Responding to a manual KBA
How to respond to a manual KBA multiple-choice set of questions when KYC fails.
Overview
The KBA (Knowledge Based Authentication) process is triggered when any individual Beneficial Owner fails KYC. KBA allows Beneficial Owners to personally validate their identity through multiple-choice questions. These are questions that should be straightforward for them to answer, but difficult for others to answer, for example:
- What was the color of your first car?
- Of the below addresses, which have you resided at?
- Of the below names, which is the hospital you were born in?
- Of the below names, which is your first school?
KBA includes up to three rounds of four sets of multiple-choice questions. If a Beneficial Owner answers a question incorrectly, they are posed a new set of questions. After three failed rounds of attempts at answering the questions, the KBA fails and therefore the overall KYC also fails.
Sending the KBA answers back to the Bond platform
To send the Beneficial Owner's questions and answers to Bond, use a POST /businesses/{business_id}/beneficial_owners/{beneficial_owner_id}/verification-kba /verification-kba
operation and provide the parameters as shown below.
The kba_responses
object has the structure shown in the following table.
Object | Type | Description |
---|---|---|
kba_responses required | array of objects. | Array of question-answer objects. |
The question_id
and choice_id
fields within kba_responses
is a list of objects with the structure as shown in the following table.
kba_responses Object | Type | Description |
---|---|---|
question_id required | string | Corresponds to a question_id from the /kyc/programmatic response. |
choice_id required | string | Corresponds to the choice_id for this question from the /kyc/programmatic response. |
An example of a request to send the array of KBA answers to Bond is shown below.
curl --request POST \
--url https://sandbox.bond.tech/api/v0.1/businesses/002e0f0e-e39d-4351-876c-afcad30d9c37/beneficial_owners/3a7fe4e4-79a4-4a58-942a-c3d00a2406a6/verification-kba \
--header 'Authorization: YOUR-AUTHORIZATION' \
--header 'Content-Type: application/json' \
--header 'Identity: YOUR-IDENTITY' \
--data '
{
"kba_responses": [
{
"question_id": "1",
"choice_id": "3"
},
{
"question_id": "2",
"choice_id": "1"
},
{
"question_id": "3",
"choice_id": "4"
},
{
"question_id": "4",
"choice_id": "2"
}
]
}
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://sandbox.bond.tech/api/v0.1/businesses/002e0f0e-e39d-4351-876c-afcad30d9c37/beneficial_owners/3a7fe4e4-79a4-4a58-942a-c3d00a2406a6/verification-kba")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request["Identity"] = 'YOUR-IDENTITY'
request["Authorization"] = 'YOUR-AUTHORIZATION'
request.body = "{\"kba_responses\":[{\"question_id\":\"1\",\"choice_id\":\"3\"},{\"question_id\":\"2\",\"choice_id\":\"1\"},{\"question_id\":\"3\",\"choice_id\":\"4\"},{\"question_id\":\"4\",\"choice_id\":\"2\"}]}"
response = http.request(request)
puts response.read_body
const options = {
method: 'POST',
headers: {
'Content-Type': 'application/json',
Identity: 'YOUR-IDENTITY',
Authorization: 'YOUR-AUTHORIZATION'
},
body: JSON.stringify({
kba_responses: [
{question_id: '1', choice_id: '3'},
{question_id: '2', choice_id: '1'},
{question_id: '3', choice_id: '4'},
{question_id: '4', choice_id: '2'}
]
})
};
fetch('https://sandbox.bond.tech/api/v0.1/businesses/002e0f0e-e39d-4351-876c-afcad30d9c37/beneficial_owners/3a7fe4e4-79a4-4a58-942a-c3d00a2406a6/verification-kba', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import requests
url = "https://sandbox.bond.tech/api/v0.1/businesses/002e0f0e-e39d-4351-876c-afcad30d9c37/beneficial_owners/3a7fe4e4-79a4-4a58-942a-c3d00a2406a6/verification-kba"
payload = {"kba_responses": [
{
"question_id": "1",
"choice_id": "3"
},
{
"question_id": "2",
"choice_id": "1"
},
{
"question_id": "3",
"choice_id": "4"
},
{
"question_id": "4",
"choice_id": "2"
}
]}
headers = {
"Content-Type": "application/json",
"Identity": "YOUR-IDENTITY",
"Authorization": "YOUR-AUTHORIZATION"
}
response = requests.request("POST", url, json=payload, headers=headers)
print(response.text)
var client = new RestClient("https://sandbox.bond.tech/api/v0.1/businesses/002e0f0e-e39d-4351-876c-afcad30d9c37/beneficial_owners/3a7fe4e4-79a4-4a58-942a-c3d00a2406a6/verification-kba");
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Identity", "YOUR-IDENTITY");
request.AddHeader("Authorization", "YOUR-AUTHORIZATION");
request.AddParameter("application/json", "{\"kba_responses\":[{\"question_id\":\"1\",\"choice_id\":\"3\"},{\"question_id\":\"2\",\"choice_id\":\"1\"},{\"question_id\":\"3\",\"choice_id\":\"4\"},{\"question_id\":\"4\",\"choice_id\":\"2\"}]}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
OkHttpClient client = new OkHttpClient();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"kba_responses\":[{\"question_id\":\"1\",\"choice_id\":\"3\"},{\"question_id\":\"2\",\"choice_id\":\"1\"},{\"question_id\":\"3\",\"choice_id\":\"4\"},{\"question_id\":\"4\",\"choice_id\":\"2\"}]}");
Request request = new Request.Builder()
.url("https://sandbox.bond.tech/api/v0.1/businesses/002e0f0e-e39d-4351-876c-afcad30d9c37/beneficial_owners/3a7fe4e4-79a4-4a58-942a-c3d00a2406a6/verification-kba")
.post(body)
.addHeader("Content-Type", "application/json")
.addHeader("Identity", "YOUR-IDENTITY")
.addHeader("Authorization", "YOUR-AUTHORIZATION")
.build();
Response response = client.newCall(request).execute();
Examples of possible responses to the KBA process are shown below.
{
"beneficial_owner_id": "3a7fe4e4-79a4-4a58-942a-c3d00a2406a6",
"kyc_status": "passed"
}
{
"beneficial_owner_id": "3a7fe4e4-79a4-4a58-942a-c3d00a2406a6",
"kyc_status": "kba failed",
"questions": [
{
"question_id": "1",
"question": "Which one of the following retail credit cards do you have? If there is not a matched retail credit card, please select 'NONE OF THE ABOVE'",
"choices": [
{
"choice_id": "1",
"choice": "KRAGEN"
},
{
"choice_id": "2",
"choice": "WING ON"
},
{
"choice_id": "3",
"choice": "DUNNES STORES"
},
{
"choice_id": "4",
"choice": "HAVAIANAS"
},
{
"choice_id": "5",
"choice": "NONE OF THE ABOVE"
}
]
},
{
"question_id": "2",
"question": " Please select the county for the address you provided.",
"choices": [
{
"choice_id": "1",
"choice": "BELKNAP"
},
{
"choice_id": "2",
"choice": "STRAFFORD"
},
{
"choice_id": "3",
"choice": "MERRIMACK"
},
{
"choice_id": "5",
"choice": "NONE OF THE ABOVE"
}
]
},
{
"question_id": "3",
"question": "Which of the following is a previous phone number of yours? If there is not a matched phone number, please select 'NONE OF THE ABOVE'.",
"choices": [
{
"choice_id": "1",
"choice": "(317)205-6445"
},
{
"choice_id": "2",
"choice": "(317)230-8612"
},
{
"choice_id": "3",
"choice": "(317)212-1103"
},
{
"choice_id": "4",
"choice": "(317)218-8821"
},
{
"choice_id": "5",
"choice": "NONE OF THE ABOVE/DOES NOT APPLY"
}
]
},
{
"question_id": "4",
"question": "According to our records, you previously lived on (HOIT). Please choose the city from the following list where this street is located",
"choices": [
{
"choice_id": "1",
"choice": "BONIFAY"
},
{
"choice_id": "2",
"choice": "GRACEVILLE"
},
{
"choice_id": "3",
"choice": "CHIPLEY"
},
{
"choice_id": "4",
"choice": "EPSOM NH"
},
{
"choice_id": "5",
"choice": "NONE OF THE ABOVE/DOES NOT APPLY"
}
]
}
],
"kba_expiration": "2021-02-26-22:25:40.313646+00:00"
}
{
"beneficial_owner_id": "3a7fe4e4-79a4-4a58-942a-c3d00a2406a6",
"kyc_status": "kba failed"
}
For a complete specification and interactive examples, see Responding to KBA in the Bond API Reference.
Updated over 1 year ago