Banking regulations require that financial institutions perform a Know Your Customer (KYCKYC - Know Your Customer. A standard banking risk assessment practice to prevent identity theft, money laundering, fraud, and terrorism by verifying customer identities and understanding their transaction habits. KYC is a mandatory requirement of legal compliance in the financial sector.) process to verify a customers' identity before they can use their accounts.
Bond provides connections between brands and banks. A brand can have partnership programs with multiple banks, with each program having a unique
program_id. The Bond platform provides APIs to perform the customer verification process on behalf of the bank.
You initiate the KYC process after you create a
customer object representing the consumer who wants to set up an account. The consumer provides the required personal information during the application process.
customer_id is a required path parameter for the API request to initiate a KYC process. The
program_id is a required body parameter.
The combination of these two parameters in the request indicate that Bond will do a verification check on a particular customer on behalf of a particular bank partnered with the brand.
As part of the KYC process you may be asked to upload supporting documentation for verifying the identity of the customer. For details see Running KYC.
The KYC request for the customer is asynchronous (meaning that the reply is not always immediate), so you must configure a webhook to listen for KYC events.
Bond provides a
failed response to the
callback_url (for example, www.brandurl.com/bond-kyc) configured in the webhook.
passed, the customer's information has been validated and they are eligible to access the services provided by the bank. You can now create a card for the customer.
The KYC endpoint is idempotentidempotent - Has the same result when called multiple times with the same idempotent key and repeated requests using the same
Idempotency-Keywithin a 24 hour period will fail.
Once a customer has successfully passed the KYC process, no further KYC attempts are allowed. Any further call for KYC authentication responds with an error and returns the timestamp of the previously successful KYC process.
Idempotency is a Web API design principle that prevents you from running the same operation multiple times. Because a certain amount of intermittent failure is to be expected, you need a way to reconcile failed requests with a server, and idempotency provides a mechanism for that. Including an idempotency key (an optional string) makes POST requests idempotent, which prompts the API to do the record keeping required to prevent duplicate operations. You can safely retry requests that include an idempotency key as long as the second request occurs within 24 hours from when you first receive the key (keys expire after 24 hours).
Updated 25 days ago