Overview

MDD is our pan European Direct Debit offering that can be used for billers, subscriptions, payment-plans etc.
Direct debit combines the creation of mandates that are approved by the consumer and the pull payment performed by the merchant. In eg the Eurozone, the mandate is an abstraction while in SE/UK there exists a mandate in the scheme, however using our api the abstraction of the mandate is represented with an accountId (see futher down the docs for the description).

Concepts and back-ground

Rails like BACS, Bankgiro, Sepa DD have been around for quite a long time. Trustly combines these rails with open-banking to make the consumer journey as seamless and safe as one can onboarding onto these schemes.

Direct debit combines the creation of mandates that are approved by the consumer and the pull payment performed by the merchant. It also includes push, but with push, no mandate is required.

While integrating Trustly’s MDD service, it’s important to understand how to handle the notifications (link to notifications overview) and how they correlate to the order. If this is the first integration, please read the overview, cancel, pending, account notifications. There are a few additional attributes that MDD introduces, but in general an account notification is the same with all products.

A few important parameters are UUID which is how Trustly manages idempotency, if you reuse it you may get strange error messages if you change the content of the payload, please only re-use it if you didn’t get a response (timeout or a 500). MessageID which must be unique for each order, this can be seen as your own transaction id(sent in notifications along with the orderId). You either identify the notification based on the MessageID or on the OrderID. EndUserID should be your representation of the consumer in your system, can be an email, UUID or similar, but this is the consumer you will be charging.

Typically, you will have an order for a successfully setup mandate, when the mandate changes or if e.g. it fails to set up, a notification is sent by Trustly. This notification will refer to the order that you as a merchant received when creating the order. It’s important to note that in some rare cases, a notification may not be received by you in the same order as it was sent (e.g. retries due to network issues, being sent almost simultaneously etc). Please read this section carefully around how to manage this in the MDD service.
It’s also important to understand that the type of notification and the order is of importance, e.g. a cancel notification may mean different things for a debit or a mandate setup order.

The MDD service is using the following notifications which must be implemented: cancel, account, pending, batch, credit and debit. Please note that for credit and debit, it's referring to the merchant's side of things, eg when merchant's balance is increased a credit notification is sent and when the merchants balance is decreased a debit notification is sent.

Scheme details

This is just a short description of how the different schemes work and it's of importance of knowing the differences even though it's one api for all of them. For futher info, please contact your bank or

Cut-off times

As with the nature of direct debit, or all payments where there is no instant scheme, cut-off times are of importance to understand when the funds get's pulled from the consumers account and when one can expect the funds to arrive, it's not always the same day.

See the table below for the cut-off times, note that only banking days are accounted for.

SchemeCut-offPaymentDay
BACS(UK)19:00 UTCT+2, meaning if you submit the instruction before cut-off, the funds will leave the end-user's account on day-3. Submitting it at 18:00 UTC on a Friday, means that the funds leave end-user account on Tuesday. Your account will also be credited on Tuesday.
Bankgiro(SE)16:00 UTCT+1, meaning if you submit the instruction before cut-off, the funds will leave the end-user's account on day 2. Submitting it at 16:00 UTC on a Friday, means that the funds leave end-user account on Monday. Your account will also be credited on Monday.
SepaDD(€-zone)22:00 UTCT+2, meaning if you submit the instruction before cut-off, the funds will leave the end-user's account on day-2. Submitting it at 22:00 UTC on a Friday, means that the funds will leave the end-user account on Tuesday. Your virtual-account will also be credited the same day.

BACS

In UK, we're acting as a bureau which means that the funds will land on an account owned by you as a merchant and Trustly acts as a technical provider. You will need to provide us with your SUN number and we'll provide you with a Bureau number. Please speak to your account manager for more on this.

The bacs payment scheme has been around since the 1970:s and has its peculiar properties. In the scheme, there's no information about successful instructions, only the failed ones are reported back. The scheme is aware of the mandate, eg it's registered within the scheme. It's also important to know about the Advanced notification period, and typically it's 10 days but can be negotiated with the bank. If it's 10 days, this means that one will have to wait 10 days after the mandate has been setup before a debit instruction can be sent.

It's important to understand the BACS 1-2-3 schedule and how it also works for non successful instructions taking it to a BACS 1-2-3-4-5 schedule.

For the normal, happy case

  1. Submission day - this is the day that the file with instructions are submitted into the scheme.
  2. Instruction day - this is the day that bacs informs the debtor and creditor bank about the instruction
  3. Payment day - this is the day that the payment takes place, your bank account get's credited and the end-user's account gets debited.

For the case where there is an error, there's still the 1-2-3 going on, but day-3 also becomes day-1 for the reversal.

  1. Submission day
  2. Instruction day
  3. Payment day, but also submission day for the reversal. Reason here is that your account will be credited in the lump-sum, but a separate debit will also take place.
  4. Instruction day, informing debtor and creditor bank about the transfer
  5. Payment day, the funds are taken from your account and end-user's account get's credited.

As of this long schedule, and also as some banks are slower on reporting, finding out that the instruction was really successful, one must wait 7 days to be sure. However, this can be configured on behalf of your need and eg sending the credit notification on day-3 you must be aware that the debit notification may arrive on day-7.

Bankgiro

Most of the times when we refer to bankgiro, we're actually referring to Autogiro but as we're also using other parts, bankgiro is the umbrella for the different services bankgirot provides. Sometimes also Autogirot is mentioned like bg Autogiro.

In SE, we're acting as a bureau which means that the funds will land on an account owned by you as a merchant and Trustly acts as a technical provider. You will need to provide us with your BankGiro number and we'll provide you with a Service Bureau Number. Please speak to your account manager for more on this.

Bankgiro is also an old scheme but works a bit different from BACS. The scheme sends information both around the successful and unsuccessful instructions and it's faster. Mandates are also registered within the scheme and a similar thing as the advance notification period exists, after the mandate is registered it have to pass 5 days before a debit instruction can be sent using the mandate. There may be other timelines that your bank will apply to you as a merchant.

Sepa DirectDebit

In the euro-zone, we're not a service bureau in the same way, and collection of funds happen via Slimpay. You will need to be onboarded with Slimpay and have your own CID. Please speak to your account manager for more on this.

In the Sepa DirectDebit, there's actually no real mandate registered within the scheme and hence not really an advanced notification period. After setting up the mandate, a debit instruction may be sent right away.

As an equivalent mechanism however, there's a "No questions asked" mechanism available meaning that the end-user can revert the payment within the bank without any interference from the banks hence it becomes important that the end-user is aware of why the funds where deducted and also to whom. This we solve by making sure the end-user has access to the account when setting it up, the CID is merchant specific and the virtual account is used for collecting the funds.

General notification information

Notifications are very central to the service and without handling them properly, your service will malfunction. Please make sure to handle the different notifications and also note the differences in parameters based on which context they are used from, eg a credit notification for a refund contains information to distinguish it from the credit notification for the direct-debit.

Please also note that when validating the signatures for notifications, you need to validate it with Trustly's public key as it's signed by Trustly's private key. This is in a way the other way around as when it comes to the requests you make. When signing the response, you use your own private key and Trustly is using your public key to validate the response.

If you are not able to handle the notification (not sending a valid response), Trustly will re-trigger the notifications for a period of time.

📘

Valid response to all notifications

The only valid response allowed to notification calls is "OK" and with a signature

StatusDescription
OKThe only valid response to notification, if you couldn't handle the notification you may respond with anything else, eg failure or even a http-500 status.

Example

{
    "result": {
        "signature": "D5FjuMqf3H0Ku ... S16VbzR5v==",
        "uuid": "<the uuid for the notification received>",
        "method": "<the method of the notification>",
        "data": {
            "status": "OK"
        }
    },
    "version":"1.1"
}

Process overview

Below is a generic diagram on how direct debit works.

Mandates, enabling direct debits

A mandate is a representation of an agreement between the end-user and the merchant for pulling funds out of the end-user's account based on the agreement for the service.

DirectDebitMandate

Create a direct debit mandate. This will return a url that the end-user should be redirected to. Once the end-user completes the flow, the end-user will be redirected to the success-url and notifications will be sent accordingly. If done in a physical environment, an operator can collect the details on an iPad and start the setup process which the consumer can finish by reading the QR-Code with the camera on their mobile device to complete the setup of the mandate.

Request parameters

DescriptionRequiredTypeExample
methodThe method to be calledYesTextDirectDebitMandate
versionThe api versionYesText1.1
params
SignatureThe Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialisation of the Data{} object].YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
UUIDThe unique identifier for the request.YesText258a2184-2842-b485-25ca-293525152425
DataDescriptionRequiredTypeExample
UsernameThe username, should be received when onboarding.YesTextjoe
PasswordThe password, should be received when onboarding.YesTextsecret
MessageIDYour unique ID for for the order in your system. This is to manage idempotency at the application layer.YesText12345678
NotificationURLThe URL to which notifications for this mandate should be sent to. Please note that this must use the https scheme and the ssl certificate must be valid. Please also note that post must be any of 443 and 8443 YesTexthttps://your_nofitication_url
EndUserIDID, username, hash or anything uniquely identifying the end-user requesting the deposit. This basically identifies the mandate as well.

[Sepa-DD] This field is limited to 35 characters
[BACS/Bankgiro] This field is limited to 63 characters
YesText123123
Attributes
AccountIDThe AccountID retrieved from a previous payment or an account select. If set, the bank selection and login to the bank is not needed.NoText1234567890
MerchantReferenceThis parameter in a way identifies the mandate you are to setup. If it's already used, you will receive an error, ERROR_MERCHANT_REFERENCE_ALREADY_EXISTS
which basically informs you that there's already a mandate with that reference.

[BACS]: The unique mandate reference. 6 - 10 characters consisting of A-Z and 0-9. Can not begin with DDIC and neither consists of the same characters, eg. AAAAAAA.
[Bankgiro]: The unique mandate reference. This must be numeric and unique for the payer, eg nationalId or similar can be used. Format needs to follow regexp [1-9][0-9]{5-15}
[SEPA-DD]: The unique mandate reference. This must be unique for the end-user for you as a merchant. Format needs to follow regexp [0-9,a-z,A-Z]{10-35}
YesText (6-11)123ABC0123
CountryThe country where the mandate is to be created.YesTextGB
FirstnameThe first name of the end user.
[BACS]: Only mandatory if manual entry should be enabled.
[Bankgiro]: Mandatory
[Sepa-DD]: Mandatory
Yes/NoTextJohn
LastnameThe last name of the end user.
[BACS]: Only mandatory if manual entry should be enabled.
[Bankgiro]: Mandatory
[Sepa-DD]: Mandatory
Yes/NoTextDoe
EmailThe email address of the end user.YesText[email protected]
MobilePhoneThe mobile phone number of the end-user in international format. The format of the number should be in +xxxx, eg +46703000000 for a swedish phone.
[BACS/Bankgiro] Optional
[Sepa-DD]For manual entry in the sepa region, the mobile number is mandatory and an OTP is sent to the phone in order to complete the mandate setup.
Yes/NoText+46709876543
SuccessURLThe URL to which the end-user should be redirected after a successful mandate creation.YesTexthttps://your_success_page
FailURLThe URL to which the end-user should be redirected after a failed mandate creation.YesTexthttps://your_fail_page
DateOfBirthThe end-user's date of birth in the format yyyy-MM-dd. Only applicable for BACS(GB).

[BACS]:For manual entry, adding this makes scoring better.
Yes/NoText1972-05-17
NationalIdentificationNumberThe national identification number.Format is yyyyMMddxxxx. Only applicable for Bankgiro(SE)

[Bankgiro]: To preset the nationalId to use for setting up the mandate. To make the end-user journey smooth, please use this parameter.
NoText197105130355
UnchangeableNationalIdentificationNumberOnly applicable for Bankgiro(SE)
[Bankgiro]If the nationalId should be locked to the value of NationalIdentificationNumber, then set this to 1 or omit the parameter (you may set it to 0 as well).
NoText1
PaymentScheduleIf the payment plan is known in advance, this information is displayed when approving the mandate.NoJSON{Currency:"EUR", Payments:[{Date: "2023-01-01" Amount: "100.50"}]}
AddressLine1[BACS]:If flat and building is available, then use that for this field. If there's no flat/building at all, then use the street and number. Note that without AddressLine1, manual entry will be disabled.
[Bankgiro]: Not mandatory
[SepaDD]: Mandatory
Yes/NoText12 Osborne Rd
AddressLine2[BACS]:If there are flat and building information, then use addressLine2 for the street and number. Note that without AddressLine1, manual entry will be disabled.
[Bankgiro]: Not mandatory
[SepaDD]: Optional and depends on the country if needed.
Yes/NoText
AddressCityThe city of the end user. Same rules as with address line appliesYes/NoTextLuton
AddressPostalCodeThe postal code of the end user. Same rules as with address line appliesYes/NoTextLU1 3HJ
AddressCountryThe country-code of the end user. Same rules as with address line appliesYes/NoTextGB
LocaleThe desired language for the mandate creation.NoTexten_GB
ThemeWhether light or dark theme should be used. DARK, LIGHT or DEFAULT. For default, the web-browser settings will be used.NoText
ReturnToAppURLPlease note that when rendering the Trustly mandate request from a native app you are required to pass your application's URLScheme as an attribute to the mandate initiation request. By doing so, Trustly can redirect users back to your app after using external identification apps such as Mobile BankID: Please visit this link for more info. It must not be included for transactions that are not originating from an app.NoTextyourCustomURLScheme://
ShopperStatementThis is how the mandate will appear on the bank for BACS.
[BACS] Max 18 chars and will be converted to upper case. If missing, your merchant name will be used.
[SEPA],[Bankgiro] Not supported (eg parameter is ignored)
NoTextMyCompany
URLTargetThe html target/framename of the SuccessURL. Only _top, _self and _parent are suported.NoText
UseManualEntry1 to enable manual entry
0 to disable manual entry
If not supplied then fallback to configuration set for merchant
NoText1
MethodIf you want to set the bank to use or eg ManualEntry. For bank code, make sure the code is valid for the countryNoTextMANUAL_ENTRY,
HAND, SWED, BARC, BELA, AGRI, ....

Response parameters

Please note that for native app integrations, append the query parameter "IsNative=true" to the url before launching it to make the application aware that it lives within a native app. Also, it's important that you do use the ReturnToAppUrl when creating the order and intend to use it in a native app.

DescriptionRequiredTypeExample
versionThe api versionYesText1.1
result
methodThe method, DirectDebitMandateYesTextDirectDebitMandate
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe uuid for the requestYesTexta231a-.....-123123
dataDescriptionTypeExample
orderidThe id for the order createdText87654567
urlThe url for the end-user, please see our general guidelines around iFraming, nativeApps etc for best usabillity. In general, never iFrame the url for mobile devices.Texthttps://checkout.trustly.com/mdd/

Example request

{
  "method": "DirectDebitMandate",
  "params": {
    "Data": {
      "Username": "merchant_username",      
      "Password": "merchant_password",
      "MessageID": "your_unique_order_id",
      “EndUserID”: "unique_end_user_id",
      "NotificationURL": "https://URL_to_your_notification_service",
      "Attributes": {
        "AccountID": "12345678",
        "MerchantReference": "1234567890123",
        "Country": "GB",
        "Firstname": "Steve",
        "Lastname": "Smith",
        "Locale": "en_GB",
        "Email": "[email protected]",
        "MobilePhone": "+46709876543",
        "SuccessURL": "https://example.com/success",
        "FailURL": "https://example.com/fail",
        "AddressLine1": "74 Oxford Rd",
        "AddressLine2": "",
        "AddressCity": "Drighlington",
        "AddressPostalCode": "BD11 2YJ",
        "AddressCountry": "GB",
        "ReturnToAppURL": "yourCustomURLScheme://"
      }
    },
    "Signature": "Hh+sfaUnbtMKW[...]9YngA9bTpiqxw==",
    "UUID": "258a2184-2842-b485-25ca-293525152425"
  },
  "version": "1.1"
}

Example response

{
    "result": {
        "signature": "R9+hjuMqbsH0Ku ... S16VbzRsw==",
        "uuid": "258a2184-2842-b485-25ca-293525152425",
        "method": "DirectDebitMandate",
        "data": {
            "orderid": "2190971587",
            "url": "https://checkout.trustly.com/mdd/checkout?sessionId=3f9.....377&orderId=8365631872"
        }
    },
    "version": "1.1"
}

CancelDirectDebitMandate

Cancels a direct debit mandate.

Request parameters

DescriptionRequiredTypeExample
methodThe method to be calledYesTextCancelDirectDebitMandate
versionThe api versionYesText1.1
params
SignatureThe Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialisation of the Data{} object].YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
UUIDThe unique identifier for the request.YesText258a2184-2842-b485-25ca-293525152425
DataDescriptionRequiredTypeExample
UsernameThe username, should be received when onboarding.YesTextJoe
PasswordThe password, should be received when onboarding.YesTextsecret
OrderIDThe OrderID returned when creating the direct debit mandateYesText12345678

Response parameters

DescriptionRequiredTypeExample
versionThe api versionYesText1.1
result
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe uuid from the requestYesTexta231a-.....-123123
methodThe method from the requestYesTextCancelDirectDebitMandate
dataDescriptionTypeExample
result1 if the cancel was accepted, 0 otherwise. Note that this does not indicate that the mandate has been removed in the scheme, that happens in a later stage.Text1
rejectedERROR_MANDATE_NOT_FOUND - the mandate does not exist.
ERROR_MERCHANT_REFERENCE_ALREADY_EXISTS - If the merchant reference is already used.
TextERROR_MANDATE_NOT_FOUND

Example request

{
  "method": "CancelDirectDebitMandate",
  "params": {
    "Data": {
      "Username": "merchant_username",
      "Password": "merchant_password",
      "OrderID": "123456789"
    },
    "Signature": "Hh+sfaUnbtMKW[...]9YngA9bTpiqxw==",
    "UUID": "258a2184-2842-b485-25ca-293525152425"
  },
  "version": "1.1"
}

Example response

{
    "result": {
        "signature": "R9+hjuMqbsH0Ku ... S16VbzRsw==",
        "uuid": "258a2184-2842-b485-25ca-293525152425",
        "method": "CancelDirectDebitMandate",
        "data": {
            "result": "0" | "1",
            "rejected": ""
        }
    },
    "version": "1.1"
}

ImportDirectDebitMandate

Importing mandates is usually done when switching from one provider to Trustly and there are currently two scenarios supported, CREATE and REGISTER. The CREATE is used to get the information imported into Trustly's system which does not involve registering the mandate within the scheme. The REGISTER import is used when the mandate is to be re-registered within the scheme.

Notifications are sent in the same way as for creating mandates, eg account notifications and cancel notifications will/can be emitted for the order.

Please note that before importing mandates, you must speak to your account manager as this feature is only available when moving from one provider to another and by default this feature is not enabled.

Request parameters

DescriptionRequiredTypeExample
methodThe method to be calledYesTextImportDirectDebitMandate
versionThe api versionYesText1.1
params
SignatureThe Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialisation of the Data{} object].YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
UUIDThe unique identifier for the request.YesText258a2184-2842-b485-25ca-293525152425
DataDescriptionRequiredTypeExample
UsernameThe username, should be received when onboarding.YesTextjoe
PasswordThe password, should be received when onboarding.YesTextsecret
MessageIDYour unique ID for for the order in your system. This is to manage idempotency at the application layer.YesText12345678
EndUserIDID, username, hash or anything uniquely identifying the end-user. This basically identifies the mandate

[Sepa-DD] This field is limited to 35 characters
[BACS/Bankgiro] This field is limited to 63 characters
YesText123123
NotificationURLThe URL to which notifications for this mandate should be sent to. Please note that this must use the https scheme and the ssl certificate must be valid. Please also note that post must be any of 443 and 8443 YesTexthttps://your_nofitication_url
Attributes
AccountIDThe AccountID representing the account Yes/NoText1234567890
BankNumberThe bank number, when not using the AccountID.
[BACS]: The sort-code
[Bankgiro]: The clearing number
[SEPA-DD]: Not used
Yes/NoText6100 or 612312
AccountNumberThe bank account number, when not using the AccountID.
[BACS]: The account number
[Bankgiro]: The account number
[SEPA-DD]: Not used
Yes/NoText391123112
IBANThe iban when not using the AccountID.
[BACS]: Not used
[Bankgiro]: Not used
[SEPA-DD]: The iban
Yes/NoTextDE1231231231....
MerchantReference[BACS]: The unique mandate reference (core reference). 6 - 10 characters consisting of A-Z and 0-9. Can not begin with DDIC and neither consists of the same characters, eg. AAAAAAA.
[Bankgiro]: The unique mandate reference. This must be numeric and unique for the payer, eg nationalId or similar can be used. Format needs to follow regexp [0-9]{6-16}
[SEPA-DD]: The unique mandate reference. This must be unique for the end-user for you as a merchant. Format needs to follow regexp [0-9,a-z,A-Z]{10-35}
YesText (6-11)123ABC0123
ImportTypeEither one of CREATE, REGISTER or MIGRATE. CREATE does not register the mandate with the scheme and REGISTER does. MIGRATE is used when moving from one provider to another.

SEPA - CreditorIdentifier to another and
BACS - Full volume test, eg moving from paper-mandates to digital
YesTextCREATE
CreditorIdentifierThe old creditor identifier
CountryThe country for the mandate. YesTextGB
FirstnameThe first name of the end user.Yes/NoTextJohn
LastnameThe last name of the end user.Yes/NoTextDoe
EmailThe email address of the end user.Yes/NoText[email protected]
MobilePhoneThe mobile phone number of the end-user in international format.NoText+46709876543
ShopperStatementThis controls how the mandate appears on the consumer's bank.

[BACS] If the import type is REGISTER, then this will control how the mandate appears on the bank for the consumer
[Bankgiro/SepaDD] Not available
NoTextMusicStore
NationalIdentificationNumberThe national identification number.Format is yyyyMMddxxxx. Only applicable for Bankgiro(SE)

[Bankgiro]: To preset the nationalId to use for setting up the mandate. To make the end-user journey smooth, please use this parameter.
NoText197105130355
AddressLine1[BACS]:If flat and building is available, then use that for this field. If there's no flat/building at all, then use the street and number. Note that without AddressLine1, manual entry will be disabled.
[Bankgiro]: Not mandatory
[SepaDD]: Mandatory
Yes/NoText12 Osborne Rd
AddressLine2[BACS]:If there are flat and building information, then use addressLine2 for the street and number. Note that without AddressLine1, manual entry will be disabled.
[Bankgiro]: Not mandatory
[SepaDD]: Optional and depends on the country if needed.
Yes/NoText
AddressCityThe city of the end user. Same rules as with address line appliesYes/NoTextLuton
AddressPostalCodeThe postal code of the end user. Same rules as with address line appliesYes/NoTextLU1 3HJ
AddressCountryThe country-code of the end user. Same rules as with address line appliesYes/NoTextGB
UseBatch[SepaDD] When importing mandates and mandate signing is enabled but the import should be on batch and not a single one, eg importing many mandates in a short period of timeNoText1 | 0
Locale[SepaDD] When skipping the checkout, importing directly and mandate signing is in place, locale should be set so that the mandate sent to consumer get's the correct language.NoTextde_DE

Response parameters

DescriptionRequiredTypeExample
versionThe api versionYesText1.1
result
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe uuid from the requestYesTexta231a-.....-123123
methodThe method from the requestYesTextImportDirectDebitManda
dataDescriptionTypeExample
orderidThe orderId for this requestText12312312
result1 if the import was accepted, 0 otherwise. Note that this does not indicate that the mandate has been fully registered. An account notification will be sent to inform about the activation of the mandate.Text1
rejectedReasons for not being able to import the mandate

ERROR_ACCOUNT_NOT_FOUND - AccountID not found
ERROR_IMPORT_MANDATE_NOT_ALLOWED - mandate is not allowed for this account
BANK_ACCOUNT_NUMBER_BLOCKED - account can't be imported as it's blocked.
ERROR_INVALID_ACCOUNT_NUMBER - account is invalid
ERROR_IMPORT_MANDATE_NOT_ALLOWED - importing not allowed
ERROR_MANDATE_ALREADY_EXISTS - An active mandate already exists
ERROR_INVALID_IMPORT_TYPE - Invalid type
ERROR_MERCHANT_REFERENCE_ALREADY_EXISTS - Already exist
ERROR_UNKNOWN - other reasons
TextERROR_UNKNOWN
accountidThe accountID for the imported mandate. Note this is not in the response if the request failsText123123123
directdebitmandateIndication that the mandate is not active or not. For CREATE, typically it will be 1, while for REGISTER/MIGRATE is will be 0. Note this is not in the response if the request failsText0 | 1
bankcodeThe bankcode for the account imported. Note this is not in the response if the request failsTextHSBC, SWED...
descriptorThe account masked, eg ****1234. Note this is not in the response if the request failsText****1234
lastdigitsThe last digits of the account, eg 1234. Note this is not in the response if the request failsText1234
bankidentifierThe sortcode, clearingnumer or BIC depending on market. Note this is not in the response if the request failsText123123
clearinghouseThe clearinghouseTextSweden
bankThe name of the bankTextSwedbank

Example request

{
  "method": "ImportDirectDebitMandate",
  "params": {
    "Data": {
      "Username": "merchant_username",      
      "Password": "merchant_password",
      "MessageID": "your_unique_order_id",
      “EndUserID”: "unique_end_user_id",
      "NotificationURL": "https://URL_to_your_notification_service",
      "Attributes": {
        "AccountID": "12345678",
        "MerchantReference": "1234567890123",
        "ImportType": "CREATE",
        "Country": "GB",
        "Firstname": "Steve",
        "Lastname": "Smith",
        "Email": "[email protected]",
        "MobilePhone": "+46709876543",
        "AddressLine1": "74 Oxford Rd",
        "AddressLine2": "",
        "AddressCity": "Drighlington",
        "AddressPostalCode": "BD11 2YJ",
        "AddressCountry": "GB",
      }
    },
    "Signature": "Hh+sfaUnbtMKW[...]9YngA9bTpiqxw==",
    "UUID": "258a2184-2842-b485-25ca-293525152425"
  },
  "version": "1.1"
}

Example response

{
    "result": {
        "signature": "R9+hjuMqbsH0Ku ... S16VbzRsw==",
        "uuid": "258a2184-2842-b485-25ca-293525152425",
        "method": "ImportDirectDebitMandate",
        "data": {
            "orderid": "123123123",
            "result": "0" | "1",
            "rejected": "",
            "accountid": "123123123",
            "directdebitmandate" : "0",
            "bankcode" : "SWED",
            "descriptor": "******9736",
            "lastdigits": "9736",
            "bankidentifier": "85947",
            "clearinghouse": "Sweden",
            "bank": "Swedbank"
        }
    },
    "version": "1.1"
}

Errors and details for mandates

The information in this section relates to the notifications and describes the different meanings of the detail attribute.

Please note that as far as possible, the details is formatted as scheme error(message), but not that some scheme errors are duplicates in the scheme and we may add eg _01 to the first part.

BACS

For bacs, the first part, eg ADDACS_0 is the same as with the bacs error codes.

📘

Description of detail in cancel notifications

The reason for why a mandate was failed or cancelled can be found in the details.

Format for cancel notification detail:
[SCHEME] [CATEGORY]_[CODE](DESCRIPTION)
BACS ADDACS_0(INSTRUCTION CANCELLED - REFER TO PAYER)
BACS ADDACS_1(INSTRUCTION CANCELLED BY PAYER)
BACS ADDACS_2(PAYER DECEASED)
BACS ADDACS_3(INSTRUCTION CANCELLED, ACCOUNT TRANSFERRED)
BACS ADDACS_B(ACCOUNT CLOSED)
BACS ADDACS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH)
BACS ADDACS_D(ADVANCE NOTICE DISPUTED)
BACS ADDACS_E(INSTRUCTION AMENDED)
BACS ADDACS_R(INSTRUCTION REINSTATED)

BACS AUDDIS_1(INSTRUCTION CANCELLED BY PAYER)
BACS AUDDIS_2(PAYER DECEASED)
BACS AUDDIS_3(ACCOUNT TRANSFERRED)
BACS AUDDIS_5(NO ACCOUNT)
BACS AUDDIS_6(NO INSTRUCTION)
BACS AUDDIS_B(ACCOUNT CLOSED)
BACS AUDDIS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH OF BANK…)
BACS AUDDIS_F(INVALID ACCOUNT TYPE)
BACS AUDDIS_G(BANK WILL NOT ACCEPT DIRECT DEBITS ON ACCOUNT)
BACS AUDDIS_H(INSTRUCTION HAS EXPIRED)
BACS AUDDIS_I(PAYER REFERENCE IS NOT UNIQUE)
BACS AUDDIS_K(INSTRUCTION CANCELLED BY BANK)
BACS AUDDIS_L(INCORRECT PAYERS ACCOUNT DETAILS)
BACS AUDDIS_M(TRANSACTION CODE/USER STATUS INCOMPATIBLE)
BACS AUDDIS_N(TRANSACTION DISALLOWED AT PAYERS BRANCH)
BACS AUDDIS_O(INVALID REFERENCE)
BACS AUDDIS_P(PAYERS NAME NOT PRESENT)
BACS AUDDIS_Q(SERVICE USER NAME IS BLANK)

Bankgiro

For bankgiro, the first part is from the scheme, eg TKXX, while the second part is something we add to make it unique for the scope, _YY for a representation of TKXX_YY(description)

📘

Description of detail in cancel notifications

The reason for why a mandate was failed or cancelled can be found in the details.

Format for cancel notification detail:
[SCHEME] [CATEGORY]_[CODE](DESCRIPTION)

TK73_02(MANDATE CANCELLED BY PAYER OR PAYERS BANK)
TK73_03(ACCOUNT TYPE NOT APPROVED FOR AUTOGIRO)
TK73_04(MANDATE NOT FOUND IN BANKGIROTS MANDATE DIRECTORY)
TK73_05(INCORRECT BANK ACCOUNT OR PERSONAL DETAILS)
TK73_07(CANCELLED REMOVED DUE TO UNANSWERED INQUIRY)
TK73_09(PAYER BANKGIROT NUMBER NOT FOUND AT BANKGIROT)
TK73_10(MANDATE ALREADY REGISTERED IN BANKGIROTS DIRECTORY OR INQUIRY PENDING)
TK73_20(INCORRECT CIVIC NUMBER OR AGREEMENT ON MANDATE BASED ON BANKGIRO NUMBER NOT FOUND)
TK73_21(INCORRECT PAYER NUMBER)
TK73_23(INCORRECT BANK ACCOUNT NUMBER)
TK73_29(INCORRECT PAYEE BANKGIRO NUMBER)
TK73_30(DEREGISTERED PAYEE BANKGIRO NUMBER)
TK73_32(NEW MANDATE)
TK73_33(CANCELLED)
TK73_98(MANDATE CANCELLED DUE TO CANCELLED PAYER BANKGIRO NUMBER)

SepaDD

Currently no errors for SEPA

Mandate notifications

When status of the direct debit mandate changes, ie. when it becomes active, declined, changed or cancelled this is communicated through the account and cancel notification to the NotificationURL submitted when setting up the mandate. Make sure the NotificationURL can receive calls for a long time since mandates lives for a long time.

📘

Activation of mandates

When a consumer has signed the mandate Trustly will send an account notification containing the AccountID and directdebitmandate = 0 that indicates that the mandate is sent for approval. When the mandate is activated Trustly will send a new account notification with the same AccountID and directdebitmandate = 1. The mandate is now active and can be used to send charge. If the mandate for some reason is not approved Trustly will send a cancel notification with a reason.

📘

Deactivation of mandates

If a consumer cancels the mandate in the bank Trustly will send a cancel notification with a reason. In the case where consumer is setting up a new mandate, and the account is configured for only allowing one mandate per account, then the cancel notification will contain the accountId that is already in use.

📘

When consumer change bank

When a consumer changes bank account this is notified via account notification for the mandate order: An account notification is sent with directdebitmandate = 0 with the original accountid indicating deactivation of the mandate. Another account notification with directdebitmandate = 1 with a new accountid indicating activation of the mandate. The orderid is the same for both notifications. The order of the notifications can not be guaranteed.

Please note that this is enabled for UK/Bacs only. In sweden, there is basically no deactivation/activation sent, but the mandate will still be valid even if the consumer switches bank. For SepaDD, there's no mechanism for this.

Example Deactivation notification:

data: {
  ...
	 "orderid":"3473567567",
   "accountid":"1111111111",
   "attributes":
   {
   	"directdebitmandate":"0",
     ...
   }
}

Example Activation notification:

data: {
  ...
	"orderid":"3473567567",
   "accountid":"2222222222",
   "attributes":
   {
   	"directdebitmandate":"1",
     ...
   }
}

Please note that as these notifications may be received in reversed order, hence you must handle the deactivation of accountId and activation of the accountId independently of the order. By this, basically you need to be able to handle multiple accountId's for one order. Please also note that this is only applicable in the UK market, in SE this does not trigger any notifications and with Sepa it's not suppoted at all.

Mandate notification: account

The account notification is used to send information about the mandate and what account information the mandate is afflicted with. Please note that the notification is sent multiple times, eg once mandate is created and then later when it's activated.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, accountYesTextaccount
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesText258a2184-......-293525152425
dataDescriptionTypeExample
orderidUnique ID of the order returned when setting up the mandate.Text87654567
accountidThe AccountID returned when setting up the mandateText1234567890
messageidYour unique ID for for the order in your system. This is to manage idempotency at the application layer.Text123123123
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Textlkj234ljk324
verifiedWhether the account is verified with an SCA. 1 for verified, 0 if not.Text1
attributes
directdebitmandateWhether the direct debit mandate is active or not, 1 for active, 0 for non active.Text1 | 0
countrycodeThe bank countryTextGB
bankcodeThe code identifying the bank.TextHSBC
bankThe name of bankTextHSBC Bank
clearinghouseThe country of bankTextUnited Kingdom
nameName of the account ownerTextJohn Doe
accountnameName of the accountTextSalary account
accountholdersA list of the account owners, more than one if the account is shared.Text["John Doe","Mary Doe"]
descriptorThe masked account number.Text*** 4057
lastdigitsLast digits of the account numberText4057
personidThe nationalId used. Note this only applies for [Bankgiro]Text197010170375
bankidentifierThe branch identifier
[BACS]: Sortcode
[Bankgiro]: Clearing number
[SepaDD]: BIC
Text6160
accountnumberThe account number. Please note that by default this is not sent, contact your sales representative about this.
[BACS, Bankgiro]: The domestic account number
[SepaDD]: The iban.
Text391124057
accountsourceThe source from where the account information comes from. Can be any of
AIS - Account details from AIS
MANUAL_ENTRY - Manually inputed account number
IMPORTED - Account information received in import order
ACCOUNTID - AccountID provided when creating the order
REGISTRATION_SCHEME - If the scheme notifies about a change of account, this only aplies to BACS.
TextAIS

Notification example

{
    "method": "account",
    "params": {
        "signature":"RI1PTmjTgr5Ig1p....AF7ejFUGxwKQ==",
        "uuid": "258a2184-2842-b485-25ca-293525152425",
        "data": {
            "notificationid":"35673567",
            "messageid":"453455465",
            "orderid":"3473567567",
            "accountid":"1234567890",
            "verified":"1",
            "attributes":
            {
                "directdebitmandate":"1",
                "countrycode":"GB",
                "bankcode":"HSBC",
                "bank":"HSBC Bank",
                "clearinghouse":"United Kingdom",
                "name":"John Doe",
                "accountname":"Salary account",
                "descriptor":"**** ***4057",
                "lastdigits":"4057"
            }
        }
    },
    "version": "1.1"
}

Mandate notification: cancel

When a mandate has been cancelled/failed an account cancel notification is sent. Regardless if the consumer cancels the mandate in their bank or if the mandate is cancelled by the merchant. A cancel notification is also sent if the consumer would abort during the mandate setup.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, cancelYesTextcancel
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesText258a2184-......-293525152425
dataDescriptionTypeExample
orderidUnique ID of the order returned when setting up the mandate.Text87654567
messageidYour unique ID for for the order.Text123123
notificationidUnique ID for this notification. Each notification must only be handled once in your system.
attributes
reasonCANCELLED - Either when the consumer cancels in the journey or if you call cancel mandate method.
FAILED - If the underlayig scheme reports failure or cancelation of the mandate
MANDATE_ALREADY_EXISTS - If the mandate already exist
INVALID_ACCOUNT_ID - If the provided accountId was incorrect
TextCANCELLED
accountidIf MANDATE_ALREADY_EXISTS accountid is returnedText1234567890
merchantreferenceIf MANDATE_ALREADY_EXISTS merchantreference is returnedTextTRLY86492
detailsUnderlaying scheme failure, describing the reason, this applies when reason is FAILED: BACS ADDACS_1(INSTRUCTION CANCELLED BY PAYER)Text

Notification example

{
    "method": "cancel",
    "params": {
        "signature":"RI1PTmjTgr5Ig1p....AF7ejFUGxwKQ==",
        "uuid": "258a2184-2842-b485-25ca-293525152425",
        "data": {
            "orderid":"3473567567",
            "messageid":"453455465",
            "notificationid":"35673567",
            "attributes":
            {
                "reason":"FAILED",
                "details":"BACS ADDACS_1(INSTRUCTION CANCELLED BY PAYER)",
                "accountid":"1234567890",
                "merchantreference":"TRLY86492",
            }
        }
    },
    "version": "1.1"
}


Debiting end-user

Debiting the end-user is done with the DirectDebit instruction.

DirectDebit

This method is used to debit the end-user, please note that an active mandate is mandatory for this operation. Once the end-user has been debited a credit notification is sent, eg merchant account is credited.

Request parameters

DescriptionRequiredTypeExample
methodThe method to be called, DirectDebitYesTextDirectDebit
versionThe api versionYesText1.1
params
SignatureThe Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialization of the Data{} object].YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
UUIDThe unique ID of the requestYesText123awdfawd-.....-12123
DataDescriptionRequiredTypeExample
UsernameThe username, should be received when onboarding.YesTextjoe
PasswordThe password, should be received when onboarding.YesTextsecret
MessageIDYour unique ID for for the order in your system. This is to manage idempotency at the application layer.YesTextasdfasdfasdfasdf
NotificationURLThe URL to which notifications for this charge should be sent to.YesTexthttps://your_nofitication_url
AccountIDThe AccountID used to create the direct debit mandateYesText1234567890
MerchantReferenceThe mandate identification, used when multiple mandates are used for the same accountId. This is only valid for Bacs and Bankgiro.
If this is not sent, the payment will fail if more than one mandate exist for this account.
NoTextASDF123121221
AmountThe amount to charge. See format in Currencies Only digits. Use dot (.) as decimal separator. Note that 98.5 is not a valid amount. The following examples are valid formats 98.50. 98.00 and 98.YesText98.02
CurrencyThe currency, ISO 4217 alphabetic code.YesTextGBP
Attributes
CollectionType[BACS]: For the bacs scheme, one can send any of INITIAL, RECURRING, RE_SUBMITTED and FINAL. Please refer to the bacs handbook if you need these. By default, Trustly will manage these by using INITIAL and RECURRING unless the mandates are imported. If you need to control this, you must set it for all requests.NoTextINITIAL
PaymentDateThis date will be sent to the payment institutions to set what date the payment actually will be performed.
Format is as: YYYY-MM-DD

[Bacs]Date needs to be no longer than 28 days ahead of current day. If the date is too near in time, PaymentDate will be ignored and the payment will be done as soon as possible.If date is beyond 28 days the instruction will be rejected.
[Bankgiro] Date needs to be within two years from current date. If the date is too near in time it will be ignored and if it's beyond 2 years it will be rejected.
[Sepa] Date needs to be within two years from current date. If the date is too near in time it will be ignored and if it's beyond 2 years it will be rejected.
NoText2023-01-27
ShopperStatementFor the markets that we support this, this is what the consumer will see on the account statement for the debit. It works a bit differently and appears differently from bank to bank, but it's visible when checking the transaction.
[Bankgiro] Not supported (will be ignored)
[BACS]This is limited to 18 characters ahd should typically describe what the consumer is buying.
[Sepa] This is limited to 140 characters and should typically describe what the consumer is paying for.
NoTextInvoice-23231

Response parameters

DescriptionRequiredTypeExample
versionThe versionYesText1.1
result
methodThe method, same as for the request DirectDebitYesTextDirectDebit
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe uuid from the requestYesText258a2184-......-293525152425
dataDescriptionTypeExample
orderidUnique ID of the created orderText87654567
result1 if the charge was accepted for processing, 0 otherwise. Note that this is an acceptance of the order, no money has been charged from the account until you receive notifications thereof.Text1
rejectedThe following errors reasons:

- ERRORMANDATE_NOT_FOUND - No matching active accountId
- ERROR_DIRECT_DEBIT_NOT_ALLOWED - Account not properly configured
- ERROR_PAYMENT_DATE_FAILURE - Payment date is invalid
- ERROR_AMOUNT_FAILURE - Amount is invalid or not within the configured range
- ERROR_CURRENCY_FAILURE - The mandate doesn't support the currency
- ERROR_COLLECTION_TYPE_FAILURE - Invalid collection type
TextERROR_MANDATE_NOT_FOUND

Example request

{  
   "method":"DirectDebit",
   "params":{  
      "Signature":"f4ThjuMqbsdG6u ... S16VbzD4h==",
      "UUID":"258a2184-2842-b485-25ca-293525152425",
      "Data":{  
         "Username":"merchant_username",
         "Password":"merchant_password",
         "MessageID":"your_unique_order_id",
         "NotificationURL":"https://URL_to_your_notification_service",
         "AccountID":"1234567890",
         "Amount":"25.00",
         "Currency":"GBP",
         "Attributes":{  
            "PaymentDate":"2022-11-17"
         }
      }
   },
   "version":"1.1"
}

Example response

{
  "result": {
     "method":"DirectDebit",
     "uuid":"258a2184-2842-b485-25ca-293525152425",
     "data":{  
        "result":"1",
        "rejected":"",
        "orderid":"1234512345"
     },
     "signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA=="
  },
  "version": "1.1"
}

CancelDirectDebit

Cancels a direct-debit instruction. Please note that canceling a future debit must be submitted 1-2 banking-days ahead of the payment date.

Request parameters

DescriptionRequiredTypeExample
methodThe method to be called, CancelDirectDebitYesTextCancelDirectDebit
versionThe api versionYesText1.1
params
SignatureThe Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialization of the Data{} object].YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
UUIDThe unique id of the requestYesTextadsfads.......
DataDescriptionRequiredTypeExample
UsernameThe username, should be received when onboarding.YesTextJoe
PasswordThe password, should be received when onboarding.YesTextsecret
OrderIDThe OrderID returned when creating a DirectDebitYesText123234123
PaymentMessageIDThe messageId for the payment in the batch. Note that when the instruction was given in the batch, the orderId will be for the entire batch and this field is identifying the debit in the batch-file. This is only valid if the order is a batch-order and shall not be provided if there is one order for the debit.Yes/NoTextsomeUniqueId

Response parameters

DescriptionRequiredTypeExample
versionThe versionYesText1.1
result
methodThe method, same as for the request CancelDirectDebitYesTextCancelDirectDebit
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe uuid from the requestYesText258a2184-......-293525152425
dataDescriptionTypeExample
result1 if the cancel was accepted, 0 otherwise.Text1
rejectedERROR_CHARGE_NOT_FOUND - the OrderId does not exist. ERROR_CHARGE_ALREADY_PROCESSED - the charge has already been processed in the scheme (e.g. BACS) and can not be cancelled.
ERROR_CHARGE_IN_PROGRESS - The charge is in progress and can't be canceled.
TextERROR_CHARGE_NOT_FOUND

Example request

{  
   "method":"CancelDirectDebit",
   "params":{  
      "UUID":"258a2184-2842-b485-25ca-293525152425",
      "Data":{  
         "Username":"merchant_username",
         "Password":"merchant_password",
         "OrderID":"1234512345",
      },
      "Signature":"f4ThjuMqbsdG6u ... S16VbzD4h=="     
   },
   "version":"1.1"
}

Example response

{  
  result: {
    "method":"CancelDirectDebit",
    "uuid":"258a2184-2842-b485-25ca-293525152425",
    "data":{  
       "result":"1",
       "rejected":"",
    },
    "signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA=="
  },
  "version":"1.1"
}

Errors and details for debiting

The information in this section relates to the notifications and describes the different meanings of the detail attribute.

Please note that as far as possible, the details is formatted as scheme error(message), but not that some scheme errors are duplicates in the scheme and we may add eg _01 to the first part.

BACS

For bacs, the first part, eg AUDDIS_1 is the same as with the bacs error codes.

📘

Description of detail in cancel notifications

The reason for why a mandate was failed or cancelled can be found in the details.

Format for cancel notification detail:
[SCHEME] [CATEGORY]_[CODE](DESCRIPTION)
BACS ADDACS_0(INSTRUCTION CANCELLED - REFER TO PAYER)
BACS ADDACS_1(INSTRUCTION CANCELLED BY PAYER)
BACS ADDACS_2(PAYER DECEASED)
BACS ADDACS_3(INSTRUCTION CANCELLED, ACCOUNT TRANSFERRED)
BACS ADDACS_B(ACCOUNT CLOSED)
BACS ADDACS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH)
BACS ADDACS_D(ADVANCE NOTICE DISPUTED)
BACS ADDACS_E(INSTRUCTION AMENDED)
BACS ADDACS_R(INSTRUCTION REINSTATED)

BACS AUDDIS_1(INSTRUCTION CANCELLED BY PAYER)
BACS AUDDIS_2(PAYER DECEASED)
BACS AUDDIS_3(ACCOUNT TRANSFERRED)
BACS AUDDIS_5(NO ACCOUNT)
BACS AUDDIS_6(NO INSTRUCTION)
BACS AUDDIS_B(ACCOUNT CLOSED)
BACS AUDDIS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH OF BANK…)
BACS AUDDIS_F(INVALID ACCOUNT TYPE)
BACS AUDDIS_G(BANK WILL NOT ACCEPT DIRECT DEBITS ON ACCOUNT)
BACS AUDDIS_H(INSTRUCTION HAS EXPIRED)
BACS AUDDIS_I(PAYER REFERENCE IS NOT UNIQUE)
BACS AUDDIS_K(INSTRUCTION CANCELLED BY BANK)
BACS AUDDIS_L(INCORRECT PAYERS ACCOUNT DETAILS)
BACS AUDDIS_M(TRANSACTION CODE/USER STATUS INCOMPATIBLE)
BACS AUDDIS_N(TRANSACTION DISALLOWED AT PAYERS BRANCH)
BACS AUDDIS_O(INVALID REFERENCE)
BACS AUDDIS_P(PAYERS NAME NOT PRESENT)
BACS AUDDIS_Q(SERVICE USER NAME IS BLANK)

Bankgiro

For bankgiro, the first part is from the scheme, eg TKXX, while the second part is something we add to make it unique for the scope, _YY for a representation of TKXX_YY(description)

📘

Description of detail in cancel notifications

The reason for why a mandate was failed or cancelled can be found in the details.

Format for cancel notification detail:
[SCHEME] [CATEGORY]_[CODE](DESCRIPTION)

TK82_1(INSUFFICIENT FUNDS)
TK82_2(BANK ACCOUNT CLOSED OR PAYERS BANK HAS NOT APPROVED WITHDRAWAL)
TK82_01(MANDATE NOT FOUND)
TK82_02(ACCOUNT NOT APPROVED OR CLOSED)
TK82_04(INCORRECT PAYER NUMBER)
TK82_06(INCORRECT PERIOD CODE)
TK82_07(INCORRECT NUMBER FOR RECURRING PAYMENTS)
TK82_08(AMOUNT NON NUMERIC)
TK82_09(BAN ON OUTGOING PAYMENTS)
TK82_10(BANKGIRO NUMBER NOT FOUND AT BANKGIROT)
TK82_12(INCORRECT PAYMENT DATE)
TK82_13(PAYMENT DATE PASSED)
TK82_15(PAYEE BANKGIRO NUMBERS IN OPENING RECORD AND TRANSACTION RECORD NOT SAME)
TK82_24(AMOUNT EXCEEDS MAX AMOUNT)
TK03_12(CANCELLED)
TK11_12(CANCELLED)
TK21_12(CANCELLED)
TK23_02(INCORRECT PAYER NUMBER)
TK23_10(INCORRECT PAYEE BANKGIRO NUMBER)
TK23_11(PAYEE BANKGIRO NUMBER MISSING)
TK23_12(CANCELLED)
TK23_13(PAYMENT MISSING NOT PROCESSED)
TK24_01(INCORRECT PAYMENT DATE)
TK24_02(INCORRECT PAYER NUMBER)
TK24_04(INCORRECT TRANSACTION CODE)
TK24_10(INCORRECT PAYEE BANKGIRO NUMBER)
TK24_11(PAYEE BANKGIRO NUMBER MISSING)
TK24_12(CANCELLED)
TK24_13(PAYMENT MISSING NOT PROCESSED)
TK25_01(INCORRECT PAYMENT DATE)
TK25_02(INCORRECT PAYER NUMBER)
TK25_04(INCORRECT TRANSACTION CODE)
TK25_05(INCORRECT AMOUNT)
TK25_10(INCORRECT PAYEE BANKGIRO NUMBER)
TK25_11(PAYEE BANKGIRO NUMBER MISSING)
TK25_12(CANCELLED)
TK25_13(PAYMENT MISSING NOT PROCESSED)

SepaDD

Currently no errors for SEPA

Notifications for DirectDebit

Pending

Immediately after the request has been accepted for processing, a pending notification is sent to the NotificationURL.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, pendingYesTextpending
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesText
dataDescriptionTypeExample
orderidUnique ID of the order returned when creating the charge.Text87654567
accountidThe AccountID used when setting up the mandateText1234567890
messageidYour unique ID of the order.Text234234234234
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text123123123
amountThe amount set when creating the chargeText98.02
currencyThe currency set when creating the chargeTextGBP
origninalpaymentdateThe expected payment date for the debit. Note that this gives you an indication if the PaymentDate you submitted has been adjusted eg due to a bank holiday.Text2024-01-05
paymentdateIf the executing of the payment get's delayed for some reason, eg a retry, compliance check or something else, the paymentdate gives you an indication that the debit is delayed and when we expect the debit to happen. Typically this will be the same as originalpaymentdate, but if it get's delayed, the pending notification will be sent again with the paymentdate adjusted to the date we expect the debit to happen on the consumers account.Text2024-01-06
timestampThe time when the directdebit was prepared for processing. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZText2023-05-31T09:19:30.066773Z

Example request

{
    "method": "pending",
    "params": {
        "uuid": "258a2184-2842-b485-23ca-293425152415",
        "data": {
            "orderid": "87654567",
            "accountid": "1234567890",
            "messageid": "98348932",
            "notificationid": "4876513450",
            "amount": "98.02",
            "currency": "GBP",
            "paymentdate": "2024-01-05",
            "originalpaymentdate": "2024-01-04",
						"timestamp": "2010-01-05 14:42:04.675645+01",
        },
        "signature": "fVhjuMqbsH0Ku ... S16VbzRsw=="      
    },
    "version": "1.1"
}

cancel

If the direct-debit could not be processed, a cancel notification is sent.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, cancelYesTextcancel
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesText
dataDescriptionTypeExample
orderidUnique ID of the order returned when creating the charge.Text87654567
messageidYour unique id of the orderTextsome-id
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text123123123123
attributesDescriptionTypeExample
reason ERROR_MANDATE_INVALID - The mandate is invalid for some reason.
ERRORCHARGE_NOT_APPROVED - Ie. missing funds or being cancelled by the end-user.
CANCELLED - If the payment was cancelled from the api
_ FAILED - All other failures
TextERROR_CHARGE_NOT_APPROVED
detailsThe scheme's message if availableTextBACS ARUDD_1(INSTRUCTION CANCELLED BY PAYER)

Example request

{
    "method": "cancel",
    "params": {
        "uuid": "258a2184-9021-b874-21ca-293425152415",
        "data": {
            "orderid": "87654567",
            "messageid": "98348932",
            "notificationid": "4876513450",
            "attributes": {
            	"reason": "ERROR_CHARGE_NOT_APPROVED",
            	"details": "BACS ARUDD_1(INSTRUCTION CANCELLED BY PAYER)",
            }
        },
        "signature": "F6+hjuMqbsH0Ku ... S16VbzRsw==",      
    },
    "version": "1.1"
}

credit

When funds have credited the account, a credit notification is sent.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, creditYesTextcredit
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesTexta231a-.....-123123
DataDescriptionTypeExample
orderidUnique ID of the order returned when creating the directdebit.Text87654567
accountidThe AccountID used when setting up the mandateText1234567890
messageidYour unique ID of the order.Text234234
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text4567897654
amountThe amountText98.02
currencyThe currencyTextGBP
timestampThe time when the directdebit processed. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZText2023-05-31T09:19:30.066773Z
AttributesDescriptionTypeExample
referencePayment reference sent to the schemeTextTRLY80494-1001
statementStatement that appear on the end users bank accountTextTRLY80494-1001

Example request

{
    "method": "credit",
    "params": {
        "signature": "D67hjuMqbsH0Ku ... S16VbzRsw==",
        "uuid": "258a2184-2842-b485-25ca-293525152425",
        "data": {
            "orderid": "87654567",
            "messageid": "98348932",
            "notificationid": "9876543456",
            "amount": "90.02",
            "currency": "GBP",
            "timestamp": "2010-01-20 14:42:04.675645+01",
            "attributes": {
            	"reference": "TRLY80494-1001",
            	"statement": "TRLY80494-1001"
            }
        }
    },
    "version": "1.1"
}


debit

If a previously credited direct-debit is revesed, a debit notification is sent for the same order. This basically means that the funds where sent to the merchant account and later sent back to the end-user account.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, debitYesTextdebit
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesTexta231a-.....-123123
dataDescriptionTypeExample
orderidUnique ID of the order returned when creating the directdebit.Text87654567
messageidYour unique ID of the orderText234234df
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text234234234
amountThe amountText98.02
currencyThe currencyTextGBP
timestampThe time for the when the reversal happened. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZText2023-05-31T09:19:30.066773Z
paymentbatchFlag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1.Text1
attributesDescriptionTypeExample
referencePayment reference sent to the schemeTextTRLY80494-1001
statementStatement that appear on the end users bank accountTextTRLY80494-1001
reason- ERROR_MANDATE_INVALID - The mandate is invalid for some reason.

- ERROR_CHARGE_NOT_APPROVED - Ie. missing funds or being cancelled by the end-user.
- CANCELLED - If the payment was cancelled from the api
- FAILED - All other failures
TextERROR_MANDATE_INVALID
detailsThe scheme message if availableTextBACS ARUDD_1(INSTRUCTION CANCELLED BY PAYER)

Example request

{
    "method": "debit",
    "params": {
        "uuid": "258a2184-2842-b485-25ca-293525152425",
        "data": {
            "orderid": "87654567",
            "messageid": "asdfasdasdf",
            "notificationid": "9876543456",
            "amount": "90.02",
            "currency": "GBP",
            "messageid": "98348932",
            "timestamp": "2010-01-20 14:42:04.675645+01",
            "attributes": {
            	"reference": "TRLY80494-1001",
            	"statement": "TRLY80494-1001",
            	"reason": "ERROR_CHARGE_NOT_APPROVED",
            	"details": "BACS ARUDD_1(INSTRUCTION CANCELLED BY PAYER)"              
            }
        },
        "signature": "D67hjuMqbsH0Ku ... S16VbzRsw==",      
    },
    "version": "1.1"
}


Crediting end-user

Crediting the end-user is done with the DirectCredit instruction. Note that credit is not available in the SEPA region, instead a refund will have to be used.

DirectCredit

This method is used to credit the end-user, eg transferring funds from your account to the consumer. As this feature is a bit different depending on market, please check the differences below

[BACS] - Crediting the user can be archived either by specifying the accountId or the full account number (sort-code and account number). If you know the accountId for the consumer, it’s a convenient way to send funds to the account behind that account number.
[Bankgiro] - Crediting the user can be done in two ways, either via Autogiro or via “Leverantörsutbetalningar”. Using Autogiro, you must use the merchantReference as that is mapped to the payerNumber in Autogiro which is to whom the credit is sent. Please note that for this, the mandate must be active. For this, there must be an active mandate. With “Leverantörsutbetalningar”, you may send funds to another bankgiro-number or any other swedish bank account. You will however need to have this enabled with your bank.
[SepaDD] - Credit is not available using the direct debit rails, however, if needed, you may use the Trustly AccountPayout functionality but that will require your Trustly account to be funded.

For Bankgiro, it's important to use the merchantReference if accountId is used, as it's basically the merchantReference that is mapping to the correct account number. If just AccountNumber/BankIdentifier fields are used, then the merchantReference is not in use at all.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, DirectCreditYesTextDirectCredit
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesTexta231a-.....-123123
DataDescriptionRequiredTypeExample
UsernameThe username, should be received when onboarding.YesTextjoe
PasswordThe password, should be received when onboarding.YesTextsecret
MessageIDYour unique ID for for the order in your system. This is to manage idempotency at the application layer.YesTextasdfasdfasdfasdf
EndUserIDThe identifier of the owner of the account being credited. If there is a mandate, it's highly recommended using the same enduserid as when the mandate was created.

[Sepa-DD] This field is limited to 35 characteres
[BACS/Bankgiro] This field is limited to 63 characters
YesText[email protected]
NotificationURLThe URL to which notifications for this charge should be sent to.YesTexthttps://example.com/notificaion
AccountID[BACS] The AccountID used in the UK market only and must be used unless the bankIdendifier/accountnumber is used. NoText1234567890
BankIdentifierThe bank identifier, please note that either BankIdentifier&AccountNumber or AccountID is required.
[BACS] This should be the sort-code
[Bankgiro] This should be the clearing number or "bg" if the accountNumber is a bg-number
[Sepa] Not supported
Yes/NoText6000, bg, 123123, HANDSESS
AccountNumberThe account number. Please note that either BankIdentifier&AccountNumber or AccountId is required.
[Bacs] The domestic GB account number
[Bankgiro]The swedish bank account number. Note that for bg-number, the bankIdentifier must be 'bg'.
[Sepa]Not supported
Yes/NoText157-1234, 310902352, AT483200000012345864
AmountThe amount to credit the end-user. See format in Currencies Only digits. Use dot (.) as decimal separator. Note that 98.5 is not a valid amount. The following examples are valid formats 98.50. 98.00 and 98.YesText98.02
CurrencyThe currency, ISO 4217 alphabetic code.YesTextGBP
CountryThe country-code for the account receiving the funds.YesTextGB
Attributes
MerchantReferenceOnly used in Sweden and is mapped to the paymentIdentifer in the autogiro manual.
[Bankgiro] Must be a numeric value identifying the end-user.
[Bacs]according to the merchantReference for debits, eg 6-10 chars.
[SepaDD] DirectCredit is NOT supported
YesText197012131234
PaymentDateThe day the payment should arrive at the end-user's bank account. If this is too early in time, it will be postponed to the earliest paymentDate, eg same as not submitting it. Must be following the format of yyyy-MM-dd.NoText2024-01-24
EmailThe email address of the end user.NoText[email protected]
FirstNameFirst name of the creditor. This is mandatory in GB if the accountId is not used.Yes/NoTextJohn
LastNameLast name of the creditor. This is mandatory in GB if the accountId is not used.Yes/NoTextDoe

Response parameters

DescriptionRequiredTypeExample
versionThe api versionYesText1.1
result
methodThe method, DirectCreditYesTextDirectCredit
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe uuid from the requestYesTexta231a-.....-123123
DataDescriptionTypeExample
orderidUnique ID of the orderText87654567
result1 if the charge was accepted for processing, 0 otherwise. Note that this is an acceptance of the order, no money has been charged from the account until you receive notifications thereof.Text1
rejectedThe following errors reasons:
_ ERROR_MANDATE_NOT_FOUND - No matching active accountId
ERROR_DIRECT_DEBIT_NOT_ALLOWED - Account not properly configured
ERROR_PAYMENT_DATE_FAILURE - Payment date is invalid
ERROR_AMOUNT_FAILURE - Amount is invalid or not within the configured range
ERROR_CURRENCY_FAILURE - The mandate doesn't support the currency
TextERROR_MANDATE_NOT_FOUND

Example request

{  
   "method":"DirectCredit",
   "params":{  
      "UUID":"258a2184-2842-b485-25ca-293525152425",
      "Data":{  
         "Username":"merchant_username",
         "Password":"merchant_password",
         "MessageID":"your_unique_order_id",
         "EndUserID":"unique_end_user_id",
         "NotificationURL":"https://URL_to_your_notification_service",
         "AccountID":"1234567890",
         "Amount":"25.00",
         "Currency":"GBP",
         "Country": "GB",
         "Attributes":{  
            "PaymentDate":"2022-11-17",
            "MerchantReference": "AAADESF0F1"
         }
      },
      "Signature":"f4ThjuMqbsdG6u ... S16VbzD4h==",     
   },
   "version":"1.1"
}

Example response

{  
  "result": {
     "signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA==",
     "uuid":"258a2184-2842-b485-25ca-293525152425",
     "method":"DirectCredit",
     "data":{  
        "result":"1",
        "rejected":"",
        "orderid":"1234512345"
     }
   },
   "version":"1.1"
}

Errors and details for crediting

The information in this section relates to the notifications and describes the different meanings of the detail attribute.

Please note that as far as possible, the details is formatted as scheme error(message), but not that some scheme errors are duplicates in the scheme and we may add eg _01 to the first part.

BACS

For bacs, the first part, eg AUDDIS_1 is the same as with the bacs error codes.

📘

Description of detail in cancel notifications

The reason for why a mandate was failed or cancelled can be found in the details.

Format for cancel notification detail:
[SCHEME] [CATEGORY]_[CODE](DESCRIPTION)
BACS ADDACS_0(INSTRUCTION CANCELLED - REFER TO PAYER)
BACS ADDACS_1(INSTRUCTION CANCELLED BY PAYER)
BACS ADDACS_2(PAYER DECEASED)
BACS ADDACS_3(INSTRUCTION CANCELLED, ACCOUNT TRANSFERRED)
BACS ADDACS_B(ACCOUNT CLOSED)
BACS ADDACS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH)
BACS ADDACS_D(ADVANCE NOTICE DISPUTED)
BACS ADDACS_E(INSTRUCTION AMENDED)
BACS ADDACS_R(INSTRUCTION REINSTATED)

BACS AUDDIS_1(INSTRUCTION CANCELLED BY PAYER)
BACS AUDDIS_2(PAYER DECEASED)
BACS AUDDIS_3(ACCOUNT TRANSFERRED)
BACS AUDDIS_5(NO ACCOUNT)
BACS AUDDIS_6(NO INSTRUCTION)
BACS AUDDIS_B(ACCOUNT CLOSED)
BACS AUDDIS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH OF BANK…)
BACS AUDDIS_F(INVALID ACCOUNT TYPE)
BACS AUDDIS_G(BANK WILL NOT ACCEPT DIRECT DEBITS ON ACCOUNT)
BACS AUDDIS_H(INSTRUCTION HAS EXPIRED)
BACS AUDDIS_I(PAYER REFERENCE IS NOT UNIQUE)
BACS AUDDIS_K(INSTRUCTION CANCELLED BY BANK)
BACS AUDDIS_L(INCORRECT PAYERS ACCOUNT DETAILS)
BACS AUDDIS_M(TRANSACTION CODE/USER STATUS INCOMPATIBLE)
BACS AUDDIS_N(TRANSACTION DISALLOWED AT PAYERS BRANCH)
BACS AUDDIS_O(INVALID REFERENCE)
BACS AUDDIS_P(PAYERS NAME NOT PRESENT)
BACS AUDDIS_Q(SERVICE USER NAME IS BLANK)

Bankgiro

For bankgiro, the first part is from the scheme, eg TKXX, while the second part is something we add to make it unique for the scope, _YY for a representation of TKXX_YY(description)

📘

Description of detail in cancel notifications

The reason for why a mandate was failed or cancelled can be found in the details.

Format for cancel notification detail:
[SCHEME] [CATEGORY]_[CODE](DESCRIPTION)

TK32_1(INSUFFICIENT FUNDS)
TK32_2(BANK ACCOUNT CLOSED OR PAYERS BANK HAS NOT APPROVED WITHDRAWAL)
TK32_01(MANDATE NOT FOUND)
TK32_02(ACCOUNT NOT APPROVED OR CLOSED)
TK32_04(INCORRECT PAYER NUMBER)
TK32_06(INCORRECT PERIOD CODE)
TK32_07(INCORRECT NUMBER FOR RECURRING PAYMENTS)
TK32_08(AMOUNT NON NUMERIC)
TK32_09(BAN ON OUTGOING PAYMENTS)
TK32_10(BANKGIRO NUMBER NOT FOUND AT BANKGIROT)
TK32_12(INCORRECT PAYMENT DATE)
TK32_13(PAYMENT DATE PASSED)
TK32_15(PAYEE BANKGIRO NUMBERS IN OPENING RECORD AND TRANSACTION RECORD NOT SAME)
TK32_24(AMOUNT EXCEEDS MAX AMOUNT)
TK03_12(CANCELLED)
TK11_12(CANCELLED)
TK21_12(CANCELLED)
TK23_02(INCORRECT PAYER NUMBER)
TK23_10(INCORRECT PAYEE BANKGIRO NUMBER)
TK23_11(PAYEE BANKGIRO NUMBER MISSING)
TK23_12(CANCELLED)
TK23_13(PAYMENT MISSING NOT PROCESSED)
TK24_01(INCORRECT PAYMENT DATE)
TK24_02(INCORRECT PAYER NUMBER)
TK24_04(INCORRECT TRANSACTION CODE)
TK24_10(INCORRECT PAYEE BANKGIRO NUMBER)
TK24_11(PAYEE BANKGIRO NUMBER MISSING)
TK24_12(CANCELLED)
TK24_13(PAYMENT MISSING NOT PROCESSED)
TK25_01(INCORRECT PAYMENT DATE)
TK25_02(INCORRECT PAYER NUMBER)
TK25_04(INCORRECT TRANSACTION CODE)
TK25_05(INCORRECT AMOUNT)
TK25_10(INCORRECT PAYEE BANKGIRO NUMBER)
TK25_11(PAYEE BANKGIRO NUMBER MISSING)
TK25_12(CANCELLED)
TK25_13(PAYMENT MISSING NOT PROCESSED)

SepaDD

Credits not supported


Notifications for DirectCredit

Notifications for the direct credit. Please note that the debit/credit notifications should be treated differently than for direct-debit. For a successful credit, a debit notification is sent. If the funds would come back, the credit notification will be emitted for the direct credit order.

Pending

Immediately after the direct-credit has been accepted for processing, a pending notification is sent to the NotificationURL.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, pendingYesTextpending
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesTextasdfasdfasdf
dataDescriptionTypeExample
orderidUnique ID of the order returned when creating the charge.Text87654567
messageidYour unique ID of the order.Text234234234234
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text123123123
amountThe amount set when creating the chargeText98.02
currencyThe currency set when creating the chargeTextGBP
timestampThe time when the directdebit was prepared for processing. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZText2023-05-31T09:19:30.066773Z

Example request

{
    "method": "pending",
    "params": {
        "uuid": "258a2184-2842-b485-23ca-293425152415",
        "data": {
            "orderid": "87654567",
            "messageid": "98348932",
            "notificationid": "4876513450",
            "amount": "98.02",
            "currency": "GBP",
            "timestamp": "2010-01-20 14:42:04.675645+01"
        },
        "signature": "fVhjuMqbsH0Ku ... S16VbzRsw=="      
    },
    "version": "1.1"
}

cancel

If the direct-credit could not be processed, a cancel notification is sent.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, cancelYesTextcancel
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesText2r423423-sdfsdf-ssdf
dataDescriptionTypeExample
orderidUnique ID of the order returned when creating the request.Text87654567
messageidYour unique id of the orderTextsome-id
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text123123123123
attributesDescriptionTypeExample
reason- INVALID_ACCOUNT -The specified account is not valid, eg sending funds to it is not possible.

- CANCELLED - If the payment was cancelled via the api
- FAILED - All other failures
TextINVALID_ACCOUNT
detailsThe scheme's message if availableText

Example request

{
    "method": "cancel",
    "params": {
        "uuid": "258a2184-9021-b874-21ca-293425152415",
        "data": {
            "orderid": "87654567",
            "messageid": "98348932",
            "notificationid": "4876513450",
            "attributes": {
            	"reason": "",
            	"details": "",
            }
        },
        "signature": "F6+hjuMqbsH0Ku ... S16VbzRsw==",      
    },
    "version": "1.1"
}

debit

Once the direct-credit has been successfully processed, a debit notification is sent for the same order. This basically means that the funds where deducted from the merchants account.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, debitYesTextdebit
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesTexta231a-.....-123123
dataDescriptionTypeExample
orderidUnique ID of the order returned when creating the request.Text87654567
messageidYour unique ID of the orderText234234df
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text234234234
amountThe amount to credit the end-userText98.02
currencyThe currencyTextGBP
timestampThe time for the when the reversal happened. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZText2023-05-31T09:19:30.066773Z
attributesDescriptionTypeExample
referencePayment reference sent to the schemeTextTRLY80494-1001
statementStatement that appear on the end users bank accountTextTRLY80494-1001
reasonFAILED - All other failuresTextFAILED
detailsThe scheme message if availableText

Example request

{
    "method": "debit",
    "params": {
        "uuid": "258a2184-2842-b485-25ca-293525152425",
        "data": {
            "orderid": "87654567",
            "messageid": "asdfasdasdf",
            "notificationid": "9876543456",
            "amount": "90.02",
            "currency": "GBP",
            "messageid": "98348932",
            "timestamp": "2010-01-20 14:42:04.675645+01",
            "attributes": {
            	"reference": "TRLY80494-1001",
            	"statement": "TRLY80494-1001",
            	"reason": "FAILED",
            	"details": ""              
            }
        },
        "signature": "D67hjuMqbsH0Ku ... S16VbzRsw==",      
    },
    "version": "1.1"
}

credit

If the funds where sent, but later returned, a credit notification is sent for the order.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, creditYesTextcredit
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesTexta231a-.....-123123
dataDescriptionTypeExample
orderidUnique ID of the order this refers toText87654567
messageidYour unique ID of the order.Text234234
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text4567897654
amountThe amountText98.02
currencyThe currencyTextGBP
timestampThe time when the directdebit processed. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZText2023-05-31T09:19:30.066773Z
paymentbatchFlag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1.Text1
attributesDescriptionTypeExample
referencePayment reference sent to the schemeTextTRLY80494-1001
statementStatement that appear on the end users bank accountTextTRLY80494-1001

Example request

{
    "method": "credit",
    "params": {
        "signature": "D67hjuMqbsH0Ku ... S16VbzRsw==",
        "uuid": "258a2184-2842-b485-25ca-293525152425",
        "data": {
            "orderid": "87654567",
            "messageid": "98348932",
            "notificationid": "9876543456",
            "amount": "90.02",
            "currency": "GBP",
            "timestamp": "2010-01-20 14:42:04.675645+01",
            "attributes": {
            	"reference": "TRLY80494-1001",
            	"statement": "TRLY80494-1001"
            }
        }
    },
    "version": "1.1"
}

Refunding end-user

Refunding a previous executed DirectDebit instruction is similar to DirectCredit, but with some restrictions. A refund can only be executed once and the maximum amount is the same as for the original debit. Refunds are available for all schemes.

RefundDirectDebit

This method is used to credit the end-user, please note that an active mandate is NOT mandatory for this operation, but the mandate must not have been inactive for more than 2 years.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, RefundDirectDebitYesTextRefundDirectDebit
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesTexta231a-.....-123123
DataDescriptionRequiredTypeExample
UsernameThe username, should be received when onboarding.YesTextjoe
PasswordThe password, should be received when onboarding.YesTextsecret
OrderIDThe order to refund.YesText1231231122
MessageIDYour unique ID for for the refund in your system. Please note that this must not be the same as used for the DirectDebit even if that orderId is referenced.YesTextasdfasdfasdfasdf
PaymentMessageIDWhen the debit was in a batch, this is the messageId for the individual payment that is to be refunded. This parameter shall only be used refunding a payment that was issued in a batch.Yes/NoTextgbjertewrtert
AmountThe amount to credit the end-user. The amount may not be bigger than the original DirectDebit order's amount.

See format in Currencies Only digits. Use dot (.) as decimal separator. Note that 98.5 is not a valid amount. The following examples are valid formats 98.50. 98.00 and 98.
YesText98.02
CurrencyThe currency, ISO 4217 alphabetic code.YesTextGBP
AttributesNo attributes as of 2023-11-02

Response parameters

DescriptionRequiredTypeExample
versionThe api versionYesText1.1
result
methodThe method, RefundYesTextRefund
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe uuid from the requestYesTexta231a-.....-123123
dataDescriptionTypeExample
result1 if the request was accepted for processing, 0 otherwise. Note that this is an acceptance of the order, no money has been sent from the account until you receive notifications thereof.Text1
rejectedThe following errors reasons:

- ERROR_CHARGE_NOT_FOUND - The debit order wasn't found.
- ERROR_CHARGE_NOT_REFUNDABLE - The debit order is not refundable
- ERROR_AMOUNT_FAILURE - The amount is not valid, eg could be bigger than the debit.
- ERROR_CURRENCY_FAILURE - The currency does not match the original debit order.
TextERROR_CHARGE_NOT_FOUND

Example request

{  
   "method":"RefundDirectDebit",
   "params":{  
      "UUID":"258a2184-2842-b485-25ca-293525152425",
      "Data":{  
         "Username":"merchant_username",
         "Password":"merchant_password",
				 "OrderID": 123123123,
         "MessageID":"your_unique_order_id",
         "Amount":"25.00",
         "Currency":"GBP",
      },
      "Signature":"f4ThjuMqbsdG6u ... S16VbzD4h==",     
   },
   "version":"1.1"
}

Example response

{
  "result": {
     "method":"RefundDirectDebit",
     "uuid":"258a2184-2842-b485-25ca-293525152425",
     "data":{  
        "result":"1",
        "rejected":""
     },
     "signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA=="
  },
  "version":"1.1"
}


Errors and details for refunds

The information in this section relates to the notifications and describes the different meanings of the detail attribute.

Please note that as far as possible, the details is formatted as scheme error(message), but not that some scheme errors are duplicates in the scheme and we may add eg _01 to the first part.

BACS

For bacs, the first part, eg AUDDIS_1 is the same as with the bacs error codes.

📘

Description of detail in cancel notifications

The reason for why a mandate was failed or cancelled can be found in the details.

Format for cancel notification detail:
[SCHEME] [CATEGORY]_[CODE](DESCRIPTION)
BACS ADDACS_0(INSTRUCTION CANCELLED - REFER TO PAYER)
BACS ADDACS_1(INSTRUCTION CANCELLED BY PAYER)
BACS ADDACS_2(PAYER DECEASED)
BACS ADDACS_3(INSTRUCTION CANCELLED, ACCOUNT TRANSFERRED)
BACS ADDACS_B(ACCOUNT CLOSED)
BACS ADDACS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH)
BACS ADDACS_D(ADVANCE NOTICE DISPUTED)
BACS ADDACS_E(INSTRUCTION AMENDED)
BACS ADDACS_R(INSTRUCTION REINSTATED)

BACS AUDDIS_1(INSTRUCTION CANCELLED BY PAYER)
BACS AUDDIS_2(PAYER DECEASED)
BACS AUDDIS_3(ACCOUNT TRANSFERRED)
BACS AUDDIS_5(NO ACCOUNT)
BACS AUDDIS_6(NO INSTRUCTION)
BACS AUDDIS_B(ACCOUNT CLOSED)
BACS AUDDIS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH OF BANK…)
BACS AUDDIS_F(INVALID ACCOUNT TYPE)
BACS AUDDIS_G(BANK WILL NOT ACCEPT DIRECT DEBITS ON ACCOUNT)
BACS AUDDIS_H(INSTRUCTION HAS EXPIRED)
BACS AUDDIS_I(PAYER REFERENCE IS NOT UNIQUE)
BACS AUDDIS_K(INSTRUCTION CANCELLED BY BANK)
BACS AUDDIS_L(INCORRECT PAYERS ACCOUNT DETAILS)
BACS AUDDIS_M(TRANSACTION CODE/USER STATUS INCOMPATIBLE)
BACS AUDDIS_N(TRANSACTION DISALLOWED AT PAYERS BRANCH)
BACS AUDDIS_O(INVALID REFERENCE)
BACS AUDDIS_P(PAYERS NAME NOT PRESENT)
BACS AUDDIS_Q(SERVICE USER NAME IS BLANK)

Bankgiro

For bankgiro, the first part is from the scheme, eg TKXX, while the second part is something we add to make it unique for the scope, _YY for a representation of TKXX_YY(description)

📘

Description of detail in cancel notifications

The reason for why a mandate was failed or cancelled can be found in the details.

Format for cancel notification detail:
[SCHEME] [CATEGORY]_[CODE](DESCRIPTION)

TK77_01(MANDATE NOT SUBMITTED)
TK77_02(MANDATE WITHDRAWN)
TK77_03(AMOUNT NOT SPECIFIED OR EXCEEDED)

SepaDD

Currently no errors for SEPA

Notifications for Refunds

Notifications for the refund are handled differently from the DirectCredit/DirectDebit, especially as there's no orderId for the refund, all notifications will refer to the original direct debit order, but you can distinguish the notifications by checking if the refund flag is available or not.

Pending

Immediately after the refund has been accepted for processing, a pending notification is sent to the NotificationURL for the original DirectDebit order.

DescriptionRequiredTypeExample
methodThe notification method, pendingYesTextpending
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesTextasdfasdfasdf
dataDescriptionTypeExample
orderidUnique ID of the order that is to be refunded.Text87654567
messageidYour unique ID of the for this refund, note that this should identify the refund and not the original debit order.Text234234234234
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text123123123
amountThe amountText98.02
currencyThe currencyTextGBP
timestampThe time when the directdebit was prepared for processing. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZText2023-05-31T09:19:30.066773Z
refundFlag indicating that this is for refund. Note that this flag is not sent unless it's for a refund. Only value will be 1.Text1
paymentbatchFlag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1.Text1

Example notification

{
    "method": "pending",
    "params": {
        "uuid": "258a2184-2842-b485-23ca-293425152415",
        "data": {
            "orderid": "87654567",
            "messageid": "98348932",
            "notificationid": "4876513450",
            "amount": "98.02",
            "currency": "GBP",
            "timestamp": "2010-01-20 14:42:04.675645+01",
            "refund": "1"
        },
        "signature": "fVhjuMqbsH0Ku ... S16VbzRsw=="      
    },
    "version": "1.1"
}

Cancel

If the refund fails for some reason, a cancel notification will be sent. Note that this will only be sent if no money have been deducted on the account and treat this notification differently than a debit followed by a credit. Please make sure to check the refund flag on the notification.

DescriptionRequiredTypeExample
methodThe notification method, cancelYesTextcancel
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesTextasdfasdfasdf
dataDescriptionTypeExample
orderidThe orderId for the direct-debit order.Text87654567
messageidYour unique id for the refundTextsome-id
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text123123123123
refundFlag indicating that this is for refund. Note that this flag is not sent unless it's for a refund. Only value will be 1.Text1
paymentbatchFlag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1.Text1
attributesDescriptionTypeExample
reason- INVALID_ACCOUNT -The specified account is not valid, eg sending funds to it is not possible. The account may be closed.

- FAILED - All other failures
TextINVALID_ACCOUNT
detailsThe scheme's message if availableText

Example notification

{
    "method": "cancel",
    "params": {
        "uuid": "258a2184-9021-b874-21ca-293425152415",
        "data": {
            "orderid": "87654567",
            "messageid": "98348932",
            "notificationid": "4876513450",
            "refund":"1",
            "attributes": {
            	"reason": "",
            	"details": "",
            }
        },
        "signature": "F6+hjuMqbsH0Ku ... S16VbzRsw==",      
    },
    "version": "1.1"
}

debit

The debit notification for the refund is sent when a confirmation that the funds have left your account.

DescriptionRequiredTypeExample
methodThe notification method, debitYesTextdebit
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesTexta231a-.....-123123
dataDescriptionTypeExample
orderidThe orderId of the direct-debit order.Text87654567
messageidYour unique ID for the refundText234234df
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text234234234
amountThe amount to credit the end-userText98.02
currencyThe currencyTextGBP
timestampThe time for the when the reversal happened. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZText2023-05-31T09:19:30.066773Z
refundFlag indicating that this is for refund. Note that this flag is not sent unless it's for a refund. Only value will be 1.Text1
paymentbatchFlag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1.Text1
attributesDescriptionTypeExample
referencePayment reference sent to the schemeTextTRLY80494-1001
statementStatement that appear on the end users bank accountTextTRLY80494-1001

Example notification

{
    "method": "debit",
    "params": {
        "uuid": "258a2184-2842-b485-25ca-293525152425",
        "data": {
            "orderid": "87654567",
            "messageid": "asdfasdasdf",
            "notificationid": "9876543456",
            "amount": "90.02",
            "currency": "GBP",
            "timestamp": "2010-01-20 14:42:04.675645+01",
            "refund": "1",
            "attributes": {
            	"reference": "TRLY80494-1001",
            	"statement": "TRLY80494-1001"
            }
        },
        "signature": "D67hjuMqbsH0Ku ... S16VbzRsw==",      
    },
    "version": "1.1"
}

credit

If funds left the account, but later bank returned the funds, a credit notification is sent.

DescriptionRequiredTypeExample
methodThe notification method, creditYesTextcredit
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesTexta231a-.....-123123
dataDescriptionTypeExample
orderidThe orderId of the direct-debit order.Text87654567
messageidYour unique ID for the refund.Text234234
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text4567897654
amountThe amountText98.02
currencyThe currencyTextGBP
timestampThe time when the directdebit processed. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZText2023-05-31T09:19:30.066773Z
refundFlag indicating that this is for refund. Note that this flag is not sent unless it's for a refund. Only value will be 1.Text1
paymentbatchFlag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1.Text1
attributesDescriptionTypeExample
referencePayment reference sent to the schemeTextTRLY80494-1001
statementStatement that appear on the end users bank accountTextTRLY80494-1001
reasonFAILED - Generic errorTextFAILED
detailsThe scheme message if available

Example notification

{
    "method": "credit",
    "params": {
        "signature": "D67hjuMqbsH0Ku ... S16VbzRsw==",
        "uuid": "258a2184-2842-b485-25ca-293525152425",
        "data": {
            "orderid": "87654567",
            "messageid": "98348932",
            "notificationid": "9876543456",
            "amount": "90.02",
            "currency": "GBP",
            "timestamp": "2010-01-20 14:42:04.675645+01",
            "refund": "1",
            "attributes": {
            	"reference": "TRLY80494-1001",
            	"statement": "TRLY80494-1001"
            }
        }
    },
    "version": "1.1"
}

Batch instructions

Batch processing is handled by Trustly with two different methods, DirectPaymentBatch for debit/credit and DirectMandateBatch for mandate import/migrations.

You connect to the sftp server with the username provided by Trustly and the same private key used to sign the requests. Please note that if the content of the file is rejected the response will be successful however you will receive a cancel notification.

DirectMandateBatch

For importing/migrating mandates, this option allows you to do it in bulk and if you are to import more than 10-50k mandates, we recommend doing it in batch.

Request parameters

DescriptionRequiredTypeExample
methodThe method to be calledYesTextDirectMandateBatch
versionThe api versionYesText1.1
params
SignatureThe Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialisation of the Data{} object].YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
UUIDThe unique identifier for the request.YesText258a2184-2842-b485-25ca-29352515242
DataDescriptionRequiredTypeExample
NotificationURLThe url where to notify about a new notification file being available on the SFTP server. This must be a valid https url, http is NOT allowed.YesTexthttps://your_nofitication_url
MessageIDUnique ID for this order, note that each mandate has it’s own MessageIDYesText12345678
CountryThe country for the schemeYesTextSE
BatchFileThe uploaded unique file name on the SFTP server containing the instructions.YesTextunique-filename.csv
ChecksumThe MD5 checksum for the fileYesText0cdf0945096283b9ba94e42150ba84d8
Attributes

Response parameters

DescriptionRequiredTypeExample
versionThe api versionYesText1.1
result
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe uuid from the requestYesTexta231a-.....-123123
methodThe method from the requestYesTextDirectPaymentBatch
dataDescriptionTypeExample
orderidUnique ID of the orderText87654567
result1 if the request was accepted for processing, 0 otherwise. Note that this is an acceptance of the order, processing of the batch has not started.Text1
rejected ERROR_UNABLE_TO_READ_BATCH_FILE - The file on the sftp server can't be interpreted.
ERROR_MISSING_BATCH_FILE - The file could not be found on the sftp server.
* ERROR_INVALID_CHECKSUM - The checksum for the file doesn't match.
TextERROR_MISSING_BATCH_FILE

Request example

{  
   "method":"DirectMandateBatch",
   "params":{  
      "Signature":"f4ThjuMqbsdG6u ... S16VbzD4h==",
      "UUID":"258a2184-2842-b485-25ca-293525152425",
      "Data":{  
         "Username":"merchant_username",
         "Password":"merchant_password",
         "MessageID":"your_unique_order_id",
         "NotificationURL":"https://URL_to_your_notification_service",
         "Country":"SE",
         "BatchFile":"batch-20241115.csv",
         "Checksum":"0cdf0945096283b9ba94e42150ba84d8",
         "Attributes":{  
         }
      }
   },
   "version":"1.1"
}

Response example

{
  "result": {
     "method":"DirectMandateBatch",
     "uuid":"258a2184-2842-b485-25ca-293525152425",
     "data":{  
        "result":"1",
        "rejected":"",
        "orderid":"1234512345"
     },
     "signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA=="
  },
  "version":"1.1"
}

DirectPaymentBatch

Sends multiple payment instructions for directdebit for already existing mandates or credits(no need for a mandate, UK). Please see the SFTP section for how to connect and where to put/read files.

Request parameters

DescriptionRequiredTypeExample
methodThe method to be calledYesTextDirectPaymentBatch
versionThe api versionYesText1.1
params
SignatureThe Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialisation of the Data{} object].YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
UUIDThe unique identifier for the request.YesText258a2184-2842-b485-25ca-293525152425
DataDescriptionRequiredTypeExample
NotificationURLThe url where to notify about a new notification file being available on the SFTP server. This must be a valid https url, http is NOT allowed.YesTexthttps://your_nofitication_url
MessageIDUnique ID for this order, note that each payment has it’s own MessageIDYesText12345678
CurrencyThe currency for all charges in ISO format. YesTextGBP
CountryThe country for the schemeYesTextGB
BatchFileThe uploaded unique file name on the SFTP server containing the instructions.YesTextunique-filename.csv
ChecksumThe MD5 checksum for the fileYesText0cdf0945096283b9ba94e42150ba84d8
Attributes
PaymentDateThis date will be sent to the payment institutions to set what date the payment actually will be performed.
Please see the parameter description for PaymentDate for DirectDebit and DirectCredit as different rules apply to the different schemes.
NoText2023-01-27

Format YYYY-MM-DD

Response parameters

DescriptionRequiredTypeExample
versionThe api versionYesText1.1
result
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe uuid from the requestYesTexta231a-.....-123123
methodThe method from the requestYesTextDirectPaymentBatch
dataDescriptionTypeExample
orderidUnique ID of the orderText87654567
result1 if the charge was accepted for processing, 0 otherwise. Note that this is an acceptance of the order, no money has been charged from the account until you receive notifications thereof.Text1
rejected ERROR_DIRECT_DEBIT_NOT_ALLOWED - The account has not properly been configured.
ERRORPAYMENT_DATE_FAILURE - Invalid payment date.
ERRORUNABLE_TO_READ_BATCH_FILE - The file on the sftp server can't be interpreted.
ERROR_MISSING_BATCH_FILE - The file could not be found on the sftp server.
* ERROR_INVALID_CHECKSUM - The checksum for the file doesn't match.

Request example

{  
   "method":"DirectPaymentBatch",
   "params":{  
      "Signature":"f4ThjuMqbsdG6u ... S16VbzD4h==",
      "UUID":"258a2184-2842-b485-25ca-293525152425",
      "Data":{  
         "Username":"merchant_username",
         "Password":"merchant_password",
         "MessageID":"your_unique_order_id",
         "NotificationURL":"https://URL_to_your_notification_service",
         "Currency":"GBP",
         "Country":"GB",
         "BatchFile":"batch-20230215.csv",
         "Checksum":"0cdf0945096283b9ba94e42150ba84d8",
         "Attributes":{  
            "PaymentDate":"2022-11-17"
         }
      }
   },
   "version":"1.1"
}

Response example

{
  "result": {
     "method":"DirectPaymentBatch",
     "uuid":"258a2184-2842-b485-25ca-293525152425",
     "data":{  
        "result":"1",
        "rejected":"",
        "orderid":"1234512345"
     },
     "signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA=="
  },
  "version":"1.1"
}

Notifications for Batches

Notifications for batch behave a bit different as they always refer to the order and not each individual debit/credit/mandate.

Pending

Immediately after the batch has been accepted for processing, a pending notification is sent to the NotificationURL submitted when setting up the batch.

Please note that pending is not sent at all for directmandatebatch

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, pendingYesTextpending
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesText258a2184-......-293525152425
dataDescriptionTypeExample
orderidUnique ID of the order returned when creating the batch.Text87654567
amountThe total amount of submitted charges,Text98.02
currencyThe currency.TextGBP
messageidUnique ID for this order, note that this referes to the batch MessageID and not the individual instructions.Textasdfasdf-sadfasdf-asdf
timestampThis is the last time something happened with the batch. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZText2023-05-31T09:19:30.066773Z
paymentbatchFlag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1.Text1
paymentdateThe expected payment date for the batch. Note that this gives you an indication if the paymentDate you submitted has been adjusted eg due to a bank holiday.Text2024-10-14

Example request(notification)

{
    "method": "pending",
    "params": {
        "signature": "fVhjuMqbsH0Ku ... S16VbzRsw==",
        "uuid": "258a2184-2842-b485-23ca-293425152415",
        "data": {
            "amount": "98.02",
            "currency": "GBP",
            "messageid": "98348932",
            "orderid": "87654567",
            "notificationid": "4876513450",
            "paymentdate": "2024-10-11"
        }
    },
    "version": "1.1"
}

Cancel

The cancel notification will be sent for a batch if it could not be processed.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, cancelYesTextcancel
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesText
dataDescriptionTypeExample
orderidUnique ID of the order returned when creating the charge.Text87654567
messageidYour unique id of the orderTextsome-id
notificationidUnique ID for this notification. Each notification must only be handled once in your system.Text123123123123
attributesDescription

Example request(notification)

{
    "method": "cancel",
    "params": {
        "uuid": "258a2184-9021-b874-21ca-293425152415",
        "data": {
            "orderid": "87654567",
            "messageid": "98348932",
            "notificationid": "4876513450",
            "attributes": {
            }
        },
        "signature": "F6+hjuMqbsH0Ku ... S16VbzRsw==",      
    },
    "version": "1.1"
}

Batch

Sent when the batch has been processed and the result report is available for download on the SFTP server. Note that this file will be available after a couple of days and depends on the processing time for the scheme. If a change occurs after the first notification, subsequent notifications will be sent containing only the instructions affected. So, eg for UK, if the batch notification is sent after three days, a reversal happens on two instructions after 6 days, a new batch notification will be sent and the csv will ONLY contain those instructions and their state.

Request parameters

DescriptionRequiredTypeExample
methodThe notification method, batchYesTextbatch
versionThe api versionYesText1.1
params
signatureThis is the signature, signed by Trustly and you must use Trustly's public key to verify it.YesTextR9+hjuMqbsH0Ku.. .S16VbzRsw==
uuidThe unique id of the notificationYesText258a2184-......-293525152425
DataDescriptionTypeExample
finalnotificationFlag indicating if the notification is final
1 - final notification
0 - more notifications are excepted
Text1
orderidUnique ID of the order returned when creating the batch.Text87654567
messageidThe messageId for the batchText12345678
currencyThe currency. Note this is not present for mandatesTextGBP
debitamountThe total amount of successful debit charges in the batch. Note this is not present for mandatesText10123.87
creditamountThe total amount of successful credit charges in the batch. Note this is not present for mandatesTest302.67
timestampThis is the last time something happened with the batch. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZText2023-05-31T09:19:30.066773Z
Attributes
batchfileThe name of the batch file sent earlierTextbatch.csv
reportchecksumThe MD5 checksum for the report fileText0cdf0945096283b9ba94e42150ba84d8
reportfileThe name of the report file located at the sftp serverTextbatch.csv_20230215_report.csv
executedNumber of successful instructionsNumber12311
failedNumber of failed instructionsNumber0
delayedNumber of delayed instructionsNumber0

Example request (notification)

{
    "method": "batch",
    "params": {
        "signature": "F6+hjuMqbsH0Ku ... S16VbzRsw==",
        "uuid": "258a2184-9021-b874-21ca-293425152415",
        "data": {
            "messageid": "98348932",
            "orderid": "87654567",
            "notificationid": "4876513450",
            "attributes": {
            	"batchfile": "batch.csv",
            	"reportchecksum": "0cdf0945096283b9ba94e42150ba84d8",
            	"reportfile": "batch.csv_20230215_report.csv",
            	"executed": 1231,
            	"failed": 0
            }
        }
    },
    "version": "1.1"
}

Transport layer for batch

Transportation for batch is sftp and this part describes how/where you upload and download files over SFTP and how you should work with the flow. On the server, the files must be placed in a specific folder.

For payments

📘

/batch/

For mandate importing

📘

/mandatebatch/

Note make sure to use the batch/mandatebatch folder, there are also the reports folder where you don't have write permissions.

📘

For the batch files, retention period is 4 weeks.

SFTP interaction

When uploading the batch file and downloading reports, SFTP is used. The API is not solely built upon SFTP rather a combination of JSON-RPC and then SFTP for transferring the data. It’s important to understand the flow, and it’s driven by the JSON-api, which instructs Trustly to look for a specific file on the SFTP server. Reporting status for the payments happens the same way, eg Trustly will upload the report file and once there send the notification that the report is available.

Sending batch file

  1. Create the CSV-File according to the specification and name it to something unique, eg request-20230215.csv.
  2. Calculate the MD5 checksum of the file (eg on linux/osx, the command is ‘md5sum file’)
  3. Upload the CSV-File to the SFTP server
  4. Create the DirectDebitBatchCharge request and set the value of BatchFile and Checksum to the values from above (1 & 2)

Batch notification

  1. When receiving the notification, respond back to Trustly that the notification has been received.
  2. Download the report from the SFTP server based on the information in the batch notification
  3. Process each row in the CSV and update your internal status for each instruction in the file.

Batch Process overview

Batch file format

The file-format used via SFTP is Comma Separated Values (CSV) which is a standard widely used. It’s however important to care about the character-set as well as separators etc, the table below describes what to use.

It's also important to note that you may not mix mandates, debits and credits in one single batch

DataDescriptionExample
Record separatorNew line or carriage return + newline, eg both unix and windows standard \n or \r\n\n
Separator charThis is the character used to separate the values, and should always be the comma char,
Escape charIf for any reason a comma must be used in any value, the char must be escaped so that it’s not interpreted as a separator. The escape char is the back-slash character\
Quotation charMostly for text blocks where eg a comma may be included. Everything within the quotations will be interpreted as the value for the column."
Decimal separatorFor all numeric values, always use the dot character as decimal separator.
Character setAlways use UTF-8 for the content in the file, even if non-ASCII is not to be used.UTF-8

CSV format

When submitting, eg the csv-file, it's important to always adhere to the columns and it's order. As new fields may be added over time, those will always be added to the right and when we read the request we will NOT consider the header-row if it's included, rather each column is mapped accordingly. The response eg the csv report file will always start with the columns from the request and after that the response values are included. Just as with the request file, you must consider the column index as we may also include new columns to the right.

It should also be clear that debit, credit and mandates are to be sent in different batches and you shall NOT mix the types in the files.

Debit and credit input file format (DirectPaymentBatch)

DataDescriptionTypeMandatoryExample
TypeDescribes the instruction type, DEBIT, CREDITTextYesDEBIT
AccountIDThe mandate to be used. Note that for Bankgiro, this is not mandatory if one refers to an imported mandate.TextYes/No123123123
AmountThe amount for the instructionNumericYes12.50
MessageIDA unique identifier for each chargeTextYes123123
CollectionType[Bacs]: Only valid for BACS debit.TextYes/NoINITIAL
ShopperStatementStatement that appear on the end users bank accountTextNoInvoice-23231
MandateMerchantReferenceThe mandate identificationTextYes197012131234
EmailThe email address of the end user.TextYes[email protected]
NationalIDThe national identification number.Format is yyyyMMddxxxx. Only applicable for Bankgiro(SE)TextNo197105130355
EndUserIdFor CREDIT it's required, for other types it will be ignored and taken from the mandate it self.TextYes/No12345678

Debit and credit output file format (DirectPaymentBatch)

For each output file, each row is available on the output file, and then the following columns are added to the end of the row.

DataDescriptionTypeExample
Report timestampThe instructions transition timestamp. Format yyyy-MM-ddTHH:mm:ss.SSSSSSZText2023-05-31T09:19:30.066773Z
StatusThe status of the instruction, either DONE or FAILEDTextDONE
FailureReasonIn case of failure status, a description of the failure. Please note that this field may be populated with the same info as details for cancel notifications, eg TK82_1(INSUFFICIENT FUNDS) and also the following

INVALID_TYPE
MISSING_AMOUNT
INVALID_AMOUNT
INVALID_REFERENCE
MISSING_MESSAGE_ID
INVALID_MESSAGE_ID
INVALID_BANK_STATEMENT
INVALID_NATIONAL_ID
INVALID_EMAIL
INVALID_END_USER_ID
MISSING_TYPE
MISSING_ACCOUNT_ID
INVALID_ACCOUNT_ID
INVALID_COLLECTION_TYPE
TextTK82_1(INSUFFICIENT FUNDS)
INVALID_REFERENCE
Bank execution dayThe day the payment was executed at the bank. Blank for failed or delayed payments.Text2023-04-31

Example files

For each debit/credit and scheme combination, below are examples of input and output files.

"Type","AccountID","Amount","MessageID","CollectionType","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId"
"DEBIT","1771996974","10.01","248ABCE5-7978-487E-BC16-6F1D410A3A87",,,"197610042389","[email protected]","197610042389","[email protected]"
"DEBIT","1771996974","10.02","7BAE92C7-5A24-4131-9FD5-A03EC8CAB3AD",,,"197610042389","[email protected]","197610042389","[email protected]"
"DEBIT","1771996974","10.05","A0926257-3FEE-4208-A221-75F4E4D56F6E",,,"197610042389","[email protected]","197610042389","[email protected]"
"Type","AccountID","Amount","MessageID","CollectionType","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId"
"CREDIT","1771996974","10.08","08B44B63-1DE2-47AC-99A9-D10087EC2063",,,"197610042389","[email protected]","197610042389","[email protected]"
"CREDIT","1771996974","10.09","49B30997-47A4-4733-AC46-14A56AAA4B6F",,,"197610042389","[email protected]","197610042389","[email protected]"
"CREDIT","1771996974","10.10","98EF7338-83E9-4CD7-8A3A-578FF98EDE23",,,"197610042389","[email protected]","197610042389","[email protected]"
"DEBIT","12312313",12.50,"345678901",INITIAL,"Invoice-1234","reference1"
"DEBIT","12312314",21.00,"345678902",,"Invoice-2345","reference2"
"DEBIT","12312315",39.70,"345678903",RECURRING,"Invoice-3456","reference3"
"DEBIT","12312316",99.10,"345678904",,"Invoice-5678","reference4"
"Type","AccountID","Amount","MessageID","CollectionType","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId"
"CREDIT","1231",88.50,"ClientTxId-1",,"Refund-invoice-1231","merchantRef-1","[email protected]",,"Joe-1"
"CREDIT","1232",188.50,"ClientTxId-2",,"Refund-invoice-1232","merchantRef-2","[email protected]",,"Joe-2"
"CREDIT","1233",388.50,"ClientTxId-3",,"Refund-invoice-1233","merchantRef-3","[email protected]",,"Joe-3"
"Type","AccountID","Amount","MessageID","CollectionType","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId"
"DEBIT","1231",125.50,"ClientTxId-1",,"Invoice-1234","merchantRef-1","[email protected]",,"John-1"
"DEBIT","1232",388.50,"ClientTxId-2",,"Your insurance-1234","merchantRef-2","[email protected]",,"John-2"
"DEBIT","1233",388.50,"ClientTxId-3",,"Payment for TV, receipt 1231231","merchantRef-3","[email protected]",,"John-3"
"Type","AccountID","Amount","MessageID","CollectionType","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId"
"CREDIT","1231",88.50,"ClientTxId-1",,"Re-payment-invoice-1231","merchantRef-1","[email protected]",
"CREDIT","1232",188.50,"ClientTxId-2",,"Re-payment-invoice-1232","merchantRef-2","[email protected]",,"Joe-2"
"CREDIT","1233",388.50,"ClientTxId-3",,"Re-payment-invoice-1233","merchantRef-3","[email protected]",,"Joe-3"

Mandate input file format (DirectMandateBatch)

DataDescriptionTypeMandatoryExample
TypeDescribes the instruction type, MANDATETextYesMANDATE
AccountIDIf you have the accountId for the account, then you can set it and skip the bankAccount/iban infoTextYes/No1239812379
MessageIDA unique identifier for each mandateTextYes123123
ShopperStatementThe statement text for the mandate.
[Bankgirot] - Not used
[BACS] - Supported
[SEPADD] - Supported
TextYesCar insurance
MandateMerchantReferenceThe mandate identification, merchantReferenceTextYes197012131234
EmailThe email address of the consumer.TextYes[email protected]
NationalIDThe national identification number.Format is yyyyMMddxxxx. Only applicable for Bankgiro(SE)TextNo197105130355
EndUserIdFor CREDIT it's required, for other types it will be ignored and taken from the mandate it self.TextYes12345678
FirstnameFor MANDATE it's required, for other types it will be ignored.TextYesJohn
LastnameFor MANDATE it's required, for other types it will be ignoredTextYesDoe
NotificationURLFor MANDATE it's required and is which url we'll notify changes on the mandate forTextYeshttps://ex.trustly.com/not/
ImportTypeFor MANDATE, as of now, only CREATE is possible for importing.TextYesCREATE
CountryFor MANDATE, the country for the mandateTextYesSE
MobilePhoneFor MANDATE, optionally add the debtors mobile phoneTextNo+4670000000
AddressLine1If the debtors address is available. Note that in SEPA, this is mandatoryTextYes/NoRådmansgatan 40
AddressLine2If eg building name etc is in the addressTextYes/NoFantastic Building
AddressCityThe city for the debtorTextYes/NoStockholm
AddressPostalCodeThe postal code of the debtorTextYes/No113 12
AddressCountryThe debtor's countryTextYes/NoSE
LocaleThe debtor's preferred locale. In SEPA in particular it's recomended.TextNosv_SE
BankNumberThe sort-code (BACS) or clearing number (Bankgiro)TextYes/No6100
AccountNumberAccount number (BACS, Bankgiro)TextYes/No310902269
IBANFor Sepa direct debitTextYes/NoFR123123123123
CreditorIdentifierFor sepa, when migrating, this is the old creditor identifier that you are migrating fromTextYes/NoFR123123
OriginalCreationDateWhen the mandate was originally created.TextNo2024-11-26

Mandate output file format (DirectMandateBatch)

For each output file, each row is available on the output file, and then the following columns are added to the end of the row.

DataDescriptionTypeExample
Report timestampThe timestamp for the resultText2024-11-25T13:14:55.76358Z
StatusThe status of the instruction, either DONE or FAILEDTextDONE
FailureReasonIn case of failure status, a description of the failure. Type of errors are:
INVALID_TYPE
INVALID_ORIGINAL_CREATION_DATE
INVALID_CREDITOR_IDENTIFIER
INVALID_IBAN
INVALID_BANK_ACCOUNT_NUMBER
INVALID_BANK_NUMBER
INVALID_ADDRESS_COUNTRY
INVALID_ADDRESS_POSTAL_CODE
INVALID_ADDRESS_LINE
INVALID_MOBILE_PHONE
INVALID_COUNTRY
INVALID_IMPORT_TYPE
UNSUPPORTED_IMPORT_TYPE
INVALID_ACCOUNT_ID
INVALID_FIRSTNAME
INVALID_LAST_NAME
INVALID_ADDRESS_CITY
INVALID_NOTIFICATION_URL
INVALID_REFERENCE
MISSING_MESSAGE_ID
INVALID_BANK_STATEMENT
INVALID_NATIONAL_ID
INVALID_EMAIL
INVALID_END_USER_ID
MISSING_TYPE
TextINVALID_NATIONAL_ID
AccountIdThe accountId if account information was present in the input fileText213123123
OrderIDThe orderId representation for this mandateText123123

Example files

For each scheme, below are examples of input and output files.

"Type","AccountID","MessageId","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId","Firstname","Lastname","NotificationURL","ImportType","Country","MobilePhone","AddressLine1","AddressLine2","AddressCity","AddressPostalCode","AddressCountry","Locale","BankNumber","AccountNumber","IBAN","CreditorIdentifier","OriginalCreationDate"
"MANDATE",,"D41F0783-2669-4117-8C55-55281487D448",,"197910032395","[email protected]","197910032395","Fred-1","Fredrik","Svensson","https://example.trustly.com/notification/197910032395","CREATE","SE","+46703121212","Drottninggatan 4",,"Örebro","70210","SE","sv_SE","83279","1110001110",,,
"Type","AccountID","MessageId","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId","Firstname","Lastname","NotificationURL","ImportType","Country","MobilePhone","AddressLine1","AddressLine2","AddressCity","AddressPostalCode","AddressCountry","Locale","BankNumber","AccountNumber","IBAN","CreditorIdentifier","OriginalCreationDate","Report timestamp","Status","FailureReason","AccountId","OrderId"
"MANDATE","","D41F0783-2669-4117-8C55-55281487D448","","197910032395","[email protected]","197910032395","Fred-1","Fredrik","Svensson","https://example.trustly.com/notification/197910032395","CREATE","SE","+46703121212","Drottninggatan 4","","Örebro","70210","SE","sv_SE","83279","1110001110","","","","2024-11-25T13:14:55.76358Z","DONE","","2994583062","8148948051"
"Type","AccountID","Amount","MessageID","CollectionType","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId","Firstname","Lastname","NotificationURL","ImportType","Country","MobilePhone","AddressLine1","AddressLine2","AddressCity","AddressPostalCode","AddressCountry","Locale","BankNumber","BankAccountNumber","Iban","CreditorIdentifier"
# Currently not supported.
"Type","AccountID","MessageId","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId","Firstname","Lastname","NotificationURL","ImportType","Country","MobilePhone","AddressLine1","AddressLine2","AddressCity","AddressPostalCode","AddressCountry","Locale","BankNumber","AccountNumber","IBAN","CreditorIdentifier","OriginalCreationDate","Report timestamp","Status","FailureReason","AccountId","OrderId"
"Type","AccountID","MessageId","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId","Firstname","Lastname","NotificationURL","ImportType","Country","MobilePhone","AddressLine1","AddressLine2","AddressCity","AddressPostalCode","AddressCountry","Locale","BankNumber","AccountNumber","IBAN","CreditorIdentifier","OriginalCreationDate"
"MANDATE",,"BA969EE4-67BF-4208-A960-FB1B1606545A",,"TRLY1729773214933","[email protected]",,"Fred-1","Fredrik","Schweinsteiger","https://example.trustly.com/notification/TRLY1729773214933","CREATE","DE","+49703121212","Zinnowitzer strasse 18",,"Berlin","10115","DE","de_DE",,,"DE75512108001245126199","AC21121223423","2020-03-21"
"Type","AccountID","MessageId","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId","Firstname","Lastname","NotificationURL","ImportType","Country","MobilePhone","AddressLine1","AddressLine2","AddressCity","AddressPostalCode","AddressCountry","Locale","BankNumber","AccountNumber","IBAN","CreditorIdentifier","OriginalCreationDate","Report timestamp","Status","FailureReason","AccountId","OrderId"
"MANDATE","","BA969EE4-67BF-4208-A960-FB1B1606545A","","TRLY1729773214933","[email protected]","","Fred-1","Fredrik","Schweinsteiger","https://example.trustly.com/notification/TRLY1729773214933","CREATE","DE","+49703121212","Zinnowitzer strasse 18","","Berlin","10115","DE","de_DE","","","DE75512108001245126199","AC21121223423","2020-03-21","2024-11-25T13:14:55.76358Z","DONE","","1696778901","8148948050"

Reports

Under the reports, most of them are related to the reports that the service generates with one exception, for bankgirot, we also provide a folder for mandates created by the consumer at the bank.

Reports for billing, mandates, debits and credits are available via SFTP. The reports are available for 12 month from creation and files have a naming convention according to below:

[username]_[scheme]_[day]_[type]_[category].csv.zip
eg for test, bacs, generated day dec-10, daily , debits -> 
test_bacs_2024-01-10_daily_direct_debit_transitions.csv.zip

There are daily reports, where from and to are the same, weekly and monthly reports. All files are reported in CSV format specified under batch csf-format.

Reports are located under the folder

📘

/reports/'scheme'/'year'/'month'/'user''scheme''type'_'category'.csv.zip

Categorys

Billing report

Example file: trustly_bankgirot_2023-12-01_monthly_billing_items.csv.zip

"Order ID","Message ID","End user ID","Type","Count","Created","Transitioned"
4501293578,"6472c348-282f-4464-9ba9-58b9fdff134d","tester","Successful mandate",1,"2023-11-30T18:02:21.475995Z","2023-12-01T00:30:00.40995Z"
7296456249,"d8354110-6047-4de3-bbd2-6e1a850533e7","tester","Successful mandate",1,"2023-11-30T13:46:50.517494Z","2023-12-04T00:30:00.471891Z"
7140026006,"6f91f17f-193a-486e-8e57-29a642281b2f","tester","Successful mandate",1,"2023-12-04T17:35:58.278369Z","2023-12-05T00:30:00.415242Z"

Mandate report

Example file: trustly_bankgirot_2023-12-01_monthly_mandate_transitions.csv.zip

"Order ID","Message ID","End user ID","Reference","Status","Failure reason","Failure details","Account ID","Amount","Currency","Created","Transitioned","Transitions"
7472622143,"c53ed295-24c1-4eb3-863e-c7de72f5ded6","tester",,"Failed","CHECKOUT_TIMEOUT",,,"N/A",,"2023-12-11T06:03:42.532931Z","2023-12-11T06:34:28.092312Z",
5988131268,"72a9d463-6cac-45a9-b4c7-f5695e6ca752","tester","**********6665","Successful",,,"2672607922","N/A",,"2023-12-07T16:08:11.281118Z","2023-12-11T00:30:00.486905Z","[\"Activated\"]"
4883244788,"8105c922-8fc6-4910-b9cb-35640ef90a72","tester",,"Cancelled",,,,"N/A",,"2023-12-05T10:47:54.479135Z","2023-12-05T10:48:19.734216Z",
4397008398,"5991523a-0477-4bde-853a-70a274c8a17b","tester","**********28076","Successful",,,"1326674678","N/A",,"2023-12-04T17:29:19.779894Z","2023-12-05T00:30:00.48104Z","[\"Activated\"]"
7140026006,"6f91f17f-193a-486e-8e57-29a642281b2f","tester","***********1013","Successful",,,"3805670135","N/A",,"2023-12-04T17:35:58.278369Z","2023-12-05T00:30:00.426667Z","[\"Activated\"]"

Debit report

Example file: trustly_bankgirot_2023-12-01_monthly_debit_payment_transitions.csv.zip

"Order ID","Message ID","End user ID","Reference","Status","Failure reason","Failure details","Account ID","Amount","Currency","Created","Transitioned","Transitions"
4755295954,"ba1df3cf-b42c-4c0f-b664-cc2eb73c6aa2","tester","*********0001GA","Failed","FAILED","BANKGIROT INSUFFICIENT_FUNDS","1304686402","1.00","SEK","2023-09-11T12:12:12.706088Z","2023-09-19T12:30:00.336048Z","[""Failed""]"
4344666554,"4f17bce4-db14-43ef-b725-c32613741391","tester","*********00018Y","Successful",,,"2880023560","1.00","SEK","2023-08-29T07:35:42.639077Z","2023-09-01T12:17:00.382302Z","[\"Successful\"]"

Credit report

Example file: trustly_bankgirot_2023-12-01_monthly_credit_payment_transitions.csv.zip

"Order ID","Message ID","End user ID","Reference","Status","Failure reason","Failure details","Account ID","Amount","Currency","Created","Transitioned","Transitions"
6406872524,"02173724-29a4-43e7-b907-53cf26d80fcd","""[email protected]""","CREDIT000000000Y","Successful",,,"1964406719","1.00","SEK","2023-09-19T06:40:48.85847Z","2023-09-20T09:30:00.324763Z","[""Successful""]"

Bank initiated mandate report (Bankgirot only)

This report is only available for bankgirot where the consumer has the ability to register their mandate towards your bankgiro-number if you have it configured to be searchable in the internet bank.

If your bankgiro is open for registrations via the internet bank, you need to periodically connect to the sftp and check for new files which contains the information needed to import the mandate.

The general flow is, get the file with mandates, parse it and for each mandate-row, call ImportDirectDebitMandate with the corresponding values. Once this has been completed, the mandate is available for debits/credits and behaves as any other mandate you have.

The files on the sftp will be named as eg 2023-11-01T10:15:30.123456789Z-mandates.csv and an example is shown below.


📘

/reports/bankgirot/internet-bank-created-mandates

"MerchantReference","NationalID","ClearingNumber","AccountNumber","NameAndAddressLine1","NameAndAddressLine2","NameAndAddressLine3","NameAndAddressLine4","AddressPostalCode","AddressCity","InformationFromPayer"
"197106090001", "197106090001", "6000","310902371","Anders Svensson"","some street 1","Stockholm","11100","Customer number 123"

SFTP

The sftp server is available on the following locations for sandbox/test and production

📘

Sftp host's for the different environments

  • Production: sftp.prd.trustly.cloud
  • Test: sftp.sbx.trustly.cloud

It's used both for the batch processing as well as for reports.

Connecting to the server

Important: The private key is extremely secret and should only be kept by authorised personnel.

Then you connect to the SFTP server like this

sftp -i your_private_key.pem [email protected]
cd batch // or cd reports
get/put file

Once there, use the normal ftp commands to transfer files to and from the server. How long the files are kept on the server varies from folder to folder, see the different sections for retention periods.

Test Scenarios

The test scenarios can be selected by clicking on the Show Test Scenarios link in checkout.
The mandates and payments involved in test scenarios are never added to batches and are for mock purposes only.

Activate mandate 10s after confirmation

This will activate the mandate 10s after it has been confirmed in the checkout.

Fail mandate 10s after confirmation

This will deactivate the mandate 10s after it has been confirmed in the checkout.

Fail debit payment for this mandate after 10s

This will simulate a debit payment failure in 2 steps:

  • Sign up for a mandate in the checkout, it will activated 10s after it has been confirmed.
  • Do a direct debit charge on the activated mandate and it will be marked as failed.

Complete debit payment for this mandate after 10s

This will simulate a successful debit payment in 2 steps:

  • Sign up for a mandate in the checkout, it will activated 10s after it has been confirmed.
  • Do a direct debit charge on the activated mandate and it will be marked as successful.

Fail credit payment for this account after 10s

This will simulate a credit payment failure in 2 steps:

  • Sign up for a mandate in the checkout, it will activated 10s after it has been confirmed.
  • Do a direct credit charge on the activated mandate and it will be marked as failed.

Complete credit payment for this account after 10s

This will simulate a successful credit payment in 2 steps:

  • Sign up for a mandate in the checkout, it will activated 10s after it has been confirmed.
  • Do a direct credit charge on the activated mandate and it will be marked as successful.

Fail refunds for debit payments for this mandate after 10s

This will simulate a debit payment refund failure in 3 steps:

  • Sign up for a mandate in the checkout, it will activated 10s after it has been confirmed.
  • Do a direct debit charge on the activated mandate and it will be marked as successful.
  • Do a refund on the direct debit charge and it will fail.

Complete refunds for debit payments for this mandate after 10s

This will simulate a successful debit payment refund in 3 steps:

  • Sign up for a mandate in the checkout, it will activated 10s after it has been confirmed.
  • Do a direct debit charge on the activated mandate and it will be marked as successful.
  • Do a refund on the direct debit charge and it will be successful.

Test data, BACS manual entry

In order to test how the manual-entry validation works, you will need to use specific information about the consumer.

Person-1
Name: Sharon Rajapaksa
DoB: 1973-08-31
AddressLine1: 80B High street
City: ST. Albans
Postalcode: AL3 8LE
Sort-code: 070116
Account number: 00035305

Person-2
Name: Linda Duff
DoB: 1986-01-21
AddressLine1: 198 Hand avenue
City: Leicester
Postalcode: LE3 1SL
Sort-code: 070116
Account number: 00043156