Skip to main content

Beneficiaries Overview

Create and manage a list of beneficiaries for your customers.

A beneficiary includes both information about the business or individual as well as their bank account or instrument details used to make payments to.

When using beneficiaries, your customers may be allowed to skip Strong Customer Authentication when executing Outgoing Wire Transfer or Send transactions, thus reducing the number of approval steps required.

Create Beneficiaries

To create a beneficiary for an identity, an end-user belonging to the identity must be logged in. You will require your API key and an active end-user authentication token to create a beneficiary. Read more about authentication in the authentication guide.

trust level

We currently only support TRUSTED beneficiaries. Creating beneficiaries that are still not trusted beneficiaries will be supported in the future.

trusted beneficiaries

Setting the trustLevel of a beneficiary to TRUSTED will enable the end-user to skip Secure Customer Authentication for transactions to that beneficiary.

info

Beneficiaries belong to the identity managing them and cannot be shared with other identities.

Verify Beneficiaries

Before the submitted beneficiaries can be added to the list, the logged-in user must verify the details by completing a challenge.

tip

A challenge is required when removing beneficiaries from the list as well.

Send a Challenge

You can trigger the beneficiaries verification process by calling the beneficiaries' challenge API. The user will be requested to perform a two-factor authentication based on the channel provided in the request.

You can check your enabled authentication channels for beneficiaries via the Innovator Portal by navigating to Identities Profile → Authentication tab → Payment Verification.

info

Currently, we support SMS and AUTHY as possible authentication channels. More authentication channels will be added in the future.

You can start an SCA challenge via SMS by requesting the One Time Password API endpoint. A text message containing a OTP code will be sent to the logged-in end-users' registered mobile phone.

Alternatively, you can use Twilio AUTHY to send a push notification on the user's mobile phone.

Complete the Challenge

If SMS was the selected channel, then you must build a page in your application where the user can enter the verification code that they received in the text message which you will need to submit to via the challenge verify API.

In case of Twilio AUTHY, the user must approve the push notification submitted on their mobile phone. You will receive a webhook notification once the user approves or rejects the push notification.

Once confirmed, the beneficiaries will be automatically added to the identity's beneficiary list. You will receive a webhook for the batch of beneficiaries that will include all the beneficiaries in the list with its outcome.

Remove Beneficiaries

To remove a beneficiary for an identity, an end-user belonging to the identity must be logged in. You will require your API key and an active end-user authentication token to remove a beneficiary. Read more about authentication in the authentication guide.

SCA is required to remove beneficiaries

The logged-in user must complete an SCA challenge to remove beneficiaries.

Using Beneficiaries with Transactions

When submitting Outgoing Wire Transfer or Send transactions, your customers can choose to provide a beneficiary instead of the destination instrument details. This can be done by providing a beneficiaryId in the destination parameter.

If the Send or Outgoing Wire Transfer was eligible to skip Strong Customer Authentication because the destination instrument is a trusted beneficiary, then it will be executed automatically and the challengeExemptionReason will be set to TRUSTED_BENEFICIARY.