Open Banking 

Open Banking with Equifax allows access to personal and business current account data improving customer experience and risk based decision making. 

The Open Banking integration with Equifax may require an integration through AccountScore and ConsentsOnline, both Equifax owned companies. 

This is a guide that describes what API’s are available and how to Get Started

Getting started

Our Open Banking integration consists of two main stages, Data Collection and Insights. 

#

Stage

Description

1

Data Collection (customer consent)

Data Collection guides the account owner through the Open Banking sign-up process to share account information with their consent.

Data collection is via a co-branded consents.online URL OR by using an AccountScore iFrame embedded in your website or mobile app.

2

Open Banking API Integration

Data insights return account information back to you by connecting to Equifax Open Banking APIs

 

“How to initiate Data Collection (Stage 1)”

Data Collection is done via a white labelled sign up page (iFrame, POST or URL) via Equifax owned Consents.online. 

Example of application form and customer flow https://invis.io/DUQTZ2CZPCF

Option 1: POST 

You can submit a form via POST to initiate the application process. This allows you to streamline your customer journey by passing through some customer information; allowing you to skip the "about you" and "select bank" pages. This is our recommendation. 

Option 2: iFrame 

The iFrame can be integrated directly into an HTML Web app or loaded via a modal popup screen. When displayed as a modal popup, the iFrame will load over the top of your page until completed or closed, improving User experience by passing through user information that might have been cached (such as ‘about you’ or ‘select bank’). 

Option 3: Redirect Link

As 3rd alternative, Users can be redirected to a pre-configured, customisable consents.online URL. 

Click here for examples.

 

Webhooks for Event Monitoring

We also offer the ability to make Server Side External Calls back to your system when significant events occur to improve your monitoring. By providing a URL, we can invoke this via GET when key events occur and pass some optional parameters with it.

e.g. https://webhooks.yourdomain.com/signupEvent/{externalReference}/{referenceGuid}

Webhook Fields
  • ExternalReferencestring
  • The reference code that you have attached to the customer's application
  • referenceGuid
  • AccountScore's internal reference for the customer which can be used directly in our API

We support basic authentication in the request for enhanced security and can pass the parameters described in the webhook fields section below:

  • Selected Bank - Triggered once the customer has selected a bank during their signup journey
  • Submitted Consents - Triggered once the customer has given consents to share their data
  • Consents Denied - Triggered if the customer declines to consent to share their data
  • Bank Authorisation - Triggered when the customer agrees to share information from their bank's app or website.
  • Bank Cancellation - Triggered if the customer declines to share their transaction data from their bank's app or website
  • Signup Complete - Triggered when the customer has completed their signup journey and the categorised data and insights are ready to pull via API
  • Reauthorise Consent - For recurring data access only - this is triggered when the customer agrees to extend their consent period
  • Revoke Consent - Triggered when a customer revokes consent to share their data.
  • Pause Consent - Triggered when a customer pauses consent to share their data
  • Resume Consent - Triggered when a customer resumes consent to share their data
  • System Error - Triggered when the system errors during signup

 

Connecting to Open Banking API’s (Stage 2)

Equifax and AccountScore offer a suite of Open Banking consumer and commercial solutions that convert consented transaction data gathered through the Data Collection stage into actionable insights. We offer the solutions through the Equifax APIS which can be seamlessly embedded as part of your customer journey and can be fed into your own decision systems to help you automate credit decisions.

Follow the below steps to connect to the Equifax APIs

Authentication  

Before connecting to any API’s you will first need to login. You can do this by Authenticate endpoint. 

We use IdAMS for authentication of API calls - this is the "Security Service" product which needs to be included in every subscription. See here for details of the specs for the Security Service.

For applications which are at "Test" or "Live" level, you will need your own Client ID and Client Secret, which will be setup by Equifax and provided to you. If you need to check your IdAMS credentials, please visit the IdAMS portal.

Secrets need to be refreshed every 30 days (minimum) using the “Change Client Secret” endpoint in the Security Service.

Open Banking APIs 

Consumer Accounts

  1. Customer Lookup

Customer Lookup API can be used to get Customer Identifiers from data about the requested customer. This is required for pull requests.

<Link to the API spec, Sample response here>

  1. Check Customer Progress

The Customer Progress API endpoint can be used to track the status of a Customer User through the application process.

<Link to the API spec, Sample response here>

  1. All Data endpoint

Finally, you can pull All of the Data Insights that we have collated by the Customer by calling All Data endpoint

  1. Customer Accounts Call

This call returns all top level bank account information from all accounts held against a customer record without pulling transaction data.

<Link to the API spec, Sample response here>

  1. Sort Code Lookup 

The sort code lookup endpoint allows you to pass a sort code and retrieve the name and the search string required to pass to the consents.online application form for pre-selecting a user's bank. This can help to streamline the user's journey.

<Link to the API spec, Sample response here>

  1. Check Customer Progress Complete History Call

The Customer Progress Complete History API endpoint can be used to provide an audit trail of all customer statuses through their journey.

<Link to the API spec, Sample response here>

  1. All Data Endpoints - Categorised Data 

All transactional data is standardised via a Categorisation engine enabling comparable aggregation for insights. <Link to the API spec, Sample response here>

  1. Bank Account Verify

Bank Account Verify API enables anti-impersonation checks, combining bank authentication through Open Banking with credit information held by Equifax to help reduce fraud.

Bank Account Verifier from Equifax compares the sort code and account number taken from the customer’s online bank account to Equifax’s extensive range of current account data. The name and address details associated with the bank account are compared to the details provided by the customer during their credit application. 

<Link to the API spec, Sample response here>

  1. Financial Health Index

Financial Health Index is a single metric that summarises a customer’s financial health based on current account transaction data. It uses open banking technology to analyse a customer’s current account data in real time and identify their likelihood of making credit repayments

The Index (values 1- 9) ranks an individual's creditworthiness based on behaviours and insights found in account information. It combines traditional credit scoring with Open Banking to improve the assessment of creditworthiness by incorporating insights from account information such as income, rental payments and council tax payments. 

Financial Health Index is available in multiple versions based on the period of time needed for the account information, e.g. 3, 6 and 12 months of data. 

<Link to the API spec, Sample response here>

  1. Automated Income Verification

Automated Income Verification enables real-time, digital income verification from personal current account data made available from Open Banking APIs, providing a ranking (A to F) of the amount of evidence there is to support a customer declared income. It also breaks down income into individual components such as salary, benefits and pension for more granular insight and more accurate verification. 

<Link to the API spec, Sample response here>

  1. Income Estimation

Income estimation API provides up-to-date point estimates of the income of a customer based on their personal current account information. 

<Link to the API spec, Sample response here>

  1. Expenditure

Expenditure APIs provides characteristics and summaries of a customer’s expenditures, including non-discretionary, discretionary and living expenses, based off personal current account information obtained from Open Banking APIs. 

<Link to the API spec, Sample response here>

  1. Standard Financial Statement

Standard Financial Statement (SFS) API is designed to retrieve a person's income and outgoings, along with any debts they owe in an industry approved SFS format. The SFS is an initiative designed to bring consistency to the way in which customer finances are assessed and is mainly used by debt advice providers and other relevant organisations.

It provides a single format for financial statements, allowing the debt advice sector and creditors to work together to achieve the right outcomes for people struggling with their finances.

This API is a mapping of our core categorisation and allows the client to directly ingest data in the SFS format.

<Link to the API spec, Sample response here>

  1. Primary Account Verification

Primary Account Verification characteristics, derived from credit information, confirm whether a current account is a sole or joint account, how many current accounts the individual has and whether a supplied current account is the primary salaried current account. Can be used for ID&V, affordability and to help form a holistic view of the customer from credit and account information.

 

Please note the client must be an Insight member to access this API. Click here if you need more information about becoming an Insight member. 

<Link to the API spec, Sample response here>

 
  1. Verify
 Verify is a simple API service which allows clients to verify a customers’ salary and employment status in real-time using Open Banking data. It can be accessed with a simple API integration that can add immediate operational improvements to your business and remove the need for any phone calls to be made to employers to check employment status. 

<Link to the API spec, Sample response here>

  1. Tenant Connect

TenantConnect removes the need for manual checks of payslips and bank statements. It provides our clients with income verification as well as identified rent and mortgage payments that are being made. 

TenantConnect has been designed for business that want to: 

  • See if rent or mortgage payments have been made for the last 12 months. 
  • Check if these payments have been made on time and are not in arrears. 
  • See the frequency of rent/mortgage transactions. 
  • Check that a consumer is employed. 
  • Verify how much a consumer earns. 
  • See how frequently the consumer is paid. 
  • Confirm if the consumer is receiving benefits or not. 
  • View the consumers next pay date. 

<Link to the API spec, Sample response here>

  1. Enrich

Enrich APIs allows transactional data to be submitted, analysed and categorised.  It allows the customer to share the transactional data with Equifax , via API or online, which Equifax will then analyse and return via API.

<Link to the API spec, Sample response here>

  1. Collections

This API is designed to be used in the Collections journey. Can be used to ask the customer additional details or questions about their personal circumstances and about their Income and Expenditure.

<Link to the API spec, Sample response here>

  1. PDF Generation

These APIs can be used to obtain open banking transaction data and Insights in a PDF format. The PDF can be downloaded via the URL returned from the API call.

  1. Standard Format PDF

Once a customer has completed their signup journey, we can make the data available to you via PDF download. This API will return a download link for the PDF. This link will only be valid for 5 minutes after which the link will be deactivated and another call will need to be made to regenerate the link.

<Link to the API spec, Sample response here>

  1. Standard Financial Statement (SFS) format PDF

Once a customer has completed their signup journey, we can make the data in Standard financial statement (SFS) format available to you via PDF. This API will return a download link for the PDF. This link will only be valid for 5 minutes after which the link will be deactivated and another call will need to be made to regenerate the link

<Link to the API spec, Sample response here>

  1. Refresh Data PDF

Once a customer has completed their signup journey, we can make the Refresh data available to you via PDF download. This API will return a download link for the PDF. This link will only be valid for 5 minutes after which the link will be deactivated and another call will need to be made to regenerate the link.

<Link to the API spec, Sample response here>

Click here for the spec.

Business Accounts (Commercial)

  1. Business Lookup

The Business Lookup API can be used to get Business identifiers from data about the requested Business. This is required to pull the transaction  data.

<Link to the API spec, Sample response here>

  1. Check Business Progress

The Business Progress API endpoint can be used to track the status of a business through the application process.

<Link to the API spec, Sample response here>

  1. All Data endpoint 

Finally, you can pull all of the Data Insights that we have collated against the business by calling All Data endpoint 

  1. Business Accounts

This call returns all top level bank account information from all accounts held against a business record without pulling transaction data.

<Link to the API spec, Sample response here>

  1. Sort Code Lookup

The sort code lookup endpoint allows you to pass a sort code and retrieve the name and the search string required to pass to the consents.online application form for pre-selecting a user's bank. This can help to streamline the user's journey.

<Link to the API spec, Sample response here>

  1. Check Business Progress Complete history 

The Customer Progress Complete History API endpoint can be used to provide an audit trail of all business statuses through their journey.

<Link to the API spec, Sample response here>

  1. All Data Endpoint - Categorised Data

A call to the All Data Endpoint returns all categorised data and events from all accounts, using a three-stage approach to transaction data categorisation - normalisation, categorisation and recurrence across all UK banks.

<Link to the API spec, Sample response here>

  1. Forecast 

The forecasting tool, designed primarily to evaluate a Business, providing both quarterly and monthly views. It looks at the historic actual data and enables a lender to pre-populate future data on a linear scale, using historic averages, replicating the historic data or inputting data manually as appropriate. 

<Link to the API spec, Sample response here>

  1. Business Health Characteristics 

Equifax Business Health Characteristics uses current account transaction data to provide a more complete picture of a company's financial health, reducing the need to rely on the Business credit score. 

<Link to the API spec, Sample response here>

 

Click here for the spec.

Banks connected

As new banks join the open banking ecosystem and release their APIs we connect to the new bank APIs and include them in our solution. List of currently active Open Banking APIs with the corresponding bank codes used in our signup process is available to download here.

consents.online is an AISP and has permission to use the APIs provided through the UK’s open banking initiative to connect to banks and download data. consents.online adheres to strict security standards and stores and transmits all data according to best security practice.