Introduction to Identity

Verify users' account ownership and reduce fraud with the Identity product.

Explore API

API Reference

View Identity requests, responses, and example code

View Identity API

Quickstart

Learn about Plaid's key concepts and run starter code

Get started

Overview

Plaid's Identity product helps you verify users' identities by accessing information on file with their financial institution. Using Identity, you can access a user's phone number, email address, mailing address, and name. This can be used for verifying against a trusted source that information provided by the user is correct, or for prefilling account information.

Plaid provides two endpoints for Identity: /identity/get retrieves the user's name and contact information from their financial institution, while /identity/match (beta) allows you to provide a name and contact information for a user and returns a match score indicating how well that information matches the information on file with their financial institution, simplifying the process of using identity data for account ownership verification. Both endpoints can be used to reduce fraud, improve user onboarding and conversion, and to complement Know Your Customer (KYC) compliance checks.

Identity can be used to verify all major account types supported by Plaid, including checking and savings accounts, credit cards, brokerage accounts, and loans. Identity coverage can be used to verify an account before initiating an ACH transaction: 97% of Items initialized with Auth provide Identity data as well.

Depending on your use case, you may want to verify the identity of all users, or only some. For example, you might want to verify the identity of any user initiating a funds transfer, or you might only verify users who you have identified as being higher risk, based on data such as email address, location, financial institution, or activity patterns.

Plaid Identity can be combined with Plaid Identity Verification in a single workflow to provide full identity verification and fraud reduction. Identity Verification is used for KYC, to verify that the user of your app is the person they claim to be, while Identity is used to confirm that the ownership information on their linked bank or credit card account matches this verified identity.

Getting Identity data

The /identity/get endpoint provides you with several pieces of information. The name is guaranteed to be available; the email address, phone number, and address are usually available, but may be null otherwise.

Sample Identity data

Identity data returned by /identity/get includes owners' names, addresses, email addresses, and phone numbers as reported by the financial institution. In the case of an Item containing accounts with multiple owners, all owners' information will be provided. For business accounts, the account owner’s name can be that of a business.

1"owners": [
2  {
3    "addresses": [
4      {
5        "data": {
6          "city": "Malakoff",
7          "country": "US",
8          "postal_code": "14236",
9          "region": "NY",
10          "street": "2992 Cameron Road"
11        },
12        "primary": true
13      }
14    ],
15    "emails": [
16      {
17        "data": "accountholder0@example.com",
18        "primary": true,
19        "type": "primary"
20      },
21      {
22        "data": "accountholdersecondary0@example.com",
23        "primary": false,
24        "type": "secondary"
25      },
26    ],
27    "names": [
28      "Alberta Bobbeth Charleson"
29    ],
30    "phone_numbers": [
31      {
32        "data": "1112223333",
33        "primary": true,
34        "type": "home"
35      }
36    ]
37  }
38]
Typical identity fill rates by field
FieldTypical fill rate
Name>99%
Email address98%
Address93%
Phone number90%

Matching identity data

The /identity/match feature is currently in beta; reach out to your Plaid Account Manager or contact sales if you would like it enabled.

Using /identity/match, Identity data fields such as names, addresses, email addresses, and phone numbers can be matched against the owners’ identity information on connected accounts. Multiple fields are matched in a single request, and a separate score is returned for each field to indicate how closely it matched. Customers using Identity Match experience match results up to 20 points more accurate when using Identity Match versus using their own matching algorithms.

If you are already using Identity Verification, you can further enhance your verification process by enabling Financial Account Matching in your Identity Verification template. This feature allows you to match the data collected during KYC without having to specify the user field in your /identity/match request. To ensure accurate matching, it's important to maintain consistency in the client_user_id used for end users across all products.

Sample Identity match data

Data returned by /identity/match includes scores from matching a user's name, address, phone number, and email with the account owner's data that was present on the connected account. A score ranging from 0 to 100 is provided for each identity field. The score will be missing if the identity information was not provided in the request or unavailable at the connected account. In the case of an Item containing accounts with multiple owners, the highest matched scores are returned.

Example of how to interpret name match score
RangeMeaningExample
100Exact matchAndrew Smith, Andrew Smith
85-99Strong match, likely spelling error, nickname, or a missing middle name, prefix or suffixAndrew Smith, Andrew Simth
70-84Possible match, likely alias or nickname and spelling errorAndrew Smith, Andy Simth
50-69Unlikely match, likely relativeAndrew Smith, Betty Smith
0-49Unlikely matchAndrew Smith, Ray Charles
1{
2  "accounts": [
3    {
4      ..
5      "legal_name": {
6        "score": 90,
7        "is_nickname_match": true,
8        "is_first_name_or_last_name_match": true
9      },
10      "phone_number": {
11        "score": 100
12      },
13      "email_address": {
14        "score": 100
15      },
16      "address": {
17        "score": 100,
18        "is_postal_code_match": true
19      },
20      ..
21    },
22  ]
23}

Additional verification methods

It is recommended to provide a backup option in case a user's account ownership cannot be automatically verified. This can include additional customer due diligence using Plaid Identity Verification.

Testing Identity

Identity can be tested in Sandbox against test data without contacting Plaid. In order to test Identity against live Items in either Development or Production, you will need to first request access by submitting a product access request Support ticket explaining your use case.

/identity/match is a beta endpoint and can be tested in Sandbox using custom user accounts. Note that it is not recommended to send real user data or PII in the Sandbox environment for use with /identity/match, as Sandbox is meant for testing purposes.

Plaid provides a GitHub repo with test data for testing Identity in Sandbox, helping you test configuration options beyond those offered by the default Sandbox user. For more information on configuring custom Sandbox data, see Configuring the custom user account.

Identity Refresh (coming soon)

Identity Refresh beta is currently planned for Q4 2023. To be notified as soon as the beta is available, sign up for the Identity Refresh beta waitlist.

Bank identity may change over time, so it can be valuable to check it later in the user journey as well as when a user signs up for your account, as such changes are a leading indicator of account takeover (ATO). ACH debits from accounts with recent identity changes are also over twice as likely to result in ACH returns.

Identity Refresh allows you to monitor identity changes on a regular basis or proactively, so you can make better informed decisions about managing fraud and risk.

Identity Refresh offers two integration modes.

You can call an endpoint to trigger an on-demand identity update. This method is useful if you need a real-time identity in response to a user’s activity. For example, you can re-verify bank account ownership before a user makes a payout, or re-verify account ownership without additional friction when they change PII on your app.

Alternatively, you can configure Items to extract the latest bank identity at a cadence of your choice (daily, weekly, or monthly), so it’s already available when you’re making a risk decision.

In both modes, the DEFAULT_UPDATE webhook will fire when an identity update has been detected. After receiving this webhook, call /identity/get to get the raw bank identity and run your own tests, or /identity/match with your user’s information to match your user with the owner of the bank account.

Sample app tutorial and code

For a real-life example of an app that incorporates Identity, see the Node-based Plaid Pattern Account Funding sample app. Pattern Account Funding is a sample account funding app that fetches Identity data in order to verify identity prior to a funds transfer. The Identity code can be found in items.js.

For a tutorial walkthrough of creating a similar app, see Account funding tutorial.

Next steps

To get started building with Identity, see Add Identity to your App.

If you are using Identity as part of an account funding use case, see the Plaid Account Funding Guide for an overview of all required steps.

If you're ready to launch to Production, see the Launch checklist.

Launch checklist

Recommended steps to take before launching in Production

Launch