Responding to a manual KBA

Introduction

The KBAKBA - Knowledge Based Authentication. A form of identity validation done by prompting the user to answer questions based on their private information. Performed in the event that the KYC process fails. Generally KBA is interchangeable with OOW. For example, "Out of these 4 addresses, in which have you resided previously?". (Knowledge Based Authentication) process is triggered when any individual Beneficial Owner fails KYCKYC - Know Your Customer. The compliance that financial institutions put into their policies and procedures to verify a customer's identity.. KBA allows Beneficial Owners to personally validate their identity through multiple-choice questions. These are questions that should be straightforward for them to answer, but difficult for others to answer, for example:

  • What was the color of your first car?
  • Of the below addresses, which have you resided at?
  • Of the below names, which is the hospital you were born in?
  • Of the below names, which is your first school?

KBA includes up to three rounds of four sets of multiple-choice questions. If a Beneficial Owner answers a question incorrectly, they are posed a new set of questions. After three failed rounds of attempts at answering the questions, the KBA fails and therefore the overall KYC also fails.

📘

Sandbox KBA

To trigger KBA in the sandbox environment, create a Beneficial Owner using the first name of xyz and initiate a KYC.

Sending the KBA answers back to Bond Studio

To send the Beneficial Owner's questions and answers to Bond, use a POST /businesses/{business_id}/beneficial_owners/{beneficial_owner_id}/verification-kba /verification-kba operation and provide the parameters as shown below.

The kba_responses object has the following structure:

Object

Type

Description

kba_responses
required

Array of objects.

Array of question-answer objects.

The question_id and choice_id fields within kba_responses is a list of objects with the following structure:

kba_responses Object

Type

Description

question_id
required

String

Corresponds to a question_id from the /kyc/programmatic response.

choice_id
required

String

Corresponds to the choice_id for this question from the /kyc/programmatic response.

An example of a request to send the array of KBA answers to Bond is shown below.

curl --request POST \
     --url https://sandbox.bond.tech/api/v0/businesses/002e0f0e-e39d-4351-876c-afcad30d9c37/beneficial_owners/3a7fe4e4-79a4-4a58-942a-c3d00a2406a6/verification-kba \
     --header 'Authorization: YOUR-AUTHORIZATION' \
     --header 'Content-Type: application/json' \
     --header 'Identity: YOUR-IDENTITY' \
     --data '
{
     "kba_responses": [
          {
               "question_id": "1",
               "choice_id": "3"
          },
          {
               "question_id": "2",
               "choice_id": "1"
          },
          {
               "question_id": "3",
               "choice_id": "4"
          },
          {
               "question_id": "4",
               "choice_id": "2"
          }
     ]
}
require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://sandbox.bond.tech/api/v0/businesses/002e0f0e-e39d-4351-876c-afcad30d9c37/beneficial_owners/3a7fe4e4-79a4-4a58-942a-c3d00a2406a6/verification-kba")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request["Identity"] = 'YOUR-IDENTITY'
request["Authorization"] = 'YOUR-AUTHORIZATION'
request.body = "{\"kba_responses\":[{\"question_id\":\"1\",\"choice_id\":\"3\"},{\"question_id\":\"2\",\"choice_id\":\"1\"},{\"question_id\":\"3\",\"choice_id\":\"4\"},{\"question_id\":\"4\",\"choice_id\":\"2\"}]}"

response = http.request(request)
puts response.read_body
const options = {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    Identity: 'YOUR-IDENTITY',
    Authorization: 'YOUR-AUTHORIZATION'
  },
  body: JSON.stringify({
    kba_responses: [
      {question_id: '1', choice_id: '3'},
      {question_id: '2', choice_id: '1'},
      {question_id: '3', choice_id: '4'},
      {question_id: '4', choice_id: '2'}
    ]
  })
};

fetch('https://sandbox.bond.tech/api/v0/businesses/002e0f0e-e39d-4351-876c-afcad30d9c37/beneficial_owners/3a7fe4e4-79a4-4a58-942a-c3d00a2406a6/verification-kba', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));
import requests

url = "https://sandbox.bond.tech/api/v0/businesses/002e0f0e-e39d-4351-876c-afcad30d9c37/beneficial_owners/3a7fe4e4-79a4-4a58-942a-c3d00a2406a6/verification-kba"

payload = {"kba_responses": [
        {
            "question_id": "1",
            "choice_id": "3"
        },
        {
            "question_id": "2",
            "choice_id": "1"
        },
        {
            "question_id": "3",
            "choice_id": "4"
        },
        {
            "question_id": "4",
            "choice_id": "2"
        }
    ]}
headers = {
    "Content-Type": "application/json",
    "Identity": "YOUR-IDENTITY",
    "Authorization": "YOUR-AUTHORIZATION"
}

response = requests.request("POST", url, json=payload, headers=headers)

print(response.text)
var client = new RestClient("https://sandbox.bond.tech/api/v0/businesses/002e0f0e-e39d-4351-876c-afcad30d9c37/beneficial_owners/3a7fe4e4-79a4-4a58-942a-c3d00a2406a6/verification-kba");
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Identity", "YOUR-IDENTITY");
request.AddHeader("Authorization", "YOUR-AUTHORIZATION");
request.AddParameter("application/json", "{\"kba_responses\":[{\"question_id\":\"1\",\"choice_id\":\"3\"},{\"question_id\":\"2\",\"choice_id\":\"1\"},{\"question_id\":\"3\",\"choice_id\":\"4\"},{\"question_id\":\"4\",\"choice_id\":\"2\"}]}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"kba_responses\":[{\"question_id\":\"1\",\"choice_id\":\"3\"},{\"question_id\":\"2\",\"choice_id\":\"1\"},{\"question_id\":\"3\",\"choice_id\":\"4\"},{\"question_id\":\"4\",\"choice_id\":\"2\"}]}");
Request request = new Request.Builder()
  .url("https://sandbox.bond.tech/api/v0/businesses/002e0f0e-e39d-4351-876c-afcad30d9c37/beneficial_owners/3a7fe4e4-79a4-4a58-942a-c3d00a2406a6/verification-kba")
  .post(body)
  .addHeader("Content-Type", "application/json")
  .addHeader("Identity", "YOUR-IDENTITY")
  .addHeader("Authorization", "YOUR-AUTHORIZATION")
  .build();

Response response = client.newCall(request).execute();

Examples of possible responses to the KBA process are shown below.

{
    "beneficial_owner_id": "3a7fe4e4-79a4-4a58-942a-c3d00a2406a6",
    "kyc_status": "passed"
}
{
    "beneficial_owner_id": "3a7fe4e4-79a4-4a58-942a-c3d00a2406a6",
    "kyc_status": "kba failed",
    "questions": [
        {
            "question_id": "1",
            "question": "Which one of the following retail credit cards do you have? If there is not a matched retail credit card, please select 'NONE OF THE ABOVE'",
            "choices": [
                {
                    "choice_id": "1",
                    "choice": "KRAGEN"
                },
                {
                    "choice_id": "2",
                    "choice": "WING ON"
                },
                {
                    "choice_id": "3",
                    "choice": "DUNNES STORES"
                },
                {
                    "choice_id": "4",
                    "choice": "HAVAIANAS"
                },
                {
                    "choice_id": "5",
                    "choice": "NONE OF THE ABOVE"
                }
            ]
        },
        {
            "question_id": "2",
            "question": " Please select the county for the address you provided.",
            "choices": [
                {
                    "choice_id": "1",
                    "choice": "BELKNAP"
                },
                {
                    "choice_id": "2",
                    "choice": "STRAFFORD"
                },
                {
                    "choice_id": "3",
                    "choice": "MERRIMACK"
                },
                {
                    "choice_id": "5",
                    "choice": "NONE OF THE ABOVE"
                }
            ]
        },
        {
            "question_id": "3",
            "question": "Which of the following is a previous phone number of yours? If there is not a matched phone number, please select 'NONE OF THE ABOVE'.",
            "choices": [
                {
                    "choice_id": "1",
                    "choice": "(317)205-6445"
                },
                {
                    "choice_id": "2",
                    "choice": "(317)230-8612"
                },
                {
                    "choice_id": "3",
                    "choice": "(317)212-1103"
                },
                {
                    "choice_id": "4",
                    "choice": "(317)218-8821"
                },
                {
                    "choice_id": "5",
                    "choice": "NONE OF THE ABOVE/DOES NOT APPLY"
                }
            ]
        },
        {
            "question_id": "4",
            "question": "According to our records, you previously lived on (HOIT). Please choose the city from the following list where this street is located",
            "choices": [
                {
                    "choice_id": "1",
                    "choice": "BONIFAY"
                },
                {
                    "choice_id": "2",
                    "choice": "GRACEVILLE"
                },
                {
                    "choice_id": "3",
                    "choice": "CHIPLEY"
                },
                {
                    "choice_id": "4",
                    "choice": "EPSOM NH"
                },
                {
                    "choice_id": "5",
                    "choice": "NONE OF THE ABOVE/DOES NOT APPLY"
                }
            ]
        }
    ],
    "kba_expiration": "2021-02-26-22:25:40.313646+00:00"
}
{
    "beneficial_owner_id": "3a7fe4e4-79a4-4a58-942a-c3d00a2406a6",
    "kyc_status": "kba failed"
}

For a complete specification and interactive examples, see Responsing to KBA in the Bond API Reference.


Next Steps
Did this page help you?