Bank Account Verification
Secure, Convenient, and Oh-So-Sleek
Validate
Real-Time Account Validation
Overview
Validate is a bank account verification service that authorizes the status of a bank account using the routing and account numbers associated with an EFT or check. These preauthorization checks occur automatically for subscribing merchants and require no additional request fields.
Validate Account Verification
Validate consults proprietary databases and services to check for the following:
- Bad routing numbers (i.e., blacklisted TRN)
- Invalid checksums (i.e., check-digit algorithm failures)
- Does the account exist?
- Is the account open and valid?
The response to a transaction request indicates if the account is open and valid, closed, NSF, or one of the other conditions listed in the table below. Charges are only assessed for transactions involving participating banks (most Tier I and II banks participate, but some local banks and smaller credit unions may not). Transactions that do not receive a definitive response may then be checked against the national negative check database. Note that the status of the account may change between the bank’s report and settlement.
Using Validate
Validate transactions yield up to four additional response fields (see below). The most important field is pg_preauth_result/preauth_result, which indicates the result of the verification. POS indicates a positive response from the verification service and NEG indicates a negative response. UNK indicates that nothing is known about the account (for various reasons). The following fields may display in the transaction response when performing Validate transactions. NOTE: The first field listed is for legacy SOAP API transactions and the second field listed is for REST API transactions.
pg_preauth_result/preauth_results: The value in this field may cause a transaction to be declined, depending upon the setup. Potential values for this field include the following:POS,NEG, orUNK.pg_preauth_description/preauth_desc- This field displays the current state of the account as provided by the verifying agent.pg_preauth_neg_report- This field indicates negative database responses and normally contains the negative report details and (usually) the name and phone number of the reporting entity.
Response Values
Forte returns the following values in the result and description fields listed above. Sandbox normally generates a POS result for any account (as participating banks are not actually consulted). The test account numbers below may be used on Sandbox (with any valid ABA number) to force the indicated response.
Result | Description | Test Account # |
NEG | P15:HIGH RISK | 99915 |
UNK | P50:NO INFO | 99950 |
POS | P70:VALIDATED | 99970 |
POS | P71:LOW RISK APPROVAL | 99971 |
POS | P73:MEDIUM RISK APPROVAL | 99973 |
UNK | P80:PREAUTH VENDOR BUSY | 99980 |
UNK | P90:PREAUTH VENDOR UNAVAIL | 99990 |
UNK | P91:PREAUTH VENDOR ERROR | 99991 |
UNK | P92:PREAUTH SERVER UNAVAIL | 99992 |
NEG | P99:DECLINE |
Approval and Validate
Validate only runs for sale, authorize, and verify transactions (AGI transaction types 20, 21 and 26). Transactions with a NEG result are declined. Those with UNK and POS results are not declined but may be subject to other checks. If the merchant only uses verify, the pg_preauth_result/preauth_result value may be used for decisioning rather than simply declining all NEG responses, .
Authorization and Validate
Unlike Validate+, Validate does not allow merchants to configure approve/decline decisioning in their merchant configurations. If the final response is positive, UNK, or the account is not found, the transaction will be APPROVED in all cases. If the final response has negative reports, the transaction will be DECLINED in all cases.
Validate+
Real-Time Account Validation
Overview
Validate+ is an optional service that provides additional verification of an EFT account number. Forte performs these “preauthorization” searches (also called “checks," but should not be confused with a financial “check”) automatically for subscribing merchants (the authorization messages require no additional fields).
Validate+ Account Verification
The Validate+ service consults the status reported by the bank to see if the customer account is valid and in good standing. The response indicates if the account is open and valid, closed, NSF, or one of the other conditions listed in the table below. Charges are only assessed for transactions involving participating banks (Most Tier I and II banks participate, but some local banks and smaller credit unions may not). Transactions that do not receive a definitive response (such as POSor NEG) may then be checked against the national negative check database. Note that the status of the account may change between the bank’s report and settlement.
Using Validate+
Validate+ transactions yield up to four additional response fields (see below). The most important field is pg_preauth_result, which indicates the result of the verification. POS indicates a positive response from the verification service and NEG indicates a negative response. UNK indicates that nothing is known about the account (for various reasons). Use the following response fields when performing Validate+ transactions:
pg_preauth_result: The value in this field may cause a transaction to be declined, depending upon the setup. Potential values for this field include the following:POS,NEG, orUNK.pg_preauth_description- This field displays the current state of the account as provided by the verifying agent.
pg_preauth_neg_report- This field indicates negative database responses and normally contains the negative report details and (usually) the name and phone number of the reporting entity.
Response Values
Forte returns the following values in the result and description fields listed above. Sandbox normally generates a POS result for any account (no participating bank check is performed). The test account numbers below may be used on Sandbox (with any valid ABA number) to force the indicated response.
Result | Description | Test Account # |
NEG | P15:HIGH RISK | 99915 |
UNK | P50:NO INFO | 99950 |
POS | P70:VALIDATED | 99970 |
POS | P71:LOW RISK APPROVAL | 99971 |
POS | P73:MEDIUM RISK APPROVAL | 99973 |
UNK | P80:PREAUTH VENDOR BUSY | 99980 |
UNK | P90:PREAUTH VENDOR UNAVAIL | 99990 |
UNK | P91:PREAUTH VENDOR ERROR | 99991 |
UNK | P92:PREAUTH SERVER UNAVAIL | 99992 |
NEG | P99:DECLINE |
Approval and Validate+
Validate+ is only run for sale, authorize, and verify transactions (AGI transaction types 20, 21 and 26). Transactions with a NEG result are normally declined (depending on the merchant’s configuration). Those with UNK and POS results are not declined and may be subject to other checks. If the merchant only uses verify, instead of declining all NEG responses, the pg_preauth_result value may be used instead for any decision making.
Authorization and Validate+
Within the Forte platform, merchants can configure how specific negative ACH items are handled. If the final response is positive, UNK, or the account is not found, the transaction must be APPROVED in all cases. If the final response has negative reports, the transaction is typically DECLINED, but this is dependent on the merchant’s specific configuration.
Bank Account Owner Verification - Authenticate
Real-Time Account Ownership Validation
Overview
CSG Forte Authenticate service empowers merchants to seamlessly verify account ownership, reducing the risk of fraud, to collect and pay funds simply and reliably. This service will allow merchants to verify ownership of bank accounts, no matter if the owner is a person or a business.
Ownership Verification
Authenticate service consults Tier I and most of Tier II banks, and multiple local banks and credit unions data to verify First Name and Last Name or Business Name along with Bank Routing Number (TRN) and Account Number submitted vs. the actual ownership of a given account. The response indicates if the input element matches with the actual account data or not. Transactions that do not receive a definitive response (such as POS, CON or NEG) will not be billable.
Using Authenticate
Authenticate can be accessed via multiple CSG Forte services such as Rest API and AGI calls, and DEX. Here you can find detailed information on how to use Authenticate with each of Forte’s services:
• REST API:
An authenticate transaction can be created including the “action”=”authenticate” parameter in the body of a POST request to the /organizations/{organization_id}/transactions URI. Or the URI can create an Authenticate transaction by appending the authenticate action to the end of the URI: {{baseURI}}/organizations/org_{{organizationID}}/locations/loc_{{locationID}}/transactions/authenticate
-
To see more of REST API connection click here or check our Postman collection here
-
To see the detail of authenticate transactions in REST API click here
• AGI:
Authenticate transaction type code is 26/Authenticate which will allow merchants to verify the ownership of a bank account. This will require the additional field pg_transaction_subtype=authenticate
-
To know more of AGI integration clikc here
-
To see the details of authenticate transactions in AGI, see Appendix C: Authenticate (page 45)
• DEX:
Verify Bank Account Ownership directly from dex by creating a Bank Account Owner Verification transaction.
- To see more of DEX and authenticate in DEX Docs click here
- Bank Account Owner Verification Tutorial here
Response Values
Use the following response fields to identify a full, partial or no match for account ownership verifications:
-
pg_preauth_result- The value in this field indicates if the inquiry fields match completely, conditionally, or not match the database. Potential values for this field include the following:POS,CON,NEGorUNK.-
POSindicates a positive match from the authenticate service. -
NEGindicates a negative match. -
CONindicates a conditional or partial match. -
UNKindicates that nothing is known about the account (for various reasons as not enough info or preauth errors).
-
-
pg_preauth_description- This field displays the exact description of the matching status. If it’s a match, a no match, or a conditional one, or if there is no info, or if the authentication failed. -
pg_response_description- This field indicates the exact reason for the matching transactions.
CSG Forte returns the following values in the result and descriptions fields listed above:
Pg_preauth_result | Preauth Description | Pg response description | Comments |
POS | P60: MATCH | BUSINESS NAME MATCH FIRST & LAST NAME MATCH OVERALL MATCH | The business name or full name provided exactly or closely matches the database record. |
CON | P75: CONDITIONAL MATCH | PARTIAL MATCH | The full name or business name conditionally (partially) matches the database record. |
NEG | P10: NO MATCH | NO MATCH | The name(s) received in the inquiry (Authenticate) message do not match any of the name fields for the record. Or invalid account number or bad account. |
UNK | P50: NO INFO | NO INFO | No identifying data is available in the database for the account provided. |
P90: PREAUTH VENDOR UNAVAIL | AUTH TIME OUT | Database is having problems or it’s down, entry not processed. | |
P91: PREAUTH VENDOR ERROR | PREAUTH ERROR | The response is null or it’s a malformed response. | |
P91: PREAUTH VENDOR ERROR | AUTH ERROR | An invalid account number was identified. |
Use Cases
Authenticate allows merchants to verify bank account ownership to reduce fraud before initiating payouts or accepting payments.
-
Authenticate is a great tool since in many industries, companies have to satisfy regulatory obligations to verify account ownership.
-
If merchants need to send money to customers, Authenticate helps them to verify that the provided account is not only valid, but also belongs to the person or business claiming to own it.
-
Authenticate helps merchants to prevent human errors, and also protects merchants from malicious actors reducing the risk of loss.