For KYC trusted merchants it is a strict requirement when setting up regular payments via a direct entry that a customer sights and agrees to a Direct Debit Request (DDR) and a Direct Debit Request Service Agreement (DDRSA). Similarly, there are also minimum identification requirements for the on-boarding process, referred to as ‘Know Your Customer', or KYC. 

Using the standard Zepto API integration, these DDR and DDRSA documents are embedded as links, and the KYC requirements are handled as part of the Instant Account Verification (IAV) process. We fully appreciate, however, that some of our partners have an existing onboarding process with Basiq, for example, that collects the required KYC materials before passing this information through to establish regular direct debits via Zepto.

To cater for this, Zepto offers a KYC-Trusted status for partners that meet and can demonstrate the following requirements:

Furthermore, it is highly recommended that the following be in place:

  • A process to record & archive the acceptance of the DDR

  • Ensure a printed or non-changeable electronic copy of the DDR and DDRSA can be provided when required within 7 days

  • A refund and dispute policy

  • A process of identifying a customer and storing that data securely

Step 1 – Set up a Sandbox Account

The first step to configure your KYC status is to set up a sandbox account. This allows you to configure our platform using dummy information for testing purposes. 

Step 2 – Configure the Basiq integration

To set up the Basiq integration on our platform:

  1. Sign in to your Zepto sandbox account

  2. Click on the arrow on the top left corner and select Settings then Integrations

  3. If your KYC Status has been activated you will see a Basiq Integration

  4. Add the Basiq API Key that enables the User ID and Connection ID you plan on submitting with your requests. 

Note: If you cannot see the Basiq Integration as per the screenshot above, please notify our support team to activate KYC Trusted status via enquiries@zepto.com.au or call 1300 611 406 during business hours and dial 2 for support.

Step 3 – Create an Agreement via the KYC Endpoint 

The following endpoint will allow you to achieve three actions simultaneously: 

  • Create a contact 

  • Input the bank account details (BSB + Account Number)

  • Create the Agreement

Endpoint: POST /agreements/kyc

Payload Signature: 

{
  "authoriser":{
    "name":"John Doe",
    "email":"john@supplies.com",
    "bank_account":{
      "branch_code":"433444",
      "account_number":"3934342",
      "basiq_user_id":"711fa669-291a-4190-b759-86671e8a321f",
      "basiq_connection_id":"228487a1-e3dc-4949-b2b0-448063320a81"
    },
    "metadata": {
      "some_data": "stored on the authoriser contact"
    }
  },
  "terms":{
    "per_payout":{
      "min_amount":null,
      "max_amount":null
    },
    "per_frequency":{
      "days":null,
      "max_amount":null
    }
  },
  "metadata":{
    "your_customer_uid": "6041475e-c5b4-4abe-a8e9-e2c3620a0a3e",
    "some_other_data": "stored on the agreement"
  }
}

The terms  fields are defined in our API docs, or use null  for a no limits agreement.

Response:

{
  "data":{
    "ref":"A.ci",
    "initiator_id":"6a0a05c4-8ad9-495d-bcf9-66a7d0046909",
    "authoriser_id":"9fa1be8d-40fb-4bf6-9743-577a1d5a3775",
    "contact_id":"bea8107a-a5b5-4719-92ec-8389ad7aa619",
    "bank_account_id":"91dbef6d-b596-4387-a36c-5a8497822b97",
    "status":"unverified",
    "responded_at":"2018-04-30T04:43:52Z",
    "created_at":"2018-04-30T04:43:52Z",
    "terms":{
      "per_payout":{
        "max_amount":null,
        "min_amount":null
      },
      "per_frequency":{
        "days":null,
        "max_amount":null
      }
    },
    "metadata":{
      "your_customer_uid": "6041475e-c5b4-4abe-a8e9-e2c3620a0a3e",
      "some_other_data": "stored on the agreement"
    }
  }
}

Note: Notice how the response status is unverified. This is because we asynchronously verify that the Basiq details work and match the provided branch_code and account_number. To be clear, this is done asynchronously because the Basiq check can take some time. Once the check is successfully completed, the Agreement status will transition to accepted. If the check is unsuccessful, the Agreement status will become declined. You may also choose to subscribe to the Agreement webhooks to get automatically notified of these state changes (this can be done via the UI).

Some important notes: 

  1.  This will only work once ‘KYC Trusted’ is activated on your sandbox account so please wait for confirmation by our support team before testing.

  2. The request is idempotent to safeguard against accidental duplication. For example, if you POST the same payload, it will return the currently live Agreement. 

  3. Once this KYC endpoint is set up, payments requests can be sent to the contact_id. Configuration details can be found at https://docs.split.cash/#request-payment

  4. For testing purposes, you will need to use one of the BSB and account numbers returned by a Basiq test account https://api.basiq.io/reference#connect-api.

Updating Bank Account

Some of your customers, over time, will change their bank account and require you to update their account details within your integration. It is important that this is taken into account and planned for in advance to ensure a smooth transition for both your customers and yourself.

If your application relies on metadata that you supply when creating an Agreement, a Bank Connection or the Agreement reference, your application will need to remove the Agreement that is in place with this customer, remove the existing Contact and then send a request to the KYC endpoint to create a new Contact and Agreement within Zepto. This ensures that the correct data is persisted in your application and everything is set up and referenced correctly.

This process is explained in more detail in this article.

Step 4 – Going Live 

Once the sandbox testing is complete you simply need to register for a production account and the same approval process as per Step 1 will take place to activate KYC Trusted and verify that the integration is suitable as per the minimum requirements outlined above. 

Register: https://go.split.cash/sign_in

Feel free to reach out if you have further questions by emailing us directly at support@zepto.com.au or clicking on the blue bubble icon from the corner of the screen.

Did this answer your question?