Introducing SEPA transfers​

We are excited to announce the launch of SEPA transfers - for both Consumers and Corporates. You can now extend your product capabilities to enable your customers to both receive funds from 3rd parties, as well as send funds to 3rd party bank accounts in the SEPA region.

The “Outgoing Wire Transfers” API endpoints have been updated to include Strong Customer Authentication (SCA) regulatory requirements. If an outgoing wire transfer needs to be verified via SCA, the transaction’s state will be updated to PENDING_CHALLENGE.

When this occurs, you will need to initiate an SCA challenge with the logged in user using the multi/outgoing_wire_transfers/\{id\}/challenges/otp/\{channel\} API endpoint.

Please note that before users can verify outgoing wire transfers, they must have enrolled their mobile device for strong customer authentication.

Affected APIs:

• POST /multi/outgoing_wire_transfers
• POST /multi/outgoing_wire_transfers/\{id\}/challenges/otp/\{channel\}
• POST /multi/outgoing_wire_transfers/\{id\}/challenges/otp/\{channel\}/verify
• POST /multi/authentication_factors
• POST /multi/authentication_factors/otp/\{channel\}
• POST /multi/authentication_factors/otp/\{channel\}/verify

Deprecated APIs:

• POST /multi/corporates/verification/mobile/send
• POST /multi/corporates/verification/mobile/verify
• POST /multi/consumers/verification/mobile/send
• POST /multi/consumers/verification/mobile/verify

New optional mobile number field for authorised users​

You can now store the mobile number associated with a user. The mobile number is required if you are onboarding your users for strong customer authentication using one time passwords sent over SMS text messages.

Affected APIs:

• GET /multi/users
• POST /multi/users
• GET /multi/users/\{user_id\}
• PATCH /multi/users/\{user_id\}

Added support for more Corporate company types​

Different company types require different KYB processes to get approved. KYB flows have been added for PUBLIC_LIMITED_COMPANY, LIMITED_LIABILITY_PARTNERSHIP and NON_PROFIT_ORGANISATION. Now you can onboard these types of companies via the API.

Affected APIs:

• POST /multi/corporates
• GET /multi/corporates
• PATCH /multi/corporates

Improved handling for locked user credentials​

User credentials can be temporarily locked due to consecutive failed login attempts. If a user credentials becomes locked, the login API endpoint will now start returning HTTP error code 403 - Locked.

Affected endpoint:

• POST /multi/login_with_password

New feature to reset the contactless limit of wearable physical cards​

From time to time, customers using wearable physical cards, are required to input their PIN to confirm point of sale transactions. To eliminate the need to have to input their PIN, they can reset the contactless limit associated with their wearable device.

You can enable your customers to reset their contactless limit for their wearable physical cards via a new API.

Affected APIs:

• POST /multi/managed_cards/\{id\}/physical/contactless_limit/reset

New optional date of birth field for users​

We added a new optional dateOfBirth field to authorised users and corporate root users. This field is only required if you are onboarding teenagers onto your product.

Affected endpoints are:

• POST /multi/users
• PATCH /multi/users/\{id\}
• GET /multi/users
• GET /multi/users/\{id\}
• POST /multi/corporates
• PATCH /multi/corporates/\{id\}
• GET /multi/corporates
• GET /multi/corporates{id\}

Updated the validation for the source instrument of an outgoing wire transfer​

The sourceInstrument.id and sourceInstrument.type properties are new both required when submitting an outgoing wire transfer

Affected APIs:

• GET /multi/outgoing_wire_transfers
• GET /multi/outgoing_wire_transfers/\{id\}
• POST /multi/outgoing_wire_transfers

New error code when submitting an outgoing wire transfer with a destroyed source instrument​

The source instrument of an outgoing wire transfer must be active to execute the transaction. If the instrument is destroyed the API will return a 409 - Conflict error with error code SOURCE_INSTRUMENT_DESTROYED.

Affected APIs:

• POST /multi/outgoing_wire_transfers