Verifying a Vendor account in the product's name

For a Vendor to offer a web app, their app must first log in to the vendor's own account via https://identitysso.betfair.com/api/login to receive a token. That token is then used to log in a User on the users' behalf via https://api.betfair.com/exchange/account/rest/v1.0/token/

I'm trying to get a new Betfair account verified solely for use with a Vendor Web App but not getting very far. Can anyone help 'square this circle'?

- My own Betfair account is "funded and verified", but I don't want to use it as the Vendor account for the web app because a) it will mean putting my password in the source code; b) I will have to disable 2-factor authentication; and c) I use it for general betting, so either 'a' or 'b' is a security risk.
- On the advice of the Betfair Developer Program I've set up a new account in the name of the product but the Verification Team won't verify the account because I don't have any ID that states my name 'Acme Webapp'
- You can't just put the token in the source code because it eventually expires and would need regular manual intervention to stop the entire app falling over.

About the only thing I can think of doing so far is to set up an account in the other half's name and use it only for the web app / no betting but that seems a little dubious. Anyone got any better ideas?