Collecting your clientās payment authorisation via an online form isnāt always possible or doesnāt match how you would normally interact with your customers.
To help with this, we also offer paper and phone authorisation collection options (subject to regional availability).
Please note: This feature only applies to merchants on our Custom and self-serve Pro packages, and with our Custom Payment Pages feature enabled. If youāre currently on our Standard or Plus package and wish to upgrade, or would like this feature enabled please get in touch.
This page details the steps required for you to collect authorisation this way. Please ensure that you read it and are comfortable with the compliance requirements.
If you're implementing offline mandates for ACH, please follow the instructions on this page.
If you are interested in using one or both of these methods but havenāt yet had this feature enabled on your account, please see here for more information on how to get this set up.
There are two approaches you may take based on your current integration and future plans.
Core Endpoints: This API supports bank debit features. Use it if you are already integrated with it and donāt intend to implement Instant Bank Pay..
Billing Requests API: This is our newest API, which supports both bank debit and open banking use cases. Use it if you intend to build open banking functionality in future.
Whenever you create a Billing Request, it will have a list ofĀ actionsĀ that require completion before itās possible to fulfil the request.
The possible actions are:
choose_currency, have the payer choose from a list of supported currencies
collect_customer_details, collect customer details required for the schemes
collect_bank_account, create the bank account for the mandate/payment
confirm_payer_details, confirm customer and bank account details provided by the payer
Once all required actions have been completed, the Billing Request will becomeĀ ready_to_fulfil, and an integrator can use theĀ fulfilĀ action to create all associated resources.
When creating a Billing Request, the response will show you which actions you need to implement to complete it. We will also go through the actions you need to implement in the following steps.
The actions presented on a Billing Request are unordered, but each action may have dependencies, or have other actions depending on it.
These are specified in the fieldsĀ completes_actionsĀ andĀ requires_actions.
ActionĀ statusĀ is eitherĀ pendingĀ orĀ completed.
requires_actions: Actions can only be executed if the actions listed inĀ requires_actionĀ have been completed- in this example, we can't complete collect_customer_details until we've chosen the currency.
completes_actions: Actions can complete other actions, which can help streamline checkout flows. In this example, collect_customer_details does not complete any other action as a side effect.
For offline mandates, we suggest building the flow that process the actions in the order of:
collect_customer_details, requires the choose_currency action to be completed but this will be completed automatically when creating the ACH mandate via the Billing Request create API
collect_bank_account, collect the customer's bank account details
confirm_payer_details, as a scheme compliance rule it is required to crosscheck the details entered and confirm them
Create a Billing Request that specifies the type of mandate you wish to create via the mandate_request field. In this example, we are specifying the scheme as ACH which will default the currency to USD.
For ACH specific mandates, you can provide the authorisation_source field to create an offline mandate. The authorisation_source field specifies the way in which the payer gave authorisation to the merchant. This is sometimes referred to as SEC code. This field takes values of either telephone, paper or web.
Billing Requests aim to create billing resources against a customer, either a mandate (Direct Debit, PayTo or VRPs), an Instant Bank Payment, or both.
Payment schemes vary in what customer details you are required to collect. TheĀ collect_customer_detailsĀ action is about collecting all the details required by either the mandate or the payment scheme, to ensure we meet regulatory needs.
As an example, we can created a Billing Request for ACH scheme:
TheĀ collect_customer_details.incomplete_fieldsĀ object tells us what fields we need to collect, for both resources. Which fields are required changes depending on the schemes of the mandate (or payment).
For online mandates with "authorisation_source": "web", you will need to provide payer's ip_address as a result of their completion of a mandate setup flow in their browser.
For paper and telephone mandates, you will still need to provide an ip_address in the customer_billing_detail, however, this can just be a dummy ip_address (e.g. 192.0.0.0).
The collect_customer_details action is now completed, meaning we can move on to other actions
As a result of us collecting the details, our customer and customer_billing_detail has been populated with the details we collected
Most integrators will collect these details via web forms, filled by their payers. Integrators are expected to build forms that can collect all possibleĀ customerĀ andĀ customer_billing_detailĀ fields (see theĀ Collect customer detailsĀ schema) but only display the inputs required, as perĀ incomplete_fields.
Depending on the scheme, we might need to collect bank account details before fulfilling the Billing Request. An example is a Direct Debit mandate, where we need to capture the payerās bank in order to create Direct Debit payments against them.
As an example, we created a Billing Request for ACH scheme:
As with all action endpoints, the response is the Billing Request. What we get back is:
1{2"billing_requests":{3"id":"BRQ123",4"status":"pending",5"mandate_request":{6"currency":"USD",7"scheme":"ach",8"authorisation_source":"telephone"9},10"links":{11"customer":"CU00016WDAM7BS",12"customer_billing_detail":"CBD000010P52VRF",13"customer_bank_account":"BA123",14"organisation":"OR123"15},16"actions":[17{18"type":"collect_bank_account",19"required":true,20"completes_actions":[21"choose_currency"22],23"requires_actions":[],24"status":"completed"25},26 ...,27],28"resources":{29"customer_bank_account":{30"id":"BA123",31"created_at":"2021-04-08T15:30:36.019Z",32"account_number_ending":"56",33"account_holder_name":"FRANK OSBORNE",34"account_type":"checking",35"bank_name":"Community Federal Savings Bank",36"currency":"USD",37"country_code":"US",38"metadata":{},39"enabled":true,40"links":{41"customer":"CU00016WDAM7BS"42}43}44}45}46}
Note that:
The collect_bank_account action is now completed, meaning we can move on to other actions
As a result of us collecting the bank account, we have created a customer_bank_account resource and you can see the links.customer_bank_account ID has been set
As part of scheme compliance, we need to ensure the payer was presented with a confirmation screen before fulfilling the Billing Request. All mandate requests will require this action.
As an example, we created a Billing Request for ACH scheme:
