Skip to content

Bankaccount Data API (2)

This API provides services to validate and to confirm bank account data, and to manage payment fraud cases

Download OpenAPI description
api-v2.json
api-v2.yaml
Languages
Servers
Mock server

https://developer.cdq.com/_mock/apis/bankaccount-data-api/api-v2/

Production

https://api.cdq.com/bankaccount-data/rest/

Data Transformation Definitions

Gather endpoints that provide functionalities for testing data transformation definitions. These functionalities include testing data transformation definitions.

Operations

Bank Account Storages Management

Gather endpoints that provide functionalities for managing bank account storages. These functionalities include creating a new storage for bank account data, reading the details of a specific bank account storage identified by its storage ID, modifying the details of an existing bank account storage, deleting an existing bank account storage, and removing all bank account data from a specific storage.

Operations

Bank Account Verification

Gather endpoints that provide functionalities for verifying bank account data. These functionalities include confirming the reliability of given bank account data by CDL Trust Scores provided by other companies for the given bank account, curating the given bank account, and uploading bank accounts for batch confirmation.

Operations

Confirm Reliability

Request

Confirm the reliability of the given bank account against the CDQ Whitelist (trust score based on transactions) and the Blacklist (fraud cases).

The BankAccount that is sent in the request needs to uniquely identify a bank account. Minimal sets of attributes that are considered valid to identify a bank account are:

  1. Only the IBAN (= internationalBankAccountIdentifier):
    {
  "bankAccount": {
    "internationalBankAccountIdentifier": "CH8800781619278412000"
  }
}
  2. The bank account number (= nationalBankAccountIdentifier) and the BIC (= internationalBankIdentifier):
    {
  "bankAccount": {
    "nationalBankAccountIdentifier": "619278412000",
    "internationalBankIdentifier": "KBSGCH22XXX"
  }
}
  3. The bank account number (= nationalBankAccountIdentifier), bank code/number (= nationalBankIdentifier) and bank country code (= bankCountryCode):
    {
  "bankAccount": {
    "bankCountryCode": "CH",
    "nationalBankIdentifier": "00781",
    "nationalBankAccountIdentifier": "619278412000"
  }
}

If attributes are missing to uniquely identify a bank account an ApiError will be returned.

The response will always contain the BankAccount provided in the request and depending on the result found in the Whitelist or the Blacklist or neither, the following:

  1. A whitelist entry and no fraud case was found:
    {
  "bankAccountRequest": {
    "internationalBankAccountIdentifier": "CH8800781619278412000"
  },
  "bankAccountConfirmed": {
    "bankCountryCode": "CH",
    "nationalBankIdentifier": "00781",
    "nationalBankAccountIdentifier": "619278412000",
    "internationalBankIdentifier": "KBSGCH22XXX",
    "internationalBankAccountIdentifier": "CH8800781619278412000"
  }
  "numberOfCompanies": "5",
  "numberOfPayments": "42",
  "lastPaymentAt": "2019-01-24",
  "trustScore": "7"
}
  2. A fraud case entry was found:
    {
  "bankAccountRequest": {
    "internationalBankAccountIdentifier": "CH8800781619278412000"
  },
  "associatedFraudCases": [
    {
      "cdlId": "123456",
      ...
    }
  ]
}
  3. The bank account is unknown (no trust score and no fraud case exists):
    {
  "bankAccountRequest": {
    "internationalBankAccountIdentifier": "CH8800781619278412000"
  }
}
Security
apiKey
Bodyapplication/jsonrequired
bankAccountobject(BankAccount)required

A bank account record holds information that universally describes a registered bank account.

bankAccount.​internationalBankAccountIdentifierstring(InternationalBankAccountIdentifier)

The IBAN of a bank account.

Example: "CH8800781619278412000"
bankAccount.​internationalBankIdentifierstring(InternationalBankIdentifier)

(BIC/SWIFT) Bank identifier which is globally unique.

Example: "KBSGCH22XXX"
bankAccount.​bankCountryCodestring(BankAccountCountryCode)

ISO code to identify the country a bank account is registered in.

Example: "DE"
bankAccount.​nationalBankIdentifierstring(NationalBankIdentifier)

Bank identifier which is unique in a national context, i.e. for a country.

Example: "00781"
bankAccount.​nationalBankAccountIdentifierstring(NationalBankAccountIdentifier)

Identifier of a bank account in a national context, i.e. for a country.

Example: "619278412000"
curl -i -X POST \
  https://developer.cdq.com/_mock/apis/bankaccount-data-api/api-v2/v2/bankaccounts/confirm \
  -H 'Content-Type: application/json' \
  -H 'X-API-KEY: YOUR_API_KEY_HERE' \
  -d '{
    "bankAccount": {
      "internationalBankAccountIdentifier": "CH8800781619278412000"
    }
  }'

Responses

OK

Bodyapplication/json
bankAccountRequestobject(BankAccount)

A bank account record holds information that universally describes a registered bank account.

bankAccountConfirmedobject(BankAccount)

A bank account record holds information that universally describes a registered bank account.

numberOfCompaniesinteger

Number of companies that use this bank account.

Example: "5"
numberOfPaymentsinteger

Sum of payments performed by companies that use this bank account.

Example: "42"
lastPaymentAtstring(date)

Date of last payment made by any of the companies that use this bank account.

Example: "2025-08-29T09:46:42Z"
trustScoreinteger

Trust score based on the number of payments done with this bank account.

Example: "7"
bankAccountOwnersArray of objects(BankAccountOwner)

Five frequentest bank account owner names.

associatedFraudCasesArray of objects(FraudCase)

List of fraud cases associated with the bank account.

Response
application/json
{
  "bankAccountRequest": {
    "internationalBankAccountIdentifier": "CH8800781619278412000",
    "internationalBankIdentifier": "KBSGCH22XXX",
    "bankCountryCode": "DE",
    "nationalBankIdentifier": "00781",
    "nationalBankAccountIdentifier": "619278412000"
  },
  "bankAccountConfirmed": {
    "internationalBankAccountIdentifier": "CH8800781619278412000",
    "internationalBankIdentifier": "KBSGCH22XXX",
    "bankCountryCode": "DE",
    "nationalBankIdentifier": "00781",
    "nationalBankAccountIdentifier": "619278412000"
  },
  "numberOfCompanies": "5",
  "numberOfPayments": "42",
  "lastPaymentAt": "2025-08-29T09:46:42Z",
  "trustScore": "7",
  "bankAccountOwners": [
    {}
  ],
  "associatedFraudCases": [
    {}
  ]
}

Curate Bank Account

Request

Curates the given bank account.

The BankAccount that is sent in the request has to be uniquely identifiable. Minimal sets of attributes that identify a BankAccount are:

  1. Only the IBAN (= internationalBankAccountIdentifier):
    {
  "bankAccount": {
    "internationalBankAccountIdentifier": "CH8800781619278412000"
  }
}
  2. The bank account number (= nationalBankAccountIdentifier), bank code/number (= bank.nationalBankIdentifier) and bank country code (= bank.address.country.shortName):
    {
  "bankAccount": {
    "nationalBankAccountIdentifier": "619278412000",
    "bank" : {
      "nationalBankIdentifier": "00781",
      "address": {
        "country": {
          "shortName": "CH"
        }
      }
    }
  }
}
  3. The bank account number (= nationalBankAccountIdentifier), bank code/number (= bank.nationalBankIdentifier) and the BIC (= internationalBankIdentifier):
    {
  "bankAccount": {
    "nationalBankAccountIdentifier": "619278412000",
    "bank" : {
      "nationalBankIdentifier": "00781",
      "internationalBankIdentifier": "KBSGCH22XXX"
    }
  }
}

If IBAN is not present in the request it will be generated only if there is sufficient data:

  • countryCode
  • internationalBankIdentifier
  • nationalBankAccountIdentifier

Or

  • internationalBankIdentifier
  • nationalBankIdentifier
  • nationalBankAccountIdentifier

For the following countries the generation of the internationalBankAccountIdentifier (IBAN) is NOT supported in the current version:

AL, BA, BE, BG, BI, BR, DJ, EE, EG, ES, FI, FO, FR, HU, IS, IT, LY, MC, ME, MK, MR, NO, PL, PT, RS, SC, SD, SI, SM, TL, TR

The response will always contain the original BankAccount provided in the request and a curated version of it. For example:

{
  "originalBankAccount": {
    "internationalBankAccountIdentifier": "CH8800781619278412000"
  },
  "curatedBankAccount": {
    "internationalBankAccountIdentifier": "CH8800781619278412000"
    "nationalBankAccountIdentifier": "619278412000",
    "bank" : {
      "nationalBankIdentifier": "00781",
      "address": {
        "country": {
          "shortName": "CH"
        }
      }
    }
  }
}

If the given request does not provide one of the combinations of attributes described above, an ApiError will be returned:

{
  "timestamp": "...",
  "message": "...",
  "error": "Bad Request",
  "path": "...",
  "status": 400
}

Message contains concatenated descriptions of all errors that occurred in the request.

Security
apiKey
Bodyapplication/jsonrequired
bankAccountobject(BankAccountCuration)required

A request to curate a BankAccount.

bankAccount.​internationalBankAccountIdentifierstring(InternationalBankAccountIdentifier)

The IBAN of a bank account.

Example: "CH8800781619278412000"
bankAccount.​nationalBankAccountIdentifierstring(NationalBankAccountIdentifier)

Identifier of a bank account in a national context, i.e. for a country.

Example: "619278412000"
bankAccount.​bankobject(BankCuration)

The curated bank where a curated bank account is established.

featuresOnArray of strings(BankAccountCurationFeatureParam)

Feature(s) to be used during curation:

  • REMOVE_INVALID_VALUES - Removes all invalid values (e.g. internationalBankIdentifier) during curation. By default, activated.
Items ValueDescription
REMOVE_INVALID_VALUES

Removes all invalid values (e.g. internationalBankIdentifier) during curation.

Example: ["REMOVE_INVALID_VALUES"]
featuresOffArray of strings(BankAccountCurationFeatureParam)

Feature(s) to be used during curation:

  • REMOVE_INVALID_VALUES - Removes all invalid values (e.g. internationalBankIdentifier) during curation. By default, activated.
Items ValueDescription
REMOVE_INVALID_VALUES

Removes all invalid values (e.g. internationalBankIdentifier) during curation.

Example: ["REMOVE_INVALID_VALUES"]
curl -i -X POST \
  https://developer.cdq.com/_mock/apis/bankaccount-data-api/api-v2/bankaccounts/curate \
  -H 'Content-Type: application/json' \
  -H 'X-API-KEY: YOUR_API_KEY_HERE' \
  -d '{
    "bankAccount": {
      "internationalBankAccountIdentifier": "CH8800781619278412000",
      "nationalBankAccountIdentifier": "619278412000",
      "bank": {
        "internationalBankIdentifier": "KBSGCH22XXX",
        "nationalBankIdentifier": "00781",
        "nationalBankInstitutionCode": "LOYD",
        "nationalBankSortCode": "301883",
        "nationalBankControlKey": "12",
        "address": {
          "country": {
            "shortName": "CH",
            "value": "Switzerland"
          }
        }
      }
    },
    "featuresOn": [
      "REMOVE_INVALID_VALUES"
    ],
    "featuresOff": [
      "REMOVE_INVALID_VALUES"
    ]
  }'

Responses

OK

Bodyapplication/json
originalBankAccountobject(BankAccountCuration)

A request to curate a BankAccount.

curatedBankAccountobject(BankAccountCuration)

A request to curate a BankAccount.

Response
application/json
{
  "originalBankAccount": {
    "internationalBankAccountIdentifier": "CH8800781619278412000",
    "nationalBankAccountIdentifier": "619278412000",
    "bank": {}
  },
  "curatedBankAccount": {
    "internationalBankAccountIdentifier": "CH8800781619278412000",
    "nationalBankAccountIdentifier": "619278412000",
    "bank": {}
  }
}

Upload Bank Accounts

Request

Upload a CSV file with bank account data to be analyzed by several jobs.

Security
apiKey
Headers
Content-Lengthinteger(int64)[ 0 .. 1048576 ]required

The HTTP Content-Length header indicates the size, in bytes, of the message body sent to the recipient.

Example: 256
Bodymultipart/form-datarequired
filestring(binary)

CSV file with the following headers in the first line, order does not matter, International Account ID, International Bank ID, Country Code, National Bank ID, National Account ID. Maximum file size is 100 MB.

Example: "file_name.csv"
curl -i -X POST \
  https://developer.cdq.com/_mock/apis/bankaccount-data-api/api-v2/bankaccounts \
  -H 'Content-Length: 256' \
  -H 'Content-Type: multipart/form-data' \
  -H 'X-API-KEY: YOUR_API_KEY_HERE' \
  -F file=file_name.csv

Responses

ID of the created bank account storage.

Body
string(BankAccountStorageId)

Unique identifier of the Bank Account Storage. Workspace could have only one Bank Account Storage.

Response
"72d6900fce6b326088f5d9d91049e3e6"

Start Batch Confirmation

Request

-> Start a job to confirm all bank accounts provided by a previously uploaded CSV file, identified by the storage ID in the request object or from bank accounts of business partners in given business partner storage.

Security
apiKey
Body
required

Identifies a previously uploaded CSV file with bank account data or business partner storage with bank accounts to confirm.

storageIdstring(BusinessPartnerStorageId)

Unique identifier of the Storage.

Example: "72d6900fce6b326088f5d9d91049e3e6"
featuresOnArray of strings(BankAccountDataConfirmationJobFeatureParam)

Features to be used during the confirmation job.

Items Enum ValueDescription
CONFIRM_BA_IN_BP_STORAGE

Confirm bank accounts of business partners stored in business partner storage.

DATA_MONITOR_REFRESH

Confirm bank accounts stored in bank account storage for which data monitor was activated/updated.

Example: ["CONFIRM_BA_IN_BP_STORAGE"]
curl -i -X POST \
  https://developer.cdq.com/_mock/apis/bankaccount-data-api/api-v2/bankaccounts/jobs/confirmation \
  -H 'Content-Type: application/json' \
  -H 'X-API-KEY: YOUR_API_KEY_HERE' \
  -d '{
    "storageId": "72d6900fce6b326088f5d9d91049e3e6",
    "featuresOn": [
      "CONFIRM_BA_IN_BP_STORAGE"
    ]
  }'

Responses

Created

Body
idstring(JobId)

Unique identifier of a job.

Example: "35f23c03-1c22-45fe-9484-3ffe769325de"
createdAtstring(CreatedAt)

Date of creation (ISO 8601-compliant).

Example: "2025-08-29T09:46:42Z"
userstring(JobUser)

ID of (human) user or API key.

Example: "742429-234242-4343-232323"
progressinteger(JobProgress)[ 0 .. 100 ]

Progress (%) of the job.

Example: "77"
statusstring(JobStatus)

Job execution status.

Enum"ARCHIVED""UNKNOWN""CREATED""PERSISTED""SCHEDULED""WAITING""COULDNT_START""RUNNING""CANCELED""FINISHED"
Example: "RUNNING"
Response
{
  "id": "35f23c03-1c22-45fe-9484-3ffe769325de",
  "createdAt": "2025-08-29T09:46:42Z",
  "user": "742429-234242-4343-232323",
  "progress": "77",
  "status": "RUNNING"
}

Poll Batch Confirmation Status

Request

Get the status (including progress, if running) of a given job.

Security
apiKey
Query
jobIdstring(JobId)

The ID of the bank account data job to get the status for.

Example: jobId=35f23c03-1c22-45fe-9484-3ffe769325de
curl -i -X GET \
  https://developer.cdq.com/_mock/apis/bankaccount-data-api/api-v2/bankaccounts/jobs \
  -H 'X-API-KEY: YOUR_API_KEY_HERE'

Responses

OK

Body
idstring(JobId)

Unique identifier of a job.

Example: "35f23c03-1c22-45fe-9484-3ffe769325de"
createdAtstring(CreatedAt)

Date of creation (ISO 8601-compliant).

Example: "2025-08-29T09:46:42Z"
userstring(JobUser)

ID of (human) user or API key.

Example: "742429-234242-4343-232323"
progressinteger(JobProgress)[ 0 .. 100 ]

Progress (%) of the job.

Example: "77"
statusstring(JobStatus)

Job execution status.

Enum"ARCHIVED""UNKNOWN""CREATED""PERSISTED""SCHEDULED""WAITING""COULDNT_START""RUNNING""CANCELED""FINISHED"
Example: "RUNNING"
Response
{
  "id": "35f23c03-1c22-45fe-9484-3ffe769325de",
  "createdAt": "2025-08-29T09:46:42Z",
  "user": "742429-234242-4343-232323",
  "progress": "77",
  "status": "RUNNING"
}

List Bank Account Statistics

Request

-> Calculates statistics from a bank account database and provides information about whitelist records, whitelist bank accounts, country distribution, etc.

Security
apiKey
curl -i -X GET \
  https://developer.cdq.com/_mock/apis/bankaccount-data-api/api-v2/bankaccounts/statistics \
  -H 'X-API-KEY: YOUR_API_KEY_HERE'

Responses

OK

Body
timeStampCreatedinteger(int64)

Time stamp of the creation.

Example: "20240302"
whitelistBankAccountCountinteger(int64)

Count of the bank accounts in the whitelist.

Example: "10"
whitelistTrustScoreCountinteger(int64)

Count of the trust scores in the whitelist.

Example: "10"
whitelistCountryBankAccountCountsArray of objects(CountryCountEntry)

List of the country bank account counts.

whitelistCountryTrustScoreCountsArray of objects(CountryCountEntry)

List of the country trust score counts.

whitelistTrustScoreMeannumber(double)

Mean of the trust scores in the whitelist.

Example: "0.5"
whitelistTrustScore1Countinteger(int64)

Count of the trust score 1 in the whitelist.

Example: "10"
whitelistTrustScore2Countinteger(int64)

Count of the trust score 2 in the whitelist.

Example: "10"
whitelistTrustScore3Countinteger(int64)

Count of the trust score 3 in the whitelist.

Example: "10"
whitelistTrustScore4Countinteger(int64)

Count of the trust score 4 in the whitelist.

Example: "10"
whitelistBankAccountWith1TrustScoreCountinteger(int64)

Count of the bank accounts with 1 trust score in the whitelist.

Example: "10"
whitelistBankAccountWith2TrustScoresCountinteger(int64)

Count of the bank accounts with 2 trust scores in the whitelist.

Example: "10"
whitelistBankAccountWith3TrustScoresCountinteger(int64)

Count of the bank accounts with 3 trust scores in the whitelist.

Example: "10"
whitelistBankAccountWith4TrustScoresCountinteger(int64)

Count of the bank accounts with 4 trust scores in the whitelist.

Example: "10"
whitelistBankAccountWith5TrustScoresCountinteger(int64)

Count of the bank accounts with 5 trust scores in the whitelist.

Example: "10"
whitelistBankAccountWithMoreThan5TrustScoresCountinteger(int64)

Count of the bank accounts with more than 5 trust scores in the whitelist.

Example: "10"
Response
{
  "timeStampCreated": "20240302",
  "whitelistBankAccountCount": "10",
  "whitelistTrustScoreCount": "10",
  "whitelistCountryBankAccountCounts": [
    {}
  ],
  "whitelistCountryTrustScoreCounts": [
    {}
  ],
  "whitelistTrustScoreMean": "0.5",
  "whitelistTrustScore1Count": "10",
  "whitelistTrustScore2Count": "10",
  "whitelistTrustScore3Count": "10",
  "whitelistTrustScore4Count": "10",
  "whitelistBankAccountWith1TrustScoreCount": "10",
  "whitelistBankAccountWith2TrustScoresCount": "10",
  "whitelistBankAccountWith3TrustScoresCount": "10",
  "whitelistBankAccountWith4TrustScoresCount": "10",
  "whitelistBankAccountWith5TrustScoresCount": "10",
  "whitelistBankAccountWithMoreThan5TrustScoresCount": "10"
}

Confirm Bank AccountDeprecated

Request

-> Confirm reliability of given bank account data by CDL Trust Scores provided by other companies for the given bank account.

Security
apiKey
Query
internationalBankAccountIdentifierstring(InternationalBankAccountIdentifier)

Uniquely identifies a bank account on a global scale, without any additional information such as bank identifier or country code. Best known system is the International Bank Account Identifier (IBAN) specified by ISO 13616:2007 and managed by SWIFT. If you use this parameter to confirm a given bank account, you do not need any additional parameter.

Example: internationalBankAccountIdentifier=CH8800781619278412000
internationalBankIdentifierstring(InternationalBankIdentifier)

Uniquely identifies a bank on global scale, without any additional information such as country code. Best known system is the International Bank Identifier (BIC, or SWIFT code) specified by ISO 9362 and managed by SWIFT. If you use this parameter to confirm a given bank account without an IBAN, you have to provide in addition bank account information, i.e. country code and national bank account identifier.

Example: internationalBankIdentifier=KBSGCH22XXX
bankCountryCodestring(CountryShortName)

To confirm national bank account information, you have to provide a country code to uniquely identify the bank account on a global scale. If you use this parameter to confirm a given bank account without an IBAN or BIC, you have to provide in addition a national bank identifier and a national bank account identifier.

Example: bankCountryCode=CH
nationalBankIdentifierstring(NationalBankIdentifier)

Uniquely identifies a bank in a country, together with a country code parameter on a global scale. If you use this parameter to confirm a given bank account without an IBAN or BIC, you have to provide in addition a country code and a national bank account identifier.

Example: nationalBankIdentifier=00781
nationalBankAccountIdentifierstring(NationalBankAccountIdentifier)

Uniquely identifies a bank account at a specific bank in a country, together with a country code parameter and a national bank identifier on a global scale. If you use this parameter to confirm a given bank account without an IBAN or BIC, you have to provide in addition a country code and a national bank identifier.

Example: nationalBankAccountIdentifier=619278412000
curl -i -X GET \
  https://developer.cdq.com/_mock/apis/bankaccount-data-api/api-v2/bankaccounts/confirm \
  -H 'X-API-KEY: YOUR_API_KEY_HERE'

Responses

OK

Body
bankAccountRequestobject(BankAccount)

A bank account record holds information that universally describes a registered bank account.

bankAccountConfirmedobject(BankAccount)

A bank account record holds information that universally describes a registered bank account.

scoreSuminteger

Sum of the scores of the individual confirmations.

Example: "100"
maxScoresArray of objects(TrustScore)

List of the maximum scores of the individual confirmations.

associatedFraudCasesArray of objects(FraudCase)

List of fraud cases associated with the bank account.

Response
{
  "bankAccountRequest": {
    "internationalBankAccountIdentifier": "CH8800781619278412000",
    "internationalBankIdentifier": "KBSGCH22XXX",
    "bankCountryCode": "DE",
    "nationalBankIdentifier": "00781",
    "nationalBankAccountIdentifier": "619278412000"
  },
  "bankAccountConfirmed": {
    "internationalBankAccountIdentifier": "CH8800781619278412000",
    "internationalBankIdentifier": "KBSGCH22XXX",
    "bankCountryCode": "DE",
    "nationalBankIdentifier": "00781",
    "nationalBankAccountIdentifier": "619278412000"
  },
  "scoreSum": "100",
  "maxScores": [
    {}
  ],
  "associatedFraudCases": [
    {}
  ]
}

Bank Accounts

Gather endpoints that provide functionalities for managing bank accounts. These functionalities include reading bank account data, upserting bank account data, deleting bank account data, creating a new data source, reading all data sources, reading a data source by ID, and deleting a data source by ID.

Operations

Bank Data Lookup

Gather endpoints that provide functionalities for looking up bank information. These functionalities include looking up bank information based on the given bank data lookup request.

Operations

Fraud Case Management

Gather endpoints that provide functionalities for managing fraud cases. These functionalities include creating a new fraud case, reading the details of a specific fraud case identified by its case ID, modifying the details of an existing fraud case, deleting an existing fraud case, and removing all fraud case data from a specific storage.

Operations

System Bank Data Sources

Gather endpoints that provide functionalities for managing system bank data sources. These functionalities include creating a new data source, reading all data sources, reading a data source by ID, and deleting a data source by ID.

Operations

System Banks

Gather endpoints that provide functionalities for managing system banks. These functionalities include reading system banks, upserting system bank data, deleting system bank data, creating a new data source, reading all data sources, reading a data source by ID, and deleting a data source by ID.

Operations

Files

Gather endpoints that provide functionalities for managing files. These functionalities include uploading a file to S3.

Operations

Bank Data Sources

Operations

Bank Account Storage Data Monitors

Operations