Business API
Validate an account name (CoP)
api
post
/account-name-validation

Validate an account name (CoP)

Use Confirmation of Payee (CoP) to validate a UK counterparty's account name against their account number and sort code when adding a counterparty or making a transfer to a new or existing counterparty.

For more details, see the guides: Validate an account name (CoP).

note

Confirmation of Payee is an account name checking system in the UK that helps clients to make sure payments aren't sent to the wrong bank or building society account.

When performing the check, you must specify the account type by providing the name for either an individual (personal account) or a company (business account).

caution

The CoP check does not protect you against all kinds of fraud. It only checks if the name you provided for an account matches that account's details.
Even if the counterparty's details match, you should still exercise due caution when transferring funds.

This functionality is only available to UK-based businesses. If you would like to make use of it, please contact Revolut API Support.

Access Token

Each Business API request must contain an authorization header in the following format to make a call: Bearer <your_access_token>.

The access token will be obtained the first time you set up your application and has an expiration of 40 minutes. During setup, a refresh_token will also be obtained which allows to obtain a new access_token.

danger

Never share your client-assertion JWT (JSON web token), access_token and refresh_token with anyone, as these can be used to access your banking data and initiate transactions.

Access tokens can be issued with four security scopes and require a JWT (JSON Web Token) signature to be obtained:

  • READ: Permissions for GET operations.

  • WRITE: Permissions to update counterparties, webhooks, and issue payment drafts.

  • PAY: Permissions to initiate or cancel transactions and currency exchanges.

  • READ_SENSITIVE_CARD_DATA: Permissions to retrieve sensitive card details.

    caution

    If you enable the READ_SENSITIVE_CARD_DATA scope for your access token, you must set up IP whitelisting. Failing to do so will prevent you from accessing any Business API endpoint.

    IP whitelisting means that you must specify an IP or a set of IPs which will be the only IPs from which requests to the API will be accepted. To do so:

    1. Go to the Revolut Business web app settings -> APIs -> Business API.
    2. Select the corresponding API certificate.
    3. In Production IP whitelist, provide the IP(s) which should be whitelisted, and save.

To configure your JWT and obtain the refresh and first access tokens, complete the following steps:

  1. Sign up for a Revolut Business account
  2. Prepare your Sandbox environment
  3. Make your first API request

Request

Counterparty account details

Request body
Body object

The account number of the counterparty.

The sort code of the counterparty's account.

The name of the business counterparty. Use when individual_name is not specified.

The name of the individual counterparty. Use when company_name isn't specified.

The first name of the individual counterparty.

The last name of the individual counterparty.

Response

Account name validation result

Response body
Body object

Possible values: [matched, close_match, not_matched, cannot_be_checked, temporarily_unavailable]

The result of the account name check. Possible values:

  • matched: The name and account type match the provided values.
  • close_match: The name and account type are similar to the provided values. The actual values are returned.
  • not_matched: The name and account type don't match the provided values.
  • cannot_be_checked: The check cannot be performed and retries won't help. For example, the recipient's bank doesn't support CoP.
  • temporarily_unavailable: The check cannot be performed right now. For example, the recipient's bank didn't respond to our request. You should retry the request later.

A code which explains why a given result was returned. For example, it might happen that the details you provided match the account details, but you specified the counterparty as an individual, and the account type is business.

Possible values: [uk_cop]

The reason type. Possible values:

  • uk_cop - The CoP reason.

Possible values: [close_match, individual_account_name_matched, company_account_name_matched, individual_account_close_match, company_account_close_match, not_matched, account_does_not_exist, account_switched, cannot_be_checked]

The reason code. Possible values:

  • close_match - The provided name is similar to the account name, the account type is correct. The actual name is returned.
  • individual_account_name_matched - The names match but the counterparty is an individual, not a business.
  • company_account_name_matched - The names match but the counterparty is a business, not an individual.
  • individual_account_close_match - The provided name is similar to the account name, and the account type is incorrect - the counterparty is an individual, not a business. The actual name is returned.
  • company_account_close_match - The provided name is similar to the account name, and the account type is incorrect - the counterparty is a business, not an individual. The actual name is returned.
  • not_matched - The account details don't match the provided values.
  • account_does_not_exist - The account does not exist.
  • account_switched - The account has been switched using the Current Account Switching Service. Please contact the recipient for updated account details.
  • cannot_be_checked - The account cannot be checked.

The name of the business counterparty. Provided only if individual_name is not specified.

The name of the individual counterparty. Provided only if company_name is not specified.

The first name of the individual counterparty.

The last name of the individual counterparty.

Was this page helpful?
Loading...