Link an Account
Enable your customers to link their bank accounts via Open Banking or manually using the Link Account UI Component. Link accounts are required to fund payments within a payment run.
To link an account, you will need:
- To complete the buyer's onboarding
- A logged-in user with the Controller role
- For Open Banking configure the Open Banking redirect URL in the portal via Settings > Application Details
Follow the Link Account Component integration guide to learn how to embed this UI component within your product.
Link an Account via Open Banking
The Link Account UI component will request the user to select their bank. Once selected, the user will be shown the consent request for Weavr to access their bank account information. If the user clicks on Cancel
the component will trigger a decline
event which should be handled by the application.
To confirm the consent, the user will be redirected to their Bank's portal to approve the consent request. In the Banking portal, the bank will ask them to authenticate themselves and will confirm the bank account to be shared.
For the UI component to work, you must configure the Open Banking redirect URL in the portal. This URL will be used to redirect the user back to your product once they completed the funding process.
If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent
the component will trigger a decline
event which should be handled by the application.
With Weavr's solution, you are not required to become a Third Party Provider (TPP) or an Agent of a TPP. Instead you can use our UI components to embed the Open Banking flows in your product.
Declaration of Ownership via SCA Challenge
When adding a Linked Account via Open Banking, it is critical to confirm that the registered account belongs to the Identity attempting to link it where the state of the linked account will be set to PENDING_CHALLENGE
. Upon initiating the Linked Account UI Component, the user with the Controller role of the Identity must complete an SCA challenge to declare ownership of the Linked Account.
Extend an Open Banking consent
An open banking consent in the UK is granted for up to 90 days while a consent in the EEA is granted for up to 180 days, after which, users are required to extend their consent to continue using the associated Linked Account.
To extend an open banking consent, you will need to embed the Link Account UI Component in your application while also specifying the linkedAccountId
, callbackUrl
and state
parameters of the Linked Account that you want to extend the consent to.
Once consent is extended, Weavr will refresh the date and time of the consent and your end-user will be able to access the Linked Account for a further 90 / 180 days.
For further details, follow the Extend Open Banking consent examples here.
Open Banking consents can be extended at any point during or after the 90 / 180 days window.
UK - Extending an open banking Linked account consent
-
Extending an linked account consent before the 90 days pass
In the UK, when extending the linked account consent before the 90 days pass, the user will be shown a consent renewal request screen for Weavr to continue accessing their bank account information. If the user confirms the consent, the UI Component will trigger anaccept
event.
If the user clicks on Cancel
the component will trigger a decline
event which should be handled by the application.
-
Extending an linked account consent after the 90 days pass
If the user gave their consent more than 90 days ago, the consent would be set to EXPIRED
. At this point the consent can still be extended, however the user will be shown an expired consent screen. To renew the consent, the user will be redirected to their Bank's portal to approve the consent request. In the Banking portal, the bank will ask them to authenticate and re-confirm the bank account to be shared.
If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent
the component will trigger a decline
event which should be handled by your application.
EEA - Extending an Open Banking Linked account consent
-
Extending a linked account consent before the 180 days pass
In the EEA, when extending the Open Banking linked account consent before the 180 days pass, the user will be shown a consent renewal request screen for Weavr to continue accessing their bank account information. If the user confirms the consent, the user will have to be redirected to their Bank's portal to approve the consent request. In the Banking portal, the bank will ask them to authenticate and re-confirm the bank account to be shared.
If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent
the component will trigger a decline
event which should be handled by your application.
-
Extending an linked account consent after the 180 days pass
If the user gave their consent more than 180 days ago, the consent would be set to EXPIRED
. At this point the consent can still be extended, however the user will be shown an expired consent screen. To renew the consent, the user will still be redirected to their Bank's portal to approve the consent request. In the Banking portal, the bank will ask them to authenticate and re-confirm the bank account to be shared.
If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent
the component will trigger a decline
event which should be handled by your application.
A consent can be refreshed by a user who has the Controller
role. Learn more about the different roles in our guide.
Link an Account Manually
Users can manually link a bank account through the Link Account UI Component by selecting the "Can't find your bank?" option. This action directs users to a new screen where they must provide essential bank account details, as follows:
- Business Account Name: The registered owner’s name of the account at the external bank or PSP. This should match the name on the external account to ensure successful linkage and compliance with verification steps.
- Bank Name: The name of the bank.
- Bank Country: The country in which the bank or financial institution holding the account is located. This is essential for regulatory and compliance purposes.
- Account Information: The IBAN or the combination of the Account Number and Sort Code of the account at the external bank or PSP. This uniquely identifies the account within the financial institution and is necessary for processing transactions.
If the user clicks on Cancel
at this stage, the linked account will not be added.
Declaration of Ownership via SCA Challenge
Once the user successfully entered the details, it is critical that the registered account belongs to the Identity attempting to link it therefore the user will need to click on "Continue" where he will need to perform an SCA. Once the SCA Challenge is completed, the last step will be to initiate a bank transfer.
If the user clicks on Cancel the component will trigger a decline event which should be handled by the application.
Control Check Through a Test Funding Transaction
After successfully completing the SCA process, user must demonstrate control over the external account by performing a test funding transaction. The UI component will redirect the user to the final screen, displaying the following details:
- Amount to be sent
- Account number
- Sort Code
- Reference Code
This step is critical to verify that the registered identity controls the account. It is essential that users include the reference code in the funding transaction. Failure to complete the test funding transaction will result in the linked account remaining in the PENDING_FUNDING
state.
To assist you with testing the funding test transaction, we have created a new simulator accessible via our API here.
Internal Checks by Weavr
A name verification check will be automatically triggered by the Weavr platform and, when necessary, flagged for review by the Weavr Compliance team. This ensures that the name of the Linked Account holder matches the Identity registered with Weavr. The internal checks are required as another layer in the verification process to verify that the Linked Account belongs to the same person or business entity as the Managed Account. The state of the linked account is set to PENDING_VERIFICATION
until checks are completed.
When the Weavr Compliance team has completed the required internal verification checks, the state of the linked account will be either LINKED
or REJECTED
.
Unlink an account
Your customers can unlink an account and stop using it to fund a payment run. Payment runs that were initiated and successfully completed using the unlinked account will not be affected.
Unlinking an account will automatically revoke the consent of the linked account, this means that if your customer will want to use the unlinked bank account again, they will have to link the bank account again.
Retrieve account information
To retrieve account(s) information you can use the below endpoint:
- The
status
, indicates if the linked account islinked
orunlinked
- The
accountIdentification
indicates the bank details of the linked account.FasterPaymentsBankDetails
if linked account is of GBP currency orSepaBankDetails
if linked account is of EUR currency
- The
institution
details of the linked account - The
consent
that shows thestatus
of the linked account and theexpiresAt
andexpiresIn
If the consent has expired the expiresAt
will contain a value of '0' and the expiresIn
will contain the date in the past of the consent expired.
More information relating to the buyers' linked accounts can be found in your Portal.
Linked account update event
This webhook notification is triggered whenever there is an update on the linked account.