X-Account-Id header.
Entries and keys
An entry is a Pix key registered to one of your accounts. The plugin resolves the underlying account and holder data from CRM, so you create entries by key type rather than supplying account details directly. Supported key types:
| Type | Value source |
|---|---|
CPF | Auto-derived from the CRM holder document (do not send key) |
CNPJ | Auto-derived from the CRM holder document (do not send key) |
EMAIL | Provided in the request (valid email, ≤ 77 chars) |
PHONE | Provided in the request (^\+[1-9]\d{1,14}$) |
EVP | Random UUID generated by the system (do not send key) |
/v1/dict/entries). Entry create/delete validate against active claims and the key/holder document consistency (for example, a CPF key must match the holder’s CPF).
The plugin does not validate keys with Receita Federal or perform MFA ownership checks — it assumes the client completed those before calling. See the integration guide for prerequisites.
GET /v1/dict/keys/{key}) resolve a key for payment purposes — returning the current owner and account so you can initiate a payment. Use the optional X-EndToEnd-Id header for payment tracking, and POST /v1/dict/keys/check to check existence in bulk. The plugin returns data as received from BTG; masking sensitive fields before display is the client’s responsibility.
Reference: Create entry · List · Retrieve · Update · Delete · Retrieve a key · Check keys
Claims: portability and ownership
A claim transfers a Pix key between institutions. There are two kinds:
- PORTABILITY — moves a key to another bank for the same holder. Allowed for
CPF,CNPJ,PHONE, andEMAIL. - OWNERSHIP — claims a key from a different person. Allowed only for
PHONE.
X-Account-Id; claimerParticipant and donorParticipant are set automatically by BTG.
Claim lifecycle
| Status | Meaning |
|---|---|
OPEN | Claim created; awaiting the donor’s acknowledgment |
WAITING_RESOLUTION | Donor acknowledged; resolution period running (D+7) |
CONFIRMED | Donor confirmed; key is blocked pending completion |
COMPLETED | Key transfer finalized |
CANCELLED | Cancelled by donor or claimer |
OPEN, WAITING_RESOLUTION, or CONFIRMED) the key is locked: new entries and deletes are blocked. During OPEN/WAITING_RESOLUTION the donor may still update account data and key queries return the donor’s data; once CONFIRMED, queries return “key not found” until the claim is COMPLETED or CANCELLED.
- PORTABILITY can complete immediately after confirmation.
- OWNERSHIP has a completion window —
resolutionPeriodEndis D+7 andcompletionPeriodEndis D+30.
Claim operations
| Operation | Role | Endpoint |
|---|---|---|
| Create | Claimer | POST /v1/dict/claims |
| Acknowledge | Donor | POST /v1/dict/claims/{id}/acknowledge |
| Confirm | Donor | POST /v1/dict/claims/{id}/confirm |
| Complete | Claimer | POST /v1/dict/claims/{id}/complete |
| Cancel | Donor or claimer | POST /v1/dict/claims/{id}/cancel |
Reconciliation (VSync)
Reconciliation keeps your local DICT data consistent with BACEN’s authoritative records. It is built on two concepts:
- CID (Content Identifier) — a 256-bit HMAC-SHA256 hash of an entry’s attributes (key type, key, owner, participant, branch, account, etc.).
- VSync — a single checksum formed by XOR-ing every CID of a key type. Because XOR is commutative, comparing your VSync to BTG/BACEN’s reveals whether your set of entries is in sync without exchanging every record.
- Manual / administrative API — operators trigger on-demand checks, download CID files, and investigate inconsistencies. Use Start full reconciliation and List reconciliation jobs.
- VSync worker — an automated background process that periodically compares internal entries against DICT and reconciles drift without user intervention.
Statistics
The Statistics domain exposes BACEN’s Pix risk and usage aggregates, letting you assess a counterparty before settling a payment. Both endpoints query the provider directly and do not store data locally, so treat every call as a fresh, real-time lookup. They are tagged under the MED API and require bearer authentication.
| Endpoint | Scope | Use it to |
|---|---|---|
GET /v1/dict/statistics/persons/{tax_id} | A person (CPF or CNPJ) | Assess a payer/payee across all their keys and accounts |
GET /v1/dict/statistics/keys/{key} | A single Pix key | Assess a specific key, plus its current owner |
Person statistics
Pass the tax ID (CPF or CNPJ) in the path. The response aggregates settlement data, fraud markers, infraction reports, and entry information over three rolling windows: d90 (last 90 days), m12 (last 12 months), and m60 (last 60 months).Key statistics
Pass the Pix key in the path. The response returns both key-level statistics (data tied to the key as an entity, independent of its current owner) and owner-level statistics (equivalent to the person statistics for the key’s current owner) in a single call.Use key statistics when you are about to pay a specific key, and person statistics for a broader counterparty risk view. Because neither is persisted, cache responsibly on your side if you need to reuse the result within a request flow.
Fraud markers and MED 1.0
DICT also exposes BACEN’s MED (Mecanismo Especial de Devolução) fraud-prevention tools. Fraud markers flag a key or account as associated with fraud; you can create and cancel them (fraud types:
APPLICATION_FRAUD, MULE_ACCOUNT, SCAMMER_ACCOUNT, OTHER). Related infraction reports and refund requests drive the MED 1.0 dispute workflow.
Reference: Create a fraud marker · Cancel a fraud marker · List fraud markers
Infraction reports
An infraction report notifies the counterparty PSP that a transaction is disputed as fraud. It can only be opened within 90 days of the transaction date, and follows a create → acknowledge → close/cancel lifecycle:| Step | Role | Endpoint |
|---|---|---|
| Create | Reporter (payer’s PSP) | POST /v1/dict/infraction-reports |
| Acknowledge | Counterparty PSP | POST /v1/dict/infraction-reports/{id}/acknowledge |
| Close | Payee’s/payer’s PSP | POST /v1/dict/infraction-reports/{id}/close |
| Cancel | Reporter | POST /v1/dict/infraction-reports/{id}/cancel |
- Create — open the report against the disputed end-to-end ID, e.g.
reason: REFUND_REQUEST,situationType: SCAM. - Acknowledge — the receiving PSP confirms it has received the report.
- Close — the responding PSP submits its analysis result (for example
TOTALLY_ACCEPTED) within 7 days.REFUND_REQUESTinfractions are closed by the payee’s PSP;REFUND_CANCELLEDinfractions by the payer’s PSP. Once closed, the report is immutable. - Cancel — the reporter withdraws a report it opened.
Refund requests
A refund request is the MED 1.0 mechanism to ask the counterparty PSP to return disputed funds. It mirrors the same create → acknowledge → close/cancel lifecycle:| Step | Endpoint |
|---|---|
| Create | POST /v1/dict/refund-requests |
| Retrieve / List | GET /v1/dict/refund-requests/{id} · GET /v1/dict/refund-requests |
| Close | POST /v1/dict/refund-requests/{id}/close |
| Cancel | POST /v1/dict/refund-requests/{id}/cancel |
Next steps
- QR Codes — Generating QR Codes on registered keys
- Webhooks — Claim, infraction, and refund notifications
- Integration — DICT reconciliation and worker configuration

