Skip to content
/
BankIdent Plus
Last updated

Overview

This guide provides all the essential information about Solaris' BankIdentPlus product, including key concepts, integration details, and available testing options.

Introduction

BankIdent Plus is a secure and easy way for customers to verify their identity when opening a new account. It combines a digital signature, known as a Qualified Electronic Signature (QES), with a bank transfer to confirm the customer's identity.

The process includes taking a selfie, uploading an image of an ID card, approving a digital signature (QES), and making an initial top-up to the newly opened account.

The process is divided into three steps:

1. Identity Check The customer takes a selfie, scans their ID card, and provides a digital signature (QES). This confirms their identity.

2. Account Opening Solaris automatically checks the customer’s details and performs the Customer Due Diligence (CDD) process. When no associated risk is identified (Green status), an account is opened for the customer.

3. First Top-Up Show the IBAN to the customer, who then makes a small deposit to the new account. This transfer verifies ownership of the external bank account used for the top-up.

User Journey

The following flowchart illustrates the complete lifecycle of a BankIdent Plus onboarding, from registration to final account activation.

Phase 3: Activation (First Top-Up)
Phase 2: Compliance & Account Opening
Phase 1: Registration & Pre-Identification
Green
Yellow
Eventually Green
Eventually Red
Valid
Red
Invalid / Expired
Step 6:
Incoming Reference
Transfer (SEPA)
Step 5:
Display IBAN to
Customer
Transfer
Validation
Step 7:
Account Unblocked
(Active)
CDD Status
Check
Step 4.1:
Internal Compliance
Checks (CDD)
Step 4.2:
Auto Account Opening
(Debit Blocked)
Wait for
Manual Review
Terminate Process
Step 2:
Trigger BankIdent Plus
(Create Identification)
Step 1:
User Registration &
Mobile Verification
Step 3:
Redirect to IDnow
(Selfie & QES)

Integrate Solaris' Bankident plus by completing the following steps:

Step 1. User registration

  1. Collect the mandatory customer data and consent to the legal and regulatory requirements in your sign-up flow, and create a person resource for your customer.
  2. Create and verify the customer's mobile number.
  3. The customer consents to the terms and conditions and agrees to open an account.

Step 2. Pre-identification (Via IDNow)

  1. Inform the customer that they will be redirected to IDnow to complete the pre-identification process.
  2. During the IDnow process, the customer will be asked to:
    1. Confirm their full name
    2. Agree to IDnow’s terms and conditions
    3. Scan their ID card (front, back, and security features)
    4. Take a short video selfie
    5. Electronically sign their information

Step 3. Account Opening

After the customer completes the previous steps, they must wait while Solaris completes the following:

  1. Compliance Checks:
    Solaris performs internal compliance checks. See more information on the Customer Due Diligence (CDD) process here. To proceed with account opening, the CDD status must be Green status listed here. Any other status results in the termination of the identification process. The account opens ONLY after CDD is successfully completed.

  2. Account Opening:
    If all compliance checks pass, Solaris triggers the account opening process automatically. Before moving to the next steps, your system must wait for the IDENTIFICATION webhook with status pending_ref_transfer to receive updates on the progress.

    Unlike the standard account opening process where the partner calls the API endpoint after a successful CDD, BankIdent Plus automates this step. Solaris triggers the account opening internally.

    You do not need to call the standard account opening request.

  3. IBAN Display and Account Restrictions
    Once the account opens successfully with status debit_block, show the new IBAN to the customer in your interface. At this stage:

    • The account only accepts the expected reference transfer.
    • It is blocked from any outgoing transaction (debit block).
    • Any funds sent that don’t match the reference transfer requirements return immediately.

Step 4: Reference Transfer Requirements

  1. The customer must transfer funds to their new account using the displayed IBAN.
  2. This transfer must be a SEPA transfer (Regular or Instant SCT) from an existing bank account in the customer's own name.
  3. If the transfer fails:
    1. For example, if the money is sent from an account the customer does not own, the transfer is rejected.
    2. Your frontend can optionally:
      • Show that the attempt failed.
      • Inform the customer how many attempts remain.
  4. Important Rules:
    1. The customer has a maximum of 3 attempts within 30 days to complete the reference transfer.
    2. If all attempts fail or no valid transfer is received within 30 days, the identification process terminates.
    3. Solaris automatically triggers an Ordinary Account closure request towards the IBAN.
    4. Any future incoming transactions are rejected.
    5. Data retention takes place as per the agreed Customer Data Retention Policies.
Important

If BankIdentPlus identification fails, the customer can be allowed to try again using a different identification method.

  • If the account has already been opened, they have 60 days from the failure date to retry.
  • After 60 days, the entire onboarding process must start over. This includes:
    • Creating a new user profile
    • Verifying the mobile number again
    • Setting up a new device connection
  • Any of the alternative identification methods provided by the partner can be offered to the customer, incase Bankident Plus fails.

If there is a need to cancel a BankIdentPlus identification after the account has been opened, you can choose to fail the identification in order to accelerate the account closure process. Use the Mark an identification as failed endpoint to terminate the identification process.

"Solaris Ecosystem""Partner Integration"CustomerPartner FrontendPartner BackendSolaris BackendIDnowStep 1: Sign UpPerson Resource CreationMobile verification &Device Binding completeStep 2: Pre-IdentificationStatus: pre_successfulStep 3: Account OpeningInternal CDD Checksopt[CDD Status Change]Status: pending_ref_transferStep 4: Reference TransferStatus: successfulAccount Unblockedalt[Transfer Failed (Name Mismatch/Fraud)][Transfer Successful]Provide mandatory datapoints1Submit Registration Data2POST /v1/persons3201 Created (person_id)4Provide mobile number5POST /v1/persons/{person_id}/mobile_number6201 Created Mobile number resource7POST /v1/persons/{person_id}/mobile_number/authorize8Send Otp for confirmation9POST /v1/persons/{person_id}/mobile_number/confirm10Verified mobile number11POST /identifications (method: bank_plus)12201 Created (identification_id)13PATCH /identifications/{id}/request14Create AutoIdent+QES15Created (idnow_reference)16200 OK (redirect_url)17Pass Redirect URL18Initialize IDnow SDK19Complete Video/Selfie/QES20Success Webhook21Webhook: IDENTIFICATION22Webhook: IDENTIFICATION (pending_account_creation)23Open Account (Debit Blocked)24Webhook: IDENTIFICATION25GET /identification_account26200 OK (IBAN, BIC, Currency)27Return IBAN28Display IBAN & Instructions29Send SEPA Credit Transfer30Validate Sender Name & IBAN31Webhook: IDENTIFICATION_REFERENCE_TRANSFER_ATTEMPT32Display "Attempt Failed" (X left)33Webhook: IDENTIFICATION (account_id)34GET /identification_account35200 OK (Full Account Details)36CustomerPartner FrontendPartner BackendSolaris BackendIDnow

Integration Pre-requisites

Before integrating this feature, you must implement the following requirements in your solution:

1. Product Setup

Identification and Account opening configurations need to be assigned to you by your partner manager.

2. Technical setup

Set up your environment and get your authentication keys. For step-by-step instructions, check the Technical setup guide.

3. Legal and compliance screens

Build the necessary legal and compliance screens in your sign-up flow to collect your customers' consent to the necessary legal and compliance requirements. The Legal and compliance screens guide contains step-by-step instructions on how to create these screens and what they must contain.

Record the customer's consent on each screen as a UTC timestamp (e.g., 2019-01-01T00:00:00Z). Afterward, you must pass each timestamp in its respective field to Solaris.

  • Collect the customer's consent to Solaris' Terms and Conditions and store the timestamp in the terms_conditions_signed_at field.
  • Collect the customer's consent to data processing and store the timestamp in the data_terms_signed_at field.

4. Devices

Before an identification can be created you have to:

  • Create a mobile number for the user
  • Create a device binding for the customer. More information on how to do that can be found in the Device Binding guide.

Webhooks

You must subscribe to the following webhook events to ensure that your system receives notifications for crucial events in the identification process. Webhooks help you monitor various status changes during the identification process.

The following diagram illustrates the complete lifecycle of the identification status and the transitions you will receive via the IDENTIFICATION webhook:

Phase 1: Pre-Identification
Phase 2: Compliance & Account
Phase 3: Activation
Identification Created
User completes Video/QES
User quits
IDnow cancels
Retry & Succeed
Retry & Succeed
Retry & Fraud/Mismatch
Retry & Fraud/Mismatch
Fraud/Mismatch
Internal trigger
Account Opened
CDD Rejected
Valid Transfer
Invalid (< 3 Attempts)
Invalid (3rd Attempt) or Expired
pending
pre_successful
aborted
canceled
failed
pending_account_creation
pending_ref_transfer
IBAN Available.
Wait for funds.
successful

Key Status Transitions to Monitor

StatusDescription
aborted / canceledNon-Terminal. The identification session was interrupted. The user can retry using the same link. The status remains here until a new outcome overwrites it.
pre_successfulThe Pre-Identification has been finished successfully. Solaris will now proceed with compliance checks (CDD).
pending_account_creationCompliance screening (CDD) has finished successfully. Solaris will now proceed with the account opening flow.
pending_ref_transferCritical Signal. It confirms the account is open and the IBAN is ready. You must trigger your UI to display the IBAN to the customer at this stage.
successfulThe final terminal state. The reference transfer has been received, and the account debit block is removed.
failedThis terminal state can occur at two stages: either due to a failed compliance check (Phase 2) or after 3 failed reference transfer attempts (Phase 3).

Updates from the IDENTIFICATION_REFERENCE_TRANSFER_ATTEMPT webhook will notify the partner about the remaining number of reference transfer attempts left.

IDnow Integration

In addition to the Solaris technical prerequisites, you must also integrate IDnow into your solution. You can achieve this by using IDnow's mobile SDKs (available for iOS and Android) .

For instructions on how to set up IDnow in your solution, see the following IDnow documentation links:

To create a smoother process, it is possible to integrate another SDK which includes ID card reading via the NFC chip. To verify the ID card the customer simply has to tab their ID instead of relying on the capture of hologram images. If you would like to enable this, please reach out to your account manager.

API Integration

User onboarding/ Data collection

Creating a person

This endpoint creates a person resource for your customer. You must collect the mandatory data points from your customer in the sign-up flow and pass them to Solaris in the request body of this endpoint.

Request URL

POST /v1/persons

Response

The API returns a person object with a unique ID for the person (i.e., the person_id). You will need this id to append the person resource with additional information in the remaining steps of this guide.

Click here to view the full API reference

Device Binding

Before the BankPlus Identification can be created, the device binding flow needs to be followed. See Device Binding for reference.

Pre-Identification

Create Identification

This endpoint creates an identification resource for the person specified in the request URL. You must add the following properties in the request body:

  • method : The identification method, use bank_plus .
  • language : language for the idnow flow

Attributes needed for account opening:

  • product_name
  • account_type
  • account_bic
  • account_currency
  • Optional: account_purpose

For more information see account opening guide

It is only possible to use account types that you have an existing configuration for. If you are unsure what configurations are present or need additional account types enabled, please reach out to your partner manager.

Click here to view full API reference.

Request identification

This endpoint requests Solaris to begin the process for the person identification specified in the URL. The identification status will change to pending after calling this endpoint.

Click here to view the full API reference.

You must redirect your customer to the URL returned in the previous call to start the AutoIdent + QES or initiate via IDnow SDK.

You can track the various status of this process by subscribing to the IDENTIFICATION webhook.

To retrieve the complete details of the identification, please use the GET Retrieve a person Identification API endpoint

Account Opening

Get Identification Account

Once an account has been created the IBAN can be accessed when required by requesting the identification account resource.

Click here to view the full API reference

These details are also available by subscribing to the IDENTIFICATION webhook.

Handling Failures & Account Reactivation

If the BankIdent Plus identification process fails (for example, due to a failed reference transfer), you can recover the customer journey using a fallback identification method.

If the customer successfully completes a supported fallback identification within 60 days of the failure, you can reactivate their existing account instead of restarting the account creation process.

Supported fallback methods

  • IDnow VideoIdent
  • PostIdent
  • Manual Identification

Prerequisites for reactivation

To reactivate an account, the following conditions must be met:

  1. Timeline: The reactivation request must occur within 60 days of the BankIdent Plus failure.
  2. Compliance: The person’s Customer Due Diligence (CDD) status must be green.
  3. Identity: A successful fallback identification resource must exist for the person.

Reactivate identification account

Call this endpoint to reactivate the account associated with the failed BankIdent Plus process. This returns the account details (IBAN, BIC) required for the customer to start using their account.

Request URL
PATCH /v1/persons/{person_id}/identification_account/reactivate
Response Body
{
  "iban": "DE05011010100000000043",
  "account_currency": "EUR",
  "account_bic": "SOBKDEB2XXX",
  "product_name": "CURRENT_ACCOUNT_CONSUMER_GERMANY",
  "account_type": "CHECKING_PERSONAL",
  "account_purpose": "primary",
  "account_id": "5526853938474f3e92b22a03ea57a544cacc"
}
Potential Errors

412 Precondition Failed: The account cannot be reactivated. This occurs if the 60-day limit has passed or no successful fallback identification exists.

Click here to view the full API reference

Additional API references

Mark an identification as failed

You can mark an identification as failed if a user does not wish to proceed with the reference transfer. Failing the identification manually initiates the ordinary account closure faster.

Click here to view the full API reference

Testing

We support simulating different outcomes of the separate identification steps to support your automated or manual testing. In order to enable testing that does not require wait times or specific data requirements, we support simulating all major asynchronous events in the flow. The endpoint is as follows:

Request URL
PATCH /v1/persons/{person_id}/identifications/{id}/simulate_outcome
Request Body
{
"scenario": "SUCCESSFUL_PRE_IDENT"
}
Response Body
{
204 No content
}

Click here to view the full API reference.

Please keep in mind that not every simulation event will immediately update the identification status. Some updates will take up to a few seconds.

EventDescriptionOutcome
SUCCESSFUL_PRE_IDENTSimulates the user successfully finishing the Pre-Identification with the external provider (Eg: Idnow). Results in identification status pre_successful and will trigger Customer Due Diligence next.pre_successful
CANCELED_PRE_IDENTSimulates the Pre-Identification being cancelled by the external provider before it can be finished. Results in identification status canceled. Since this status is not terminal, SUCCESSFUL_PRE_IDENT or FAILED_PRE_IDENT can be simulated next.cancelled
ABORTED_PRE_IDENTSimulates the Pre-Identification being aborted by the user before it was finished. Results in identification status aborted. Since this status is not terminal, SUCCESSFUL_PRE_IDENT or FAILED_PRE_IDENT can be simulated next.aborted
FAILED_PRE_IDENTSimulates a failure of the the Pre-Identification reported by the external provider (e.g. fraud suspicion). Results in identification status failed .failed
SUCCESSFUL_ACCOUNT_OPENINGSimulates the successful opening of an account (skipping the need for CDD results). Results in identification status pending_ref_transfer and will make the new IBAN available in the GET identification_account endpoint.pending_account_opening (will become pending_ref_transfer after a wait time)
FAILED_ACCOUNT_OPENINGSimulates a failure when opening an account (dummy reason will be set). Results in identification status failed.failed
SUCCESSFUL_REFERENCE_TRANSFERSimulates the customer successfully transferring funds into the account. Results in identification status successful.pending_ref_transfer (will become successful after a wait time i.e, final terminal status)
FAILED_REFERENCE_TRANSFER_NAME_CHECK Simulates a failed attempt by the customer to successfully transfer funds into the account. Result depends on the count of attempts. After 3 failed attempts the identification will be failed.pending_ref_transfer (if simulated for the 3rd time: failed)
Previous page
Next page