identify the request in callback handling. You can generate this value on a per-session basis to protect the callback against Cross-Site Request Forgery (CSRF) attacks. This value will be stored in external systems, so make sure that you avoid exposing any sensitive information in a plain-text format. |
redirectUrl |
The URL where Adyen should redirect the user when the open banking flow finishes. Adyen's Open Banking Gateway returns a report token as a parameter in the URL response. You can use this token when making a call to the Verification Report endpoint to fetch the bank account report for the user. |
| Parameter | Description |
|---|---|
provider |
Metadata about the selected provider. You can use this information to inform the user about the provider they will be redirected to when they click the link. |
link |
The redirection link. You can use this link to redirect the user to the open banking flow when the user clicks it. |
Redirect user and handle the result
The Adyen Open Banking Gateway endpoints handle the outgoing and incoming communications to and from the AISP. The account holder opens the route link, the gateway then handles the outgoing communication to route the user to the account verification flow at the external financial institution.
When the verification flow at the external financial institution is finished, the gateway handles the redirection from the external financial institution to redirect the user back to the redirectUrl provided in the routes generation request.
The gateway includes a report token as a query parameter (Redirection Successful Callback). You can use this token to download the report from the gateway reports endpoint. In cases where there are errors, the user is redirected to the redirectUrl with the error information in query parameters (Redirection Error Callback).
Redirection successful callback
| Parameter | Description |
|---|---|
code |
The report token that can be used to download the verification report in the gateway Verification Report API. |
state |
The state provided in the routes generation request. |
type |
The event type, success in the case of a successful callback. |
Redirection error callback
| Parameter | Description |
|---|---|
error_code |
The error code associated with the failed redirection request callback. |
error_message |
The error message associated with the failed redirection request callback. |
state |
The state provided in the routes generation request. |
type |
The event type, error in the case of a unsuccessful callback. |
Here's a list of error codes and corresponding error messages you can receive from Adyen's Open Banking Gateway. Depending on the context of the error code and message, you choose how to handle the error and present options to your user.
error_code |
error_message |
|---|---|
USER_CANCELED |
The user canceled the authorization process |
CONNECTION_ERROR |
An error occurred during the authentication process with the bank |
PROVIDER_INTERNAL_ERROR |
The provider has responded with an internal error |
PROVIDER_UNKNOWN_ERROR |
The provider has responded with an unknown error |
View the verification report
To download the verification report for a user, make a GET reports/{reportToken} call to the verification report endpoint. When making the call, pass the report token code you received as a result of a successful callback to the open banking flow.
| Parameter | Description |
|---|---|
reportToken |
The token you receive as a result of a successful open banking flow. The reportToken is the code query parameter in the redirection successful callback. |
The response returns the report resource, identified by its unique id. You also receive the country where the report was generated, and the accounts that were verified through the open banking authorization flow.
| Parameter | Description |
|---|---|
id |
The unique identifier of the report. |
country |
The location where the report was generated. |
accounts |
The list of verified accounts for the user. The accounts array allows for use-cases where the user can select more than one account to verify. When the user can only select one account, the list will return that account. |
SDK for Adyen Open Banking
The Adyen SDK for Open Banking can be used with Javascript to initiate the authorization flow to allow an Open Banking partner to generate a bank account verification report.
The SDK model uses an npm package which has two callbacks, success or error, with the same information Adyen shares in the redirect model.
To use the Adyen OpenBankingSDK:
- Install the Adyen OpenBankingSDK.
npm install @adyen/openbankingsdk --save
- Import the package.
import OpenBankingSDK from '@adyen/openbankingsdk';
- Create a div in your javascript implementation's Document Object Model (DOM).
<div id="open-banking-container"></div>
- Open the link using the library.
const openBanking = OpenBankingSDK.create({
divElement: document.getElement("open-banking-container"),
link: url,
successHandler: (code, state) => {
},
errorHandler: (errorCode, errorMessage, state) => {
},
});
openBanking.open();- After you receive the result, close the library by destroying the open banking instance.
openBanking.destroy();