# Pay by Bank Tutorial
source: https://developer.mastercard.com/open-finance-us/documentation/tutorials/pay-by-bank/index.md

## Overview {#overview}

Mastercard Open Finance solutions enable you to provide a "Pay by Bank" solution for common payment and money transfer scenarios where ACH is the primary payment method. You can enable your customers to "Pay by Bank" directly from their bank account, increasing security and eliminating the need to type in account and routing numbers.

This page covers the Open Finance services which can be combined to implement a [Payment Enablement](https://developer.mastercard.com/open-finance-us/documentation/usecases/payment-enablement/index.md) use case.

For any ACH payment acceptance or funds transfer use case, we recommend you do the following:

* verify account **payment details** to originate an account to account payment (ACH, RTP, FedNow).
* verify account **balances** to check that the user has sufficient funds for the transaction.
* verify account **ownership** to confirm the user has the right to access the funds in the connected account.
* carry out additional **fraud checks** to further de-risk the transaction (optional).

<br />

## Verifying Account Details and Balance {#verifying-account-details-and-balance}

The [Payment Enablement Bundle (PEB)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/payment-enablement-bundle/index.md) service enables you to retrieve multiple types of payment-related data using a single endpoint.

For most payment enablement use cases, we recommend that you verify account payment details and balance at the same time using the PEB endpoint below. This bundled approach reduces the number of API calls required and simplifies integration.

API Reference: `GET /aggregation/v1/paysuite/customers/{customerId}/accounts/{accountId}`

To verify account details and balance, use the `include` query parameter to select:

* **`paymentInstruction`** : to return account payment details *(required per NACHA web-debit rules)*.
* **`balanceDetails`**: to return account available, pending and cleared balances.

<br />

We recommend setting `balance_cache_interval` at 30 minutes (default) or greater for optimal performance.

#### Alternative flow: standalone endpoints {#alternative-flow-standalone-endpoints}

Instead of using PEB, you can make separate calls to these standalone endpoints:

* [Account ACH Details (ACH)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/verification-money-transfer/index.md)
* [Account Balance Check (ABC)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/account-balance/index.md)

Tip: Some financial institutions, such as Chase and PNC Bank, return a [Tokenized Account Number](https://developer.mastercard.com/open-finance-us/documentation/products/pay/verification-money-transfer/index.md#tokenized-account-numbers-(tan)) (TAN) in place of the real account number and routing number. A TAN is specific to each application and therefore provides extra security.   

## Verifying Account Ownership {#verifying-account-ownership}

Some clients --- especially those in regulated or high-risk sectors --- require account owner verification (AOV) prior to a payment method being created. Account Owner Verification (AOV) enables you to confirm the identity of the account holder, helping reduce fraud.

There are multiple options to validate account ownership, including optional matching and additional identity insights.

We recommend using the AOV [Account Owner Match](https://developer.mastercard.com/open-finance-us/documentation/products/pay/verification-account-owner/index.md#api---match-account-owner-details) endpoint to match the user's name (and any other information) against the holders associated with the connected account(s).

API Reference: `POST /account-owner-verification-matchings/customers/{customerId}/accounts/{accountId}`

Additional identity insights to further mitigate fraud are also available through this endpoint.
Tip: For business accounts, pass the business name in the `first_name` field. The API concatenates and normalizes name components to improve match accuracy.   

#### Alternative flow: single PEB request {#alternative-flow-single-peb-request}

If you prefer getting all information in a single request, you can use the PEB endpoint with **`accountIdentity`** in the `include` query parameter. Note that account owner matching and identity insights are not currently available within PEB, but can be provided through the standalone [Account Owner endpoints](https://developer.mastercard.com/open-finance-us/documentation/products/pay/verification-account-owner/index.md#identity-insights-beta).
Note: If you do not use Account Owner Matching, you must perform ownership verification against user-provided information by comparing returned data with user-provided information.   

## Additional Fraud Checks {#additional-fraud-checks}

Preventing fraud and failed payments is central to open finance enablement. Mastercard provides multiple ways for you to reduce exposure, which can be combined or layered depending on your risk tolerance.

### Payment Success Indicator (PSI) {#payment-success-indicator-psi}

[Payment Success Indicator (PSI)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/psi-tools/index.md) provides a predictive score of payment success. By calling PSI before initiating an ACH, you can:

* get a real-time likelihood of success/failure.
* reduce reliance on manual fraud checks.
* prevent exposure to schemes like kiting or insufficient funds.

Warning: PSI is not currently available in PEB. If you are using PSI, avoid using the PEB `balanceDetails` option to avoid duplicate billable events. Note: An integration to [Account Balance Check (ABC)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/account-balance/index.md) is recommended in the event that PSI fails (for example, if no recent transaction history is available). You can do this with a standalone balance integration or a [PEB](https://developer.mastercard.com/open-finance-us/documentation/products/pay/payment-enablement-bundle/index.md) request with `balanceDetails` in the `include` parameter.

### Account Owner Verification with Identity Insights {#account-owner-verification-with-identity-insights}

For identity-related fraud prevention, you can use [Account Owner Verification with Identity Insights (AOV+)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/verification-account-owner/index.md#identity-insights-beta). This adds:

* deeper verification of account owner details.
* risk signals and scores associating their account data with Connect session data.
* stronger defenses against identity theft and synthetic identities.

Warning: AOV+ is not currently available in PEB. If you are using AOV+, avoid using the PEB `accountIdentity` option to avoid duplicate billable events.

### Transaction Data \& Client Fraud Intelligence {#transaction-data--client-fraud-intelligence}

You can pull transaction data directly from the FI using Mastercard's APIs.
The [Transaction Aggregation and Account Transaction Details](https://developer.mastercard.com/open-finance-us/documentation/products/manage/transaction-data/index.md#account-transaction-details-atd-or-transaction-aggregation-tau) services provide up to 180
days of historical data, and with [Load Historic Transactions](https://developer.mastercard.com/open-finance-us/documentation/products/manage/transaction-data/index.md#load-historic-transactions)
you can access data from up to 24 months ago (depending on the account type and
whether the financial institution has made this level of historic data available.)

See [Transaction Data (TAU)](https://developer.mastercard.com/open-finance-us/documentation/products/manage/transaction-data/index.md)
for full details.

You can apply your own fraud intelligence models to this data. This enables:

* identifying indicators of account stability (e.g. payroll, recurring bills).
* detecting red flags (overdrafts, NSF, inconsistent behavior).
* spotting check-kiting patterns, where fraudsters deposit funds, initiate ACH orders, then drain the account before settlement.

## Summary of Services {#summary-of-services}

The table below summarises the Open Finance services that are useful for common payment enablement scenarios.

|              Task              |                                                                                        Service                                                                                        |                                 Notes                                  |
|--------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------|
| Verify account payment details | [Account ACH Details](https://developer.mastercard.com/open-finance-us/documentation/products/pay/verification-money-transfer/index.md)                                               |                                                                        |
| Verify account payment details | [Payment Enablement Bundle (PEB)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/payment-enablement-bundle/index.md)                                     | Using paymentInstruction option                                        |
| Verify account balances        | [Account Balance Check (ABC)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/account-balance/index.md)                                                   |                                                                        |
| Verify account balances        | [Payment Enablement Bundle (PEB)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/payment-enablement-bundle/index.md)                                     | Using balanceDetails option                                            |
| Verify account ownership       | [Account Owner Match (AOV)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/verification-account-owner/index.md#api---match-account-owner-details)        | Account Owner Verification endpoint, optional Identity Insights (beta) |
| Verify account ownership       | [Account Owner Details (AOV)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/payment-enablement-bundle/index.md)                                         | Account Owner Verification endpoint, optional Identity Insights (beta) |
| Verify account ownership       | [Payment Enablement Bundle (PEB)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/payment-enablement-bundle/index.md)                                     | Using accountIdentity option                                           |
| Fraud checks                   | [Payment Success Indicator (PSI)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/psi-tools/index.md)                                                     | Do not use with PEB balanceDetails to avoid duplicate billing          |
| Fraud checks                   | [Account Owner with Identity Insights (AOV+)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/verification-account-owner/index.md#identity-insights-beta) | Do not use with PEB accountIdentity to avoid duplicate billing         |
| Fraud checks                   | [Transaction Data (TAU)](https://developer.mastercard.com/open-finance-us/documentation/products/manage/transaction-data/index.md)                                                    |                                                                        |

## More Integration Tips {#more-integration-tips}

#### Qualifying Customer Accounts {#qualifying-customer-accounts}

You may wish to confirm that payment details are available before requesting account balances or ownership info (or vice versa). In this case, you may choose to instead call the direct endpoints individually in a sequence that best works for your user journey:

* [Account ACH Details](https://developer.mastercard.com/open-finance-us/documentation/products/pay/verification-money-transfer/index.md)
* [Account Balance Check (ABC)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/account-balance/index.md)
* [Account Owner Verification (AOV)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/verification-account-owner/index.md)

#### Recurring Payments {#recurring-payments}

After setting up the initial payment method, we recommend that you verify the account balance before initiating each recurring payment.

You can verify the account balance with [Payment Enablement Bundle (PEB)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/payment-enablement-bundle/index.md), as part of the enhanced [Payment Success Indicator (PSI)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/psi-tools/index.md) or from the standalone [Account Balance Check (ABC)](https://developer.mastercard.com/open-finance-us/documentation/products/pay/account-balance/index.md) endpoint.

#### Requesting Data for Multiple Accounts {#requesting-data-for-multiple-accounts}

The below PEB endpoint can be used to request information for a customer across all active accounts at a specified financial institution:

API Reference: `GET /aggregation/v1/paysuite/customers/{customerId}/institutionLogins/{institutionLoginId}/accounts`

#### Partial Data Returns {#partial-data-returns}

Requests may not always return all the requested information due to limitations in coverage of financial institutions or account types.

Design your solution for partial data returns. If account owner or balances are unavailable, ensure your flow can proceed with account payment details alone or prompt the user for manual verification.