About KYC Trusted Customer Accounts
It is a strict requirement when setting up regular payments via a direct entry that a customer sights and agrees to a Direct Debit Request (DDR) and a Direct Debit Request Service Agreement (DDRSA). Similarly, there are also minimum identification requirements for the on-boarding process, referred to as ‘Know Your Customer', or KYC.
To cater for this, Zepto offers a KYC-Trusted status for partners that meet and can demonstrate the following requirements:
Display the Zepto DDRSA via a link or copy in-App: https://www.zepto.com.au/nz-ddrsa/
Display the Zepto DDR via a link or copy in-App: https://www.zepto.com.au/nz-ddr/
Furthermore, it is highly recommended that the following be in place:
A process to record & archive the acceptance of the DDR
Ensure a printed or non-changeable electronic copy of the DDR and DDRSA can be provided when required within 7 days
A refund and dispute policy
A process of identifying a customer and storing that data securely
Configuring a KYC agreement
You will need to use the POST /agreements/kyc endpoint. Please find the details in our API documentation attached here. This endpoint will allow you to achieve three actions simultaneously:
Create a contact (authoriser)
Input the bank account details (BSB + Account Number)
Create the Agreement
Payload Signature:
{
"authoriser": {
"name": "John Doe",
"email": "john@supplies.com",
"phone": "0283867110",
"bank_account": {
"account_number": "200100693049678"
},
"metadata": {
"some_data": "stored on the authoriser contact"
}
},
"terms": {
"per_payout": {
"min_amount": null,
"max_amount": null
},
"per_frequency": {
"days": null,
"max_amount": null
}
},
"metadata": {
"your_customer_uid": "6041475e-c5b4-4abe-a8e9-e2c3620a0a3e",
"some_other_data": "stored on the agreement"
}
}
Response:
{
"data": {
"ref": "A.ci",
"initiator_id": "6a0a05c4-8ad9-495d-bcf9-66a7d0046909",
"authoriser_id": "9fa1be8d-40fb-4bf6-9743-577a1d5a3775",
"contact_id": "bea8107a-a5b5-4719-92ec-8389ad7aa619",
"bank_account_id": "91dbef6d-b596-4387-a36c-5a8497822b97",
"status": "accepted",
"responded_at": "2018-04-30T04:43:52Z",
"created_at": "2018-04-30T04:43:52Z",
"terms": {
"per_payout": {
"max_amount": null,
"min_amount": null
},
"per_frequency": {
"days": null,
"max_amount": null
}
},
"metadata": {
"your_customer_uid": "6041475e-c5b4-4abe-a8e9-e2c3620a0a3e",
"some_other_data": "stored on the agreement"
}
}
}
Some important Notes:
This will only work once ‘KYC Trusted’ is activated on your sandbox account so please wait for confirmation from our support team before testing.
The request is idempotent to safeguard against accidental duplication. For example, if you POST the same payload, it will return the currently live Agreement.
Once this KYC endpoint is set up, payment requests can be sent to the contact_id.
Updating Bank Account
Some of your customers, over time, will change their bank accounts and require you to update their account details within your integration. It is important that this is taken into account and planned in advance to ensure a smooth transition for both your customers and yourself.
If your application relies on metadata that you supply when creating an Agreement, a Bank Connection or the Agreement reference, your application will need to remove the Agreement that is in place with this customer, remove the existing Contact and then send a request to the KYC endpoint to create a new Contact and Agreement within Zepto. This ensures that the correct data is persisted in your application and everything is set up and referenced correctly.
If your application does not rely on any of the above-mentioned data, the process is simpler and you can simply take advantage of the Update a Contact endpoint.
If you need more support or have further questions, feel free to reach out to us by clicking on the bubble at the bottom of our screen or email us at support@zepto.com.au.