Payment Initiation Service (PIS)
PIS offers APIs for PSD2 clients to perform payments and recurring payment transfers in Swedish Krona. Since the operations involve monetary transfers from a user's account, most operations require user signing with BankID.
API Features:
- Fund confirmation to verify if available funds cover a given transfer amount
- Transfer funds between Swedish accounts
- Instant fund transfer between SBAB accounts
- Managing recurring transfers (creation, listing and removal)
- Manage recurring recipients details
For details about required authentication and applicable restrictions, read the authorization section.
Flow description of initiating transfers 3.0 [Secure Start BankID v6]
The flow for both transfers and recurring transfers are the same and follows the steps below:
-
Get the user accounts from AIS (or obtain the account numbers directly from the PSU
Payment Service User). -
Initiate transfers with one of the account numbers from the response of the previous step, and you'll receive a
reference_idas part of the response. If the transfer has a statusPENDINGthen no signing required.
However, if the status isNEED_SIGNING, then follow the signing instructions below: -
Start the signing for the initiated transfer, use
signing_idfrom the initiate transfer response, thesign/startresponse will contain anautostart_tokenandqr_stringthat can be used to launch BankID to sign the transfer. Theqr_stringis used by the client to render the QR image scanned by the mobile phone. Please note that a mandatory HeaderPSU-IP-Addressis required for start signing. Both IPv4 and IPv6 formats are supported inPSU-IP-Address.
Consecutive attempts to start a new signing, for the same user with changingPSU-IP-Addressvalues within a time span of approximately 3 minutes, will result in blocking of the BankID for approximately 3 minutes. -
Collect the signing status, the response will contain
status,hint_codeand a newly generatedqr_string. https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide/graenssnittsbeskrivning/collect -
Once the signing status is
COMPLETE, the PSU has successfully signed with BankID and the transfer will be executed. -
In the Sandbox environment, BankID user signing is simulated in the
/psd2/savings/3.0/transfers/sign-bankid/{signing-id}endpoint. -
Use the
reference_idto check the status of the transfer in the endpoints
/psd2/savings/3.0/accounts/{account-number}/transfers/{reference-id}/status/psd2/savings/3.0/accounts/{account-number}/recurring-transfers/{reference-id}/status -
In the Sandbox, the transfer after signing will have status
PENDINGorCOMPLETEdepending on value date. In production the status initially will bePENDINGas the backend will take some time to process the transfer to get statusCOMPLETE.
Test API
Flow description of initiating transfers 2.0 [BankID v5] Deprecated
Will not work after 2024-04-30
The flow for both transfers and recurring transfers are the same and follows the steps below:
- Get the user accounts from AIS (or obtain the account numbers directly from the PSU)
- Initiate transfers with one of the account numbers from the response of the previous step, and you'll receive
a
reference_idas part of the response.
Please note that a mandatory HeaderPSU-IP-Addressis required for the signing initiation. Both IPv4 and IPv6 formats are supported inPSU-IP-Address.
Consecutive attempts to initiate a new signing, for the same user with changingPSU-IP-Addressvalues within a time span of approximately 3 minutes, will result in blocking of the BankID for approximately 3 minutes. - Wait for the user to sign the transfer with BankID
- Transfers between own accounts do not require any signing
- In the Sandbox environment, BankID user signing is mocked with a special call that simulates that user signing is done
- Use the
reference_idto check the status of the transfer - In the Sandbox the status of the transfer will be
completedimmediately but in production it will have an intermediate status calledprocessingas the backend will take some time to process the transfer