API change: Carrier-ACH-restriction

Document status: Done

Prepared by: @Bekzod Akhmuratov @Rustam Akhmetov

This document outlines upcoming security enhancements to how carrier banking (ACH) information is handled within our Public API. To prioritize data privacy and reduce fraud risk, we are introducing Conditional ACH Masking.

1. Overview of the Change

To protect sensitive financial data, carrier ACH details (routing numbers, account numbers, and voided checks) will now be masked by default.

Full access to unmasked data will only be granted to authorized users with a documented, immediate business need (e.g., processing a recent payment).

Why are we doing this?

Enhanced Security: Reducing the visibility of sensitive data limits the risk of unauthorized use or fraud.
Data Minimization: Ensuring that sensitive financial details are only available when and where they are actually needed for payment execution.

2. Access Requirements

For a user to view unmasked ACH details, the following three conditions must be met simultaneously:

Condition	Requirement
1. Recent Activity	The carrier must have a load delivered, invoiced, or paid within the last 30 days.
2. Payment Method	The specific order must be designated for one of: ACH, Direct Deposit, or Other.
3. User Role	The requesting user must have an Admin or Accountant role.

If any of these conditions are not met, the API will return masked values. API doc

3. Technical API Changes

Field Masking Logic

When access is restricted, fields will behave as follows: