KB API

Banking without borders. Obtain current data and information
and control your accounts in your own application with KB API.

Partner
Service

VERIFY IDENTITY OF KB 
CLIENTSPilot

With this service, you can use API to verify identity of KB clients. In case your portfolio includes clients with accounts in KB and you wish to remotely verify their identity, simply use our KB API services. 

What does the service do?

This service allows you to check identity of KB clients using Application Programming Interface (“API”). If your portfolio comprises clients with a KB account and you wish to remotely verify their identity, you can use our KB API services.

Using the data provided, you can, for example, carry out a client registration process in your system without completing a registration form. Moreover, you can also update your existing client data or check whether a client meets the requirements for using your services.

With the information provided, you have client data immediately available from a trusted and secure source.

Terms of use

Contract concluded with KB on using production API, with the following information:

  • Name of the company using the service
  • URI address for redirecting to the provider’s site for the purpose of transferring access code

Valid certificate from I.CA has been issued:

  • Certificate type – technology (server) certificate
  • CN contains unambiguous identification of the entity, to which the certificate was issued (company name, company identification number)

Identity verification is always carried with a KB client’s consent:

  • Data are disclosed (transferred) on the basis of a client’s consent
  • Consent is given through one of our authentication methods available to the relevant client

Examples of uses

Web portals of betting agencies/shops, utility companies, providers of telecommunications and internet services, financial companies, and others. KB clients registering in such web portals do not have to complete their personal data manually when using the identity verification services – they only confirm the data transfer from KB to a third party using one of the authentication methods available in KB and the relevant data are transferred from the bank to the web portal via secure API.

Fees

The fees for the Check KB Client Identity service are stipulated in a contract.

 

Available data

Client details:

  • Name and surname
  • Gender
  • Personal ID number
  • Client’s place of birth

Client’s address:

  • Permanent residence address
  • Client’s citizenship

Identity documents:

  • Type, number, and expiration of a primary identity document
  • Issuing country
  • Politically exposed person attribute

How does the service work?

  1. A client signs into a third party web portal (online customer self-service) in order to register.
  2. During the registration process, the client either selects a transfer of registration data from Komerční banka or he/she completes the data directly, only requesting data verification by Komerční banka to ensure the data are credible.
  3. The request for data transfer / verification is always confirmed after it is validated using one of the security authentication methods of Komerční banka, e.g. KB Klíč.
  4. Komerční banka transfers the relevant data to the third-party application via secure API.
  5. The client has completed a simple, quick, secure, and error-free registration process.

Definition of the service

The “Check KB Client Identity” service provides access to client’s personal data that have undergone the so-called Know Your Customer (KYC) process. The service ensures provision of current and verified personal data of clients using the OAuth2 standard.

What are the benefits of the service?

Using the KYC data, you can register a user in your system without requiring such user to manually complete a registration form. It is also possible to update client’s data already on file.

Moreover, it is possible to perform client verification – e.g. to determine whether they meet the preconditions for using your services. Alternatively, it may be necessary to transfer client’s personal data remotely. With the disclosed data, you instantly possess client’s data from a reliable source.

What data are provided?

Personal data:

Name

Surname

Personal ID number

Date of birth

Gender

Nationality

Politically exposed person

 

Identity document:

Document type

Document number

Issuing country

Document issue place

Document issue date

Document expiration

 

Address:

Street

House number

Postal code

City/town

State (country)

 

Details of the company that performed physical identification of the client:

Identification number

How does it work?

Administration for the connection to the service

Once the production requirements are met, KB will register consumer’s identity and create your profile – this profile will be displayed to KB clients when they grant their consent. Moreover, the bank will provide any necessary technical data for the service operation – for example, identification data from the registration that are necessary to call the service. It is then necessary to register within the production KB API portal, generate an API key, and subscribe to the service – and you can start using the service.

Functioning of the service

The KYC data are transmitted upon client’s consent. This consent is given through one of our authentication methods available to the relevant client. The KB login screen is reached by accessing a predefined URL address on the site of your service that meets the OAUTH2 standard. During the authorisation process, the client will see the basic information about the company requesting his/her identity data. In case the client confirms his/her consent, an authorisation code is transferred to your URL address specified in the parameter. The authorisation code can then be exchanged for an access token used to disclose personal data to a third party.

You can also try this service out in our demo version (testing). You only have to register within the Sandbox KB API portal.

If you are interested in the service, do not hesitate to contact us at api@kb.cz.

Production requirements

  • Contract concluded with KB on using production API, with the following information:
    • Name of the company using the service
    • URI address for redirecting to the provider’s site for the purpose of transferring the access code
  • Valid certificate has been issued by a certification authority that is trusted in KB. It must contain organisation name and identification number (IČO). We support the following issuers and certificates:
    • Issuer:
      • I. CA (standard certification authority)
      • PostSignum
    • Type:
      • Company qualified certificate/seal
      • Company commercial technology (server) certificate

Would this API be useful for you?

46 people 
voted