Same Day Micro-deposits Link best practices
Optimally configure Same Day Micro-deposits to reduce fraud and increase conversion
Minimizing fraud with Same Day Micro-deposits
Plaid provides a suite of fraud prevention products that assist your application in catching bad actors and ACH returns. You can verify the source of funds with Identity, confirm the real-time Balance prior to a transfer, and leverage our machine learning model Signal to prevent returns and release funds earlier. If an account is connected via Same Day Micro-deposits, these features are not typically available and could increase the likelihood that you experience fraud and ACH returns. Following the recommendations below can help mitigate these risks.
Use Identity Match
Approximately 30% of Items created with Same Day Micro-deposits are supported by
/identity/match, which allows you to determine the likelihood that the user's identity details, such as name and address, on file with their financial institution match identity information held by you. For more details on this feature, see Identity.
Adjust a user’s Link experience based on their risk profile
In order to reduce fraud upstream on your application, we recommend leveraging Plaid Identity Verification to verify a government ID or match with a selfie of the document holder. This requires your user to take additional steps, though ensures verification of the Identity before the user opts to link their bank account, and is available for all Auth Types (manual and credential-based).
If your application does not have an identity verification solution or Plaid Link is not gated from the general public with fraud prevention and user verification checks in place, we do not recommend adopting Same Day Micro-deposits as it may introduce an unnecessary fraud vector onto your platform.
If you identify a user to be riskier, consider disabling Same Day Micro-deposits (either as an optional configuration at Link failure points, or
via the upfront Auth Type Select configuration) for those users, since fraud prevention products are not available when they connect via this method.
To do this, set the
auth_type_select_enabled parameters to
false in the
/link/token/create call for that user.
Another option for riskier users is to leave Same Day Micro-deposits enabled, but enable Reroute to Credentials in Forced mode, which will only allow
the user to link via Same Day Micro-deposits when using a routing number not supported by other authentication methods. To do this on a per-session
basis, specify the
FORCED value for the
reroute_to_credentials field within the
auth object in your
You may also consider changing your user’s experience with your service based on their connection method. For example, if a user connected via Same Day Micro-deposits, you may consider enforcing a lower transfer threshold than for users where it was possible to verify identity and increasing hold times on those funds.
Implement Text Message Verification
Customers who use Text Message Verification see a significant increase in their conversion rates. To fully support Text Message Verification, make sure you set the
auth.sms_microdeposits_verification_enabled flag to
true in your
/link/token/create configuration object and handle the
If the webhook indicates that the user has successfully verified their account information, remove any in-app messaging directing the user to complete the verification process. We also recommend sending the user a notification prompting them to come back to your app and complete any tasks that may have been waiting on this verification.
Prompt user to verify micro-deposits in Link
If you are not using Text Message Verification, we strongly recommend sending your user a notification (e.g. email, SMS, push notification) prompting them to come back into your app and verify the micro-deposit code in the transaction description.