Skip to Main Content
Get in touch
Get in touch

Consumer identity

Bango Payments > For Merchants > Consumer identity

Verifying an identity

To obtain a unique identifier to use for a payment – a payment instrument token – a merchant uses the Identity Verification API provided by the Bango Payments product.

Here’s an overview of how it works:

  1. Aussie Apps creates an identity verification session
  2. Aussie Apps starts an identity verification flow for this session
    1. There are different types of flows, suitable for different verification scenarios. Most flows involve interactions between the merchant, the Bango Platform, and the payment provider (often a mobile operator) associated with the device
  3. Aussie Apps progresses the flow according to the rules of the flow, which might also involve steps by the payment provider
    1. For example, with a Redirect flow future, Aussie Apps sends the consumer to OgnabTel’s portal, where they log in. OgnabTel then confirms to the Bango Platform that it has successfully identified them
  4. Once OgnabTel and Aussie Apps agree that the consumer’s identity has been verified, the Bango Platform generates a payment instrument token
  5. Aussie Apps extracts the payment instrument token from the identity verification session
  6. Aussie Apps can now use the payment instrument token to process a payment

You can think of this payment instrument token as representing “Consumer @ Aussie Apps using their phone @ OgnabTel”

A payment instrument token is a globally unique, unguessable identifier (UUID v4) that identifies:

  • The consumer who wants to make the purchase
  • The merchant that wants to process the payment
  • The payment provider that will place the charge
  • The billable account on which the charge will appear

The end user making the purchase is not directly tied to the billable account. This means they could also use another phone to make a payment – with their permission – as well as their own, on the Aussie Apps site. The Bango Platform would assign one payment instrument token for Consumer using their own phone, and another payment instrument token for the same consumer using a second phone.

Only the merchant associated with the payment instrument token may use it to process a payment. If another merchant tries to use that payment instrument token, it receives an error.