Industry-leading check deposit underwriting API to help you control mobile deposit losses and expand customer access

How it Works:

  • Send predictive customer and check transaction attributes via API
  • Receive near-real-time transactional risk scores correlated to a variable deposit hold time
  • Optimize check acceptance rates with in-line, 24x7 risk center review to validate low-confidence OCR data, supported by asynchronous webhook response
  • Provide periodic check return data by flat file to tune and optimize risk decisioning algorithms

Built-in Features:

  • Intelligent deposit risk decisioning automation featuring custom modeling and predictive risk analytics, vast experiential data, and a host of purpose-built fraud mitigation tools and techniques to control deposit losses
  • Informed by network-wide attributes associated with known fraud actors: customer identity, physical address, email address, mobile number, device and geo-location
  • Augmented by network-wide data on high-risk check makers
  • Cleared through a network-wide duplicate exchange database to reduce duplicate deposit risk
  • Backed by optional risk center and fraud investigator support to provide enhanced underwriting anytime, day or night

References & Definitions:

  • Address Standardization is the process of formatting an address so that it matches the proper address format of the national postal authority. The USPS determines the official format for addresses in the United States.

  • An Address Format is a set of specific rules outlined by a country’s postal authority that designate casing, punctuations, abbreviations and proper ordering of address components for shipping purposes. Publication 28 is the 200 page address formatting guideline published by the USPS for the United States.

API Versioning

The current API version is “1”.

The API supports 2 API versioning strategies.

  • Version Request Header
  • Query String Version parameter

The value of the header key or the query string parameter key to use is apiVersion.

API Access


API requests must be performed using a secure transport layer over Https with a minimum TLS version of 1.2.


All API activity will be sanitized, recorded and retained as per Ingo’s data retention strategy.

Allowed IP configuration

The API’s are designed for machine to machine communication and are restricted by adding our partners IP addresses to an “Allowed List” of IP addresses.

A single IP, multiple IP’s or range of IP’s can be added to the list.

Credentials Provisioning

The Client Id and Client Secret will be provisioned by Ingo Client Services and provided via a PGP encrypted file format.

We will need a Public Key from a client to encrypt the credentials.