For KYC trusted merchants it is a strict requirement when setting up regular payments via a direct entry that a customer sights and agrees to a Direct Debit Request (DDR) and a Direct Debit Request Service Agreement (DDRSA). Similarly, there are also minimum identification requirements for the on-boarding process, referred to as ‘Know Your Customer', or KYC.
Using the standard Zepto API integration, these DDR and DDRSA documents are embedded as links, and the KYC requirements are handled as part of the Instant Account Verification (IAV) process. We fully appreciate, however, that some of our partners have an existing onboarding process with Basiq, for example, that collects the required KYC materials before passing this information through to establish regular direct debits via Zepto.
To cater for this, Zepto offers a KYC-Trusted status for partners that meet and can demonstrate the following requirements:
Display the Zepto DDRSA via a link or copy in-App: www.zepto.com.au/ddrsa
Display the Zepto DDR via a link or copy in-App: https://www.zepto.com.au/ddr/
Furthermore, it is highly recommended that the following be in place:
A process to record & archive the acceptance of the DDR
Ensure a printed or non-changeable electronic copy of the DDR and DDRSA can be provided when required within 7 days
A refund and dispute policy
A process of identifying a customer and storing that data securely
Step 1 – Set up a Sandbox Account
The first step to configure your KYC status is to set up a sandbox account. This allows you to configure our platform using dummy information for testing purposes.
Set up a Zepto sandbox account here: go.sandbox.split.cash/sign_in
Notify us via email@example.com or call 1300 611 406
Zepto will then activate KYC Trusted Status on your sandbox account
Step 2 – Configure the Basiq integration
To set up the Basiq integration on our platform:
Sign in to your Zepto sandbox account
Click on the arrow on the top left corner and select Settings then Integrations
If your KYC Status has been activated you will see a Basiq Integration
Add the Basiq API Key that enables the User ID and Connection ID you plan on submitting with your requests.
Note: If you cannot see the Basiq Integration as per the screenshot above, please notify our support team to activate KYC Trusted status via firstname.lastname@example.org or call 1300 611 406 during business hours and dial 2 for support.
Step 3 – Create an Agreement via the KYC Endpoint
The following endpoint will allow you to achieve three actions simultaneously:
Create a contact
Input the bank account details (BSB + Account Number)
Create the Agreement
Endpoint: POST /agreements/kyc
"some_data": "stored on the authoriser contact"
"some_other_data": "stored on the agreement"
terms fields are defined in our API docs, or use
null for a no limits agreement.
"some_other_data": "stored on the agreement"
Note: Notice how the response status is unverified. This is because we asynchronously verify that the Basiq details work and match the provided branch_code and account_number. To be clear, this is done asynchronously because the Basiq check can take some time. Once the check is successfully completed, the Agreement status will transition to
accepted. If the check is unsuccessful, the Agreement status will become declined. You may also choose to subscribe to the Agreement webhooks to get automatically notified of these state changes (this can be done via the UI).
Some important notes:
This will only work once ‘KYC Trusted’ is activated on your sandbox account so please wait for confirmation by our support team before testing.
The request is idempotent to safeguard against accidental duplication. For example, if you POST the same payload, it will return the currently live Agreement.
Once this KYC endpoint is set up, payments requests can be sent to the contact_id. Configuration details can be found at https://docs.split.cash/#request-payment
For testing purposes, you will need to use one of the BSB and account numbers returned by a Basiq test account https://api.basiq.io/reference#connect-api.
Updating Bank Account
Some of your customers, over time, will change their bank account and require you to update their account details within your integration. It is important that this is taken into account and planned for in advance to ensure a smooth transition for both your customers and yourself.
If your application relies on metadata that you supply when creating an Agreement, a Bank Connection or the Agreement reference, your application will need to remove the Agreement that is in place with this customer, remove the existing Contact and then send a request to the KYC endpoint to create a new Contact and Agreement within Zepto. This ensures that the correct data is persisted in your application and everything is set up and referenced correctly.
This process is explained in more detail in this article.
Step 4 – Going Live
Once the sandbox testing is complete you simply need to register for a production account and the same approval process as per Step 1 will take place to activate KYC Trusted and verify that the integration is suitable as per the minimum requirements outlined above.
Feel free to reach out if you have further questions by emailing us directly at email@example.com or clicking on the blue bubble icon from the corner of the screen.