Pay by Bank
- Bridge
Embed
- Overview
- Onboarding
- Drop-in Components
- API Onboarding
Resources
- Synthetic Identity Fraud
- WALDO
- Sandbox and Testing
Reason Codes
Understanding the reason codes returned by Straddle’s Identity verification process
Identity Reason Codes
When you create or update a customer using Straddle’s API, our system performs an identity verification process. This process returns reason codes that provide insights into the verification results. These codes are crucial for understanding the risk assessment and decision-making process.
Overview
Reason codes are alphanumeric identifiers that explain specific aspects of the identity verification process. They are categorized into different types, each starting with a specific letter:
I
: Informational codesR
: Risk indicator codesB
: Business Identity codes
Reason codes provide valuable context for the verification decision. Always review these codes to understand why a particular decision was made.
Accessing Reason Codes
You can access the reason codes in the response when creating or retrieving a customer. The codes are located in the identity_details
object of the response.
const response = await straddle.customers.create({
// customer details
});
const reasonCodes = response.identity_details.breakdown.reason_codes;
console.log(reasonCodes);
Interpreting Reason Codes
Informational Codes (I)
Informational codes provide context about the verification process and the data used. They don’t necessarily indicate a risk but offer additional insights.
I1001
: Identity not found within Consortium InstitutionsI121
: Social networks matchI301
: Account is correlated with the first nameI520
: Emailrisk score represents low riskI601
: Phone number is a landline
Risk Indicator Codes (R)
Risk indicator codes highlight potential risks or discrepancies in the provided information. These codes are crucial for assessing the overall risk of a customer.
R1001
: Found at least 2 distinct DOBs associated with the given identityR201
: The input SSN is invalidR520
: Emailrisk score represents high riskR701
: Address is inactive, not receiving mail, or vacantR901
: SSN/ITIN cannot be resolved to the individual
Using Reason Codes in Your Application
When implementing identity verification in your application, you can use these reason codes to:
- Provide specific feedback to users about their verification status
- Implement custom logic based on certain codes
- Flag high-risk applications for manual review
Here’s an example of how you might use reason codes in your application:
function handleVerificationResult(customer) {
const reasonCodes = customer.identity_details.breakdown.reason_codes;
if (reasonCodes.includes('R201')) {
console.log('Invalid SSN provided');
// Prompt user to re-enter SSN
} else if (reasonCodes.includes('R520')) {
console.log('High risk email detected');
// Flag for manual review
} else if (reasonCodes.some(code => code.startsWith('I'))) {
console.log('Verification successful with additional information');
// Proceed with account creation
}
}
Best Practices
When working with identity reason codes, consider the following best practices:
-
Regularly review and update your handling of reason codes: As Straddle may introduce new codes or modify existing ones, ensure your application can handle new codes gracefully.
-
Combine multiple codes for a comprehensive risk assessment: Don’t rely on a single code to make decisions. Consider the full picture provided by all returned codes.
-
Provide clear feedback to users: When possible, use reason codes to give specific instructions to users for resolving verification issues.
-
Monitor code frequencies: Keep track of which codes appear most often in your verifications. This can help you identify patterns and potential areas for improvement in your onboarding process.
-
Consult with Straddle: If you’re unsure about the meaning or implication of certain codes, don’t hesitate to reach out to Straddle’s support team for clarification.
Remember, while reason codes are powerful tools for risk assessment, they should be used in conjunction with other fraud prevention measures for the most effective protection against fraudulent activities.
By leveraging these identity reason codes effectively, you can enhance your risk assessment process, improve your user experience, and make more informed decisions about customer verifications.
Reason Codes Documentation
Identity Verification Codes
Code | Description |
---|---|
I1001 | Identity not found within Consortium Institutions |
I1002 | National ID was not provided and Straddle was unable to prefill National ID for the given identity |
I1003 | National ID was not provided and Straddle was able to prefill National ID for the given identity |
I1004 | Matched identity onto at least 1 other Consortium Institution |
I1005 | Matched identity onto at least 4 other Consortium Institutions |
I121 | Social networks match |
I127 | Online sources represent a broader digital footprint than just social networks |
Code | Description |
---|---|
I140 | Email address tagged as positive |
I141 | Email domain tagged as positive |
I142 | Phone number tagged as positive |
I143 | IP Address tagged as positive |
I144 | Full name tagged as positive |
I145 | SSN tagged as positive |
I146 | Device tagged as positive |
Code | Description |
---|---|
I202 | The input SSN is an ITIN |
I203 | SSN was first seen in credit header records between 5 to 10 years ago |
I204 | SSN is first seen in credit header records more than 10 years ago |
I205 | SSN is found to be inquired once every 2 to 3 months |
I206 | SSN is found to be inquired once every 3 to 6 months |
I207 | SSN is found to be inquired once every 6 to 12 months |
I208 | SSN is found to be inquired less than once a year |
I209 | Input full name and DOB combination found in property records |
I210 | Input full name and DOB combination found in education/university records |
I211 | Input full name and DOB matches a driver’s license record |
Account Verification Codes
Code | Description |
---|---|
I301 | Account is correlated with the first name |
I302 | Account is conditionally correlated with the first name |
I304 | Account is correlated with the last name |
I305 | Account is conditionally correlated with the last name |
I307 | Account is correlated with the business name |
I308 | Account is conditionally correlated with the business name |
I310 | Account is correlated with the DOB |
I311 | Account is conditionally correlated with the DOB |
I313 | Account is correlated with the SSN |
I314 | Account is conditionally correlated with the SSN |
I316 | Account is correlated with the address |
I317 | Account is conditionally correlated with the address |
I319 | Account is correlated with the phone |
I320 | Account is conditionally correlated with the phone |
Code | Description |
---|---|
I325 | SSN derived from ID Graph |
I326 | DOB derived from ID Graph |
I328 | Account has been seen in the last 15 days |
I329 | Account has been seen between 15 and 30 days |
I330 | Account has been seen between 30 and 45 days |
I331 | Account has been seen between 45 and 60 days |
I332 | Account has been seen between 60 and 75 days |
I333 | Account has been seen between 75 and 90 days |
I334 | Account has been seen between 90 and 120 days |
I335 | Account has been seen between 120 and 150 days |
I336 | Account has been seen between 150 and 180 days |
I337 | Account has been seen between 180 and 210 days |
I338 | Account has been seen between 210 and 240 days |
I339 | Account has been seen between 240 and 270 days |
I341 | Account has been seen between 270 and 300 days |
I342 | Account has been seen between 300 and 365 days |
I343 | Account has been seen between 365 and 730 days |
I344 | Account has been seen over 730 days ago |
Device Verification Codes
Code | Description |
---|---|
I401 | Device token previously encountered |
I402 | Multiple users associated with device |
I403 | Identity may not be primary device user |
I404 | Identity associated with primary device owner |
I405 | Device token previously associated with phone number |
I406 | Device token previously associated with email address |
I407 | Device token previously associated with first name |
I408 | Device token previously associated with last name |
I409 | Device token not encountered within the past 5 days |
I410 | Device session is associated with more than 2 phone numbers |
I411 | Device session is associated with more than 2 emails |
I412 | Device session is associated with more than 2 first names |
I413 | Device session is associated with more than 2 last names |
I414 | Session connected using a proxy |
I415 | Session IP located more than 100 miles from the address |
I416 | Session IP originates from within the United States |
I417 | Session IP originates from outside the United States |
I419 | Session connected using a residential IP address |
I420 | Session connected using a commercial IP address |
I421 | Session connected using a mobile IP address |
I423 | Device is a physical device |
I424 | Device type is a desktop or laptop computer |
I425 | Device type is mobile, tablet, or wearable |
I428 | Mobile network associated with the device is a non-US carrier |
Email Verification Codes
Code | Description |
---|---|
I520 | Email risk score represents low risk |
I550 | Email address is more than 180 days and less than 1 year old |
I551 | Email address is more than 1 year and less than 2 years old |
I553 | Email address is more than 2 years old |
I554 | Exact match between email and first name |
I555 | Email domain is more than 180 days old |
I556 | Email address can be resolved to the individual |
I557 | Email is correlated with the first name |
I558 | Email is correlated with the last name |
I559 | Exact match between email and last name |
I560 | Email domain represents a Fortune 500 company |
I561 | Email domain represents a US college or university |
I562 | Email username contains ZIP code of current application |
I563 | Email domain contains a special use domain (RFC, arpa, example, invalid, local, onion, etc.) |
I564 | Special characters found in email alias |
I565 | Email username contains a role-level alias (support, info, admin, etc.) |
I566 | Email provider is found in public web sources |
I567 | Email username contains five or more alphabetic sections |
I568 | Email handle contains a name |
I569 | Email handle contains input first name |
I570 | Email handle contains input surname |
I571 | Email top-level domain represents a non-US country |
I572 | Email subdomain possibly a typo of a popular email domain |
I573 | Email top-level domain possibly a typo of a popular TLD |
I575 | Provided email is a possible filler email |
I576 | Email handle aligns with the pattern of valid email addresses |
Phone Verification Codes
Code | Description |
---|---|
I601 | Phone number is a landline |
I602 | Phone number is a mobile line |
I605 | Phone number is a premium-rate line |
I608 | Phone number is commercial or dual-purpose |
I609 | Phone number is consumer or residential |
I610 | Phone number is correlated with the address |
I611 | Phone number is associated with a major US carrier |
I614 | Phone number has been in service more than 365 days |
I616 | Phone number is associated with a Mobile Virtual Network Operator |
I618 | Phone number can be resolved to the individual |
I620 | Phone risk score represents low risk |
I621 | Phone is correlated with the first name |
I622 | Phone is correlated with the last name |
I623 | Exact match between phone and first name |
I624 | Exact match between phone and last name |
I625 | Phone number has never been ported |
I626 | Phone number was ported at least 60 days ago |
I630 | Phone subscriber has been correlated with the input phone number for more than 365 days |
Code | Description |
---|---|
I631 | IP address is provided by a mobile carrier |
I632 | IP connection is consumer |
I633 | IP connection is business |
I634 | Proxy is an educational institution |
I635 | Proxy is registered to a corporation |
I636 | IP address originates from the US or US territories |
I637 | Email address is associated with the input phone number |
I638 | IP proxy originates from Google or Apple consumer privacy networks |
I639 | IP address is a consumer privacy network proxy |
I640 | Phone number might have been mistyped |
I641 | Presented identity shows high overall correlation in Straddle’s network |
Address Verification Codes
Code | Description |
---|---|
I704 | Address is multi-unit or high-rise |
I705 | Address is single unit |
I706 | Address is an accredited college or university |
I707 | Address is residential |
I708 | Address can be resolved to the individual |
I709 | Address is correlated with the first name |
I710 | Address is correlated with the last name |
I711 | Address is confirmed as deliverable |
I712 | Address is confirmed deliverable by dropping secondary information |
I713 | Address is confirmed deliverable but was missing secondary information |
I714 | Address is valid but doesn’t currently receive USPS street delivery |
I715 | Address is correlated with a past address |
I716 | Address is a Small Office/Home Office (SOHO) |
I718 | Exact match between address and first name |
I719 | Exact match between address and last name |
I720 | Address risk score represents low risk |
I721 | Email address is correlated with the input physical address |
I722 | Email address is partially correlated with the input physical address |
Document Verification Codes
Code | Description |
---|---|
I808 | Document image resolution is insufficient |
I820 | Headshot passes integrity checks |
I822 | First name extracted from document correlates with input name |
I823 | Last name extracted from document correlates with input name |
I824 | Address extracted from document correlates with input address |
I825 | DOB extracted from document correlates with input DOB |
I826 | Document number extracted from document correlates with input number |
I831 | Minimum required information extracted from document barcode |
I833 | Minimum required information extracted from document MRZ |
I834 | Self-portrait passes liveness checks |
I836 | Document image correlates with self-portrait |
I837 | Self-portrait was not considered in decision |
I838 | Minimum required information extracted from the document |
I845 | Age meets minimum requirements |
I846 | Expired document within the grace period specified |
I847 | Document about to expire within the future grace period |
I848 | The document is not captured properly |
I849 | Incorrect ID type selected |
I854 | The back of the license was not passed; no barcode to extract information |
I855 | First name matches with a known nickname or alias |
I856 | Liveness was not determined |
I860 | Image correlation was not calculated for alert list |
General Information Codes
Code | Description |
---|---|
I903 | Address was not provided at input |
I904 | SSN/ITIN was not provided at input |
I905 | SSN/ITIN provided at input contained only 4 digits |
I906 | DOB was not provided at input |
I907 | SSN is issued to a non-US citizen |
I908 | Address is correlated with a military ZIP code |
I909 | First name and last name are possibly reversed |
I910 | Address is correlated with a past address |
I911 | Address is a PO Box |
I912 | SSN was randomly issued by the SSA |
I913 | SSN has not been reported as deceased |
I914 | Identity has not been reported as deceased |
I917 | Full name and address can be resolved to the individual but the SSN/ITIN is not |
I919 | Full name, address, and SSN/ITIN can be resolved to the individual |
I920 | Emerging identity indicator |
I921 | Address is an accredited college or university |
I922 | Mobile number was not provided at input |
I923 | Email address was not provided at input |
I930 | Name and DOB match a notable personality or celebrity |
I931 | First name or last name may refer to a non-person entity |
I932 | Name and DOB match a notable individual in the sports industry |
I933 | Multi-party application detected |
I975 | Non-MLA covered borrower status |
I998 | Name, SSN, and DOB correlation verified by SSA |
I999 | Identity decease unverified by SSA |
Risk Codes
Code | Description |
---|---|
R1001 | Found at least 2 distinct DOBs associated with the given identity |
R1002 | Found at least 4 distinct first names associated with the given identity |
R1003 | Found at least 4 distinct last names associated with the given identity |
R1004 | Found at least 3 distinct phone numbers associated with the given identity |
R1005 | Found at least 3 distinct emails associated with the given identity |
R1006 | Found at least 1 application marked as fraudulent associated with the given identity |
R1007 | Found at least 1 application marked as third-party fraud associated with the given identity |
R1008 | Found at least 2 applications within 30 days of each other associated with the given identity |
R1009 | Found at least 2 applications within 90 days of each other associated with the given identity |
Code | Description |
---|---|
R1010 | Found at least 1 account marked as fraudulent associated with the given identity |
R1011 | Found at least 1 account marked as suspected third-party fraud associated with the given identity |
R1012 | Found at least 1 account marked as suspected first-party fraud associated with the given identity |
R1013 | Found at least 1 account marked as other fraud associated with the given identity |
R1014 | Found at least 1 account marked as delinquency associated with the given identity |
R1015 | Found at least 1 closed account associated with the given identity |
R1016 | Found at least 5 closed accounts associated with the given identity |
R1017 | Found at least 2 accounts opened within 30 days of each other associated with the given identity |
R1018 | Found at least 2 accounts opened within 90 days of each other associated with the given identity |
R1019 | Found at least 2 accounts closed within 30 days of each other associated with the given identity |
R1020 | Found at least 2 accounts reported as fraud within 30 days of each other associated with the given identity |
R1021 | Found at least 1 account closed within 30 days from opening associated with the given identity |
R1022 | Found at least 1 account reported as fraud within 30 days from opening associated with the given identity |
Code | Description |
---|---|
R1023 | Found at least 1 ACH transaction reported as fraud associated with the given identity |
R1024 | Found at least 1 ACH transaction reported as suspected third-party fraud associated with the given identity |
R1025 | Found at least 1 ACH transaction reported as suspected first-party fraud associated with the given identity |
R1026 | Found at least 1 ACH transaction reported as other fraud associated with the given identity |
R1027 | Found at least 1 ACH transaction reported as delinquency associated with the given identity |
R1028 | Found at least 10 returned ACH transactions associated with the given identity |
R1029 | Found at least 1 returned ACH transaction with return category fraudulent behavior associated with the given identity |
R1030 | Found at least 1 ACH transaction reported as fraud within 7 days of another associated with the given identity |
R1031 | Found at least 1 ACH transaction reported as fraud committed within 7 days from account opening associated with the given identity |
R1032 | Found at least 1 ACH transaction reported as fraud committed within 30 days from account opening associated with the given identity |
Code | Description |
---|---|
R110 | Alert list email address match |
R111 | Alert list SSN/ITIN match |
R113 | Alert list phone number match |
Code | Description |
---|---|
R140 | Email address tagged as negative |
R141 | Email domain tagged as negative |
R142 | Phone number tagged as negative |
R143 | IP Address tagged as negative |
R144 | Full name tagged as negative |
R145 | SSN tagged as negative |
R146 | Device tagged as negative |
R160 | Email address tagged as suspect |
R161 | Email domain tagged as suspect |
R162 | Phone number tagged as suspect |
R163 | IP Address tagged as suspect |
R164 | Full name tagged as suspect |
R165 | SSN tagged as suspect |
R166 | Device tagged as suspect |
Code | Description |
---|---|
R171 | Input mobile number originates from an OFAC sanctioned country |
R172 | Input email likely originates from an OFAC sanctioned country |
R173 | Input country or document is from an OFAC sanctioned country |
R180 | Watchlist search returned at least one hit on OFAC SDN list |
R181 | Watchlist search returned at least one hit on OFAC Non-SDN lists |
R182 | Watchlist search returned at least one hit on a sanction list excluding any OFAC hits |
R183 | Watchlist search returned at least one hit on an enforcement list excluding any OFAC hits |
R184 | Watchlist search returned at least one hit on a politically exposed person |
R185 | Watchlist search returned at least one entity with adverse media articles |
R186 | Global Watchlist sources selected are correlated with the input identifiers |
R189 | Watchlist search returned at least one entity on any custom watchlist that matched the input |
Code | Description |
---|---|
R201 | The input SSN is invalid |
R202 | The input SSN is reported as deceased |
R203 | Multiple identities associated with input SSN |
R204 | Entered SSN associated with multiple last names |
R205 | Entered SSN associated with different name and address |
R206 | The input SSN was issued prior to the input date-of-birth |
R207 | SSN/ITIN is associated with multiple DOBs |
R208 | SSN/ITIN is associated with multiple addresses |
R209 | No former addresses associated with the SSN |
R210 | Frequency of SSN in Straddle records is unusually high |
R211 | SSN seen in frozen credit files |
R212 | The input last name is not associated with the input SSN |
R213 | Name does not correlate with the name for the resolved public record individual |
R214 | SSN/ITIN cannot be resolved to the individual |
R215 | First name does not match SSN |
R216 | Unable to verify date-of-birth |
R217 | SSN was randomly issued by the SSA |
R218 | The input SSN is not the primary SSN for the input identity |
R219 | The input SSN is not found in public records |
R220 | Issue date for the provided SSN could not be resolved |
R221 | SSN associated with input phone number could not be confirmed |
R222 | Input SSN could not be confirmed |
R223 | Input SSN did not match any of the SSNs associated with the input phone number in the last two years |
R224 | 4 or more different SSNs have been found to be inquired against the input phone |
R225 | 4 or more different first names have been found to be inquired against the input SSN |
R226 | Multiple phones are marked current for the input SSN |
R227 | SSN is found to be inquired at an unusually high frequency (more than once a month) |
R228 | Only 1 component of the input DOB matches the best matched entity |
R229 | Only 2 components of the input DOB matches the best matched entity |
R230 | SSN was first seen in credit header records within the last 1 year |
R231 | SSN was first seen in credit header records between 1 to 3 years ago |
R232 | SSN was first seen in credit header records between 3 to 5 years ago |
R233 | No SSN found in credit header records for the given full name and DOB |
R234 | SSNs in credit header data associated with full name and DOB differ from input SSN by 1 digit |
R235 | Input full name could not be fuzzy-matched with full names associated with SSN in header and inquiry records |
R236 | Input DOB month does not match any DOB month found on inquiry records |
R237 | Input SSN is not an exact match to the SSNs associated with the given full name and DOB |
R238 | SSNs in credit header data associated with full name and DOB differ from input SSN by up to 2 digits |
R239 | SSNs in credit header data associated with full name and DOB differ from input SSN by up to 3 digits |
R240 | Input SSN was issued more than 2 years after input birth year |
Code | Description |
---|---|
R298 | Identity resembles a manipulated synthetic identity |
R299 | Identity resembles a fabricated synthetic identity |
Code | Description |
---|---|
R350 | DOB indicates individual is less than 16 or more than 100 years old |
R351 | DOB indicates COPPA review |
R352 | DOB indicates an age between 13 and 15 |
R353 | DOB indicates an age between 16 and 17 |
R355 | DOB indicates an improbable age |