Marketplace icon

SCA for funds transfers

Learn how to use our Authentication SDK to authenticate your users before they transfer funds.

Each time a user in the European Economic Area (EEA) wants to transfer funds, you must authenticate them using SCA. To do so:

  1. Initiate authentication.
  2. Initiate the transfer using the sdkOutput that you got when you checked the device eligibility.
  3. Authenticate your user with the Authentication SDK.
  4. Finalize the transfer using the sdkOutput from the authentication step.

Requirements

Initiate authentication

Before initiating a transfer, you must initiate the process to authenticate your users.

The following tabs explain how to initiate authentication using Kotlin or Swift.

You will use the sdkOutput when initiating the transfer.

Initiate transfer

Let's assume that your user chooses to make a funds transfer. To start the transfer:

  1. Make a POST /transfers request, specifying the following parameters in the header:

    Parameter Type Description
    WWW-Authenticate Header SCA realm: Transfer.
    auth-param1: Base64-encoded value of sdkOutput you get when you initiate authentication.
    amount Body The amount of the transfer.
    category Body Set to internal.
    description Body A human-readable description for the transfer.
    balanceAccountId Body The unique identifier of the source balance account.
    reference Body A reference of the transfer, only used internally within your balance platform.
    referenceForBeneficiary Body A reference that is sent to the recipient.
    counterparty.balanceAccountId Body The unique identifier of the target balance account.
  2. Verify that the response header contains the following fields:

    • status: 401
    • auth-param1: Base64-encoded blob of data. You will need auth-param1 when you authenticate your user.
  3. Verify that the response body contains the following fields:

    • amount: An object containing the amount and currency of the funds that will be transferred.
    • counterparty: An object containing information about the counterparty that will receive the funds.

    You must show this data to your user when you authenticate your user.

  4. Pass auth-param1 to the SDK.

Authenticate user

When authenticating your user, PSD2 requires you to show to your user the amount and the counterparty (payee) of the transfer that the user is authenticating for. To comply with these regulations, we recommend that you implement a push notification and use the amount and counterparty fields from the response in the previous step.

To authenticate your user with the Authentication SDK:

  1. Trigger the SDK to start user authentication and pass the auth-param1 value from the previous step as sdkInput.

  2. Pass sdkOutput to your server.

Finalize transfer

To finalize the transfer:

  1. Make a POST /transfers request, specifying the following parameters:

    The parameter values must match the ones submitted to the /transfers endpoint previously when initiating the transfer.

    Parameter Type Description
    WWW-Authenticate Header SCA realm: Transfer.
    auth-param1: Base64-encoded value of sdkOutput you get when you initiate authentication.
    amount Body The amount of the transfer.
    category Body Set to internal.
    description Body A human-readable description for the transfer.
    balanceAccountId Body The unique identifier of the source balance account.
    reference Body A reference of the transfer, only used internally within your balance platform.
    referenceForBeneficiary Body A reference that is sent to the recipient.
    counterparty.balanceAccountId Body The unique identifier of the target balance account.
  2. Verify that the response header contains status authorised. This means that the authentication and the transfer request were successful.
    The following example shows a response for a successful funds transfer.