On This Page

Visa Bank Account Validation Merchant Guide

This section describes how to use this guide and where to find further information.
Audience and Purpose
This guide is written for merchants who want to implement the Visa Bank Account Validation product with the
REST API
.
This product is currently in the Pilot phase, and this guide is only for the Pilot launch of the product.
Prohibited Uses
Merchants are prohibited from using the Visa Bank Account Validation (1) alone or in connection with other data or information, to determine a consumer's eligibility for products, services, credit, insurance, housing or employment, and/or engage in any other actions that could give rise to adverse action requirements under the US Fair Credit Reporting Act, the Equal Credit Opportunity Act, and/or other similar federal, state, or local regulations; (2) alone or in connection with other data or information, in any way that would cause Visa or Cybersource to be a “consumer reporting agency”; or (3) alone or in connection with other data or information, to discriminate based on race, gender, or other protected characteristics.
Conventions
These statements appear in this document:
IMPORTANT
An
Important
 statement contains information essential to successfully completing a task or learning a concept.
WARNING
A
Warning
 contains information or instructions, which, if not heeded, can result in a security risk, irreversible loss of data, or significant cost in time or revenue or both.
Related Documentation
Visit the
Cybersource
 documentation hub to find additional technical documentation.
Customer Support
For support information about any service, visit the Support Center:

Recent Revisions to This Document

25.06.01

This revision contains only editorial changes and no technical updates.

25.05.01

This revision contains only editorial changes and no technical updates.

25.04.01

Initial release.

Introduction to Visa Bank Account Validation

Cybersource
 offers the Visa Bank Account Validation product that helps you validate your customer's bank account for Automated Clearing House (ACH) transactions. This product also helps you comply with Nacha (National Automated Clearing House Association) Web Debit Account Validation Rule for ACH web transactions.
This product helps reduce the number of administrative returns, enhances the security and reliability of ACH transactions, and protects your business from the costly repercussions of invalid ACH transactions.
The Visa Bank Account Validation product validates both the routing and bank account number. The responses on this validation will let you know whether the customer's account is Validated, Not Validated, Low Risk, Medium or High Risk for processing ACH transactions.

Requirements for Visa Bank Account Validation

Visa Bank Account Validation enables you to validate your customer's bank accounts in the US for ACH transactions. Before you can start using it, you must meet several requirements:
  • Verify that you have the capability to use REST API.
  • Contact the
    Cybersource
     sales team or your contracting partner to request onboarding for the Visa Bank Account Validation product.
  • Sign a Pilot/Beta agreement with
    Cybersource
     or your partner.
  • Generate a
    REST
     key P12 certificate for your merchant ID (MID) so that you can send requests. For more information, see Generating a P12 Certificate.
  • Enable Message-Level Encryption (MLE) so that you can send API requests to
    Cybersource
    . For more information, see Enabling Message-Level Encryption.

Generating a P12 Certificate

You can use this validation product only through a REST API integration.
You must create a
REST
 key for your merchant ID. If you already have an
REST
 key for other
Cybersource
REST
 services with the same merchant ID, you can use that key to access the Visa Bank Account Validation Service. Ensure that this key is a P12 certificate. For more details, see Create a P12 Certificate.

Enabling Message-Level Encryption

You must enable Message-Level Encryption (MLE) to send Visa Bank Account Validation API requests to
Cybersource
. For more information, see Enable Message-Level Encryption.

Visa Bank Account Validation

This section shows you how to process an account validation.

Processing a Visa Bank Account Validation Using
REST

Follow these steps to request a Visa bank account validation:
  1. Create the request with the required REST API fields.
  3. Verify the response messages to make sure that the request succeeded. For more information, see the Transaction response codes.

Required Fields for Processing an Account Validation

The value for this field must be set to
1
.
The value for this field must be the routing number for your customer’s bank. This field accepts only non-negative integers.
The value for this field must be the bank account number for your customer's bank account. This field accepts only non-negative integers.

Optional Fields for Processing an Account Validation

The value for this field can include any reference code that you choose to associate with the validation request. This code will be returned in the response exactly as provided.

REST Example: Processing an Account Validation

Request
{
    "clientReferenceInformation": {
        "code": "TC50171_3"
    },
    "processingInformation": {
        "validationLevel": 1
            },
    "paymentInformation": {
        "bank": {
            "routingNumber": "041210163",
            "account": {
                "number": "1234567"
            }
        }
    }
}
Response to an Unsuccessful Request
{
    "submitTimeUtc": "string",
    "status": "string",
    "message": "string",
    "reason": "string",
    "details": [
        {
            "field": "string",
            "reason": "string"
        }
    ]
}
Response to a Successful Request
{
    "clientReferenceInformation": {
        "code": "TC50171_3"
    },
    "requestId": "string",
    "submitTimeUtc": "string",
    "bankAccountValidation": {
        "rawValidationCode": 0,
        "resultCode": 0,
        "resultMessage": "string"
    }
}

Response an Unsuccessful Request

It is important to understand the fields contained in a response to an unsuccessful request. These fields provide information to help you identify and resolve unsuccessful requests.
The response to an unsuccessful request contains these fields:
  • v-c-correlationid
    : The response header includes a unique identifier for this validation call.
  • submitTimeUtc
    : The timestamp of the validation call. The format is YYYY-MM-DDThhmmssZ.
  • message
    : The detailed message related to the status and reason for the response.
For more information about response codes, visit the Transaction response codes page.

HTTP Status Codes for an Unsuccessful Request

These are the possible values you can receive for a status, reason, and details block depending on the HTTP status code:
HTTP Status Codes
HTTP Status Code
(part of HTTP header)
Status
Reason
Details (an array with 0 to many blocks)
400
INVALID_REQUEST
INVALID_REQUEST
Field contains the name of the field that is missing or incorrect:
Reason – MISSING_FIELD, INVALID_DATA
403
UNAUTHORIZED
UNAUTHORIZED
404
NOT_FOUND
NOT_FOUND
422
VALIDATION_ERROR
PRODUCT_INACTIVE
INVALID_MERCHANT_CONFIGURATION
PRODUCT_NOT_CONFIGURED
502
SERVER_ERROR
SYSTEM_ERROR
SERVER_TIMEOUT
SERVICE_TIMEOUT

Response to a Successful Request

These are the response fields you receive in a successful response. These fields are needed for tracking and referencing your validation requests.
The response to a successful request contains these fields:
  • clientReferenceInformation.code
    : This field appears if you include it in the request. It holds any reference code you want associated with the specific validation request. The code returns in the response exactly as provided.
  • requestID
    : This unique ID identifies the validation request and can be used for future reference. You can use this request ID to search for the validation request in the Transaction Search module.
  • submitTimeUtc
    : This field records the timestamp of the validation request.
  • bankAccountValidation
    : Refer to the API response codes table to understand the possible codes.

API Response Codes for a Successful Request

These are the possible response code values that you can receive from
rawValidationCode
,
resultCode
, and
resultMessage
:
Values Returned for Successful Responses
Raw Validation Code
Result Code
Result Message
12
00
Validated
13
00
Low risk
14
00
Medium risk
15
04
High risk
16
04
Not validated
-1
98
Unable to perform validation; no information found.
-2
99
Service unavailable
Result Message Explanation
Result Code
Explanation
Validated
Account is in good standing.
Low risk
Some positive data available for the account and no negative information found.
Medium risk
Young account for which there is no negative information.
High risk
One or more information points available to indicate that there is a very low probability of payment from this account.
Not validated
Account closing or closed.
Result Code Explanation
Result Code
Explanation
00
Validated
04
Not validated
98
Unable to perform validation; no information found.
99
Service unavailable

Reference Information

You can search for transaction validations using the request ID in the
Business Center
 or by using the REST API.
For more information, see these guides:

Testing Examples

You can use the data below to test each validation result in the sandbox environment.
Validation Mode Examples
Routing Number
Account Number
Raw Validation Code
Result Code
111000614
99970
12
00
111000614
99971
13
00
111000614
99973
14
00
111000614
99915
15
04
111000614
99941
16
04
111000614
99950
-1
98
111000614
99980
-2
99