Table of Contents

maxLevel	1
style	none

1. Overview

The Payment Initiation API Profile describes the flows and common functionality for the Payment Initiation API, which allows a Payment Initiation Service Provider ('PISP') to:

...

This profile should be read in conjunction with a compatible Read/Write Data API Profile , which provides a description of the elements that are common across all the Read/Write Data APIs, and compatible individual resources.

1.1

...

Document Overview

This document consists of the following parts:

...

Alternative Flows: Documents rules for alternative flows

1.2

...

Resources

Each of the Payment Initiation API resources are documented in the Resources and Data Models / PISP area of the specification. Each resource is documented with:

Endpoints
- The API endpoints available for the resource.
Data Model
- Resource definition.
- UML diagram.
- Data dictionary - which defines fields, re-usable classes, mandatory (1..1) or conditional (0..1) as defined in the Design Principles section, and enumerations.
Usage Examples

1.

...

3 Design Principles

1.3.1 Status Codes

The API uses two status codes that serve two different purposes:

The HTTP Status Code reflects the outcome of the API call (the HTTP operation on the resource).
The Status field for the payment-order consent reflects the status of the PSU consent authorisation.
The Status field for the payment-order resource reflects the status of the payment-order initiation or execution.

2. Basics

2.

...

1 Overview

The figure below provides a general outline of a payment flow for all payment-order types using the Payment APIs. The payment-order types covered in this profile include:

...

The payment-order consent and payment-order resource in the following flow generalises for the different payment-order types. E.g. for a domestic payment, the payment-order consent resource is domestic-payment-consents; and the payment-order resource is domestic-payments.

...

2.1.1 Steps

Step 1: Agree Payment-Order Initiation

...

The PISP can check the status of the payment-order consent (with the ConsentId) or payment-order resource (with the payment-order resource identifier) or payment-details (with the payment-order resource identifier).
This is carried out by making a GET request to the payment-order consent or payment-order or payment-details resource

2.1.2 Sequence Diagram

...

2.

...

2 Payment Restrictions

The standard does not provide a uniform set of restrictions for payment-order types that can be supported through this API.

...

An ASPSP must reject the payment-order consent if the ASPSP is unable to handle the request.

2.2.1 CutOffDateTime Behaviour

An ASPSP may return the specific CutOffDateTime when responding to a payment-order consent request.

...

Reject the payment-order (and steps associated with the creation of payment-order) if received after the applicable CutOffDateTime
Accept the payment-order (and steps associated with the creation of payment-order) if received after the applicable CutOffDateTime

2.2.1.1 Reject the Payment-Order

In this scenario, the behaviour of payment-order execution is explicit to the PISP and PSU.

...

For a payment-order consent or a payment-order resource that has been rejected due to the elapsed CutoffDateTime, the PISP may decide to create a corresponding future dated payment endpoint to create a new payment-order consent. The PISP may use the /domestic-future-dated-payment-consents endpoint to create a consent for the same payment for the next working day.

2.2.1.2 Accept the Payment-Order

In this scenario, the behaviour of the payment-order execution is not explicit to the PISP and PSU, and the payment-order will be executed on the next available working day.

An ASPSP must accept the payment-order consent if the CutOffDateTime for a specific payment-order type has elapsed.
An ASPSP must accept an authorisation request when the underlying intent object is associated with a CutoffDateTime that has elapsed.
An ASPSP must accept the payment-order resource if the CutOffDateTime for a specific payment-order type, has been established and has elapsed.
An ASPSP may update the payment-order consent or payment-order resource with the CutOffDateTime, ExpectedExecutionDateTime and ExpectedSettlementDateTime, to communicate expected execution behaviour if the CutOffDateTime has elapsed

2.

...

3 Release Management

This section overviews the release management and versioning strategy for the Payment Initiation API. It applies to all Payment Order Consent and Payment Order resources, specified in the Endpoints section.

2.3.1 Payment-Order Consent

2.3.1.1 POST

A PISP must not create a payment-order consent ConsentId on a newer version and use it to create a payment-order resource in a previous version
- E.g., A ConsentId created in v3, must not be used to create a v1 PaymentSubmissionId
A PISP must not create a payment-order consent ConsentId on a previous version and use it to create a payment-order resource in a newer version
- E.g., A PaymentId created in v1, must not be used to create a v3 DomesticPaymentId

2.3.1.2 GET

A PISP must not access a payment-order ConsentId created in a newer version, via a previous version endpoint
- E.g., A ConsentId created in v3 accessed via a v1 PaymentId
An ASPSP may choose to make ConsentIds accessible across versions
- E.g., for a PaymentId created in v1, an ASPSP may or may not make it available via v3, as this is a short-lived consent

2.3.2 Payment-Order Consent (Confirm Funds)

2.3.2.1 GET

A PISP must not confirm funds using a payment-order-consent ConsentId created in a different version.
- E.g. A ConsentId created in v3, must not be used to confirm funds on a v1 endpoint.

2.3.3 Payment-Order Resource

2.3.3.1 POST

A PISP must use a payment-order consent ConsentId within the same version to create the payment-order resource (in that version)
- E.g., A v3 payment-order consent can only be used to create a payment-order resource in v3.
An ASPSP must not allow a PISP to use a ConsentId from a previous version to create a Payment Order in a newer version, and vice versa

2.3.3.2 GET

A PISP must refer to the ASPSP's online Developer Portal for guidelines on accessibility of a payment-order resource in a newer version
A PISP must not access the payment-order resource types introduced in a newer version, on an older version endpoint:
- E.g., an international-payment created in v3, which is accessed via the v1 payment-submissions endpoint.
A PISP must not access the payment-order resource created in a newer version on an older version endpoint:
- E.g., for a domestic-payment resource created in v3, access via the v1 payment-submissions endpoint is not permitted.
An ASPSP must document the behaviour on the accessibility of a payment-order resource in a newer version on the ASPSP's online Developer Portal.
An ASPSP must allow access to the payment-order resource created in a previous version on a newer version endpoint (depending on an ASPSP's legal requirement for data retention):
- E.g., a payment-submission created in v1, must be accessible as a v3 domestic-payment, with sensible defaults for additional fields introduced in v3 (e.g., if an ASPSP must make payment resources available for 7 years).
In the case where a payment-order type is the same, but the structure has changed in a newer version, sensible defaults may be used, with the ASPSP's Developer Portal clearly specifying the behaviour.
- E.g., a new field StatusUpdateDateTime was introduced in v3, an ASPSPs must populate this with the last status update time (as the StatusUpdateDateTime is a mandatory field).

3. Security & Access Control

3.1

...

Scopes

The access tokens required for accessing the Payment APIs must have at least the following scope:

payments: Generic payment scope

3.2

...

Grants Types

PISPs must use a client credentials grant to obtain a token to make POST requests to the payment-order consent endpoints. In the specification, this grant type is referred to as "Client Credentials".

...

PISPs must use a client credentials grant to obtain a token to make GET requests (excluding confirming funds).

3.3

...

Consent Authorisation

OAuth 2.0 scopes are coarse-grained and the set of available scopes are defined at the point of client registration. There is no standard method for specifying and enforcing fine-grained scopes e.g., a scope to enforce payments of a specified amount on a specified date.

...

Once these steps are complete, the consent is considered to have been authorised by the PSU.

3.3.1 Error Condition

If the PSU does not complete a successful consent authorisation (e.g., if the PSU has not authenticated successfully), the authorisation code grant ends with a redirection to the TPP with an error response. The PSU is redirected to the TPP with an error parameter indicating the error that occurred.

3.3.2 Consent Revocation

A PSU cannot revoke a payment-order consent once it has been authorised.

3.3.3 Changes to Selected Account

For a payment-order consent, the selected debtor account cannot be changed once the consent has been authorised.

3.3.4 Consent Re-authentication

Payment consents are short-lived and cannot be re-authenticated by the PSU.

3.4

...

Risk Scoring

...

Information

Information for risk scoring and assessment will come via:

...

Payments for EcommerceGoods and EcommerceServices will be expected to have a MerchantCategoryCode and MerchantCustomerIdentification populated. Payments for EcommerceGoods will also have the DeliveryAddress populated.

4. Data Model

4.

...

1 Reused Classes

4.1.1 OBRisk

This section describes the OBRisk class which is reused in the payment-order consent and payment-order resources.

4.1.1.1 UML Diagram

...

4.1.1.2 Data Dictionary

_Name	_Occurrence	_Xpath	_{Enhanced Definition}	_Class	_Codes	_Pattern
_OBRisk		_OBRisk	_{The Risk section is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Payments.}	_OBRisk
_{PaymentContextCode}	_0..1	_{OBRisk/PaymentContextCode}	_{Specifies the payment context}	_Stirng	_Enum: _BillPayment _{EcommerceGoods} _{EcommerceServices} _Other _PartyToParty
_{MerchantCategoryCode}	_0..1	_{OBRisk/MerchantCategoryCode}	_{Category code conform to ISO 18245, related to the type of services or goods the merchant provides for the transaction.}	_String
_{MerchantCustomerIdentification}	_0..1	_{OBRisk/MerchantCustomerIdentification}	_{The unique customer identifier of the PSU with the merchant}	_String
_{DeliveryAddress}	_0..1	_{OBRisk/DeliveryAddress}	_{Information that locates and identifies a specific address, as defined by postal services or in free format text.}	_{OBRisk/DeliveryAddress}
_AddressLine	_0..7	_{OBRisk/DeliveryAddress/AddressLine}	_{Information that locates and identifies a specific address, as defined by postal services, presented in free format text.}	_String
_StreetName	_0..1	_{OBRisk/DeliveryAddress/StreetName}	_{Name of a street or thoroughfare}	_String
_{BuildingNumber}	_0..1	_{OBRisk/DeliveryAddress/BuildingNumber}	_{Number that identifies the position of a building on a street}	_String
_PostCode	_0..1	_{OBRisk/DeliveryAddress/PostCode}	_{Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail}	_String
_TownName	_0..1	_{OBRisk/DeliveryAddress/TownName}	_{Name of a built-up area, with defined boundaries, and a local government}	_String
_{CountrySubDivision}	_0..1	_{OBRisk/DeliveryAddress/CountrySubDivision}	_{Identifies a subdivision of a country, for instance state, region}	_String
_Country	_0..1	_{OBRisk/DeliveryAddress/Country}	_{Nation with its own government, occupying a particular territory.}	_String		_^[A-Z]{2,2}$

4.1.2 OBCharge

This section describes the OBCharge class - which is reused in the response payloads in the payment-order consent and payment-order resources.

4.1.2.1 UML Diagram

...

4.1.2.2 Data Dictionary

_Name	_Occurrence	_Xpath	_{Enhanced Definition}	_Class	_Codes	_Pattern
_OBCharge		_OBCharge	_{Set of elements used to provide details of a charge for the payment initiation.}	_OBCharge
_ChargeBearer	_1..1	_{OBCharge/ChargeBearer}	_{Specifies which party/parties will bear the charges associated with the processing of the payment transaction.}	_String	_Enum: _{BorneByCreditor} _{BorneByDebtor} _{FollowingServiceLevel} _Shared
_Type	_1..1	_{OBCharge/Type}	_{Charge type, in a coded form.}	_String	_Enum: _·_{To be determined}
_Amount	_1..1	_{OBCharge/Amount}	_{Amount of money associated with the charge type.}	_{OBActiveOrHistoricCurrencyAndAmount}
_Amount	_1..1	_{OBCharge/Amount/Amount}	_{A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217.}	_String		_{^\d{1,13}.\d{1,5}$}
_Currency	_1..1	_{OBCharge/Amount/Currency}	_{A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 "Codes for the representation of currencies and funds".}	_String		_^[A-Z]{3,3}$

4.1.3 OBAuthorisation

This section describes the OBAuthorisation class which is used in the payment-order consent request and payment-order consent response payloads.

4.1.3.1 UML Diagram

...

4.1.3.2 Data Dictionary

_Name	_Occurrence	_Xpath	_{Enhanced Definition}	_Class	_Codes	_Pattern
_{OBAuthorisation}		_{OBAuthorisation}	_{The authorisation type request from the TPP.}	_{OBAuthorisation}
_{AuthorisationType}	_1..1	_{OBAuthorisation/AuthorisationType}	_{Type of authorisation flow requested.}	_String	_Enum: _Single
_{CompletionDateTime}	_0..1	_{OBAuthorisation/CompletionDateTime}	_{Date and time at which the requested authorisation flow must be completed.}	_DateTime

4.1.4 OBDomesticRefundAccount

This section describes the OBDomesticRefundAccount class which is used in the response payloads of Domestic Payment, Domestic Future Dated Payment and Domestic Standing Order.

4.1.4.1 UML Diagram

...

4.1.4.2 Data Dictionary

_Name	_Occurrence	_Xpath	_{Enhanced Definition}	_Class	_Codes	_Pattern
_{OBDomesticRefundAccount}		_{OBDomesticRefundAccount}	_{Unambiguous identification of the refund account to which a refund will be made as a result of the transaction.}	_{OBDomesticRefundAccount}
_Account	_1..1	_{OBDomesticRefundAccount/Account}	_{Provides the details to identify an account.}	_{OBDomesticRefundAccount/Account}
_SchemeName	_1..1	_{OBDomesticRefundAccount/Account/SchemeName}	_{Name of the identification scheme, in a coded form as published in an external list.}	_String	_Enum: _BH.OBF.BBAN _BH.OBF.IBAN _BH.OBF.PAN
_{Identification}	_1..1	_{OBDomesticRefundAccount/Account/Identification}	_{Identification assigned by an institution to identify an account. This identification is known by the account owner.}	_String
_Name	_0..1	_{OBDomesticRefundAccount/Account/Name}	_{Name of the account, as assigned by the account servicing institution. Usage: The account name is the name or names of the account owner(s) represented at an account level. The account name is not the product name or the nickname of the account. OB: ASPSPs may carry out name validation for Confirmation of Payee, but it is not mandatory.}	_String

4.1.5 OBInternationalRefundAccount

This section describes the OBInternationalRefundAccount class which is used in the response payloads of International Payment, International Future Dated Payment and International Standing Order.

4.1.5.1 UML Diagram

...

4.1.5.2 Data Dictionary

_Name	_Occurrence	_Xpath	_{Enhanced Definition}	_Class	_Codes	_Pattern
_{OBInternationalRefundAccount}		_{OBInternationalRefundAccount}	_{Unambiguous identification of the refund account to which a refund will be made as a result of the transaction.}	_{OBInternationalRefundAccount}
_Creditor	_0..1	_{OBInternationalRefundAccount/Creditor}	_{Party to which an amount of money is due.}	_{OBInternationalRefundAccount/Creditor}
_Name	_0..1	_{OBInternationalRefundAccount/Creditor/Name}	_{Name by which a party is known and which is usually used to identify that party.}	_String
_{PostalAddress}	_0..1	_{OBInternationalRefundAccount/Creditor/PostalAddress}	_{Information that locates and identifies a specific address, as defined by postal services.}	_{OBPostalAddress}
_AddressType	_0..1	_{OBInternationalRefundAccount/Creditor/PostalAddress/AddressType}	_{Identifies the nature of the postal address.}	_String	_Enum: _Business _{Correspondence} _DeliveryTo _MailTo _POBox _Postal _Residential _Statement
_Department	_0..1	_{OBInternationalRefundAccount/Creditor/PostalAddress/Department}	_{Identification of a division of a large organisation or building.}	_String
_{SubDepartment}	_0..1	_{OBInternationalRefundAccount/Creditor/PostalAddress/SubDepartment}	_{Identification of a sub-division of a large organisation or building.}	_String
_AddressLine	_0..7	_{OBInternationalRefundAccount/Creditor/PostalAddress/AddressLine}	_{Information that locates and identifies a specific address, as defined by postal services, presented in free format text.}	_String
_StreetName	_0..1	_{OBInternationalPaymentInitiation/Creditor/PostalAddress/StreetName}	_{Name of a street or thoroughfare}	_String
_{BuildingNumber}	_0..1	_{OBInternationalPaymentInitiation/Creditor/PostalAddress/BuildingNumber}	_{Number that identifies the position of a building on a street}	_String
_PostCode	_0..1	_{OBInternationalPaymentInitiation/Creditor/PostalAddress/PostCode}	_{Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail}	_String
_TownName	_0..1	_{OBInternationalPaymentInitiation/Creditor/PostalAddress/TownName}	_{Name of a built-up area, with defined boundaries, and a local government}	_String
_{CountrySubDivision}	_0..1	_{OBInternationalPaymentInitiation/Creditor/PostalAddress/CountrySubDivision}	_{Identifies a subdivision of a country such as state, region, country}	_String
_Country	_0..1	_{OBInternationalRefundAccount/Creditor/PostalAddress/Country}	_{Nation with its own government.}	_String		_^[A-Z]{2,2}$
_Agent	_0..1	_{OBInternationalRefundAccount/Agent}	_{Financial institution servicing an account for the creditor.}	_{OBInternationalRefundAccount/Agent}
_SchemeName	_0..1	_{OBInternationalRefundAccount/Agent/SchemeName}	_{Name of the identification scheme, in a coded form as published in an external list.}	_String	_Enum: _BH.OBF.IBAN
_{Identification}	_0..1	_{OBInternationalRefundAccount/Agent/Identification}	_{Unique and unambiguous identification of a financial institution or a branch of a financial institution.}	_String
_Name	_0..1	_{OBInternationalRefundAccount/Agent/Name}	_{Name by which an agent is known and which is usually used to identify that agent.}	_String
_{PostalAddress}	_0..1	_{OBInternationalRefundAccount/Agent/PostalAddress}	_{Information that locates and identifies a specific address, as defined by postal services.}	_{OBPostalAddress}
_AddressType	_0..1	_{OBInternationalRefundAccount/Agent/PostalAddress/AddressType}	_{Identifies the nature of the postal address.}	_String	_Enum: _Business _{Correspondence} _DeliveryTo _MailTo _POBox _Postal _Residential _Statement
_Department	_0..1	_{OBInternationalRefundAccount/Agent/PostalAddress/Department}	_{Identification of a division of a large organisation or building.}	_String
_{SubDepartment}	_0..1	_{OBInternationalRefundAccount/Agent/PostalAddress/SubDepartment}	_{Identification of a sub-division of a large organisation or building.}	_String
_AddressLine	_0..7	_{OBInternationalRefundAccount/Agent/PostalAddress/AddressLine}	_{Information that locates and identifies a specific address, as defined by postal services, presented in free format text.}	_String
_StreetName	_0..1	_{OBInternationalPaymentInitiation/CreditorAgent/PostalAddress/StreetName}	_{Name of a street or thoroughfare}	_String
_{BuildingNumber}	_0..1	_{OBInternationalPaymentInitiation/CreditorAgent/PostalAddress/BuildingNumber}	_{Number that identifies the position of a building on a street}	_String
_PostCode	_0..1	_{OBInternationalPaymentInitiation/CreditorAgent/PostalAddress/PostCode}	_{Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail}	_String
_TownName	_0..1	_{OBInternationalPaymentInitiation/CreditorAgent/PostalAddress/TownName}	_{Name of a built-up area, with defined boundaries, and a local government}	_String
_{CountrySubDivision}	_0..1	_{OBInternationalPaymentInitiation/CreditorAgent/PostalAddress/CountrySubDivision}	_{Identifies a subdivision of a country such as state, region, country}	_String
_Country	_0..1	_{OBInternationalRefundAccount/Agent/PostalAddress/Country}	_{Nation with its own government.}	_String		_^[A-Z]{2,2}$
_Account	_1..1	_{OBInternationalRefundAccount/Account}	_{Unambiguous identification of the account of the creditor to which a credit entry will be posted as a result of the payment transaction.}	_{OBInternationalRefundAccount/Account}
_SchemeName	_1..1	_{OBInternationalRefundAccount/Account/SchemeName}	_{Name of the identification scheme, in a coded form as published in an external list.}	_String	_Enum: _BH.OBF.IBAN
_{Identification}	_1..1	_{OBInternationalRefundAccount/Account/Identification}	_{Identification assigned by an institution to identify an account. This identification is known by the account owner.}	_String
_Name	_1..1	_{OBInternationalRefundAccount/Account/Name}	_{The account name is the name or names of the account owner(s) represented at an account level. Note, the account name is not the product name or the nickname of the account. OB: ASPSPs may carry out name validation for Confirmation of Payee, but it is not mandatory.}	_String

4.1.6 OBWritePaymentDetails

This section describes the OBWritePaymentDetails class which used in the response payloads of payment-detail sub resources.

4.1.6.1 UML Diagram

...

4.1.6.2 Data Dictionary

_Name	_Occurrence	_Xpath	_{Enhanced Definition}	_Class	_Codes	_Pattern
_{OBWritePaymentDetails}		_{OBWritePaymentDetails}	_{Payment status details.}	_{OBWritePaymentDetails}
_{PaymentTransactionId}	_1..1	_{OBWritePaymentDetails/PaymentTransactionId}	_{Unique identifier for the transaction within an servicing institution. This identifier is both unique and immutable}	_String
_Status	_1..1	_{OBWritePaymentDetails/Status}	_{Status of a transfer, as assigned by the transaction administrator.}	_String	_Enum: _Accepted _{AcceptedCancellationRequest} _{AcceptedCreditSettlementCompleted} _{AcceptedCustomerProfile} _{AcceptedFundsChecked} _{AcceptedSettlementCompleted} _{AcceptedSettlementInProcess} _{AcceptedTechnicalValidation} _{AcceptedWithChange} _{AcceptedWithoutPosting} _Cancelled _{NoCancellationProcess} _{PartiallyAcceptedCancellationRequest} _{PartiallyAcceptedTechnicalCorrect} _{PaymentCancelled} _Pending _{PendingCancellationRequest} _Received _Rejected _{RejectedCancellationRequest}
_{StatusUpdateDateTime}	_1..1	_{OBWritePaymentDetails/StatusUpdateDateTime}	_{Date and time at which the status was assigned to the transfer.}	_DateTime
_StatusDetail	_0..1	_{OBWritePaymentDetails/StatusDetail}	_{Payment status details as per underlying Payment Rail.}	_{OBWritePaymentDetails/StatusDetail}
_{LocalInstrument}	_0..1	_{OBWritePaymentDetails/StatusDetail/LocalInstrument}	_{User community specific instrument.} _{Usage: This element is used to specify a local instrument, local clearing option and/or further qualify the service or service level.}	_String	_Enum: _{BH.OBF. DNS} _{BH.OBF. NRT} _{BH.OBF. BIL}
_Status	_1..1	_{OBWritePaymentDetails/StatusDetail/Status}	_{Status of a transfer, as assigned by the transaction administrator.}	_String
_StatusReason	_0..1	_{OBWritePaymentDetails/StatusDetail/StatusReason}	_{Reason Code provided for the status of a transfer.}	_String	_Enum: _Cancelled _{PendingFailingSettlement} _{PendingSettlement} _Proprietary _{ProprietaryRejection} _Suspended _Unmatched
_{StatusReasonDescription}	_0..1	_{OBWritePaymentDetails/StatusDetail/StatusReasonDescription}	_{Reason provided for the status of a transfer.}	_String

4.1.7 OBSCASupportData

This section describes the OBSCASupportData class, which is used across all payment order consent request resources, enabling PISPs to provide Supporting Data when requesting ASPSP for SCA Exemption.

4.1.7.1 UML Diagram

...

4.1.7.2 Data Dictionary

_Name	_Occurrence	_Xpath	_{Enhanced Definition}	_Class	_Codes	_Pattern
_{OBSCASupportData}		_{SCASupportData}	_{Supporting Data provided by TPP, when requesting SCA Exemption.}	_{OBSCASupportData}
_{RequestedSCAExemptionType}	_0..1	_{SCASupportData/RequestedSCAExemptionType}	_{This field allows a PISP to request specific SCA Exemption for a Payment Initiation}	_String	_Enum: _BillPayment _{ContactlessTravel} _{EcommerceGoods} _{EcommerceServices} _Kiosk _Parking _PartyToParty
_{AppliedAuthenticationApproach}	_0..1	_{SCASupportData/AppliedAuthenticationApproach}	_{Specifies a character string with a maximum length of 40 characters.} _{Usage: This field indicates whether the PSU was subject to SCA performed by the TPP}	_String	_Enum: _CA _SCA
_{ReferencePaymentOrderId}	_0..1	_{SCASupportData/ReferencePaymentOrderId}	_{Specifies a character string with a maximum length of 140 characters.} _{Usage: If the payment is recurring, then the transaction identifier of the previous payment occurrence so that the ASPSP can verify that the PISP, amount and the payee are the same as the previous occurrence.}	_String

4.

...

2 Identifier Fields

This section describes the identifiers used through the Payment API flows, the direction of flow through the system, and how they are used.

...

_Generated	_Identifier	_{Business Description}
_{Merchant/PISP Sent in API Payload}	_{EndToEndIdentification}	_{The EndToEndIdentification reference is a reference that can be populated by the debtor (or merchant in the ecommerce space). This reference is important to the debtor (could be an internal reference Id against the transaction), it Is NOT the reference information that will be primarily populated on the statement of the creditor (beneficiary).}
_{Merchant/PISP Sent in API Payload}	_{InstructionIdentification}	_{The PISP generates the InstructionIdentification which is a unique transaction Id and passes it to the ASPSP (this is mandatory), but this does not have to go any further in the payment flow. The flow of this identifier needs to align with payment scheme rules.} _{The expectation is that this is unique indefinitely across all time periods. The PISP can ensure this is indefinitely unique by including a date or date time element to the field, or by inserting a unique Id.}
_{Merchant/PISP Sent in API Payload}	_{RemittanceInformation}	_{The RemittanceInformation is the reference information that the creditor (or beneficiary) will need to reconcile (e.g. Invoice 123).}
_{ASPSP / API System}	_ConsentId	_{A unique identification as assigned by the ASPSP to uniquely identify the payment-order consent resource.}
_{ASPSP / API System}	_{Payment Order Id}	_{A unique identification as assigned by the ASPSP to uniquely identify the payment-order resource.} _{DomesticPaymentId} _{DomesticFutureDatedPaymentId} _{DomesticStandingOrderId} _{InternationalPaymentId} _{InternationalFutureDatedPaymentId}
_{ASPSP / Payment Scheme}	_{Scheme Payment ID}	_{This is generated by the ASPSP to uniquely identify a payment through a processing scheme.}

4.

...

3 Enumerations

4.3.1 Static 1 Static Enumerations

This section gives the definitions for enumerations used in the Payment APIs.

_{Code Class}	_Name	_Definition
_{OBExternalPaymentContextCode}	_BillPayment	_{The context of the payment initiation is a bill payment.}
_{OBExternalPaymentContextCode}	_{EcommerceGoods}	_{The context of the payment initiation is for goods via an ecommerce channel.}
_{OBExternalPaymentContextCode}	_{EcommerceServices}	_{The context of the payment initiation is for services via an ecommerce channel.}
_{OBExternalPaymentContextCode}	_PartyToParty	_{The context of the payment initiation is a party to party payment.}
_{OBExternalPaymentContextCode}	_Other	_{The context of the payment initiation is of another type.}
_{OBTransactionIndividualStatusCode}	_{AcceptedSettlementCompleted}	_{Settlement on the debtor's account has been completed.} _{Usage: this can be used by the first agent to report to the debtor that the transaction has been completed.} _{Warning: this status is provided for transaction status reasons, not for financial information. It can only be used after bilateral agreement.} _PISPs_{must not}_{use this status as confirmation that settlement is complete on the creditor's account.}
_{OBTransactionIndividualStatusCode}	_{AcceptedSettlementInProcess}	_{All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution.}
_{OBTransactionIndividualStatusCode}	_Pending	_{Payment initiation or individual transaction included in the payment initiation is pending. Further checks and status update will be performed.}
_{OBTransactionIndividualStatusCode}	_Rejected	_{Payment initiation or individual transaction included in the payment initiation has been rejected.}
_{OBTransactionIndividualStatusCode}	_{AcceptedWithoutPosting}	_{Payment instruction included in the credit transfer is accepted without being posted to the creditor customer's account.}
_{OBTransactionIndividualStatusCode}	_{AcceptedCreditSettlementCompleted}	_{Settlement on the creditor's account has been completed.}
_{OBExternalConsentStatusCode}	_{AwaitingAuthorisation}	_{The consent resource is awaiting PSU authorisation.}
_{OBExternalConsentStatusCode}	_Rejected	_{The consent resource has been rejected.}
_{OBExternalConsentStatusCode}	_Authorised	_{The consent resource has been successfully authorised.}
_{OBExternalConsentStatusCode}	_Consumed	_{The consented action has been successfully completed. This does not reflect the status of the consented action.}
_{OBChargeBearerTypeCode}	_{BorneByCreditor}	_{All transaction charges are to be borne by the creditor.}
_{OBChargeBearerTypeCode}	_{BorneByDebtor}	_{All transaction charges are to be borne by the debtor.}
_{OBChargeBearerTypeCode}	_{FollowingServiceLevel}	_{Charges are to be applied following the rules agreed in the service level and/or scheme.}
_{OBChargeBearerTypeCode}	_Shared	_{In a credit transfer context, means that transaction charges on the sender side are to be borne by the debtor, transaction charges on the receiver side are to be borne by the creditor. In a direct debit context, means that transaction charges on the sender side are to be borne by the creditor, transaction charges on the receiver side are to be borne by the debtor.}
_{OBExternalAuthorisationCode}	_Single	_{Single authorisation type is requested.}
_{OBExternalStatusCode}	_{InitiationCompleted}	_{The payment-order initiation has been completed.}
_{OBExternalStatusCode}	_{InitiationFailed}	_{The payment-order initiation has failed.}
_{OBExternalStatusCode}	_{InitiationPending}	_{The payment-order initiation is pending.}
_{OBExternalStatusCode}	_{InitiationCompleted}	_{The payment-order initiation has been completed.}
_{OBExternalStatusCode}	_{InitiationFailed}	_{The payment-order initiation has failed.}
_{OBExternalStatusCode}	_{InitiationPending}	_{The payment-order initiation is pending.}
_{OBExternalStatusCode}	_Cancelled	_{Payment initiation has been successfully cancelled after having received a request for cancellation.}
_{OBExchangeRateTypeCode}	_Actual	_{Exchange rate is the actual rate.}
_{OBExchangeRateTypeCode}	_Agreed	_{Exchange rate is the agreed rate between the parties.}
_{OBExchangeRateTypeCode}	_Indicative	_{Exchange rate is the indicative rate.}
_{OBPriorityCode}	_Normal	_{Priority is normal.}
_{OBPriorityCode}	_Urgent	_{Priority is urgent.}
_{OBAddressTypeCode}	_Business	_{Address is the business address.}
_{OBAddressTypeCode}	_{Correspondence}	_{Address is the address where correspondence is sent.}
_{OBAddressTypeCode}	_DeliveryTo	_{Address is the address to which delivery is to take place.}
_{OBAddressTypeCode}	_MailTo	_{Address is the address to which mail is sent.}
_{OBAddressTypeCode}	_POBox	_{Address is a postal office (PO) box.}
_{OBAddressTypeCode}	_Postal	_{Address is the complete postal address.}
_{OBAddressTypeCode}	_Residential	_{Address is the home address.}
_{OBAddressTypeCode}	_Statement	_{Address is the address where statements are sent.}
_{OBTransactionIndividualExtendedISOStatusCode}	_Accepted	_{Request is accepted.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{AcceptedCancellationRequest}	_{Cancellation is accepted.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{AcceptedCreditSettlementCompleted}	_{Settlement on the creditor's account has been completed.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{AcceptedCustomerProfile}	_{Preceding check of technical validation was successful. Customer profile check was also successful.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{AcceptedFundsChecked}	_{Preceding check of technical validation and customer profile was successful and an automatic funds check was positive.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{AcceptedSettlementCompleted}	_{Settlement on the debtor's account has been completed.} _{Usage: this can be used by the first agent to report to the debtor that the transaction has been completed.} _{Warning: this status is provided for transaction status reasons, not for financial information. It can only be used after bilateral agreement}
_{OBTransactionIndividualExtendedISOStatusCode}	_{AcceptedSettlementInProcess}	_{All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{AcceptedTechnicalValidation}	_{Authentication and syntactical and semantical validation are successful}
_{OBTransactionIndividualExtendedISOStatusCode}	_{AcceptedWithChange}	_{Instruction is accepted but a change will be made, such as date or remittance not sent.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{AcceptedWithoutPosting}	_{Payment instruction included in the credit transfer is accepted without being posted to the creditor customer’s account.}
_{OBTransactionIndividualExtendedISOStatusCode}	_Cancelled	_{Request is cancelled.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{NoCancellationProcess}	_{No cancellation process.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{PartiallyAcceptedCancellationRequest}	_{Cancellation is partially accepted.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{PartiallyAcceptedTechnicalCorrect}	_{Authentication and syntactical and semantical validation are successful.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{PaymentCancelled}	_{Transaction has been cancelled.}
_{OBTransactionIndividualExtendedISOStatusCode}	_Pending	_{Payment initiation or individual transaction included in the payment initiation is pending. Further checks and status update will be performed.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{PendingCancellationRequest}	_{Cancellation request is pending.}
_{OBTransactionIndividualExtendedISOStatusCode}	_Received	_{Payment initiation has been received by the receiving agent.}
_{OBTransactionIndividualExtendedISOStatusCode}	_Rejected	_{Payment initiation or individual transaction included in the payment initiation has been rejected.}
_{OBTransactionIndividualExtendedISOStatusCode}	_{RejectedCancellationRequest}	_{Cancellation request is rejected}
_{OBTransactionIndividualStatusReasonCode}	_Cancelled	_{Reason why the payment status is cancelled}
_{OBTransactionIndividualStatusReasonCode}	_{PendingFailingSettlement}	_{Reason why the payment status is pending (failing settlement).}
_{OBTransactionIndividualStatusReasonCode}	_{PendingSettlement}	_{Reason why the payment status is pending (settlement).}
_{OBTransactionIndividualStatusReasonCode}	_Proprietary	_{Defines a free text proprietary reason.}
_{OBTransactionIndividualStatusReasonCode}	_{ProprietaryRejection}	_{Defines the reason that has been used by the Local Instrument system to reject the transaction}
_{OBTransactionIndividualStatusReasonCode}	_Suspended	_{Reason why the payment status is suspended.}
_{OBTransactionIndividualStatusReasonCode}	_Unmatched	_{Reason why the payment status is unmatched.}
_{OBExternalSCAExemptionTypeCode}	_BillPayment	_{Bill Payment}
_{OBExternalSCAExemptionTypeCode}	_{ContactlessTravel}	_{Contactless Travel}
_{OBExternalSCAExemptionTypeCode}	_{EcommerceGoods}	_{Ecommerce Goods}
_{OBExternalSCAExemptionTypeCode}	_{EcommerceServices}	_{Ecommerce Services}
_{OBExternalSCAExemptionTypeCode}	_Kiosk	_Kisok
_{OBExternalSCAExemptionTypeCode}	_Parking	_Parking
_{OBExternalSCAExemptionTypeCode}	_PartyToParty	_{Party To Party}
_{OBExternalAppliedAuthenticationApproachCode}	_CA	_{Single Factor Strong Customer Authentication}
_{OBExternalAppliedAuthenticationApproachCode}	_SCA	_{Multi Factor Strong Customer Authentication}
_{OBReadRefundAccountCode}	_Yes	_Yes
_{OBReadRefundAccountCode}	_No	_No

4.3.2 ISO 2 ISO Enumerations

These following ISO Enumerations are used in the Payment APIs.

_{ISO Data Type}	_Fields	_{ISO Enumeration Values URL}
_String	_{MerchantCategoryCode}	_{https://www.iso.org/standard/33365.html}
_String	_Currency	_{https://www.iso20022.org/external_code_list.page}
_String	_Country	_{https://www.iso.org/iso-3166-country-codes.html}

5. Alternative and Error Flows

5.

...

1 Idempotent Payment Order Consent

Note: This flow has been generalised for all payment-order types.

...

5.

...

2 Idempotent Payment Order

Note: This flow has been generalised for all payment-order types.

...

5.

...

3 Reject the Payment Order Consent Creation after CutOffDateTime

This example illustrates a scenario where an ASPSP choses to Reject the Payment-Order consent/resource request, after the CutoffTime. We have a payment-order consent created after the CutOffDateTime, and ASPSP rejects the Consent, and the PISP chooses to place a Future Dated Payment-Order consent.

...

5.

...

4 Reject the Payment Order Creation after CutOffDateTime

This example illustrates a scenario where an ASPSP choses to Reject the Payment-Order consent/resource request, after the CutoffTime. We have a payment-order Consent created and the Authorisation completed before the CutOffDateTime, but the Payment-Order submission happened after the CutOffDateTime, so the ASPSP has rejected it.

...

Version	Old Version 17	New Version 18
Changes made by	CBB Admin	CBB Admin
Saved on	May 07, 2020	May 08, 2020

Page Comparison

Versions Compared

Key

1. Overview

1.1

Document Overview

1.2

Resources

1.

3 Design Principles

1.3.1 Status Codes

2. Basics

2.

1 Overview

2.1.1 Steps

2.1.2 Sequence Diagram

2.

2 Payment Restrictions

2.2.1 CutOffDateTime Behaviour

2.2.1.1 Reject the Payment-Order

2.2.1.2 Accept the Payment-Order

2.

3 Release Management

2.3.1 Payment-Order Consent

2.3.1.1 POST

2.3.1.2 GET

2.3.2 Payment-Order Consent (Confirm Funds)

2.3.2.1 GET

2.3.3 Payment-Order Resource

2.3.3.1 POST

2.3.3.2 GET

3. Security & Access Control

3.1

Scopes

3.2

Grants Types

3.3

Consent Authorisation

3.3.1 Error Condition

3.3.2 Consent Revocation

3.3.3 Changes to Selected Account

3.3.4 Consent Re-authentication

3.4

Risk Scoring

Information

4. Data Model

4.

1 Reused Classes

4.1.1 OBRisk

4.1.1.1 UML Diagram

4.1.1.2 Data Dictionary

4.1.2 OBCharge

4.1.2.1 UML Diagram

4.1.2.2 Data Dictionary

4.1.3 OBAuthorisation

4.1.3.1 UML Diagram

4.1.3.2 Data Dictionary

4.1.4 OBDomesticRefundAccount

4.1.4.1 UML Diagram

4.1.4.2 Data Dictionary

4.1.5 OBInternationalRefundAccount

4.1.5.1 UML Diagram

4.1.5.2 Data Dictionary

4.1.6 OBWritePaymentDetails

4.1.6.1 UML Diagram

4.1.6.2 Data Dictionary

4.1.7 OBSCASupportData

4.1.7.1 UML Diagram

4.1.7.2 Data Dictionary

4.

2 Identifier Fields

4.

3 Enumerations

4.3.1 Static 1 Static Enumerations

4.3.2 ISO 2 ISO Enumerations

5. Alternative and Error Flows

5.

1 Idempotent Payment Order Consent

5.

2 Idempotent Payment Order