User Account Verification

User Account Verification API

POST VEGA_VERIFICATION_ACCOUNT_API_PATH

Enclave Environment Variable:

Enter the User Account Verification API endpoint in VEGA_VERIFICATION_ACCOUNT_API_PATH field.

Every VASP can be either the originating and beneficiary VASP

This API is called when the VASP performs the role of the beneficiary VASP.

The API is called to verify that the beneficiary address (wallet address, account number) entered by the originator belongs to the beneficiary address (and VASP).

Response Time Standard

This API must respond in 1 second.

Implementation Standards

  • IVMS101 format of beneficiary information.

  • This API only verifies the existence of a wallet address and name. KYC or Sanction Screening process is not covered by this API.

  • This API is designed for only for single account verification. In order to verify multiple accounts, make one of this API call per account.

  • For a corporation account, if there are multiple representatives but only one is matched, the result will be returned as VERIFIED.

Request Header

Request Body

Request Body Examples

  • When only verifying the beneficiary's wallet address

{
  "originatingVaspId": "15952089931162060684",
  "symbol": "ETH",
  "network": "Ethereum",
  "version": "1.0",
  "ivms101": {
    "beneficiary": {
      "accountNumber": ["0x5811001506550d8356a215be229c15b6ef371a9b"]
    }
  }
}

  • When verifying the beneficiary's name and wallet address (when withdrawing more than the mandated threshold of the jurisdiction)

{
  "originatingVaspId": "15952089931162060684",
  "symbol": "ETH",
  "network": "Ethereum",
  "version": "1.0",
  "ivms101": {
    "beneficiary": {
      "beneficiaryPersons": [
        {
          "naturalPerson": {
            "name": {
              "nameIdentifier": [
                {
                  "primaryIdentifier": "Taylor",
                  "secondaryIdentifier": "Robbins",
                  "nameIdentifierType": "LEGL"
                }
              ]
            }
          }
        }
      ],
      "accountNumber": ["0x5811001506550d8356a215be229c15b6ef371a9b"]
    }
  }
}

  • When verifying the wallet address of a legal person

{
  "originatingVaspId": "15952089931162060684",
  "symbol": "ETH",
  "network": "Ethereum",
  "version": "1.0",
  "ivms101": {
    "beneficiary": {
      "accountNumber": ["0x5811001506550d8356a215be229c15b6ef371a9b"]
    }
  }
}

  • When verifying the name and wallet address of a legal person (when withdrawing more than the mandated threshold of the jurisdiction)

{
  "originatingVaspId": "15952089931162060684",
  "symbol": "ETH",
  "network": "Ethereum",
  "version": "1.0",
  "ivms101": {
    "beneficiary": {
      "beneficiaryPersons": [
        {
          "legalPerson": {
            "name": {
              "nameIdentifier": [
                {
                  "legalPersonName": "A Company",
                  "legalPersonNameIdentifierType": "LEGL"
                }
              ]
            }
          }
        },
        {
          "naturalPerson": {
            "name": {
              "nameIdentifier": [
                {
                  "primaryIdentifier": "Taylor",
                  "secondaryIdentifier": "Robbins",
                  "nameIdentifierType": "LEGL"
                }
              ]
            }
          }
        }
      ],
      "accountNumber": ["0x5811001506550d8356a215be229c15b6ef371a9b"]
    }
  }
}

  • network field is optional. In the case of a virtual asset that is distributed across multiple blockchain networks, such as USDT, which is distributed across Ethereum, BSC, and Solana, the following responses can be returned if the counter-VASP calls API without Network Field.

    • The result can be returned as DENIED and the reason as UNKNOWN-NETWORK. However, if the counterparty VASP has not yet implemented network field, the success rate may decrease.

    • Alternatively it can be assumed that the network in use is same as your VASP and return the verification result. In such cases, do take note that, if the network your VASP support is different from the counterparty VASP, the virtual asset may be transferred via a wrong network and may become unretrievable.

  • VASP can decide which response to return. Different policies on returning response to each counterparty VASP are available. Please consider various scenarios of returning response to counterparty VASP when implementing Network Field.

Response Body

Response Body Examples

  • 200 OK

{
  "accountVerificationResult": "VERIFIED",
  "verifiedAt": "2022-03-03T21:52:08.092Z"
}

  • 200 OK

{
  "accountVerificationResult": "DENIED",
  "reason": "UNKNOWN-SYMBOL",
  "verifiedAt": "2022-03-03T21:52:08.092Z"
}

  • accountVerificationResult field can be "VERIFIED" or "DENIED"

    • VERIFIED: Successfully verified account in beneficiary VASP.

    • DENIED: Unknown account or name, not verified on beneficiary VASP side.

  • reason field specification is as follows.

    • The field is valid only when result field is DENIED.

    • Refer to the below table for the message field value.

Links

A guideline to the ways to enter IVMS101 information

PreviousVASP API ReferenceNextUser Verification

Last updated