Guide to linking external accounts

Overview of the steps to take to link a card account to an external account.

Overview

The Accounts API allows you to link a customer's Bond card to their verified external bank account. Once the external account has been linked, the customer can then transfer funds back and forth between their card account and the external account. Once the link is established, we use the linked_account_id identifier to represent the customer's external account.

📘

Verification

An external account can only be linked once it has been verified. This verification takes place as part of the linking process. The type of verification performed depends on the institution the account is held with.

The following graphic depicts the overall linking process flow and fund transfer.

1441

The linking process comprises the following steps:

  1. Start the Linking external accounts SDK and provide details of the customer's Bond card account.
  2. From the returned list of options, select the required institute.
  3. The customer enters their external account details.
    The request is either approved or needs to be verified as described below. See table below for verification methods.
  4. Once these steps have been successfully completed, the customer's external bank account can be used for making transfers.

For examples of how to use the Linking external account SDK, see Linking external accounts SDK.

Account verification

Each of the available methods for verification depends on the intuition. Each method falls into one of these categories:

  • Instant—Your customer enters their bank details during the linking process.
  • Automatic—The process performs a micro-deposit and automatically verifies the deposit.
  • Manual—The process makes two micro-deposits which then need to be manually verified by the customer.

The following graphic depicts the verification options depending on the institution selected.

512

The following table describes the verification methods, their types, and how they are work.

Verification methodTypeDescriptionRestrictions
Instant authInstantThe default Auth flow during which the customer selects their banking institution and provides their login credentials. Does not require extra configuration steps if Auth is already configured in your app. Supports more than 3,800 financial institutions with credential-based logins.
Instant matchInstantWhen using Instant Match, your user is prompted to enter their account number and routing number. The last four digits of the user-provided account number are verified against the account mask retrieved from the financial institution. Instant match is automatically provided at supported institutions as a fall-back method when Instant Auth is not available.
Automated micro-depositsAutomaticPlaid makes a single micro-deposit and then automatically verifies it within one to two business days. Expires and needs to be renewed.
Same-day micro-depositsManualUsed for institutions that don't support Instant Auth, Instant Match, or Automated Micro-deposit verification. Plaid makes two deposits that post within one business day (using Same Day ACH). Users are instructed to manually verify the deposited amounts within one business day. Expires and needs to be renewed.Does not support transaction history.
UnverifiableUsed in a case where a user wants to send a transfer to an external account that is not their own.Does not support transaction history.

Link Account without Verification

Link and transfer funds to a third-party account that you cannot verify.

To link an unverifiable account, use the POST /accounts operation and provide the body parameters as shown in the table below.

ParameterTypeDescription
type
required
enumdefault is: migrate_account
customer_id
required
stringcustomer_id to which you will be linking this account
account_number
required
stringaccount number for banking institution
routing_number
required
stringrouting number for banking institution
account_type
required
enumchecking or savings
bank_name
required
stringFreeform, alphanumeric name of the external bank account being linked, for example Casino Royale

An example of a request to link an external account is shown below.

curl --location --request POST 'https://sandbox.bond.tech/api/v0/accounts' \
--header 'Content-Type: application/json' \
--header 'Identity: YOUR-IDENTITY' \
--header 'Authorization: YOUR-AUTHORIZATION' \
--data-raw '{
    "customer_id": "7951dd8d-e1f9-4d93-b96c-58e2659694ab",
    "type":"migrate_account", 
    "account_number": "123456789", 
    "routing_number": "987654321", 
    "link_type": "bond",
    "bank_account_type": "checking", 
    "bank_name": "Chase"
}
'
require "uri"
require "json"
require "net/http"

url = URI("https://sandbox.bond.tech/api/v0/accounts")

https = Net::HTTP.new(url.host, url.port)
https.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Identity"] = "YOUR-IDENTITY"
request["Authorization"] = "YOUR-AUTHORIZATION"
request.body = JSON.dump({
  "customer_id": "0e510520-4ed9-4748-90d7-f6120b391b26",
  "type": "migrate_account",
  "account_number": "123456789",
  "routing_number": "987654321",
  "link_type": "bond",
  "bank_account_type": "checking",
  "bank_name": "Chase"
})

response = https.request(request)
puts response.read_body
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Identity", "YOUR-IDENTITY");
myHeaders.append("Authorization", "YOUR-AUTHORIZATION");

var raw = JSON.stringify({
  "customer_id": "0e510520-4ed9-4748-90d7-f6120b391b26",
  "type": "migrate_account",
  "account_number": "123456789",
  "routing_number": "987654321",
  "link_type": "bond",
  "bank_account_type": "checking",
  "bank_name": "Chase"
});

var requestOptions = {
  method: 'POST',
  headers: myHeaders,
  body: raw,
  redirect: 'follow'
};

fetch("https://sandbox.bond.tech/api/v0/accounts", requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));
import requests
import json

url = "https://sandbox.bond.tech/api/v0/accounts"

payload = json.dumps({
  "customer_id": "0e510520-4ed9-4748-90d7-f6120b391b26",
  "type": "migrate_account",
  "account_number": "123456789",
  "routing_number": "987654321",
  "link_type": "bond",
  "bank_account_type": "checking",
  "bank_name": "Chase"
})
headers = {
  'Content-Type': 'application/json',
  'Identity': 'YOUR-IDENTITY',
  'Authorization': 'YOUR-AUTHORIZATION'
}

response = requests.request("POST", url, headers=headers, data=payload)

print(response.text)

A successful request returns an account_id to represent the link from the customer's external account, as shown below.

{
    "account_id": "e31a1d35-2aa6-4eee-80a0-08eb48668a34",
    "date_created": "2022-07-05T18:35:50.418488+00:00",
    "date_updated": "2022-07-05T18:35:50.418495+00:00",
    "customer_id": "0e510520-4ed9-4748-90d7-f6120b391b26",
    "status": "active",
    "verification_status": "unverifiable",
    "type": "migrate_account",
    "link_type": null,
    "access_token": null
}