Skip to main content

Help us improve the Digital Marketplace - send your feedback

Mintly Ltd

Sort Code and Bank Account Validation

Mintly provides a SaaS cloud based API for validation of sort codes, bank account numbers, International Bank Account Numbers (IBAN) and SWIFT Branch Identifier Codes (BIC).
The services can be accessed via web portal or API.

Features

  • Instant validation via web portal, API or Zapier app
  • Industry standard security
  • OpenAPI 3.0 standards
  • RESTful API with comprehensive documentation
  • Team access to secure web portal
  • Confirm the validity of account details at point of entry
  • Helps comply with regulatory requirements, legislation and best practice

Benefits

  • Ensure bank accounts are valid
  • Enable teams to access one account
  • Flexible monthly usage-based billing
  • Reduces time spent checking payees accounts
  • Increased Direct Debit success rate
  • Reduces failed payments
  • Increases payment success rates
  • Help mitigate fraud and risk
  • More confidence when making Direct Debits & Faster Payments

Pricing

£96 a licence a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stephen@mintly.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

9 1 3 9 7 7 6 6 0 7 9 7 7 0 5

Contact

Mintly Ltd Stephen Hughes
Telephone: 0330 043 2274
Email: stephen@mintly.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
None
System requirements
Modern web browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
2 hours in office hours (9am-5pm)
48 hours on weekends
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
Customers get comprehensive support to use our web services and APIs. Our documentation is designed to help users operate and integrate our API in a self-service manner.
Custom API Integration support can be provided at £400 per day.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We have a getting started guide, with full API documentation. We also have demonstration videos and tutorials explaining the use of our web portal.
Onsite training can be provided if needed.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
Users can contact our support team.
End-of-contract process
At end of contract, the API and web portal access ends. User data is deleted.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None
Service interface
Yes
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
Web portal with access to account checking tools, monitoring charts and account/team management interface.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
Testing with compliance tools
API
Yes
What users can and can't do using the API
Users can use our API to send sort codes, account numbers, IBAN and BIC to confirm their validity. Our API returns the valid status, the bank branch details and the supported payment types of the branch.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
Full cloud-managed auto-scaling.

Analytics

Service usage metrics
Yes
Metrics types
Users can access daily, and monthly statistics for their API usage.
Data is presented in a bar chart, with breakdown for successful and invalid accounts.
Reporting types
Real-time dashboards

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
When using our web portal to validate multiple accounts, the results can be exported.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
We have a 99.95% guaranteed uptime for our website and API.
Users can be refunded with credit on their accounts.
Approach to resilience
Available on request.
Outage reporting
Service outages reported to users on dashboards.
Any prolonged outage communicated via email.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Staff do not have access to user accounts.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
An Information Security policy is in place to ensure that best practices are followed, including 2FA, reducing access to data to those who need access and at-rest and in-transit encryption of data.
Information security policies and processes
Mintly has a detailed information security policy so that processes are followed. The policy covers reporting processes and process for information security breaches. Further details available on request.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All software changes are managed using agile development techniques, and testing performed in staging environments prior to release into production. Security impact is assessed during development and mitigation put in place as required.
Vulnerability management type
Undisclosed
Vulnerability management approach
Threats are assessed with a risk matrix, and mitigation put in place. Threats are monitored regularly (monthly at least) and any new threads added to the register.
Patches can be deployed within hours if new vulnerabilities found.
Information on threats comes from a variety of sources, including monitoring channels for new security threats.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Automated monitoring and alarms can provide identification for compromises. Responses can vary, from updating rules on our firewall to (in extreme cases) shutting down services. Speed of response can be a little as 5 minutes in the case of automated alarms notifying us of issues.
Incident management type
Supplier-defined controls
Incident management approach
Our IM plan covers four areas: command, control, coordination and communication. This helps to determine the actions, who is responsible and how the response is managed.
Users report incidents via our support email.
Incident reports can be provided direct to users via email.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Wellbeing

Fighting climate change

Mintly monitors it's carbon footprint and is working to achieve carbon neutral status. Currently all our office locations use 100% renewable energy. Our cloud resources are monitored for carbon usage and we offset our usage by working with partners who plant trees to offset our usage.

Our technology has been designed to use minimal energy: our servers operate when they need to and we operate an "on-demand" approach to cloud services where we can so that our energy usage is kept to a minimum. As demand for our service grows we aim to keep this on demand model to ensure a carbon efficient service.

We avoid travelling to meet clients and adopt video conferencing technology to eliminate the need to travel.

Covid-19 recovery

Mintly supported is customers and clients throughout the Covid-19 pandemic and recovery. We use our knowledge and data to support our customers.

Mintly was founded during the Covid-19 recovery period and as a result we have a home-working policy for all employees.

Tackling economic inequality

We help businesses, charities and educational institutions of all sizes, throughout the UK and around the world. We aim to provide all our customers with an excellent service no matter what industry they operate in. By providing bank account and sort code validation services, all our clients can ensure that their customers accounts are valid. Our mission is that we have a positive impact on the world, and that includes tackling economic inequality.

Wellbeing

Wellbeing is a critical part of our business. We ensure all staff have support when they need it. All employees have access to wellbeing support apps and time off for wellbeing days.

We understand our role in providing accurate and up-to-date information to our clients, so that their process and procedures are stress free. Our systems have been designed to be easy to use and setup and reduce workplace stress and fatigue for both our employees and clients.

Pricing

Price
£96 a licence a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
14 day free trial, which includes a limited number of checks. Full API and web portal functionality provided.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stephen@mintly.uk. Tell them what format you need. It will help if you say what assistive technology you use.