Banking aggregation (Brazil)
With Belvo's Open Finance Data Aggregation (OFDA) product for Brazil, you have access to Brazil's open finance network which provides standardized and improved data points.
In this introduction, we provide you a high-level overview of:
- What information you can retrieve using our OFDA product
- The relationship between a consent and a link
- How to get consent from a user
- How to get data about your user
- How often you can get data about your user
- How to allow your user to manage their consents
What data can you get?
With our OFDA product, you can get the following banking data about your user:
Owner
Information regarding the owner of the bank account, such as their name, contact information, identity documents, and more. For a detailed breakdown of all the fields that are available for this resource, check out our dedicated guides:
Account
Information regarding the accounts the user has at a given institution, along with balance, overdraft, loan, and credit card information. For a detailed breakdown of all the fields that are available for this resource, check out our dedicated Account (OFDA) Data guide.
Transaction
Transactional information, including the transaction date, value, description, and much more. For a detailed breakdown of all the fields that are available for this resource, check out our dedicated Transaction (OFDA) Data guide.
Bill
For each credit card account that the user has, you can also extract the credit card bill information on a monthly basis. For a detailed breakdown of all the fields that are available for this resource, check out our dedicated Bill (OFDA) Data guide.
Consents and Links
In OFDA, the concept of consent and link are very important:
- A consent represents your user's agreement to share their Open Finance data from a given institution with your application. This term is standardized within Brazil's Open Finance Network. Only users can manage their consents, meaning they are the ones who can renew or revoke this permission.
- A link is Belvo's internal representation of a user. After a user provides their consent, Belvo creates a link, which you can use to access the user's data.
For each consent that is established, a corresponding link is created, resulting in a one-to-one relationship. While only the user can manage their consent (for example, to renew or revoke it), you have the ability to delete the link.
When you delete a link (and all the associated data from Belvo's system), Belvo permanently disconnects the link from the consent. This action is irreversible, meaning that the connection between the user's data and your application is permanently severed. For instance, if a user decides to stop using your application and you delete their link as part of the offboarding process, all data associated with that user will be removed from Belvo. However, the original consent remains intact and the user must revoke it themselves using the My Belvo Portal.
If your user decides to return to your application, they will need to grant their consent again, leading to the creation of a new link. When the user reviews their consents in the My Belvo Portal (MBP), they will see that they have granted consent to your application multiple times.
How do users give consent?
To get consent from your user to access their data, they need to provide this in their institution. Belvo has created an Open-Finance compliant widget that you can easily add within your application that will guide your user in the consent-granting process.
In the diagram below, you can see a high-level flow of how Belvo should be used in your application:
- Inside your application, prompt your user to connect their bank account.
Note: Your application will need to have received the user's CPF (or CNPJ) and full name for the consent granting purpose. - Using their provided data, start the Belvo Hosted Widget inside your application.
The Belvo Hosted Widget guides your user through all the steps to grant your application consent to access their data. This includes: choosing the institution they want to give you access to read data from, what information they will share with your application, redirecting to their institution to confirm the data sharing, and finally, redirecting back to the widget in your application. - User grants consent within their institution.
After the user grants their consent in their institution, they are redirected back to the Belvo Hosted Widget. - User redirected to your application
In the widget, the user clicks Finalize and are redirected to a given page within your application.
As soon as your user grants their consent and a link is created, Belvo automatically retrieves the last 12 months of Account, Owner, Transaction, and Credit Card Bill information for the user.
For details on how to set up the hosted widget within your application to get user consent to access their data, see our dedicated Extract Banking Data in Brazil (API with Hosted Widget) guide.
How do you get user data?
As mentioned, as soon as the consent granting process is completed, Belvo automatically retrieves the last 12 months of Account, Owner, Transaction, and Credit Card Bill information for the user. Once Belvo has retrieved all the information, you will receive a webhook notification indicating that the information is ready to be retrieved. Below you can see a simplified flow of how this works:
For details on how to get user data once your receive a webhook, see our dedicated Extract Banking Data in Brazil (API with Hosted Widget) guide.
How often can you get user data?
When generating consent and creating the link, Belvo already consumes one operational limit of Owners, Accounts, Transactions, and Bills (to retrieve the historical data for your user). However, Belvo has implemented certain internal mechanisms to optimize the data retrieval limits. For more information, please see our dedicated Open Finance Network Limits (Brazil) article.
Brazil's Open Finance Network sets monthly limits regarding how often you can retrieve data for a specific person or business. These operational limits are linked to a combination of:
- the user’s CPF or CNPJ
- the API data you want to get (Owner, Account, Transaction, or Bill)
- the Open Finance network certificate
Once the monthly operational limit of API calls is reached, no more information can be retrieved for the CPF/CNPJ until the start of the next calendar month. However, Belvo has implemented optimizations to maximize the amount of data you can retrieve for your users according to your data needs. For more information, please see our dedicated Open Finance Network Limits (Brazil) article.
The limits are outlined in the table below:
Belvo API Resource (POST calls) | Open Finance Operation Limit |
---|---|
Owners | 4 retrievals per CPF/CNPJ |
Accounts | 4 retrievals calls per CPF/CNPJ Note: Balance and overdraft limit information can be updated up to 240 times per CPF/CNPJ |
Transactions (up to 365 days from the moment of the request) | 4 retrievals per CPF/CNPJ |
Transactions (less than 6 days from the moment of the request) | 240 retrievals per CPF/CNPJ |
Managing consents
According to Open Finance regulations, your users must have an easy-to-access way of managing their consents within your application or website.
Belvo has created the My Belvo Portal (MBP) that allows users to manage their consents in a simple and straightforward way, meeting all the requirements of the regulations.
In your application, you must include a clearly visible link to the MBP for your users to manage their consents.
The MBP can be set up in three different ways:
- Public MBP
On Belvo's website, we host a universal instance of the MBP that any user can use to manage their consents. This instance consolidates all the consents they have granted using Belvo's OFDA product. You simply need to redirect your user tohttps://meuportal.belvo.com/?mode=landing
, where they can input their details. Your user will be able to see all the consents they’ve granted using Belvo (including other applications using Belvo to extract data from Brazil's Open Finance Network). - Customized MBP
You can customize the MBP to display only the consents that your user has granted your application, making it easier for them to manage the consents. - Consent Renewal Mode
The MBP can also be used to renew an expired consent. Belvo will send you a webhook when one of your user's consent's has expired.
For details on how to set up the My Belvo Portal in your application, see our dedicated My Belvo Portal (OFDA) guide.
Updated 4 months ago