Direct Account status as verified

(Mac) #1

Let’s say a person who already has a working dwolla direct account signs up to use my app. When I retrieve that direct account’s information, is there a way to see if the previously established account is already cip verified? (e.g. account_status: cip_verified). In other words, Is there a way to verify that Dwolla has previously vetted the true identity of this particular account and verified it? It would be nice to be able to retrieve this info. It appears this info is provided for a white label customer.

Will using the following url to sign up a new app user guarantee the existing dwolla direct user is cip verified?{client_id}&response_type=code&redirect_uri={redirect_uri}&scope={scope}&verified_account=true&dwolla_landing=login

Using python I tried:

accounts_api = dwollaswagger.AccountsApi(client)
account =
And retrieved the account id and other info, but nothing about whether the direct account is already verified.

When I try >>>acount.status I get an error since the method is not available.

Thanks for the help!

(Spencer Hunter) #2

Hi @mmack3540, reference my reply in the thread below.

This url will not guarantee that a user with an existing Dwolla account is cip verified. verified_account is a querystring that can be passed in if you wish to prompt the user to create a full cip verified account vs. a Direct account. In addition, you cannot restrict a user from going through the OAuth flow based on the account type they have in Dwolla. What is your use case that requires a certain Dwolla account type to be used within your application? I can definitely pass along some feedback to our Product team to investigate the best solution to your issue.

As an aside, I’d recommend taking a look at dwolla-v2-python as it is our actively maintained and supported SDK for Python and contains advantages over the existing SDK you’re using.

(Mac) #3

Thanks for the feedback. Perhaps what I’m trying to do can only be done
through the AccessAPI with a ManageCustomer scope, not the TransferAPI with
ManageAccount scope. Or perhaps it can’t be done at all. My use case
pertains to payments. I’m concerned that the person to whom I send the
money actually is the person who ultimately claims it.

So for example, let’s say one of my vendors is XYZ Corp. And I want to send
a payment to pay off an XYZ vendor invoice. So I call XYZ Corp and the
receptionist at XYZ corp gives me the following XYZ email address: (Bad Guy is embezzling money from XYZ corp.). Then, Bad
Guy (his real name) sets up a full vip verfied account using his SSN along
with his verfied funding source in Dwolla using As far as
Dwolla is concerned, it all looks good (SSN matches Bad Guy name, etc). If
I were to send payment to, Bad Guy could steal the money
and before we catch him, he could flee the country.

What I would like to do is this: Query a Dwolla API resource with an email
address and acertain it belongs to XYZ Corp. and XYZ Corp has a fully CIP
verfied account set up before I send the money (in this case, to its email
address). In the above example, Dwolla would return the account name Bad
Guy, and other info like his address, the last 4 digits of SSN (with Bad
Guy token’s permission, of course). With that information, I would see it
didn’t match my XYZ Corp payable records and so I could reject payment
request/ money transfer before the money is sent.

(Spencer Hunter) #4

We unfortunately don’t return this level of information for Transfer accounts. With the Access API, you do have insight into the account type and whether a user has completed the identity verification process. I can pass this information on to our Product team to see if we can expose additional information through existing scopes/permissions that may help your app get insight into this information.

(Mac) #5

Thanks for looking into this, Spencer. It would be great if such a resource
were made available to the Transfer Api.

(Cory Anderson) #6

(Cory Anderson) #7

(Cory Anderson) #8