For micro-deposit verification, initiate two small deposits to the user's provided account and routing number, then ask the user to confirm the exact deposit amounts within your verification window
Compare the user-submitted amounts against the actual deposit amounts; a match confirms the user controls the account
For instant verification via Plaid or a similar aggregator, exchange a link token for a public token on the client, exchange the public token for an access token server-side, and call the auth endpoint to retrieve account and routing numbers directly
Cross-reference the returned account holder name from the instant verification response against your user's verified identity name to confirm ownership
For high-risk transactions, combine both methods or use an additional identity signal from the bank data (account age, transaction history) to strengthen the ownership assertion
Store the verification method, outcome, and timestamp; do not store raw account numbers in plaintext
Known gotchas
Micro-deposit verification has a multi-day latency and a non-trivial abandonment rate; design the UX to clearly communicate the wait time and remind users to confirm
Instant verification coverage depends on the aggregator's bank connectivity; for smaller banks or credit unions, fallback to micro-deposits may be necessary
Account holder name matching via instant verification is unreliable for joint accounts or accounts with business names; establish a fallback policy for name mismatch cases
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp