Link an Account

Enable your customers to link their bank accounts via Open Banking to fund payments within a payment run.

Pre-requisites

To link an account, you will need:

• To complete the buyer's onboarding
• A logged-in user with the Controller role
• Configure the Open Banking redirect URL in the portal via Settings > Application Details

Open Banking

With Weavr's solution, you are not required to become a Third Party Provider (TPP) or an Agent of a TPP. Instead you can use our UI components to embed the Open Banking flows in your product.

Embed the Account Information Service (AIS) UI Component

Follow the AIS UI Component integration guide to learn how to embed this Open Banking flow within your product.

Open Banking redirect URL

For the UI component to work, you must configure the Open Banking redirect URL in the portal. This URL will be used to redirect the user back to your product once they completed the funding process.

The UI component will request the user to select their bank. Once selected, the user will be shown the consent request for Weavr to access their bank account information. If the user clicks on Cancel the component will trigger a decline event which should be handled by the application.

To confirm the consent, the user will be redirected to their Bank's portal to approve the consent request. In the Banking portal, the bank will ask them to authenticate themselves and will confirm the bank account to be shared.

If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent the component will trigger a decline event which should be handled by the application.

Declaration of Ownership via SCA Challenge

When adding a Linked Account via the Account Information Service (AIS) UI Component, it is critical to confirm that the registered account belongs to the Identity attempting to link it. As part of this process, ownership declaration is facilitated through a Strong Customer Authentication (SCA) UI Component, during which the state of the linked account will be set to PENDING_CHALLENGE. Upon initiating the Linked Account registration process, the user with the Controller role of the Identity must complete an SCA challenge to declare ownership of the Linked Account.

More Information

More information how to perform an SCA Challenge via the UI Component will be provided soon

Internal Checks by Weavr

A name verification check will be automatically triggered by the Weavr platform and, when necessary, flagged for review by the Weavr Compliance team. This ensures that the name of the Linked Account holder matches the Identity registered with Weavr. The internal checks are required as another layer in the verification process to verify that the Linked Account belongs to the same person or business entity as the Managed Account. The state of the linked account is set to PENDING_VERIFICATION until checks are completed.

Weavr Compliance verification checks

When the Weavr Compliance team has completed the required internal verification checks, the state of the linked account will be either LINKED or REJECTED.

Extend an AIS consent

An AIS consent in the UK is granted for up to 90 days while a consent in the EEA is granted for up to 180 days, after which, users are required to extend their consent to continue using the associated Linked Account.

To extend an AIS consent, you will need to embed the AIS UI Component in your application while also specifying the linkedAccountId parameter of the Linked Account that you want to extend the consent to.

Once consent is extended, Weavr will refresh the date and time of the consent and your end-user will be able to access the Linked Account for a further 90 / 180 days.

For further details, follow the Extend AIS consent examples here.

tip

AIS consents can be extended at any point during or after the 90 / 180 days window.

UK - Extending an AIS consent

• Extending an AIS consent before the 90 days pass

  In the UK, when extending the AIS consent before the 90 days pass, the user will be shown a consent renewal request screen for Weavr to continue accessing their bank account information. If the user confirms the consent, the UI Component will trigger an accept event.

If the user clicks on Cancel the component will trigger a decline event which should be handled by the application.

• Extending an AIS consent after the 90 days pass

If the user gave their consent more than 90 days ago, the consent would be set to EXPIRED. At this point the consent can still be extended, however the user will be shown an expired consent screen. To renew the consent, the user will be redirected to their Bank's portal to approve the consent request. In the Banking portal, the bank will ask them to authenticate and re-confirm the bank account to be shared.

If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent the component will trigger a decline event which should be handled by your application.

EEA - Extending an AIS consent

• Extending an AIS consent before the 180 days pass

  In the EEA, when extending the AIS consent before the 180 days pass, the user will be shown a consent renewal request screen for Weavr to continue accessing their bank account information. If the user confirms the consent, the user will have to be redirected to their Bank's portal to approve the consent request. In the Banking portal, the bank will ask them to authenticate and re-confirm the bank account to be shared.

If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent the component will trigger a decline event which should be handled by your application.

• Extending an AIS consent after the 180 days pass

If the user gave their consent more than 180 days ago, the consent would be set to EXPIRED. At this point the consent can still be extended, however the user will be shown an expired consent screen. To renew the consent, the user will still be redirected to their Bank's portal to approve the consent request. In the Banking portal, the bank will ask them to authenticate and re-confirm the bank account to be shared.

If the user approves, they are redirected to your application on the configured Open Banking redirect URL. If the user clicks on I Don't Consent the component will trigger a decline event which should be handled by your application.

note

Providing the linkedAccountId is an optional parameter to be used only when extending an AIS consent.

Roles & Permissions

A consent can be refreshed by a user who has the Controller role. Learn more about the different roles in our guide.

Unlink an account

Your customers can unlink an account and stop using it to fund a payment run. Payment runs that were initiated and successfully completed using the unlinked account will not be affected.

Unlinking an account will automatically revoke the consent of the linked account, this means that if your customer will want to use the unlinked bank account again, they will have to link the bank account again.

POST/linked_accounts/{linked_account_id}/unlinkTry it

Deprecation of delete endpoint

The delete a linked account endpoint, currently deletes the linked account, and once a linked account is deleted it cannot be retrieved. This makes it difficult for your buyers to trace and reconcile which linked account was used to fund previous payment runs, therefore we are deprecating this endpoint and we encourage you to use the new unlink an account endpoint.

Retrieve account information

To retrieve account(s) information you can use the below endpoint:

GET/linked_accountsTry it

GET/linked_accounts/\{linked_account_id}Try it

• The status, indicates if the linked account is linked or unlinked
• The accountIdentification indicates the bank details of the linked account.
  • FasterPaymentsBankDetails if linked account is of GBP currency or SepaBankDetails if linked account is of EUR currency
• The institution details of the linked account
• The consent that shows the status of the linked account and the expiresAt and expiresIn

note

If the consent has expired the expiresAt will contain a value of '0' and the expiresIn will contain the date in the past of the AIS consent expired.

Linked Account information in the portal

More information relating to the buyers' linked accounts can be found in your Portal.

Linked account update event

This webhook notification is triggered whenever there is an update on the linked account.

EVENTLinked Account UpdateTry it