Bank Account Verification API — Penny Drop vs Name Match
Before you can credit a customer’s bank account — payroll, refund, creator
payout, NBFC disbursal — you need to verify the account exists and
belongs to them. Three API methods dominate in India: penny drop,
name match, and UPI-VPA verification. They differ sharply on
cost, latency, UX, and compliance fit. This guide compares them and shows how
to integrate each via the NxtBanking API.
1. Why verify at all?
- Cost of failure. A wrong-account credit costs ₹100–₹500 in reversal fees and 3-7 days of customer support time.
- Fraud. Someone submits a beneficiary account they don’t own, hoping you’ll credit it. Verification raises the cost of attack.
- Compliance. RBI’s PA-PG and PPI master directions require KYC-grade name-match before routine large-value credits.
2. Method A — Penny Drop
Send ₹1 to the target account via IMPS / NEFT, then read the beneficiary
name that comes back in the bank’s credit confirmation. The response includes
the account holder’s registered name exactly as the bank has it.
Pros: ground truth — the credit only settles if the account
exists and accepts deposits. No ambiguity.
Cons:
- Cost: every verification actually transfers ₹1, plus transaction fees (typically ₹1–₹5).
- Latency: 3–15 seconds typical; up to 2 minutes in edge cases.
- UX noise: the customer’s counter-party sees ₹1 credited to them.
curl -X POST "https://api.nxtbanking.com/verify/v1/penny-drop"
-H "Authorization: Bearer $TOKEN"
-H "Content-Type: application/json"
-d '{
"account_number": "50100123456789",
"ifsc": "HDFC0000001",
"expected_name": "Ravi Kumar"
}'
# =>
# { "status": "VERIFIED",
# "returned_name": "RAVI KUMAR",
# "match_score": 0.98,
# "ref_id": "pd_17abc...",
# "txn_cost": 1.00 }3. Method B — Name Match (pull-based)
The bank / verification provider looks up the account without moving any
money and returns the registered name. This is the cheapest and fastest option,
but its availability depends on the account’s bank — some banks won’t expose
the lookup at all.
Pros: ~₹0.20–₹1.00 per call, 200–800 ms latency, no customer-side
side-effect.
Cons:
- Not universally supported — coverage varies by bank.
- Doesn’t prove the account accepts credits (frozen / dormant accounts still return a name).
curl -X POST "https://api.nxtbanking.com/verify/v1/name-match"
-H "Authorization: Bearer $TOKEN"
-H "Content-Type: application/json"
-d '{ "account_number":"50100123456789",
"ifsc":"HDFC0000001",
"expected_name":"Ravi Kumar" }'
# =>
# { "status": "VERIFIED",
# "returned_name": "RAVI KUMAR",
# "match_score": 0.98,
# "latency_ms": 410 }4. Method C — UPI VPA Verification
Validates a VPA (ravi@okhdfc) and returns the registered name
of the PSP-side account holder. Costless on most networks, sub-second, and
customer-friendly because customers already remember their VPA.
Pros: Near-free, sub-second, works for any UPI-enabled
individual.
Cons:
- Doesn’t work for non-UPI accounts (current accounts of firms, some NRO, etc.).
- Name fidelity depends on the PSP; PhonePe returns full name, some return a truncated string.
curl -X POST "https://api.nxtbanking.com/verify/v1/vpa"
-H "Authorization: Bearer $TOKEN"
-d '{ "vpa":"ravi@okhdfc", "expected_name":"Ravi Kumar" }'
# =>
# { "status": "VERIFIED",
# "returned_name": "Ravi Kumar",
# "match_score": 0.99 }5. Side-by-side comparison
| Dimension | Penny Drop | Name Match | UPI VPA |
|---|---|---|---|
| Cost per call | ₹1 + fees | ₹0.20 – ₹1 | ₹0 – ₹0.50 |
| P50 latency | 3–8 s | 400–800 ms | 200–500 ms |
| P99 latency | 30–120 s | 2 s | 1 s |
| Account coverage | All IMPS-enabled | Varies by bank | UPI-enabled only |
| Proves accepts-credits? | Yes | No | No |
| Customer-side side-effect | ₹1 credit visible | None | None |
| Best for | First-ever payout | High-volume recurring | Individual payouts |
6. How to combine them
In production we recommend a tiered approach:
- Try UPI VPA first (cheapest, fastest).
- If no VPA provided, try Name Match (if the target bank supports it).
- Fall back to Penny Drop for first-time beneficiaries, large amounts, or banks without name-match coverage.
- Cache verified (account, IFSC, name) triples for 90 days to avoid re-charging per payout.
7. Name-match fuzzy logic
Returned names rarely match submitted names character-for-character. You
need fuzzy matching. Our reference scorer uses:
- Unicode normalisation + case folding
- Remove honorifics (MR, MS, DR, SHRI, SMT)
- Tokenise and allow word-order permutation
- Levenshtein distance < 2 for each token
- Score = matched_tokens / max(tokens_in_a, tokens_in_b)
A threshold of 0.7 empirically balances false-accept vs false-reject for
Indian names. Log the raw returned_name + computed score for every call to
enable post-hoc threshold tuning.
8. Compliance considerations
- Store only the hash of the account number in your logs; the plaintext belongs in encrypted storage only.
- Returned PII (names) counts as sensitive personal data under DPDP Act; apply purpose limitation + retention caps.
- For beneficiaries >₹50,000 / month aggregate, run a full KYC cycle — verification alone is not KYC.
9. Production checklist
- ☐ Tiered provider (UPI → Name-match → Penny-drop)
- ☐ 90-day verified-cache table
- ☐ Fuzzy-match scorer with tunable threshold
- ☐ Metrics: verification-success-rate by method, cost per verified-beneficiary
- ☐ Alert on name-match-score distribution shift (indicates provider regression)
- ☐ Monthly reconciliation of penny-drop ₹1 credits vs accounting ledger
Further reading
- UPI API Integration Guide
- Payout API RBI Compliance Checklist
- Webhook Security — HMAC Signatures
- KYC Verification API — Product Overview
About This Topic
This page is part of NxtBanking's documentation and product information for Indian fintech teams. NxtBanking provides Payout API, BBPS, AEPS, UPI Collection, KYC, DMT, Recharge, and Travel APIs — all available under one contract with a unified dashboard, sandbox environment, and dedicated technical support. Explore the API marketplace, commercial pillar pages, and developer guides linked from the main navigation. For a compliance-oriented walkthrough or architecture review, book a demo and our team will map your flows to the right rails.
Quick Answers
What makes a good fintech API integration?
A well-built fintech API integration covers: proper OAuth 2.0 authentication, idempotency keys on every write request, webhook HMAC signature verification, exponential-backoff retry logic for transient errors, and a status-query fallback for ambiguous outcomes. NxtBanking's sandbox environment lets you test all these scenarios before production.
How do I handle failed transactions in a payment API?
Categorise failures: (1) Hard failures (invalid account, KYC mismatch) — do not retry; notify user. (2) Transient failures (timeout, 5xx) — retry with idempotency key and exponential back-off. (3) Ambiguous (no response) — call the transaction status endpoint before retrying to avoid duplicate processing.
Is NxtBanking RBI-compliant for payment APIs?
Yes. NxtBanking operates through RBI-licensed partner banks for all payment services (IMPS, NEFT, RTGS, UPI) and is NPCI-certified for BBPS, AEPS, and UPI flows. All APIs follow RBI's Master Directions on payment aggregators, KYC, and PMLA obligations. We maintain audit logs, data localisation, and consent frameworks compliant with the DPDP Act 2023.
How does NxtBanking handle API downtime and failover?
NxtBanking uses a connected-banking architecture that links a single API credential to multiple RBI-licensed partner banks. When one bank's rails experience degradation or maintenance, the API automatically routes to the next available bank — with no code change required on the client side. This multi-bank failover is what delivers 99%+ transaction success rates and 99.9% API uptime SLA for enterprise clients.
What does it cost to integrate NxtBanking APIs?
NxtBanking offers pay-as-you-go pricing with no setup fees and no minimum commitment for most APIs. Typical pricing: IMPS/UPI payout ₹3–₹8 per transaction, NEFT ₹1–₹3, BBPS bill payment ₹0.50–₹3, AEPS cash withdrawal ₹2–₹5. Enterprise clients on committed volumes negotiate flat-rate pricing. Sandbox access is free and unlimited. Contact sales for a custom quote based on your expected transaction volume.
Key Terms
- API
- Application Programming Interface — a structured software interface that lets applications communicate with each other over the internet using defined endpoints, authentication, and data formats.
NxtBanking is India's AI-powered fintech API platform trusted by hundreds of fintechs, BC networks, NBFCs, and enterprise companies. Our unified API marketplace covers payout (IMPS, NEFT, RTGS, UPI), BBPS bill payment with 20,000+ billers, AEPS biometric banking, KYC and identity verification (Aadhaar, PAN, Bank, Driving Licence, Voter ID, RC), UPI collection and QR codes, domestic money transfer (DMT), mobile and DTH recharge, Micro-ATM, and travel APIs — all under one master agreement, one set of credentials, and one consolidated monthly invoice.
Every NxtBanking API is backed by a 99.9% uptime SLA, real-time webhook delivery, a full-featured sandbox environment with simulated error scenarios, comprehensive API documentation with Postman collections and code samples in multiple languages, and dedicated technical onboarding support. Production go-live for most APIs is achievable within 7–15 business days after KYC and compliance review. For enterprise clients requiring custom SLAs, dedicated infrastructure, or white-label platform builds, NxtBanking offers tailored commercial terms with no minimum volume commitment at the pilot stage.