Skip to main content

Link an Account

Enable your customers to link their bank accounts via Open Banking or manually using the Link Account UI Component. Link accounts are required to fund payments within a payment run.

Pre-requisites

To link an account, you will need:

  • To complete the buyer's onboarding
  • A logged-in user with the Controller role
  • For Open Banking configure the Open Banking redirect URL in the portal via Settings > Application Details
Embed the Link Account UI Component

Follow the Link Account Component integration guide to learn how to embed this UI component within your product.

The Link Account UI component will request the user to select their bank. Once selected, the user will be shown the consent request for Weavr to access their bank account information. If the user clicks on Cancel the component will trigger a decline event which should be handled by the application.

To confirm the consent, the user will be redirected to their Bank's portal to approve the consent request. In the Banking portal, the bank will ask them to authenticate themselves and will confirm the bank account to be shared.

Open Banking redirect URL

For the UI component to work, you must configure the Open Banking redirect URL in the portal. This URL will be used to redirect the user back to your product once they completed the funding process.

If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent the component will trigger a decline event which should be handled by the application.

Open Banking

With Weavr's solution, you are not required to become a Third Party Provider (TPP) or an Agent of a TPP. Instead you can use our UI components to embed the Open Banking flows in your product.

Declaration of Ownership via SCA Challenge

When adding a Linked Account via Open Banking, it is critical to confirm that the registered account belongs to the Identity attempting to link it where the state of the linked account will be set to PENDING_CHALLENGE. Upon initiating the Linked Account UI Component, the user with the Controller role of the Identity must complete an SCA challenge to declare ownership of the Linked Account.

An open banking consent in the UK is granted for up to 90 days while a consent in the EEA is granted for up to 180 days, after which, users are required to extend their consent to continue using the associated Linked Account.

To extend an open banking consent, you will need to embed the Link Account UI Component in your application while also specifying the linkedAccountId , callbackUrl and state parameters of the Linked Account that you want to extend the consent to.

Once consent is extended, Weavr will refresh the date and time of the consent and your end-user will be able to access the Linked Account for a further 90 / 180 days.

For further details, follow the Extend Open Banking consent examples here.

tip

Open Banking consents can be extended at any point during or after the 90 / 180 days window.

  • In the UK, when extending the linked account consent before the 90 days pass, the user will be shown a consent renewal request screen for Weavr to continue accessing their bank account information. If the user confirms the consent, the UI Component will trigger an accept event.

If the user clicks on Cancel the component will trigger a decline event which should be handled by the application.

If the user gave their consent more than 90 days ago, the consent would be set to EXPIRED. At this point the consent can still be extended, however the user will be shown an expired consent screen. To renew the consent, the user will be redirected to their Bank's portal to approve the consent request. In the Banking portal, the bank will ask them to authenticate and re-confirm the bank account to be shared.

If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent the component will trigger a decline event which should be handled by your application.

  • In the EEA, when extending the Open Banking linked account consent before the 180 days pass, the user will be shown a consent renewal request screen for Weavr to continue accessing their bank account information. If the user confirms the consent, the user will have to be redirected to their Bank's portal to approve the consent request. In the Banking portal, the bank will ask them to authenticate and re-confirm the bank account to be shared.

If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent the component will trigger a decline event which should be handled by your application.

If the user gave their consent more than 180 days ago, the consent would be set to EXPIRED. At this point the consent can still be extended, however the user will be shown an expired consent screen. To renew the consent, the user will still be redirected to their Bank's portal to approve the consent request. In the Banking portal, the bank will ask them to authenticate and re-confirm the bank account to be shared.

If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent the component will trigger a decline event which should be handled by your application.

Roles & Permissions

A consent can be refreshed by a user who has the Controller role. Learn more about the different roles in our guide.

Users can manually link a bank account through the Link Account UI Component by selecting the "Can't find your bank?" option. This action directs users to a new screen where they must provide essential bank account details, as follows:

  • Business Account Name: The registered owner’s name of the account at the external bank or PSP. This should match the name on the external account to ensure successful linkage and compliance with verification steps.
  • Bank Name: The name of the bank.
  • Bank Country: The country in which the bank or financial institution holding the account is located. This is essential for regulatory and compliance purposes.
  • Account Information: The IBAN or the combination of the Account Number and Sort Code of the account at the external bank or PSP. This uniquely identifies the account within the financial institution and is necessary for processing transactions.
note

If the user clicks on Cancel at this stage, the linked account will not be added.

Declaration of Ownership via SCA Challenge

Once the user successfully entered the details, it is critical that the registered account belongs to the Identity attempting to link it therefore the user will need to click on "Continue" where he will need to perform an SCA. Once the SCA Challenge is completed, the last step will be to initiate a bank transfer.

note

If the user clicks on Cancel the component will trigger a decline event which should be handled by the application.

Control Check Through a Test Funding Transaction

After successfully completing the SCA process, user must demonstrate control over the external account by performing a test funding transaction. The UI component will redirect the user to the final screen, displaying the following details:

  • Amount to be sent
  • Account number
  • Sort Code
  • Reference Code
Important

This step is critical to verify that the registered identity controls the account. It is essential that users include the reference code in the funding transaction. Failure to complete the test funding transaction will result in the linked account remaining in the PENDING_FUNDING state.

simulator to test on Sandbox

To assist you with testing the funding test transaction, we have created a new simulator accessible via our API here.

Internal Checks by Weavr

A name verification check will be automatically triggered by the Weavr platform and, when necessary, flagged for review by the Weavr Compliance team. This ensures that the name of the Linked Account holder matches the Identity registered with Weavr. The internal checks are required as another layer in the verification process to verify that the Linked Account belongs to the same person or business entity as the Managed Account. The state of the linked account is set to PENDING_VERIFICATION until checks are completed.

Weavr Compliance verification checks

When the Weavr Compliance team has completed the required internal verification checks, the state of the linked account will be either LINKED or REJECTED.

Your customers can unlink an account and stop using it to fund a payment run. Payment runs that were initiated and successfully completed using the unlinked account will not be affected.

Unlinking an account will automatically revoke the consent of the linked account, this means that if your customer will want to use the unlinked bank account again, they will have to link the bank account again.

Retrieve account information

To retrieve account(s) information you can use the below endpoint:

  • The status, indicates if the linked account is linked or unlinked
  • The accountIdentification indicates the bank details of the linked account.
    • FasterPaymentsBankDetails if linked account is of GBP currency or SepaBankDetails if linked account is of EUR currency
  • The institution details of the linked account
  • The consent that shows the status of the linked account and the expiresAt and expiresIn
note

If the consent has expired the expiresAt will contain a value of '0' and the expiresIn will contain the date in the past of the consent expired.

Linked Account information in the portal

More information relating to the buyers' linked accounts can be found in your Portal.

Linked account update event

This webhook notification is triggered whenever there is an update on the linked account.