clock 8-minute read calender 2.4.0 | updated Apr. 24, 2024

Get immediate verification of account ownership

Key takeaways

  • Help reduce fraud by validating the owner of an account, matching the intended counterparty before moving funds

  • Help minimize returns by confirming an account is open and valid before transacting with the account

  • Comply with Nacha rules requiring account validation for web debits in real time without need for prenotes or micro-deposits

  • Help save time with immediate validation for account inquiries

Try it yourself

If you want to use our Account Validation API, please contact us to learn more.
Sign up

With the Account Validation API, you can inquire about an account and a get real-time confirmation back on the status of the account and whether the ownership data matches. By real-time, we mean like 5 seconds or less on average. This is a far contrast to pre-notes or micro deposits which can take days and possibly accrue cost if there a return involved for illegitimate accounts.

Account validation is simple. You send an inquiry request to evaluate the account information from a draft account item, typically a check or an ACH item. KeyBank completes Account Ownership Authentication (AOA). This is an API service that enables payment processors to verify that a payer’s name, address, and other elements match the account information in the National Shared Database (NSD) and the payer is authorized to transact on the account. This service is priced per each successful transaction. Speak with your Payments Advisor to learn more or sign up for the API product.

You can also see our Getting Started Guide to learn more about how to partner with KeyBank APIs.

See the specs

Good to know

  • AOA is possible at KeyBank with the Account Validation API product.
  • We only confirm account ownership. At the moment, we do not provide a detailed account status or risk-based score.

When you make a request, you must know the following parameter information:

  • secondaryID: This is a unique identification assigned by KeyBank to each client of the API and identifies which client is making the call.
  • routingNumber: The routing number of the bank account holder.
  • accountNumber: The bank account number of the account owner.

If you want to include a name in your search or include more data points for verification, you can use the AcctOwner object to inquire about a personal or business account. A personal inquiry only searches by the account number, routing number, first name/last name. A business inquiry also searches the account owner information associated with the specified business name. You can also append date and time information along with a custom user note or tag in the Client object.

Search by… AcctOwner fields
Account owner’s full name firstName + lastName
Business name businessName
Account owner’s first name with business name firstName + businessName
Account owner’s last name with business name lastName + businessName
Account owner’s full name with business name firstName + lastName + businessName

Common terms

Account Owner Authentication matches the account owner identity to the bank account, confirming if data is accurate when compared against the NSD.
Embedded Banking is a sector of KeyBank dedicated to developing and delivering quality digital services integration in both traditional and modern environments.
Micro deposits:
Small amounts of money sent from one financial account to another to verify and authenticate account ownership.
National Automated Clearing House Association the organization responsible for managing the rules and regulations governing the ACH network in the US.
National Shared Database is the collection of data contributed to by consumers and used to verify account owner information.
Test transactions to help confirm the correct bank account information, like the penny test.
The process of helping KeyBank partners and API consumers get familiar with our suite of API products. This can include assessment, setup, and environment access.

The AOA response includes basic account owner status and validation with a match score. If the response returns an empty field, there is no entry in the database.

The accountStatus object returns the basic status of the account. The primaryStatusCode returns a three-digit code for the current condition of the bank account and whether is it open, closed, or not found.

Status code Message
000 Routing number and account number combination cannot be found
012 Account is closed
096 No positive or negative information in known about the account
099 Account is present in the participant’s master account file and has no other status code

Basic validation passes additional data points from the AcctOwner object like the address, phone number, and date of birth to compare with the NSD. The field entry case, spacing, and punctuation are ignored when matching values.

The response returns:

  • a condition code telling you the state of the account owner data provided.
  • match codes that confirm the data is the found or not with a Y (Yes), N (No), C (Conditional), or U (Unknown).
  • an overall match score is generated based on number of data points that did and did not match. If most of the match codes are Y, you will have a higher match score.


  • All requests require the secondaryId provided during KeyBank onboarding, routing number, and an account number.
  • If this is a personal inquiry, at a minimum search by account number, routing number, and first name and/or last name.
  • If this is a business inquiry, at a minimum search by account number, routing number, and business name.




"accountValidationRequest": {
  "AOARequest": {
    "Inquiry": {
      "serviceType": "Owner",
      "secondaryID": "KeyCli01",
      "additionalID": "",
      "routingNumber": "122199983",
      "accountNumber": "89455",
      "serialNumber": "",
      "AcctOwner": {
        "firstName": " Paul;",
        "lastName": "Wilson ",
        "middleName": "V",
        "businessName": "Bizness by Paul",
        "addressLine1": "206 GOODWIN ST",
        "city": "MERRIT",
        "state": "MI",
        "zipCode": "49667",
        "ssn": "9999",
        "dob": "19730801",
        "idType": "2",
        "idNo": "6788",
        idState": "AL"
    "Client": {
      "ClientDt": "2022-03-04",
      "ClientTime": "14:45:05",
      "UserDef": "123xyz"
"accountValidationResponse": {
  "AOAResponse": {
    "Result": {
      "errorCode": "000",
      "systemRecordId": "5934871120174384",
      "primaryId": "TROM122101",
      "secondaryId": "KeyCli01",
      "additionalId": "",
      "routingNumber": "122199983",
      "accountNumber": "89455",
      "feeAttrib": "HH",
      "AcctOwner": {
        "conditionCode": "000",
        "nameMatch": "Y",
        "firstNameMatch": "Y",
        "lastNameMatch": "Y",
        "middleNameMatch": "Y",
        "namePrefixMatch": "",
        "nameSuffixMatch": "",
        "businessNameMatch": "Y",
        "addressMatch": "Y",
        "cityMatch": "Y",
        "stateMatch": "Y",
        "zipCodeMatch": "Y",
        "homePhoneMatch": "",
        "workPhoneMatch": "",
        "ssnMatch": "Y",
        "dobMatch": "Y",
        "idTypeMatch": "Y",
        "idNoMatch": "Y",
        "idStateMatch": "Y",
        "overallMatchScore": "100"
      "accountStatus": {
        "primaryStatusCode": "099",
        "primMessage": "Open Valid"
      "Client": {
        "ClientDt": "2022-03-04",
        "ClientTime": "14:45:05",
        "UserDef": "123xyz"


What to expect

  1. The data provided in the request is compared to the NSD. After evaluation, you get a response that indicates if there is a match or any discrepancies.
  2. Review the response and interpret the information according to your needs and business rules. You can consider the response data in your decision-making process, along with other risk management information.

What's next?