AnnouncementsIf you are a client of KeyBank APIs, look here to stay up to date on the latest changes, enhancements, and required maintenance tasks.These announcements are for information purposes only. If you have specific questions or concerns, please reach out to your Technical Account Manager.April 2026New refactored API - Check ServicesThe Check Services API is the modern, strategic way to manage check‑related functionality at KeyBank. It consolidates stop payments and check image retrieval into a single, commercial‑focused API with consistent endpoints, data formats, and standardized error handling. The legacy Stop Payment and Check Image APIs remain available for existing integrations.Simplified codes for Account ValidationThe Account Validation API now returns a simplified set of condition codes and streamlined primary status messaging. This update reduces response complexity while preserving existing validation logic, making results easier to interpret and integrate. No changes were made to endpoints or request schemas.Go to the Account Validation User Guide to view the current condition and primary status codes.International wire transfers now supportedThe Wire Transfer API and Wire Inquiry API now support international wire transactions, enabling you to send and track payments to beneficiaries outside the United States and its territories.With this enhancement, you can:Send wire payments to international beneficiary banks, expanding your global payment reach.Identify beneficiary banks using global bank identifiers, such as BIC.Initiate and report on international wires in USD (USD-only support at this time).Retrieve beneficiary bank details when reporting on wire transactions.This update allows you to use the same APIs you rely on today while extending wire capabilities to international destinations.DigiCert changes for mTLS certificatesTo improve security with mTLS certification, DigiCert is removing the Client Authentication Extended Key Usage (EKU) from its public TLS certificates and moving to the Public Key Infrastructure (PKI). This change aligns with Google Chrome’s root program requirements, which mandate dedicated TLS hierarchies for better security and interoperability.To view the details and specifications from DigiCert, see Sunsetting Client Authentication EKU from DigiCert Public TLS Certificates. What do I need to doIf you use DigiCert mTLS certificates, you must transition to DigiCert's X9 PKI and set up a private PKI for internal authentication needs. We recommend reviewing your certificate enrollment settings now and proactively setting up your DigiCert certification.Deadline AwarenessOctober 1, 2025: DigiCert stops adding Client Authentication EKU by default.March 1, 2027: Client Authentication EKU removed from all new, renewed, or reissued public TLS certificates.