Each time a user in the European Economic Area (EEA) wants to transfer funds, you must authenticate them using SCA. To do so:
- Initiate authentication.
- Initiate the transfer using the
sdkOutput
that you got when you checked the device eligibility. - Authenticate your user with the Authentication SDK.
- Finalize the transfer using the
sdkOutput
from the authentication step.
Requirements
- Make sure that you have installed the Authentication SDK.
Make sure that you have registered a device for your user. - Make sure that your API credential has the following role:
- TransferService Webservice Initiate role
Initiate authentication
Before initiating a transfer, you must initiate the process to authenticate your users.
The following tabs explain how to initiate authentication using Kotlin or Swift.
You will use the sdkOutput
when initiating the transfer.
Initiate transfer
Let's assume that your user chooses to make a funds transfer. To start the transfer:
-
Make a POST /transfers request, specifying the following parameters in the header:
Parameter Type Description WWW-Authenticate
Header SCA realm
: Transfer.auth-param1
: Base64-encoded value of sdkOutput you get when you initiate authentication.amount Body The amount of the transfer. category Body Set to internal. description Body A human-readable description for the transfer. balanceAccountId Body The unique identifier of the source balance account. reference Body A reference of the transfer, only used internally within your balance platform. referenceForBeneficiary Body A reference that is sent to the recipient. counterparty.balanceAccountId Body The unique identifier of the target balance account. -
Verify that the response header contains the following fields:
status
: 401auth-param1
: Base64-encoded blob of data. You will needauth-param1
when you authenticate your user.
-
Verify that the response body contains the following fields:
amount
: An object containing the amount and currency of the funds that will be transferred.counterparty
: An object containing information about the counterparty that will receive the funds.
You must show this data to your user when you authenticate your user.
-
Pass
auth-param1
to the SDK.
Authenticate user
When authenticating your user, PSD2 requires you to show to your user the amount and the counterparty (payee) of the transfer that the user is authenticating for. To comply with these regulations, we recommend that you implement a push notification and use the amount
and counterparty
fields from the response in the previous step.
To authenticate your user with the Authentication SDK:
-
Trigger the SDK to start user authentication and pass the
auth-param1
value from the previous step assdkInput
. -
Pass
sdkOutput
to your server.
Finalize transfer
To finalize the transfer:
-
Make a POST /transfers request, specifying the following parameters:
The parameter values must match the ones submitted to the
/transfers
endpoint previously when initiating the transfer.Parameter Type Description WWW-Authenticate
Header SCA realm
: Transfer.auth-param1
: Base64-encoded value of sdkOutput you get when you initiate authentication.amount Body The amount of the transfer. category Body Set to internal. description Body A human-readable description for the transfer. balanceAccountId Body The unique identifier of the source balance account. reference Body A reference of the transfer, only used internally within your balance platform. referenceForBeneficiary Body A reference that is sent to the recipient. counterparty.balanceAccountId Body The unique identifier of the target balance account. -
Verify that the response header contains
status
authorised. This means that the authentication and the transfer request were successful.
The following example shows a response for a successful funds transfer.