Skip to main content

Link an Account

Enable your customers to link their bank accounts via Open Banking or manually using the Link Account UI Component. Link accounts are required to fund payments within a payment run.

Pre-requisites

To link an account, you need:

  • To complete the buyer's onboarding
  • A logged-in user with the Controller role
  • For Open Banking configure the Open Banking redirect URL in the portal via Settings > Application Details
Embed the Link Account UI Component

Follow the Link Account Component integration guide to learn how to embed this UI component within your product.

The Link Account UI component requests the user to select their bank. Once selected, the user sees the consent request for Weavr to access their bank account information. If the user clicks on Cancel, the component triggers a decline event which should be handled by the application.

To confirm the consent, the user is redirected to their bank's portal to approve the consent request. In the banking portal, the bank asks them to authenticate themselves and confirms the bank account to be shared.

Open Banking redirect URL

For the UI component to work, you must configure the Open Banking redirect URL in the portal. This URL is used to redirect the user back to your product once they complete the funding process.

If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent, the component triggers a decline event which should be handled by the application.

Open Banking

With our solution, you are not required to become a third-party provider (TPP) or an Agent of a TPP. Instead you can use our UI components to embed the Open Banking flows in your product.

Declaration of Ownership via SCA Challenge

When adding a Linked Account via Open Banking, it is critical to confirm that the registered account belongs to the Identity attempting to link it. The state of the linked account is set to PENDING_CHALLENGE. Upon initiating the Linked Account UI Component, the user with the Controller role of the Identity must complete an SCA challenge to declare ownership of the Linked Account.

An open banking consent in the UK is granted for up to 90 days while a consent in the EEA is granted for up to 180 days, after which, users are required to extend their consent to continue using the associated Linked Account.

To extend an open banking consent, embed the Link Account UI Component in your application while also specifying the linkedAccountId, callbackUrl, and state parameters of the Linked Account that you want to extend the consent to.

Once consent is extended, Weavr refreshes the date and time of the consent, and your end-user can access the Linked Account for a further 90 / 180 days.

For further details, follow the Extend Open Banking consent examples here.

tip

Open Banking consents can be extended at any point during or after the 90 / 180 days window.

UK - Extending an open banking Linked account consent

  • In the UK, when extending the linked account consent before the 90 days pass, the user sees a consent renewal request screen for Weavr to continue accessing their bank account information. If the user confirms the consent, the UI Component triggers an accept event.

If the user clicks on Cancel, the component triggers a decline event which should be handled by the application.

If the user gave their consent more than 90 days ago, the consent is set to EXPIRED. At this point the consent can still be extended, however the user sees an expired consent screen. To renew the consent, the user is redirected to their bank's portal to approve the consent request. In the banking portal, the bank asks them to authenticate and re-confirm the bank account to be shared.

If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent, the component triggers a decline event which should be handled by your application.

EEA - Extending an Open Banking Linked account consent

  • In the EEA, when extending the Open Banking linked account consent before the 180 days pass, the user sees a consent renewal request screen for Weavr to continue accessing their bank account information. If the user confirms the consent, the user is redirected to their bank's portal to approve the consent request. In the banking portal, the bank asks them to authenticate and re-confirm the bank account to be shared.

If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent, the component triggers a decline event which should be handled by your application.

If the user gave their consent more than 180 days ago, the consent is set to EXPIRED. At this point the consent can still be extended, however the user sees an expired consent screen. To renew the consent, the user is still redirected to their bank's portal to approve the consent request. In the banking portal, the bank asks them to authenticate and re-confirm the bank account to be shared.

If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent, the component triggers a decline event which should be handled by your application.

Roles & Permissions

A consent can be refreshed by a user who has the Controller role. Learn more about the different roles in our guide.

Users can manually link a bank account through the Link Account UI Component by selecting the "Can't find your bank?" option. This action directs users to a new screen where they must provide essential bank account details, as follows:

  • Business Account Name: The registered owner’s name of the account at the external bank or PSP. This should match the name on the external account to ensure successful linkage and compliance with verification steps.
  • Bank Name: The name of the bank.
  • Bank Country: The country in which the bank or financial institution holding the account is located. This is essential for regulatory and compliance purposes.
  • Account Information: The IBAN or the combination of the Account Number and Sort Code of the account at the external bank or PSP. This uniquely identifies the account within the financial institution and is necessary for processing transactions.
note

If the user clicks on Cancel at this stage, the linked account is not added.

Declaration of Ownership via SCA Challenge

Once the user successfully enters the details, it is critical that the registered account belongs to the Identity attempting to link it. The user needs to click on "Continue" and perform an SCA. Once the SCA Challenge is completed, the last step is to initiate a bank transfer.

note

If the user clicks on Cancel, the component triggers a decline event which should be handled by the application.

Control Check Through a Test Funding Transaction

After successfully completing the SCA process, the user must demonstrate control over the external account by performing a test funding transaction. The UI component redirects the user to the final screen, displaying the following details:

  • Amount to be sent
  • Account number
  • Sort Code
  • Reference Code
Important

This step is critical to verify that the registered identity controls the account. It is essential that users include the reference code in the funding transaction. Failure to complete the test funding transaction results in the linked account remaining in the PENDING_FUNDING state.

simulator to test on Sandbox

To assist you with testing the funding test transaction, we have created a new simulator accessible via our API here.

Internal Checks by Weavr

A name verification check is automatically triggered by the Weavr platform and, when necessary, flagged for review by the Weavr Compliance team. This ensures that the name of the Linked Account holder matches the Identity registered with Weavr. The internal checks are required as another layer in the verification process to verify that the Linked Account belongs to the same person or business entity as the Managed Account. The state of the linked account is set to PENDING_VERIFICATION until checks are completed.

Weavr Compliance verification checks

When the Weavr Compliance team completes the required internal verification checks, the state of the linked account is set to either LINKED or REJECTED.

Your customers can unlink an account and stop using it to fund a payment run. Payment runs that were initiated and successfully completed using the unlinked account are not affected.

Unlinking an account automatically revokes the consent of the linked account. If your customer wants to use the unlinked bank account again, they need to link the bank account again.

POST/linked_accounts/{linked_account_id}/unlinkTry it

Retrieve account information

To retrieve account(s) information you can use the below endpoint:

GET/linked_accountsTry it
GET/linked_accounts/\{linked_account_id}Try it
  • The status, indicates if the linked account is linked or unlinked
  • The accountIdentification indicates the bank details of the linked account.
    • FasterPaymentsBankDetails if linked account is of GBP currency or SepaBankDetails if linked account is of EUR currency
  • The institution details of the linked account
  • The consent that shows the status of the linked account and the expiresAt and expiresIn
note

If the consent has expired the expiresAt will contain a value of '0' and the expiresIn will contain the date in the past of the consent expired.

Linked Account information in the portal

More information relating to the buyers' linked accounts can be found in your Portal.

Linked account update event

This webhook notification is triggered whenever there is an update on the linked account.

EVENTLinked Account UpdateTry it