April 30, 2019

April 2019 Release Notes

Envestnet | Yodlee

The Envestnet®|Yodlee® April 2019 release includes the following major enhancements and incremental improvements:

Yodlee APIs - New Features/Enhancements

 

New Account Types Support
  • Pension and SBLOC (securities backed line of credit) are the two new account types added to the Yodlee Platform.
  • Pension accounts are popular retirement accounts in the UK, and customers can benefit from looking at their complete financial picture with the support of this account type in the investment container.
  • SBLOC accounts will be made available for the United States in the investment container. These account types are popular with big investment firms where securities are used as collateral to extend a line of credit.
  • Yodlee APIs 1.1 and 1.0 have been enhanced to provide the new account types: PENSION and SBLOC
  • Contact Yodlee Customer Care if you want to use these account types

 

New Data Elements for Student Loan Accounts
  • The Yodlee Platform has been enhanced to aggregate following data for student loan accounts:
    • loanStatus
    • repaymentPlanType
    • guarantor
    • lender
    The following Yodlee APIs 1.1 have been enhanced to provide the data for student loan accounts:
    • GET /accounts
    • GET /accounts/{accountId}
    • GET /dataExtracts/userData

 

Insurance Coverage Data
  • The Yodlee Platform has been enhanced to aggregate insurance coverage data for superannuation, life insurance, and health insurance accounts.
  • Coverage data will help the customers like banks and fintech institutions to provide risk coverage-focused solutions.
  • A coverage dataset attribute has been introduced and is applied to insurance and investment accounts.
  • Yodlee APIs 1.1 have been enhanced to provide coverage-related data for superannuation, life insurance, and health insurance accounts.
  • Contact Yodlee Customer Care if you want to subscribe for this dataset

 

Matching Verification
  • Matching verification service has been enhanced to provide clear communication on the reasons for verification failure
  • The matching service now excludes special characters while performing the matching verification
  • Enhanced the matching service to check for the availability of a full account number before initiating the service; the matching service fails if it isn’t available
  • The matching service now checks for the availability of the bank transfer code based on the configuration before initiating the service; the matching service fails if it isn’t available. Reasons for matching service failure have been added:
Reason Description
FULL_ACCOUNT_NUMBER_AND_BANK_TRANSFER_CODE_NOT_AVAILABLE The account verification process has failed because the full account number and bank transfer code are not available.
FULL_ACCOUNT_NUMBER_NOT _AVAILABLE The account verification process has failed because the full account number is not available.
BANK_TRANSFER_CODE_NOT_ AVAILABLE The account verification process has failed because the bank transfer code is not available.

 

CDV Changes

We have changed the error messages for the following CDV-related API error codes:

Existing Message New Message
Y839=Challenge deposit verification is already in progress. Y839= Financial instructions were not yet sent for the target account
Y837=Account has been verified already. Y837=This account has already completed the verification process

 

Support Customer Aggregating Transactions for Different Durations
  • Yodlee Platform 1.1 has been enhanced to fetch the required number of transactions during the add provider account and also during subsequent refreshes of the account.
  • Yodlee APIs 1.1 POST providerAccounts and PUT providerAccounts have been enhanced to accept transaction duration. For example, if a customer needs to retrieve 90 or 180 days of transactions for different sets of users, they can do the same by passing the required input.

 

Segmentation in Yodlee APIs v1.1
  • Segmentation lets you offer Yodlee features for different sets of users. Examples: Small business categorization, asset classification, configuration of popular sites, turning on/off data extracts, premium custom features. for different set of users.
  • The support for grouping users into segments has been introduced in the Yodlee APIs v1.1. Creating segments and turning the features on or off has to be enacted by Yodlee Professional Services.

 

New Transaction Masking Logic in Yodlee APIs v1.1

Yodlee has introduced new transaction masking logic. This enhanced logic masks only credit card numbers and SSN numbers. It provides other numbers like reference numbers, non-credit card numbers, etc., in clear text. This feature is not turned on by default. Contact the Yodlee Customer Service team to turn this on.

 

Enabling/Disabling Auto-refreshes and Notifications for Provider Accounts
  • During adding and updating accounts, you now have the flexibility to turn on/off auto-refreshes and data extract notifications for a providerAccount.
  • While invoking the add account (POST providerAccounts) and update account (PUT providerAccounts) endpoints, you can disable auto refresh and data extract notifications for that provider account. Unless and until you turn it on, auto refresh and data extract notifications will not be performed for that provider account. Note that enabling and disabling the preferences using the PUT providerAccounts endpoint will trigger refreshes.
  • You have an option to change the preferences without triggering a refresh to the provider site through the following new endpoint:
    • PUT providerAccounts/{providerIdAccountId}/preferences

 

No Access to Passwords and Answers Through APIs

Yodlee has come to believe there is no valid use case for accessing passwords via APIs. Accessing credentials via APIs is also considered risky. As part of our continuous efforts to improve security, the APIs that have been providing passwords or answers will no longer provide them. Refer to Appendix A to learn about the impacted APIs.
In the response of GET providerAccounts/{providerAccountId}?include=questions, a new attribute isValueProvided will be returned in the login form for question and answer sites.
You can make use of this field during the edit credentials or answers flow:

  • If the value is true, it indicates that you do not need to force your users to enter the answer for the security question.
  • If the value is false, it indicates that you should force your user to enter the answer for the security question.

 

Consistent Response Attributes

We have enhanced the following set Yodlee APIs 1.0 and 1.1 to provide the same set of attributes for accounts to simplify developer implementations:
     GET accounts
     GET accounts/{accountId}
     GET dataExtracts/userData
Refer to Appendix B to learn about the newly introduced attributes.

 

Other Liabilities, Other Assets, and Real Estate Manual Account Support

Add manual account and update manual account APIs have been enhanced to support the addition and update of other assets, other liabilities, and manual valuation based real estate accounts.

 

Yodlee APIs 1.1 - Important Notes

A new enum value ALLOW_UPDATE_WITH_CREDENTIALS is available for the updateEligibility attribute the accounts and providerAccounts entity provided in the response of GET accounts and GET providerAccounts respectively. This status directs the user to edit the credentials.

 

Yodlee APIs 1.1 - Bug Fixes
Issue Fix Details
Links are not provided for the last set of responses for a few APIs that support pagination. Link will be provided for the last set of responses of the following API endpoints:
GET transactions
GET dataExtracts/userData
GET historicalBalances
GET networth
For REFRESH Webhooks, the additional status of a providerAccount has been provided as “NOT AVAILABLE” for the USER_INPUT_REQUIRED event. This is not a valid additional status. Additional status will not be provided for this event, similar to the polling API.

Yodlee FastLink - New Features/Enhancements

 

Revoke for Open Banking Implementations

When a user deletes his/her Open Banking supported account from the Yodlee ecosystem, the revoke request for that account is sent to the bank. The bank is asked not to send any further account information to Yodlee. On calling an API from the bank, the token and associated access privileges shall be removed completely. On a successful communication to the bank, all the historical data relevant to the account stored with Yodlee will also be deleted.

 

Support for Different Classes of Site Popularity
  • The elastic search has been enhanced to support new classes of site popularity like customer specific site aggregations. The default criteria provided to the customers is still based on network popularity, so that for any new customer we can still returnthe popular sites in their region.
  • Cobrand-specific site popularity is now supported.

 

Open Banking Consent Management Dashboard in API 1.1

Consent dashboard that helps user to manage the permission provided to share data across different Open Banking API support banks are now available as an API service through API 1.1. The consent management dashboard allows the user to renew, modify, and revoke the permission shared with each of the Open Banking supported banks. This was previously available as a pluggable widget.

 

Appendix A: No Passwords - Impacted APIs
SOAP APIs

 

/yodsoap/services/ItemManagementService_{wsdlversion}/getCredentialsForItem
/yodsoap/services/ItemManagementService_{wsdlversion}/getLoginFormCredentialsForItem
/yodsoap/services/ SiteAccountManagementService_{wsdlversion}/getSiteAccountCredentials
Legacy REST APIs ItemManagement/getCredentialsForItem?itemId={{itemId}}
ItemManagement/getLoginFormCredentialsForItem?itemId={{itemId}}
SiteAccountManagement/getSiteAccountCredentials?memSiteAccId={{memsiteaccid}}
Yodlee APIs v1.0 GET /v1/providers/providerAccounts/{providerAccountId}?include=credentials
GET /v1/providerAccounts/{providerAccountId}?include=credentials
GET /v1/providers/{providerId}&providerAccountId={providerAccountId}
Yodlee APIs v1.1 GET /providerAccounts/{providerAccountId}?include=credentials,questionAndAnswer

 


>Note: In Yodlee APIs v1.1, answers for the security questions and passwords will not be provided.

 

Appendix B: New Attributes in Yodlee APIs
Endpoint New Attributes
GET accounts/{accountId} Account Entity (insurance container)
policyTerm
GET dataExtracts/userData Account Entity(bank container)
annualPercentageYield
overDraftLimit

Account Entity (loan container)
interestPaidYTD
interestPaidLastYear
collateral

Account Entity (insurance container)
premium
remainingBalance
policyEffectiveDate
policyFromDate
policyToDate
deathBenefit
policyTerm
policyStatus
premiumPaymentTerm
GET accounts Account Entity(bank container)
maturityAmount
classification

Account Entity(Credit Card container)
apr
lastPaymentDate lastPaymentAmount
classification
runningBalance

Account Entity(Bill Container)
lastPaymentDate
lastPaymentAmount

Account Entity(Insurance Container)
expirationDate
lastPaymentDate
lastPaymentAmount
faceAmount

Account Entity (Investment Container)
lastEmployeeContributionAmount
lastEmployeeContributionDate
availableLoan
401kLoan
classification
moneyMarketBalance
totalUnvestedBalance
totalVestedBalance

Account Entity (Reward Container)
classification
enrollmentDate currentLevel
nextLevel

Account Entity (Loan Container)
lastPaymentDate
lastPaymentAmount
escrowBalance
principalBalance
recurringPayment
totalCreditLimit
classification