Introduction

API services for growing Business and Corporates

Singleview B2B APIs provide a secure connection medium to corporate and business users to access the following services using our modern and secure APIs:

  • Payouts: Make instant account-to-account fund transfers
  • Post-payment enquiry: Track payment processing and status in real-time
  • Account information services
    • Balance enquiry: Fetch account balances
    • Account statement: Get custom account transaction statements

Security overview

Singleview B2B API services employs multi-layers authentication of requests to define authorized access to the platform and maintain better security, and privacy. The following is the basic flow representation of B2B partner identification through Singleview B2B Services APIs.

Security flow - Authentication of partner to access Singleview B2B Services API

Security flow - Authentication of partner to access Singleview B2B Services API

Onboarding Requirements

The users interested in accessing SingleView B2B API services need to share the following information and meet the mentioned prerequisites:

  • User needs to share the details of their Public IPs and Certificates (Self-signed or Authorized) for Whitelisting purpose
  • Share the service required documents
  • Get registered by the bank and get the company code

👍

Upon successful registration and completion of prerequisite formalities, the user will be provided with Client ID and Client Secret to access SingleView B2B API Services.

Service Validations

Every request is goes through a series of validations based on the type of the Service API being hit. The following are the various validation required to access the concerned Singleview B2B Services API:

B2B API ServiceService Validations
Account statement- Signature verification
- IPs Whitelisting
- Token Validation
- Valid/Active B2B company code
- Authorized account
- Statement date should not be current/future date
- While requesting the statement date should not be more than 1 day
- Statement Date should not be prior to 30 days.
Balance enquiry- Signature verification
- IPs Whitelisting
- Token validation
- Valid/Active B2B company code
- Valid SABB Account Number/IBAN number
Payouts- Signature verification
- IPs Whitelisting
- Token Validation
- Valid/Active B2B company code
- Ensure a valid Debit Account number is captured
- Availability of sufficient fund in Debit account
- Back value date transaction will not be accepted
- Future value date payment should not exceed 14 days from the date of payment initiation
- Transactions amount should not exceed per transaction limit/per day limit
- No Duplicate transactions allowed (i.e.) Transaction will be rejected if the same sequence number has been used in the past (or) the payment initiated to the same beneficiary with same day, same amount and same value date

Account-to-Account Validations (With Bank)
- Must be a valid account (BBAN/IBAN)

SARIE Validations
- Beneficiary BIC code must be valid
- Beneficiary information should have a valid IBAN with its corresponding BIC ID
- Transactions received after cut-off will be processed on next business day
- Transactions received during holidays/weekends will be processed on next business day
- Any local payment (LP) should have a valid purpose of remittance information captured

International Transfers Validation
- Beneficiary BIC code must be valid
- Transactions received after cut-off should be processed on next business day
- Transactions received during holidays/weekends shall be processed on next business day
- Any overseas payment (TT) should have a valid purpose of remittance information captured
- IBAN mandated/listed countries should capture only “IBAN number” for processing the payments
- Any Non–IBAN mandated/listed countries should capture only “Account Number” with the local clearing code (whichever country is applicable) for processing the payments
Post-payment enquiry- Signature verification
- IPs Whitelisting
- Token Validation
- Valid/Active B2B company code

Parts of the request

Message

This part carries the information that is required to authenticate a request. This includes Client ID, Client Secret and Access Token.

Body

This part includes the information about the request created on the backend of the client application.

Signature

Encrypted string obtained by processing request body with Private Key/Certificate through SHA-256 with RSA Algorithm (Crypto : JCE Sign).