The APIs will allow the initiation of a payment from any payment account to another payment account in Europe, held by any reachable ASPSP provided the account holder has given his explicit consent as is stipulated by the Payment Services Directive 2 (PSD2).

Consent from the Payment Service User (PSU) can be arranged in multiple ways. The TPP solution makes a distinction between the Redirect, Decoupled and Embedded flow. An example from each of these flows is visible below in sequence diagrams. These are just examples, a specific ASPSP might require other steps. The TPP solution will always indicate in the responses toward the Initiating party which step has to be performed next.

Additional information about the API's:

1. Post payments:
After the PSU has selected its bank from the Reach Directory, the Initiating Party will start a payment initiation request via the TPP solution towards the PSU’s ASPSP (see menu-item: API services - XS2A - Reach Directory). This is the first API call in the message flow. Depending on the authentication method the PSU will be redirected to the ASPSP website or a decoupled device for authentication and granting consent.

2. Get payments/status:
Based on the payment Status Check Request from the Initiation party, the TPP solution will check the Payment Status with the ASPSP.

3. Post payments/confirmation:
This API call is sometimes required by ASPSPs to proceed with payment. This follows from the Status Response from the ASPSP.

Redirect flow

Decoupled flow

Embedded flow