Payment Initiation Service (PIS)
PIS offers APIs for PSD2 clients to perform payments and recurring payment transfers in Swedish Krona. Since the operations involve monetary transfers from a user's account, most operations require user signing with BankID.
API Features:
- Fund confirmation to verify if available funds cover a given transfer amount
- Transfer funds between Swedish accounts
- Instant fund transfer between SBAB accounts
- Managing recurring transfers (creation, listing and removal)
- Manage recurring recipients details
For details about required authentication and applicable restrictions, read the authorization section.
Flow description of initiating transfers 3.0 [Secure Start BankID v6]
The flow for both transfers and recurring transfers are the same and follows the steps below:
-
Get the user accounts from AIS (or obtain the account numbers directly from the PSU
Payment Service User
). -
Initiate transfers with one of the account numbers from the response of the previous step, and you'll receive a
reference_id
as part of the response. If the transfer has a statusPENDING
then no signing required.
However, if the status isNEED_SIGNING
, then follow the signing instructions below: -
Start the signing for the initiated transfer, use
signing_id
from the initiate transfer response, thesign/start
response will contain anautostart_token
andqr_string
that can be used to launch BankID to sign the transfer. Theqr_string
is used by the client to render the QR image scanned by the mobile phone. Please note that a mandatory HeaderPSU-IP-Address
is required for start signing. Both IPv4 and IPv6 formats are supported inPSU-IP-Address
.
Consecutive attempts to start a new signing, for the same user with changingPSU-IP-Address
values within a time span of approximately 3 minutes, will result in blocking of the BankID for approximately 3 minutes. -
Collect the signing status, the response will contain
status
,hint_code
and a newly generatedqr_string
. https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide/graenssnittsbeskrivning/collect -
Once the signing status is
COMPLETE
, the PSU has successfully signed with BankID and the transfer will be executed. -
In the Sandbox environment, BankID user signing is simulated in the
/psd2/savings/3.0/transfers/sign-bankid/{signing-id}
endpoint. -
Use the
reference_id
to check the status of the transfer in the endpoints
/psd2/savings/3.0/accounts/{account-number}/transfers/{reference-id}/status
/psd2/savings/3.0/accounts/{account-number}/recurring-transfers/{reference-id}/status
-
In the Sandbox, the transfer after signing will have status
PENDING
orCOMPLETE
depending on value date. In production the status initially will bePENDING
as the backend will take some time to process the transfer to get statusCOMPLETE
.
Test API
Flow description of initiating transfers 2.0 [BankID v5] Deprecated
Will not work after 2024-04-30
The flow for both transfers and recurring transfers are the same and follows the steps below:
- Get the user accounts from AIS (or obtain the account numbers directly from the PSU)
- Initiate transfers with one of the account numbers from the response of the previous step, and you'll receive
a
reference_id
as part of the response.
Please note that a mandatory HeaderPSU-IP-Address
is required for the signing initiation. Both IPv4 and IPv6 formats are supported inPSU-IP-Address
.
Consecutive attempts to initiate a new signing, for the same user with changingPSU-IP-Address
values within a time span of approximately 3 minutes, will result in blocking of the BankID for approximately 3 minutes. - Wait for the user to sign the transfer with BankID
- Transfers between own accounts do not require any signing
- In the Sandbox environment, BankID user signing is mocked with a special call that simulates that user signing is done
- Use the
reference_id
to check the status of the transfer - In the Sandbox the status of the transfer will be
completed
immediately but in production it will have an intermediate status calledprocessing
as the backend will take some time to process the transfer