GiroIdent integrates multiple SCHUFA services. SCHUFA traditionally provides information, rather than decisions.

An application, that integrated GiroIdent, will have to implement a decision logic based on the customers' needs. The following sections provide best practice proposals on how to implement the decision logic.

What is a Successful Check?

Input values (example) and possible results for the positive and negative verdict(s).

GiroIdent Basis

Recommendation for a check to be considered as successful:

  • status = COMPLETED

  • name-equality = true

GiroIdent Plus

Recommendation for a check to be considered as successful:

  • status = COMPLETED

  • name-equality = true

  • schufa-identity-check != 0.0

GiroIdent GwG

Recommendation for a check to be considered as successful:

  • status = COMPLETED

  • name-equality = true

  • gi-iban-verification-score = true

and either

  • schufa-bank-account-check-plus-iban-p = p01

  • schufa-bank-account-check-plus-iban-s = s01

or

  • schufa-identity-check != 0

  • schufa-proven-identity = true

When to give the User the Option to Retry the Check

Humans are prone to errors; the user may enter faulty data during the identity check process, like

  • misspelt names, addresses, ZIP codes,

  • wrong banking credentials,

  • invalid second-factor code,

  • use a login to a bank, where he has no checking account.

As a consequence, either the bank login may fail, or one of the SCHUFA services may return a result, that is not acceptable.

Failures in the bank login process are indicated to the user by the finAPI web form, potential issues have a wide variety, thus GiroIdent does not return error codes, but only an error string for debugging purposes - not intended to be shown to the user, as he is informed via web form GUI.

After successful login, the name validation will be performed, additionally, the result of the SCHUFA services is gathered. GiroIdent does not disclose personal information, therefore details or hints related to which information is not accepted will not be provided on the API / to the user.

We recommend for your application allow the user (at least) one more attempt. It should the user’s choice to retry, as he received human-readable information either on the finAPI web form or on his bank's login page in case of a redirect. There are no reasonably suitable or meaningful criteria to conditionally allow such an attempt.

Understanding Error Messages

As mentioned above, the error message returned by the GiroIdent API is only debugging information, no application logic shall be implemented based on it, and it shall not be printed on the UI.

Some typical error messages are:

  • if the user has not finished the web form, the message may contain error codes like INTERRUPTED, EXPIRED, or ABORTED,

  • if the user has entered wrong credentials or a wrong TAN, the code BANK_SERVER_REJECTION,

  • other errors (and codes) are technical errors, related due to the wrong configuration (typically during integration) or temporary issues of a web service at finAPI, SCHUFA or bank side.