Send a payment initiation request !
➤ Context
This call is used to send to the account-holding bank (ASPSP) of a customer (PAO) a request for payment initiation in order to debit the PAO account and to credit the account of the payment service user (PSU) for which the Payment Service Provider (PISP) is connected.
For the time being, the initiation of single payment in euros is only accepted in our treatments. When submitting the request and if all the fields are correctly formatted, a response (HTPP 201) will be returned.
This response will contain the resourceID of the payment initiation request, as well as the SCA Redirect authentication mode (sole mode available), the consent URL depending on the payer's bank (urlconsent_approval_URL ) and nonce.
➤ Prerequisites
In order to process this request it's needed to fill the eligibility (see "Eligibility" use case), and to get the OAUTH2 access token (see "Retrieve your access token" use case).
➤ Request
The entry point depends on the bank code <bkcode>.
You need to insert the same <bkcode> parameter as the one used for requesting the access token.
As a reminder, the list of our banking institutions and the possible values of <bkcode> are specified in the "Limits" use case.
For example, the url to be used to access to a PSU from the Banque Palatine is :
➤ Mandated parameters
Body structure and mandatory fields are described in the STET standard.
The parameters below must be setup at the following values :
- serviceLevel => "SEPA"
- currency => "EUR" => NO international currency transfers are available
- requestedExecutionDate => shall be greater than transaction date and can't be a week-end, a bank holiday or Target 2 closing day for SCT CORE payments (see calendar on https://www.ecb.europa.eu/paym/target/target2/profuse/calendar/html/index.en.htm)
- For immediate SCT, il will be transformed to the next opening day
- For recurring payment, the first occurrence shall not be the same day, or over 30 days
- numberOfTransactions => "1" for single payment initiation (incl'd for recurring ones)
- remittanceInformation shall integrate "unstructured" tag e.g. "remittanceInformation" : { "unstructured" : [ "test " ] }
- executionRule => ignored for SCT CORE immediate and differed. For recurring payments, the only accepted value is "FWNG" (report to the next following day"). The execution date shall be accepted by the ASPSP (see requestedExecutionDate above)
- localInstrument shall be setup at « INST » only for SEPA Instant Payment (SCT Inst) :
- fees can apply depending on ASPSP and customer segment
- beneficiary IBAN shall be elligible to accept SCT inst
- for PRO / ENT customer segments, the PSU shall have his online banking SCT Inst flow contract updated in order to include his debitor IBAN and creditor target countries.
- "Iban", "debtorAccount", "creditorAccount" => a valid normalized IBAN with UPPER case alphanumeric characters
- chargeBearer field is mandatory (= "SLEV" in euro zone)
- successfulReportUrl => mandated parameter for the REDIRECT mode, and it shall contain the redirect URL as well as pkce (code_challenge & code_challenge_method = S256) with "&" separator in the url (no "?" )
- unsuccessfulReportUrl => if not filled, the data in "successfulReportUrl" will be used
- supplementaryData => "REDIRECT"
- scaHint => field ignored whatever value is set => NO SCA exemptions apply
categoryPurpose => mandatory as it allow to differenctiate funds transfert from merchant-based operations to non registered IBAN depending on SCA means used
- creationDateTime => ISO8601
- The three regular expressions allowed are:
- YYYY-MM-DDTHH:MM:SS.SSS+HH:MM
- YYYY-MM-DDTHH:MM:SS.SSS+HHMM
- YYYY-MM-DDTHH:MM:SS.SSS
- The three regular expressions allowed are:
Note : char "Z" at the end means UTC
Example : 2019-11-12T00:00:00.000+02:00
- "state" => mandated for REDIRECT mode
- beneficiary.creditor.name => limited to 35 length characters
➤ Single SCA UX
If the PISP transmits to the ASPSP all the information necessary to initiate the payment, including the account number/IBAN of the account to be debited, ASPSPs supports a single SCA for a single payment initiation :
- Debtor IBAN (debtorAccount) only : a screen for PSU identification is still requested before the unique SCA (for dynamic linking)
- Debtor IBAN (debtorAccount) + PSU identification (debtor.privateId.identification in UPPER case) : no need to identify the PSU before the unique SCA (for dynamic linking)
➤ Cut-off for Immediate SCT Core
The CUT-OFF time means the deadline for fund transfer execution, and takes into account :
- internal processing (execution and clearing on the samle day)
- CUT-OFF from various interbank schemes (incl'd clearing house, see TARGET2 banking business days calendar and SCT rulebook)
In case of SEPA CREDIT TRANSFER (SCT), there is a maximum execution time : originator Banks are obliged to ensure that the amount of the SEPA Credit Transfer is credited to the account of the Beneficiary Bank within one Banking Business Day following the point in time of receipt of the Credit Transfer Instruction in accordance with the provisions of the Payment Services Directive. A shorter execution time for SEPA Credit Transfers, knowing that operations may not be open for business on certain days of the year for the purpose of executing SEPA Credit Transfers.
It is not authorized to postpone the initial PSU order date except if it has been overriden. Execution time will be then reported to the following authorized date if it not a bank holiday. The execution process is triggered depending on the full timestamp of the PIS request.
CUT-OFF for SCT Core / execution on the same day is fixed at 11:00 am continental time (GMT+2 in summer, GMT+1 in winter).
CUT-OFF for SCT Core / execution & clearing on the next day is fixed at 05:00 pm continental time (GMT+2 in summer, GMT+1 in winter).
CREATIONDATETIME | REQUESTEDEXECUTIONDATE | PIS RESULT | EXeCUTION date | clearing date |
---|---|---|---|---|
before 11:00 (excl'd) | same day | OK | same day | same day |
from 11:00 to 05:00 pm (excl'd) | same day | OK | same day | next day |
after 05:00 pm | same day | OK | next day | next day |
otherwise | >= next day or later | OK | requestedExecutionDate | requestedExecutionDate |
➤ Recurring SCT Core
The data frequency is mandated only for SCT recurring PIS operations with one of the following values :
- MNTH (Monthly)
- QUTR (Quaterly)
- YEAR (Annual)
The data endDate (date of the last occurence) must also be valued in this case with a future date :
- requestedExecutionDate + n month if frequency = MNTH
- requestedExecutionDate + n quarters equency = QUTR
- requestedExecutionDate + n années si frequency = YEAR
Otherwise, it will be setup by the ASPSP at the max value requestedExecutionDate = 2099
➤ Creditor IBAN control
A temporary control for NOT allowing PISP initiaitions has been added since December 7th, 2020 (alignment on direct access security features for funds transfer) :
- If the Creditor IBAN is NOT included in preregistered list done through the direct access
- AND if the field categoryPurpose = "CASH"
- AND if the SCA is NOT peformed by the PSU using the most secure authentication means (e.g. Sécur'Pass for retail PSU)
➤ Error codes
Error type | HTTP code | Description | Reason |
Generic, bad structure | 400 | Bad request | error code : FF01 |
Wrong format for BIC | 400 | Bad request | error code : FF01 |
Wrong format for serviceLevel | 400 | Bad request | error code : FF01 |
Wrong format for chargeBearer different from SLEV | 400 | Bad request | error code: FF01 |
Wrong format for schemeName | 400 | Bad request | error code: FF01 |
Wrong format for purpose | 400 | Bad request | error code: FF01 message: RJCT error: value not one of declared Enum instance names: [TRPT, CASH, CPKC, ACCT, COMC] |
Wrong format for categoryPurpose | 400 | Bad request | error code: FF01 |
Wrong access token, authentication issue | 403 | Forbidden | |
Unknown request resource | 404 | Not Found | |
Wrong request, or request out of authorized scope | 405 | Method not allowed | |
Generic message | 500 | Internal server error | |
Duplicate request | 500 | Internal server error | error : Database insertion problem, duplicate unique key |