Overview
MDD is our pan European Direct Debit offering that can be used for billers, subscriptions, payment-plans etc.
Direct debit combines the creation of mandates that are approved by the consumer and the pull payment performed by the merchant. In eg the Eurozone, the mandate is an abstraction while in SE/UK there exists a mandate in the scheme, however using our api the abstraction of the mandate is represented with an accountId (see futher down the docs for the description).
Concepts and back-ground
Rails like BACS, Bankgiro, Sepa DD have been around for quite a long time. Trustly combines these rails with open-banking to make the consumer journey as seamless and safe as one can onboarding onto these schemes.
Direct debit combines the creation of mandates that are approved by the consumer and the pull payment performed by the merchant. It also includes push, but with push, no mandate is required.
While integrating Trustly’s MDD service, it’s important to understand how to handle the notifications (link to notifications overview) and how they correlate to the order. If this is the first integration, please read the overview, cancel, pending, account notifications. There are a few additional attributes that MDD introduces, but in general an account notification is the same with all products.
A few important parameters are UUID which is how Trustly manages idempotency, if you reuse it you may get strange error messages if you change the content of the payload, please only re-use it if you didn’t get a response (timeout or a 500). MessageID which must be unique for each order, this can be seen as your own transaction id(sent in notifications along with the orderId). You either identify the notification based on the MessageID or on the OrderID. EndUserID should be your representation of the consumer in your system, can be an email, UUID or similar, but this is the consumer you will be charging.
Typically, you will have an order for a successfully setup mandate, when the mandate changes or if e.g. it fails to set up, a notification is sent by Trustly. This notification will refer to the order that you as a merchant received when creating the order. It’s important to note that in some rare cases, a notification may not be received by you in the same order as it was sent (e.g. retries due to network issues, being sent almost simultaneously etc). Please read this section carefully around how to manage this in the MDD service.
It’s also important to understand that the type of notification and the order is of importance, e.g. a cancel notification may mean different things for a debit or a mandate setup order.
The MDD service is using the following notifications which must be implemented: cancel, account, pending, batch, credit and debit. Please note that for credit and debit, it's referring to the merchant's side of things, eg when merchant's balance is increased a credit notification is sent and when the merchants balance is decreased a debit notification is sent.
Scheme details
This is just a short description of how the different schemes work and it's of importance of knowing the differences even though it's one api for all of them. For futher info, please contact your bank or
Cut-off times
As with the nature of direct debit, or all payments where there is no instant scheme, cut-off times are of importance to understand when the funds get's pulled from the consumers account and when one can expect the funds to arrive, it's not always the same day.
See the table below for the cut-off times, note that only banking days are accounted for.
Scheme | Cut-off | PaymentDay |
---|---|---|
BACS(UK) | 19:00 UTC | T+2, meaning if you submit the instruction before cut-off, the funds will leave the end-user's account on day-3. Submitting it at 18:00 UTC on a Friday, means that the funds leave end-user account on Tuesday. Your account will also be credited on Tuesday. |
Bankgiro(SE) | 16:00 UTC | T+1, meaning if you submit the instruction before cut-off, the funds will leave the end-user's account on day 2. Submitting it at 16:00 UTC on a Friday, means that the funds leave end-user account on Monday. Your account will also be credited on Monday. |
SepaDD(€-zone) | 22:00 UTC | T+2, meaning if you submit the instruction before cut-off, the funds will leave the end-user's account on day-2. Submitting it at 22:00 UTC on a Friday, means that the funds will leave the end-user account on Tuesday. Your virtual-account will also be credited the same day. |
BACS
In UK, we're acting as a bureau which means that the funds will land on an account owned by you as a merchant and Trustly acts as a technical provider. You will need to provide us with your SUN number and we'll provide you with a Bureau number. Please speak to your account manager for more on this.
The bacs payment scheme has been around since the 1970:s and has its peculiar properties. In the scheme, there's no information about successful instructions, only the failed ones are reported back. The scheme is aware of the mandate, eg it's registered within the scheme. It's also important to know about the Advanced notification period, and typically it's 10 days but can be negotiated with the bank. If it's 10 days, this means that one will have to wait 10 days after the mandate has been setup before a debit instruction can be sent.
It's important to understand the BACS 1-2-3 schedule and how it also works for non successful instructions taking it to a BACS 1-2-3-4-5 schedule.
For the normal, happy case
- Submission day - this is the day that the file with instructions are submitted into the scheme.
- Instruction day - this is the day that bacs informs the debtor and creditor bank about the instruction
- Payment day - this is the day that the payment takes place, your bank account get's credited and the end-user's account gets debited.
For the case where there is an error, there's still the 1-2-3 going on, but day-3 also becomes day-1 for the reversal.
- Submission day
- Instruction day
- Payment day, but also submission day for the reversal. Reason here is that your account will be credited in the lump-sum, but a separate debit will also take place.
- Instruction day, informing debtor and creditor bank about the transfer
- Payment day, the funds are taken from your account and end-user's account get's credited.
As of this long schedule, and also as some banks are slower on reporting, finding out that the instruction was really successful, one must wait 7 days to be sure. However, this can be configured on behalf of your need and eg sending the credit notification on day-3 you must be aware that the debit notification may arrive on day-7.
Bankgiro
Most of the times when we refer to bankgiro, we're actually referring to Autogiro but as we're also using other parts, bankgiro is the umbrella for the different services bankgirot provides. Sometimes also Autogirot is mentioned like bg Autogiro.
In SE, we're acting as a bureau which means that the funds will land on an account owned by you as a merchant and Trustly acts as a technical provider. You will need to provide us with your BankGiro number and we'll provide you with a Service Bureau Number. Please speak to your account manager for more on this.
Bankgiro is also an old scheme but works a bit different from BACS. The scheme sends information both around the successful and unsuccessful instructions and it's faster. Mandates are also registered within the scheme and a similar thing as the advance notification period exists, after the mandate is registered it have to pass 5 days before a debit instruction can be sent using the mandate. There may be other timelines that your bank will apply to you as a merchant.
Sepa DirectDebit
In the euro-zone, we're not a service bureau in the same way, and collection of funds happen via Slimpay. You will need to be onboarded with Slimpay and have your own CID. Please speak to your account manager for more on this.
In the Sepa DirectDebit, there's actually no real mandate registered within the scheme and hence not really an advanced notification period. After setting up the mandate, a debit instruction may be sent right away.
As an equivalent mechanism however, there's a "No questions asked" mechanism available meaning that the end-user can revert the payment within the bank without any interference from the banks hence it becomes important that the end-user is aware of why the funds where deducted and also to whom. This we solve by making sure the end-user has access to the account when setting it up, the CID is merchant specific and the virtual account is used for collecting the funds.
General notification information
Notifications are very central to the service and without handling them properly, your service will malfunction. Please make sure to handle the different notifications and also note the differences in parameters based on which context they are used from, eg a credit notification for a refund contains information to distinguish it from the credit notification for the direct-debit.
Please also note that when validating the signatures for notifications, you need to validate it with Trustly's public key as it's signed by Trustly's private key. This is in a way the other way around as when it comes to the requests you make. When signing the response, you use your own private key and Trustly is using your public key to validate the response.
If you are not able to handle the notification (not sending a valid response), Trustly will re-trigger the notifications for a period of time.
Valid response to all notifications
The only valid response allowed to notification calls is "OK" and with a signature
Status Description OK The only valid response to notification, if you couldn't handle the notification you may respond with anything else, eg failure or even a http-500 status. Example
{ "result": { "signature": "D5FjuMqf3H0Ku ... S16VbzR5v==", "uuid": "<the uuid for the notification received>", "method": "<the method of the notification>", "data": { "status": "OK" } }, "version":"1.1" }
Process overview
Below is a generic diagram on how direct debit works.
Mandates, enabling direct debits
A mandate is a representation of an agreement between the end-user and the merchant for pulling funds out of the end-user's account based on the agreement for the service.
DirectDebitMandate
Create a direct debit mandate. This will return a url that the end-user should be redirected to. Once the end-user completes the flow, the end-user will be redirected to the success-url and notifications will be sent accordingly. If done in a physical environment, an operator can collect the details on an iPad and start the setup process which the consumer can finish by reading the QR-Code with the camera on their mobile device to complete the setup of the mandate.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The method to be called | Yes | Text | DirectDebitMandate |
version | The api version | Yes | Text | 1.1 |
params | ||||
Signature | The Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialisation of the Data{} object]. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
UUID | The unique identifier for the request. | Yes | Text | 258a2184-2842-b485-25ca-293525152425 |
Data | Description | Required | Type | Example |
---|---|---|---|---|
Username | The username, should be received when onboarding. | Yes | Text | joe |
Password | The password, should be received when onboarding. | Yes | Text | secret |
MessageID | Your unique ID for for the order in your system. This is to manage idempotency at the application layer. | Yes | Text | 12345678 |
NotificationURL | The URL to which notifications for this mandate should be sent to. Please note that this must use the https scheme and the ssl certificate must be valid. Please also note that post must be any of 443 and 8443 | Yes | Text | https://your_nofitication_url |
EndUserID | ID, username, hash or anything uniquely identifying the end-user requesting the deposit. This basically identifies the mandate as well. [Sepa-DD] This field is limited to 35 characters [BACS/Bankgiro] This field is limited to 63 characters | Yes | Text | 123123 |
Attributes | ||||
AccountID | The AccountID retrieved from a previous payment or an account select. If set, the bank selection and login to the bank is not needed. | No | Text | 1234567890 |
MerchantReference | This parameter in a way identifies the mandate you are to setup. If it's already used, you will receive an error, ERROR_MERCHANT_REFERENCE_ALREADY_EXISTS which basically informs you that there's already a mandate with that reference. [BACS]: The unique mandate reference. 6 - 10 characters consisting of A-Z and 0-9. Can not begin with DDIC and neither consists of the same characters, eg. AAAAAAA. [Bankgiro]: The unique mandate reference. This must be numeric and unique for the payer, eg nationalId or similar can be used. Format needs to follow regexp [1-9][0-9]{5-15} [SEPA-DD]: The unique mandate reference. This must be unique for the end-user for you as a merchant. Format needs to follow regexp [0-9,a-z,A-Z]{10-35} | Yes | Text (6-11) | 123ABC0123 |
Country | The country where the mandate is to be created. | Yes | Text | GB |
Firstname | The first name of the end user. [BACS]: Only mandatory if manual entry should be enabled. [Bankgiro]: Mandatory [Sepa-DD]: Mandatory | Yes/No | Text | John |
Lastname | The last name of the end user. [BACS]: Only mandatory if manual entry should be enabled. [Bankgiro]: Mandatory [Sepa-DD]: Mandatory | Yes/No | Text | Doe |
The email address of the end user. | Yes | Text | [email protected] | |
MobilePhone | The mobile phone number of the end-user in international format. The format of the number should be in +xxxx, eg +46703000000 for a swedish phone. [BACS/Bankgiro] Optional [Sepa-DD]For manual entry in the sepa region, the mobile number is mandatory and an OTP is sent to the phone in order to complete the mandate setup. | Yes/No | Text | +46709876543 |
SuccessURL | The URL to which the end-user should be redirected after a successful mandate creation. | Yes | Text | https://your_success_page |
FailURL | The URL to which the end-user should be redirected after a failed mandate creation. | Yes | Text | https://your_fail_page |
DateOfBirth | The end-user's date of birth in the format yyyy-MM-dd. Only applicable for BACS(GB). [BACS]:For manual entry, adding this makes scoring better. | Yes/No | Text | 1972-05-17 |
NationalIdentificationNumber | The national identification number.Format is yyyyMMddxxxx. Only applicable for Bankgiro(SE) [Bankgiro]: To preset the nationalId to use for setting up the mandate. To make the end-user journey smooth, please use this parameter. | No | Text | 197105130355 |
UnchangeableNationalIdentificationNumber | Only applicable for Bankgiro(SE) [Bankgiro]If the nationalId should be locked to the value of NationalIdentificationNumber, then set this to 1 or omit the parameter (you may set it to 0 as well). | No | Text | 1 |
PaymentSchedule | If the payment plan is known in advance, this information is displayed when approving the mandate. | No | JSON | {Currency:"EUR", Payments:[{Date: "2023-01-01" Amount: "100.50"}]} |
AddressLine1 | [BACS]:If flat and building is available, then use that for this field. If there's no flat/building at all, then use the street and number. Note that without AddressLine1, manual entry will be disabled. [Bankgiro]: Not mandatory [SepaDD]: Mandatory | Yes/No | Text | 12 Osborne Rd |
AddressLine2 | [BACS]:If there are flat and building information, then use addressLine2 for the street and number. Note that without AddressLine1, manual entry will be disabled. [Bankgiro]: Not mandatory [SepaDD]: Optional and depends on the country if needed. | Yes/No | Text | |
AddressCity | The city of the end user. Same rules as with address line applies | Yes/No | Text | Luton |
AddressPostalCode | The postal code of the end user. Same rules as with address line applies | Yes/No | Text | LU1 3HJ |
AddressCountry | The country-code of the end user. Same rules as with address line applies | Yes/No | Text | GB |
Locale | The desired language for the mandate creation. | No | Text | en_GB |
Theme | Whether light or dark theme should be used. DARK, LIGHT or DEFAULT. For default, the web-browser settings will be used. | No | Text | |
ReturnToAppURL | Please note that when rendering the Trustly mandate request from a native app you are required to pass your application's URLScheme as an attribute to the mandate initiation request. By doing so, Trustly can redirect users back to your app after using external identification apps such as Mobile BankID: Please visit this link for more info. It must not be included for transactions that are not originating from an app. | No | Text | yourCustomURLScheme:// |
ShopperStatement | This is how the mandate will appear on the bank for BACS. [BACS] Max 18 chars and will be converted to upper case. If missing, your merchant name will be used. [SEPA],[Bankgiro] Not supported (eg parameter is ignored) | No | Text | MyCompany |
URLTarget | The html target/framename of the SuccessURL. Only _top, _self and _parent are suported. | No | Text | |
UseManualEntry | 1 to enable manual entry 0 to disable manual entry If not supplied then fallback to configuration set for merchant | No | Text | 1 |
Method | If you want to set the bank to use or eg ManualEntry. For bank code, make sure the code is valid for the country | No | Text | MANUAL_ENTRY, HAND, SWED, BARC, BELA, AGRI, .... |
Response parameters
Please note that for native app integrations, append the query parameter "IsNative=true" to the url before launching it to make the application aware that it lives within a native app. Also, it's important that you do use the ReturnToAppUrl when creating the order and intend to use it in a native app.
Description | Required | Type | Example | |
---|---|---|---|---|
version | The api version | Yes | Text | 1.1 |
result | ||||
method | The method, DirectDebitMandate | Yes | Text | DirectDebitMandate |
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The uuid for the request | Yes | Text | a231a-.....-123123 |
data | Description | Type | Example |
---|---|---|---|
orderid | The id for the order created | Text | 87654567 |
url | The url for the end-user, please see our general guidelines around iFraming, nativeApps etc for best usabillity. In general, never iFrame the url for mobile devices. | Text | https://checkout.trustly.com/mdd/ |
Example request
{
"method": "DirectDebitMandate",
"params": {
"Data": {
"Username": "merchant_username",
"Password": "merchant_password",
"MessageID": "your_unique_order_id",
“EndUserID”: "unique_end_user_id",
"NotificationURL": "https://URL_to_your_notification_service",
"Attributes": {
"AccountID": "12345678",
"MerchantReference": "1234567890123",
"Country": "GB",
"Firstname": "Steve",
"Lastname": "Smith",
"Locale": "en_GB",
"Email": "[email protected]",
"MobilePhone": "+46709876543",
"SuccessURL": "https://example.com/success",
"FailURL": "https://example.com/fail",
"AddressLine1": "74 Oxford Rd",
"AddressLine2": "",
"AddressCity": "Drighlington",
"AddressPostalCode": "BD11 2YJ",
"AddressCountry": "GB",
"ReturnToAppURL": "yourCustomURLScheme://"
}
},
"Signature": "Hh+sfaUnbtMKW[...]9YngA9bTpiqxw==",
"UUID": "258a2184-2842-b485-25ca-293525152425"
},
"version": "1.1"
}
Example response
{
"result": {
"signature": "R9+hjuMqbsH0Ku ... S16VbzRsw==",
"uuid": "258a2184-2842-b485-25ca-293525152425",
"method": "DirectDebitMandate",
"data": {
"orderid": "2190971587",
"url": "https://checkout.trustly.com/mdd/checkout?sessionId=3f9.....377&orderId=8365631872"
}
},
"version": "1.1"
}
CancelDirectDebitMandate
Cancels a direct debit mandate.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The method to be called | Yes | Text | CancelDirectDebitMandate |
version | The api version | Yes | Text | 1.1 |
params | ||||
Signature | The Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialisation of the Data{} object]. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
UUID | The unique identifier for the request. | Yes | Text | 258a2184-2842-b485-25ca-293525152425 |
Data | Description | Required | Type | Example |
---|---|---|---|---|
Username | The username, should be received when onboarding. | Yes | Text | Joe |
Password | The password, should be received when onboarding. | Yes | Text | secret |
OrderID | The OrderID returned when creating the direct debit mandate | Yes | Text | 12345678 |
Response parameters
Description | Required | Type | Example | |
---|---|---|---|---|
version | The api version | Yes | Text | 1.1 |
result | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The uuid from the request | Yes | Text | a231a-.....-123123 |
method | The method from the request | Yes | Text | CancelDirectDebitMandate |
data | Description | Type | Example |
---|---|---|---|
result | 1 if the cancel was accepted, 0 otherwise. Note that this does not indicate that the mandate has been removed in the scheme, that happens in a later stage. | Text | 1 |
rejected | ERROR_MANDATE_NOT_FOUND - the mandate does not exist. ERROR_MERCHANT_REFERENCE_ALREADY_EXISTS - If the merchant reference is already used. | Text | ERROR_MANDATE_NOT_FOUND |
Example request
{
"method": "CancelDirectDebitMandate",
"params": {
"Data": {
"Username": "merchant_username",
"Password": "merchant_password",
"OrderID": "123456789"
},
"Signature": "Hh+sfaUnbtMKW[...]9YngA9bTpiqxw==",
"UUID": "258a2184-2842-b485-25ca-293525152425"
},
"version": "1.1"
}
Example response
{
"result": {
"signature": "R9+hjuMqbsH0Ku ... S16VbzRsw==",
"uuid": "258a2184-2842-b485-25ca-293525152425",
"method": "CancelDirectDebitMandate",
"data": {
"result": "0" | "1",
"rejected": ""
}
},
"version": "1.1"
}
ImportDirectDebitMandate
Importing mandates is usually done when switching from one provider to Trustly and there are currently two scenarios supported, CREATE and REGISTER. The CREATE is used to get the information imported into Trustly's system which does not involve registering the mandate within the scheme. The REGISTER import is used when the mandate is to be re-registered within the scheme.
Notifications are sent in the same way as for creating mandates, eg account notifications and cancel notifications will/can be emitted for the order.
Please note that before importing mandates, you must speak to your account manager as this feature is only available when moving from one provider to another and by default this feature is not enabled.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The method to be called | Yes | Text | ImportDirectDebitMandate |
version | The api version | Yes | Text | 1.1 |
params | ||||
Signature | The Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialisation of the Data{} object]. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
UUID | The unique identifier for the request. | Yes | Text | 258a2184-2842-b485-25ca-293525152425 |
Data | Description | Required | Type | Example |
---|---|---|---|---|
Username | The username, should be received when onboarding. | Yes | Text | joe |
Password | The password, should be received when onboarding. | Yes | Text | secret |
MessageID | Your unique ID for for the order in your system. This is to manage idempotency at the application layer. | Yes | Text | 12345678 |
EndUserID | ID, username, hash or anything uniquely identifying the end-user. This basically identifies the mandate [Sepa-DD] This field is limited to 35 characters [BACS/Bankgiro] This field is limited to 63 characters | Yes | Text | 123123 |
NotificationURL | The URL to which notifications for this mandate should be sent to. Please note that this must use the https scheme and the ssl certificate must be valid. Please also note that post must be any of 443 and 8443 | Yes | Text | https://your_nofitication_url |
Attributes | ||||
AccountID | The AccountID representing the account | Yes/No | Text | 1234567890 |
BankNumber | The bank number, when not using the AccountID. [BACS]: The sort-code [Bankgiro]: The clearing number [SEPA-DD]: Not used | Yes/No | Text | 6100 or 612312 |
AccountNumber | The bank account number, when not using the AccountID. [BACS]: The account number [Bankgiro]: The account number [SEPA-DD]: Not used | Yes/No | Text | 391123112 |
IBAN | The iban when not using the AccountID. [BACS]: Not used [Bankgiro]: Not used [SEPA-DD]: The iban | Yes/No | Text | DE1231231231.... |
MerchantReference | [BACS]: The unique mandate reference (core reference). 6 - 10 characters consisting of A-Z and 0-9. Can not begin with DDIC and neither consists of the same characters, eg. AAAAAAA. [Bankgiro]: The unique mandate reference. This must be numeric and unique for the payer, eg nationalId or similar can be used. Format needs to follow regexp [0-9]{6-16} [SEPA-DD]: The unique mandate reference. This must be unique for the end-user for you as a merchant. Format needs to follow regexp [0-9,a-z,A-Z]{10-35} | Yes | Text (6-11) | 123ABC0123 |
ImportType | Either one of CREATE, REGISTER or MIGRATE. CREATE does not register the mandate with the scheme and REGISTER does. MIGRATE is used when moving from one provider to another. SEPA - CreditorIdentifier to another and BACS - Full volume test, eg moving from paper-mandates to digital | Yes | Text | CREATE |
CreditorIdentifier | The old creditor identifier | |||
Country | The country for the mandate. | Yes | Text | GB |
Firstname | The first name of the end user. | Yes/No | Text | John |
Lastname | The last name of the end user. | Yes/No | Text | Doe |
The email address of the end user. | Yes/No | Text | [email protected] | |
MobilePhone | The mobile phone number of the end-user in international format. | No | Text | +46709876543 |
ShopperStatement | This controls how the mandate appears on the consumer's bank. [BACS] If the import type is REGISTER, then this will control how the mandate appears on the bank for the consumer [Bankgiro/SepaDD] Not available | No | Text | MusicStore |
NationalIdentificationNumber | The national identification number.Format is yyyyMMddxxxx. Only applicable for Bankgiro(SE) [Bankgiro]: To preset the nationalId to use for setting up the mandate. To make the end-user journey smooth, please use this parameter. | No | Text | 197105130355 |
AddressLine1 | [BACS]:If flat and building is available, then use that for this field. If there's no flat/building at all, then use the street and number. Note that without AddressLine1, manual entry will be disabled. [Bankgiro]: Not mandatory [SepaDD]: Mandatory | Yes/No | Text | 12 Osborne Rd |
AddressLine2 | [BACS]:If there are flat and building information, then use addressLine2 for the street and number. Note that without AddressLine1, manual entry will be disabled. [Bankgiro]: Not mandatory [SepaDD]: Optional and depends on the country if needed. | Yes/No | Text | |
AddressCity | The city of the end user. Same rules as with address line applies | Yes/No | Text | Luton |
AddressPostalCode | The postal code of the end user. Same rules as with address line applies | Yes/No | Text | LU1 3HJ |
AddressCountry | The country-code of the end user. Same rules as with address line applies | Yes/No | Text | GB |
UseBatch | [SepaDD] When importing mandates and mandate signing is enabled but the import should be on batch and not a single one, eg importing many mandates in a short period of time | No | Text | 1 | 0 |
Locale | [SepaDD] When skipping the checkout, importing directly and mandate signing is in place, locale should be set so that the mandate sent to consumer get's the correct language. | No | Text | de_DE |
Response parameters
Description | Required | Type | Example | |
---|---|---|---|---|
version | The api version | Yes | Text | 1.1 |
result | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The uuid from the request | Yes | Text | a231a-.....-123123 |
method | The method from the request | Yes | Text | ImportDirectDebitManda |
data | Description | Type | Example |
---|---|---|---|
orderid | The orderId for this request | Text | 12312312 |
result | 1 if the import was accepted, 0 otherwise. Note that this does not indicate that the mandate has been fully registered. An account notification will be sent to inform about the activation of the mandate. | Text | 1 |
rejected | Reasons for not being able to import the mandate ERROR_ACCOUNT_NOT_FOUND - AccountID not found ERROR_IMPORT_MANDATE_NOT_ALLOWED - mandate is not allowed for this account BANK_ACCOUNT_NUMBER_BLOCKED - account can't be imported as it's blocked. ERROR_INVALID_ACCOUNT_NUMBER - account is invalid ERROR_IMPORT_MANDATE_NOT_ALLOWED - importing not allowed ERROR_MANDATE_ALREADY_EXISTS - An active mandate already exists ERROR_INVALID_IMPORT_TYPE - Invalid type ERROR_MERCHANT_REFERENCE_ALREADY_EXISTS - Already exist ERROR_UNKNOWN - other reasons | Text | ERROR_UNKNOWN |
accountid | The accountID for the imported mandate. Note this is not in the response if the request fails | Text | 123123123 |
directdebitmandate | Indication that the mandate is not active or not. For CREATE, typically it will be 1, while for REGISTER/MIGRATE is will be 0. Note this is not in the response if the request fails | Text | 0 | 1 |
bankcode | The bankcode for the account imported. Note this is not in the response if the request fails | Text | HSBC, SWED... |
descriptor | The account masked, eg ****1234. Note this is not in the response if the request fails | Text | ****1234 |
lastdigits | The last digits of the account, eg 1234. Note this is not in the response if the request fails | Text | 1234 |
bankidentifier | The sortcode, clearingnumer or BIC depending on market. Note this is not in the response if the request fails | Text | 123123 |
clearinghouse | The clearinghouse | Text | Sweden |
bank | The name of the bank | Text | Swedbank |
Example request
{
"method": "ImportDirectDebitMandate",
"params": {
"Data": {
"Username": "merchant_username",
"Password": "merchant_password",
"MessageID": "your_unique_order_id",
“EndUserID”: "unique_end_user_id",
"NotificationURL": "https://URL_to_your_notification_service",
"Attributes": {
"AccountID": "12345678",
"MerchantReference": "1234567890123",
"ImportType": "CREATE",
"Country": "GB",
"Firstname": "Steve",
"Lastname": "Smith",
"Email": "[email protected]",
"MobilePhone": "+46709876543",
"AddressLine1": "74 Oxford Rd",
"AddressLine2": "",
"AddressCity": "Drighlington",
"AddressPostalCode": "BD11 2YJ",
"AddressCountry": "GB",
}
},
"Signature": "Hh+sfaUnbtMKW[...]9YngA9bTpiqxw==",
"UUID": "258a2184-2842-b485-25ca-293525152425"
},
"version": "1.1"
}
Example response
{
"result": {
"signature": "R9+hjuMqbsH0Ku ... S16VbzRsw==",
"uuid": "258a2184-2842-b485-25ca-293525152425",
"method": "ImportDirectDebitMandate",
"data": {
"orderid": "123123123",
"result": "0" | "1",
"rejected": "",
"accountid": "123123123",
"directdebitmandate" : "0",
"bankcode" : "SWED",
"descriptor": "******9736",
"lastdigits": "9736",
"bankidentifier": "85947",
"clearinghouse": "Sweden",
"bank": "Swedbank"
}
},
"version": "1.1"
}
Errors and details for mandates
The information in this section relates to the notifications and describes the different meanings of the detail attribute.
Please note that as far as possible, the details is formatted as scheme error(message), but not that some scheme errors are duplicates in the scheme and we may add eg _01 to the first part.
BACS
For bacs, the first part, eg ADDACS_0 is the same as with the bacs error codes.
Description of detail in cancel notifications
The reason for why a mandate was failed or cancelled can be found in the details.
Format for cancel notification detail: [SCHEME] [CATEGORY]_[CODE](DESCRIPTION) BACS ADDACS_0(INSTRUCTION CANCELLED - REFER TO PAYER) BACS ADDACS_1(INSTRUCTION CANCELLED BY PAYER) BACS ADDACS_2(PAYER DECEASED) BACS ADDACS_3(INSTRUCTION CANCELLED, ACCOUNT TRANSFERRED) BACS ADDACS_B(ACCOUNT CLOSED) BACS ADDACS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH) BACS ADDACS_D(ADVANCE NOTICE DISPUTED) BACS ADDACS_E(INSTRUCTION AMENDED) BACS ADDACS_R(INSTRUCTION REINSTATED) BACS AUDDIS_1(INSTRUCTION CANCELLED BY PAYER) BACS AUDDIS_2(PAYER DECEASED) BACS AUDDIS_3(ACCOUNT TRANSFERRED) BACS AUDDIS_5(NO ACCOUNT) BACS AUDDIS_6(NO INSTRUCTION) BACS AUDDIS_B(ACCOUNT CLOSED) BACS AUDDIS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH OF BANK…) BACS AUDDIS_F(INVALID ACCOUNT TYPE) BACS AUDDIS_G(BANK WILL NOT ACCEPT DIRECT DEBITS ON ACCOUNT) BACS AUDDIS_H(INSTRUCTION HAS EXPIRED) BACS AUDDIS_I(PAYER REFERENCE IS NOT UNIQUE) BACS AUDDIS_K(INSTRUCTION CANCELLED BY BANK) BACS AUDDIS_L(INCORRECT PAYERS ACCOUNT DETAILS) BACS AUDDIS_M(TRANSACTION CODE/USER STATUS INCOMPATIBLE) BACS AUDDIS_N(TRANSACTION DISALLOWED AT PAYERS BRANCH) BACS AUDDIS_O(INVALID REFERENCE) BACS AUDDIS_P(PAYERS NAME NOT PRESENT) BACS AUDDIS_Q(SERVICE USER NAME IS BLANK)
Bankgiro
For bankgiro, the first part is from the scheme, eg TKXX, while the second part is something we add to make it unique for the scope, _YY for a representation of TKXX_YY(description)
Description of detail in cancel notifications
The reason for why a mandate was failed or cancelled can be found in the details.
Format for cancel notification detail: [SCHEME] [CATEGORY]_[CODE](DESCRIPTION) TK73_02(MANDATE CANCELLED BY PAYER OR PAYERS BANK) TK73_03(ACCOUNT TYPE NOT APPROVED FOR AUTOGIRO) TK73_04(MANDATE NOT FOUND IN BANKGIROTS MANDATE DIRECTORY) TK73_05(INCORRECT BANK ACCOUNT OR PERSONAL DETAILS) TK73_07(CANCELLED REMOVED DUE TO UNANSWERED INQUIRY) TK73_09(PAYER BANKGIROT NUMBER NOT FOUND AT BANKGIROT) TK73_10(MANDATE ALREADY REGISTERED IN BANKGIROTS DIRECTORY OR INQUIRY PENDING) TK73_20(INCORRECT CIVIC NUMBER OR AGREEMENT ON MANDATE BASED ON BANKGIRO NUMBER NOT FOUND) TK73_21(INCORRECT PAYER NUMBER) TK73_23(INCORRECT BANK ACCOUNT NUMBER) TK73_29(INCORRECT PAYEE BANKGIRO NUMBER) TK73_30(DEREGISTERED PAYEE BANKGIRO NUMBER) TK73_32(NEW MANDATE) TK73_33(CANCELLED) TK73_98(MANDATE CANCELLED DUE TO CANCELLED PAYER BANKGIRO NUMBER)
SepaDD
Currently no errors for SEPA
Mandate notifications
When status of the direct debit mandate changes, ie. when it becomes active, declined, changed or cancelled this is communicated through the account and cancel notification to the NotificationURL submitted when setting up the mandate. Make sure the NotificationURL can receive calls for a long time since mandates lives for a long time.
Activation of mandates
When a consumer has signed the mandate Trustly will send an account notification containing the AccountID and directdebitmandate = 0 that indicates that the mandate is sent for approval. When the mandate is activated Trustly will send a new account notification with the same AccountID and directdebitmandate = 1. The mandate is now active and can be used to send charge. If the mandate for some reason is not approved Trustly will send a cancel notification with a reason.
Deactivation of mandates
If a consumer cancels the mandate in the bank Trustly will send a cancel notification with a reason. In the case where consumer is setting up a new mandate, and the account is configured for only allowing one mandate per account, then the cancel notification will contain the accountId that is already in use.
When consumer change bank
When a consumer changes bank account this is notified via account notification for the mandate order: An account notification is sent with directdebitmandate = 0 with the original accountid indicating deactivation of the mandate. Another account notification with directdebitmandate = 1 with a new accountid indicating activation of the mandate. The orderid is the same for both notifications. The order of the notifications can not be guaranteed.
Please note that this is enabled for UK/Bacs only. In sweden, there is basically no deactivation/activation sent, but the mandate will still be valid even if the consumer switches bank. For SepaDD, there's no mechanism for this.
Example Deactivation notification:
data: { ... "orderid":"3473567567", "accountid":"1111111111", "attributes": { "directdebitmandate":"0", ... } }
Example Activation notification:
data: { ... "orderid":"3473567567", "accountid":"2222222222", "attributes": { "directdebitmandate":"1", ... } }
Please note that as these notifications may be received in reversed order, hence you must handle the deactivation of accountId and activation of the accountId independently of the order. By this, basically you need to be able to handle multiple accountId's for one order. Please also note that this is only applicable in the UK market, in SE this does not trigger any notifications and with Sepa it's not suppoted at all.
Mandate notification: account
The account notification is used to send information about the mandate and what account information the mandate is afflicted with. Please note that the notification is sent multiple times, eg once mandate is created and then later when it's activated.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, account | Yes | Text | account |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | 258a2184-......-293525152425 |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order returned when setting up the mandate. | Text | 87654567 |
accountid | The AccountID returned when setting up the mandate | Text | 1234567890 |
messageid | Your unique ID for for the order in your system. This is to manage idempotency at the application layer. | Text | 123123123 |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | lkj234ljk324 |
verified | Whether the account is verified with an SCA. 1 for verified, 0 if not. | Text | 1 |
attributes | |||
directdebitmandate | Whether the direct debit mandate is active or not, 1 for active, 0 for non active. | Text | 1 | 0 |
countrycode | The bank country | Text | GB |
bankcode | The code identifying the bank. | Text | HSBC |
bank | The name of bank | Text | HSBC Bank |
clearinghouse | The country of bank | Text | United Kingdom |
name | Name of the account owner | Text | John Doe |
accountname | Name of the account | Text | Salary account |
accountholders | A list of the account owners, more than one if the account is shared. | Text | ["John Doe","Mary Doe"] |
descriptor | The masked account number. | Text | *** 4057 |
lastdigits | Last digits of the account number | Text | 4057 |
personid | The nationalId used. Note this only applies for [Bankgiro] | Text | 197010170375 |
bankidentifier | The branch identifier [BACS]: Sortcode [Bankgiro]: Clearing number [SepaDD]: BIC | Text | 6160 |
accountnumber | The account number. Please note that by default this is not sent, contact your sales representative about this. [BACS, Bankgiro]: The domestic account number [SepaDD]: The iban. | Text | 391124057 |
accountsource | The source from where the account information comes from. Can be any of AIS - Account details from AIS MANUAL_ENTRY - Manually inputed account number IMPORTED - Account information received in import order ACCOUNTID - AccountID provided when creating the order REGISTRATION_SCHEME - If the scheme notifies about a change of account, this only aplies to BACS. | Text | AIS |
Notification example
{
"method": "account",
"params": {
"signature":"RI1PTmjTgr5Ig1p....AF7ejFUGxwKQ==",
"uuid": "258a2184-2842-b485-25ca-293525152425",
"data": {
"notificationid":"35673567",
"messageid":"453455465",
"orderid":"3473567567",
"accountid":"1234567890",
"verified":"1",
"attributes":
{
"directdebitmandate":"1",
"countrycode":"GB",
"bankcode":"HSBC",
"bank":"HSBC Bank",
"clearinghouse":"United Kingdom",
"name":"John Doe",
"accountname":"Salary account",
"descriptor":"**** ***4057",
"lastdigits":"4057"
}
}
},
"version": "1.1"
}
Mandate notification: cancel
When a mandate has been cancelled/failed an account cancel notification is sent. Regardless if the consumer cancels the mandate in their bank or if the mandate is cancelled by the merchant. A cancel notification is also sent if the consumer would abort during the mandate setup.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, cancel | Yes | Text | cancel |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | 258a2184-......-293525152425 |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order returned when setting up the mandate. | Text | 87654567 |
messageid | Your unique ID for for the order. | Text | 123123 |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | ||
attributes | |||
reason | CANCELLED - Either when the consumer cancels in the journey or if you call cancel mandate method. FAILED - If the underlayig scheme reports failure or cancelation of the mandate MANDATE_ALREADY_EXISTS - If the mandate already exist INVALID_ACCOUNT_ID - If the provided accountId was incorrect | Text | CANCELLED |
accountid | If MANDATE_ALREADY_EXISTS accountid is returned | Text | 1234567890 |
merchantreference | If MANDATE_ALREADY_EXISTS merchantreference is returned | Text | TRLY86492 |
details | Underlaying scheme failure, describing the reason, this applies when reason is FAILED: BACS ADDACS_1(INSTRUCTION CANCELLED BY PAYER) | Text |
Notification example
{
"method": "cancel",
"params": {
"signature":"RI1PTmjTgr5Ig1p....AF7ejFUGxwKQ==",
"uuid": "258a2184-2842-b485-25ca-293525152425",
"data": {
"orderid":"3473567567",
"messageid":"453455465",
"notificationid":"35673567",
"attributes":
{
"reason":"FAILED",
"details":"BACS ADDACS_1(INSTRUCTION CANCELLED BY PAYER)",
"accountid":"1234567890",
"merchantreference":"TRLY86492",
}
}
},
"version": "1.1"
}
Debiting end-user
Debiting the end-user is done with the DirectDebit instruction.
DirectDebit
This method is used to debit the end-user, please note that an active mandate is mandatory for this operation. Once the end-user has been debited a credit notification is sent, eg merchant account is credited.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The method to be called, DirectDebit | Yes | Text | DirectDebit |
version | The api version | Yes | Text | 1.1 |
params | ||||
Signature | The Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialization of the Data{} object]. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
UUID | The unique ID of the request | Yes | Text | 123awdfawd-.....-12123 |
Data | Description | Required | Type | Example |
---|---|---|---|---|
Username | The username, should be received when onboarding. | Yes | Text | joe |
Password | The password, should be received when onboarding. | Yes | Text | secret |
MessageID | Your unique ID for for the order in your system. This is to manage idempotency at the application layer. | Yes | Text | asdfasdfasdfasdf |
NotificationURL | The URL to which notifications for this charge should be sent to. | Yes | Text | https://your_nofitication_url |
AccountID | The AccountID used to create the direct debit mandate | Yes | Text | 1234567890 |
MerchantReference | The mandate identification, used when multiple mandates are used for the same accountId. This is only valid for Bacs and Bankgiro. If this is not sent, the payment will fail if more than one mandate exist for this account. | No | Text | ASDF123121221 |
Amount | The amount to charge. See format in Currencies Only digits. Use dot (.) as decimal separator. Note that 98.5 is not a valid amount. The following examples are valid formats 98.50. 98.00 and 98. | Yes | Text | 98.02 |
Currency | The currency, ISO 4217 alphabetic code. | Yes | Text | GBP |
Attributes | ||||
CollectionType | [BACS]: For the bacs scheme, one can send any of INITIAL, RECURRING, RE_SUBMITTED and FINAL. Please refer to the bacs handbook if you need these. By default, Trustly will manage these by using INITIAL and RECURRING unless the mandates are imported. If you need to control this, you must set it for all requests. | No | Text | INITIAL |
PaymentDate | This date will be sent to the payment institutions to set what date the payment actually will be performed. Format is as: YYYY-MM-DD [Bacs]Date needs to be no longer than 28 days ahead of current day. If the date is too near in time, PaymentDate will be ignored and the payment will be done as soon as possible.If date is beyond 28 days the instruction will be rejected. [Bankgiro] Date needs to be within two years from current date. If the date is too near in time it will be ignored and if it's beyond 2 years it will be rejected. [Sepa] Date needs to be within two years from current date. If the date is too near in time it will be ignored and if it's beyond 2 years it will be rejected. | No | Text | 2023-01-27 |
ShopperStatement | For the markets that we support this, this is what the consumer will see on the account statement for the debit. It works a bit differently and appears differently from bank to bank, but it's visible when checking the transaction. [Bankgiro] Not supported (will be ignored) [BACS]This is limited to 18 characters ahd should typically describe what the consumer is buying. [Sepa] This is limited to 140 characters and should typically describe what the consumer is paying for. | No | Text | Invoice-23231 |
Response parameters
Description | Required | Type | Example | |
---|---|---|---|---|
version | The version | Yes | Text | 1.1 |
result | ||||
method | The method, same as for the request DirectDebit | Yes | Text | DirectDebit |
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The uuid from the request | Yes | Text | 258a2184-......-293525152425 |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the created order | Text | 87654567 |
result | 1 if the charge was accepted for processing, 0 otherwise. Note that this is an acceptance of the order, no money has been charged from the account until you receive notifications thereof. | Text | 1 |
rejected | The following errors reasons: - ERRORMANDATE_NOT_FOUND - No matching active accountId - ERROR_DIRECT_DEBIT_NOT_ALLOWED - Account not properly configured - ERROR_PAYMENT_DATE_FAILURE - Payment date is invalid - ERROR_AMOUNT_FAILURE - Amount is invalid or not within the configured range - ERROR_CURRENCY_FAILURE - The mandate doesn't support the currency - ERROR_COLLECTION_TYPE_FAILURE - Invalid collection type | Text | ERROR_MANDATE_NOT_FOUND |
Example request
{
"method":"DirectDebit",
"params":{
"Signature":"f4ThjuMqbsdG6u ... S16VbzD4h==",
"UUID":"258a2184-2842-b485-25ca-293525152425",
"Data":{
"Username":"merchant_username",
"Password":"merchant_password",
"MessageID":"your_unique_order_id",
"NotificationURL":"https://URL_to_your_notification_service",
"AccountID":"1234567890",
"Amount":"25.00",
"Currency":"GBP",
"Attributes":{
"PaymentDate":"2022-11-17"
}
}
},
"version":"1.1"
}
Example response
{
"result": {
"method":"DirectDebit",
"uuid":"258a2184-2842-b485-25ca-293525152425",
"data":{
"result":"1",
"rejected":"",
"orderid":"1234512345"
},
"signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA=="
},
"version": "1.1"
}
CancelDirectDebit
Cancels a direct-debit instruction. Please note that canceling a future debit must be submitted 1-2 banking-days ahead of the payment date.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The method to be called, CancelDirectDebit | Yes | Text | CancelDirectDebit |
version | The api version | Yes | Text | 1.1 |
params | ||||
Signature | The Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialization of the Data{} object]. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
UUID | The unique id of the request | Yes | Text | adsfads....... |
Data | Description | Required | Type | Example |
---|---|---|---|---|
Username | The username, should be received when onboarding. | Yes | Text | Joe |
Password | The password, should be received when onboarding. | Yes | Text | secret |
OrderID | The OrderID returned when creating a DirectDebit | Yes | Text | 123234123 |
PaymentMessageID | The messageId for the payment in the batch. Note that when the instruction was given in the batch, the orderId will be for the entire batch and this field is identifying the debit in the batch-file. This is only valid if the order is a batch-order and shall not be provided if there is one order for the debit. | Yes/No | Text | someUniqueId |
Response parameters
Description | Required | Type | Example | |
---|---|---|---|---|
version | The version | Yes | Text | 1.1 |
result | ||||
method | The method, same as for the request CancelDirectDebit | Yes | Text | CancelDirectDebit |
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The uuid from the request | Yes | Text | 258a2184-......-293525152425 |
data | Description | Type | Example |
---|---|---|---|
result | 1 if the cancel was accepted, 0 otherwise. | Text | 1 |
rejected | ERROR_CHARGE_NOT_FOUND - the OrderId does not exist. ERROR_CHARGE_ALREADY_PROCESSED - the charge has already been processed in the scheme (e.g. BACS) and can not be cancelled. ERROR_CHARGE_IN_PROGRESS - The charge is in progress and can't be canceled. | Text | ERROR_CHARGE_NOT_FOUND |
Example request
{
"method":"CancelDirectDebit",
"params":{
"UUID":"258a2184-2842-b485-25ca-293525152425",
"Data":{
"Username":"merchant_username",
"Password":"merchant_password",
"OrderID":"1234512345",
},
"Signature":"f4ThjuMqbsdG6u ... S16VbzD4h=="
},
"version":"1.1"
}
Example response
{
result: {
"method":"CancelDirectDebit",
"uuid":"258a2184-2842-b485-25ca-293525152425",
"data":{
"result":"1",
"rejected":"",
},
"signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA=="
},
"version":"1.1"
}
Errors and details for debiting
The information in this section relates to the notifications and describes the different meanings of the detail attribute.
Please note that as far as possible, the details is formatted as scheme error(message), but not that some scheme errors are duplicates in the scheme and we may add eg _01 to the first part.
BACS
For bacs, the first part, eg AUDDIS_1 is the same as with the bacs error codes.
Description of detail in cancel notifications
The reason for why a mandate was failed or cancelled can be found in the details.
Format for cancel notification detail: [SCHEME] [CATEGORY]_[CODE](DESCRIPTION) BACS ADDACS_0(INSTRUCTION CANCELLED - REFER TO PAYER) BACS ADDACS_1(INSTRUCTION CANCELLED BY PAYER) BACS ADDACS_2(PAYER DECEASED) BACS ADDACS_3(INSTRUCTION CANCELLED, ACCOUNT TRANSFERRED) BACS ADDACS_B(ACCOUNT CLOSED) BACS ADDACS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH) BACS ADDACS_D(ADVANCE NOTICE DISPUTED) BACS ADDACS_E(INSTRUCTION AMENDED) BACS ADDACS_R(INSTRUCTION REINSTATED) BACS AUDDIS_1(INSTRUCTION CANCELLED BY PAYER) BACS AUDDIS_2(PAYER DECEASED) BACS AUDDIS_3(ACCOUNT TRANSFERRED) BACS AUDDIS_5(NO ACCOUNT) BACS AUDDIS_6(NO INSTRUCTION) BACS AUDDIS_B(ACCOUNT CLOSED) BACS AUDDIS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH OF BANK…) BACS AUDDIS_F(INVALID ACCOUNT TYPE) BACS AUDDIS_G(BANK WILL NOT ACCEPT DIRECT DEBITS ON ACCOUNT) BACS AUDDIS_H(INSTRUCTION HAS EXPIRED) BACS AUDDIS_I(PAYER REFERENCE IS NOT UNIQUE) BACS AUDDIS_K(INSTRUCTION CANCELLED BY BANK) BACS AUDDIS_L(INCORRECT PAYERS ACCOUNT DETAILS) BACS AUDDIS_M(TRANSACTION CODE/USER STATUS INCOMPATIBLE) BACS AUDDIS_N(TRANSACTION DISALLOWED AT PAYERS BRANCH) BACS AUDDIS_O(INVALID REFERENCE) BACS AUDDIS_P(PAYERS NAME NOT PRESENT) BACS AUDDIS_Q(SERVICE USER NAME IS BLANK)
Bankgiro
For bankgiro, the first part is from the scheme, eg TKXX, while the second part is something we add to make it unique for the scope, _YY for a representation of TKXX_YY(description)
Description of detail in cancel notifications
The reason for why a mandate was failed or cancelled can be found in the details.
Format for cancel notification detail: [SCHEME] [CATEGORY]_[CODE](DESCRIPTION) TK82_1(INSUFFICIENT FUNDS) TK82_2(BANK ACCOUNT CLOSED OR PAYERS BANK HAS NOT APPROVED WITHDRAWAL) TK82_01(MANDATE NOT FOUND) TK82_02(ACCOUNT NOT APPROVED OR CLOSED) TK82_04(INCORRECT PAYER NUMBER) TK82_06(INCORRECT PERIOD CODE) TK82_07(INCORRECT NUMBER FOR RECURRING PAYMENTS) TK82_08(AMOUNT NON NUMERIC) TK82_09(BAN ON OUTGOING PAYMENTS) TK82_10(BANKGIRO NUMBER NOT FOUND AT BANKGIROT) TK82_12(INCORRECT PAYMENT DATE) TK82_13(PAYMENT DATE PASSED) TK82_15(PAYEE BANKGIRO NUMBERS IN OPENING RECORD AND TRANSACTION RECORD NOT SAME) TK82_24(AMOUNT EXCEEDS MAX AMOUNT) TK03_12(CANCELLED) TK11_12(CANCELLED) TK21_12(CANCELLED) TK23_02(INCORRECT PAYER NUMBER) TK23_10(INCORRECT PAYEE BANKGIRO NUMBER) TK23_11(PAYEE BANKGIRO NUMBER MISSING) TK23_12(CANCELLED) TK23_13(PAYMENT MISSING NOT PROCESSED) TK24_01(INCORRECT PAYMENT DATE) TK24_02(INCORRECT PAYER NUMBER) TK24_04(INCORRECT TRANSACTION CODE) TK24_10(INCORRECT PAYEE BANKGIRO NUMBER) TK24_11(PAYEE BANKGIRO NUMBER MISSING) TK24_12(CANCELLED) TK24_13(PAYMENT MISSING NOT PROCESSED) TK25_01(INCORRECT PAYMENT DATE) TK25_02(INCORRECT PAYER NUMBER) TK25_04(INCORRECT TRANSACTION CODE) TK25_05(INCORRECT AMOUNT) TK25_10(INCORRECT PAYEE BANKGIRO NUMBER) TK25_11(PAYEE BANKGIRO NUMBER MISSING) TK25_12(CANCELLED) TK25_13(PAYMENT MISSING NOT PROCESSED)
SepaDD
Currently no errors for SEPA
Notifications for DirectDebit
Pending
Immediately after the request has been accepted for processing, a pending notification is sent to the NotificationURL.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, pending | Yes | Text | pending |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order returned when creating the charge. | Text | 87654567 |
accountid | The AccountID used when setting up the mandate | Text | 1234567890 |
messageid | Your unique ID of the order. | Text | 234234234234 |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 123123123 |
amount | The amount set when creating the charge | Text | 98.02 |
currency | The currency set when creating the charge | Text | GBP |
origninalpaymentdate | The expected payment date for the debit. Note that this gives you an indication if the PaymentDate you submitted has been adjusted eg due to a bank holiday. | Text | 2024-01-05 |
paymentdate | If the executing of the payment get's delayed for some reason, eg a retry, compliance check or something else, the paymentdate gives you an indication that the debit is delayed and when we expect the debit to happen. Typically this will be the same as originalpaymentdate, but if it get's delayed, the pending notification will be sent again with the paymentdate adjusted to the date we expect the debit to happen on the consumers account. | Text | 2024-01-06 |
timestamp | The time when the directdebit was prepared for processing. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZ | Text | 2023-05-31T09:19:30.066773Z |
Example request
{
"method": "pending",
"params": {
"uuid": "258a2184-2842-b485-23ca-293425152415",
"data": {
"orderid": "87654567",
"accountid": "1234567890",
"messageid": "98348932",
"notificationid": "4876513450",
"amount": "98.02",
"currency": "GBP",
"paymentdate": "2024-01-05",
"originalpaymentdate": "2024-01-04",
"timestamp": "2010-01-05 14:42:04.675645+01",
},
"signature": "fVhjuMqbsH0Ku ... S16VbzRsw=="
},
"version": "1.1"
}
cancel
If the direct-debit could not be processed, a cancel notification is sent.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, cancel | Yes | Text | cancel |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order returned when creating the charge. | Text | 87654567 |
messageid | Your unique id of the order | Text | some-id |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 123123123123 |
attributes | Description | Type | Example |
reason | ERROR_MANDATE_INVALID - The mandate is invalid for some reason. ERRORCHARGE_NOT_APPROVED - Ie. missing funds or being cancelled by the end-user. CANCELLED - If the payment was cancelled from the api _ FAILED - All other failures | Text | ERROR_CHARGE_NOT_APPROVED |
details | The scheme's message if available | Text | BACS ARUDD_1(INSTRUCTION CANCELLED BY PAYER) |
Example request
{
"method": "cancel",
"params": {
"uuid": "258a2184-9021-b874-21ca-293425152415",
"data": {
"orderid": "87654567",
"messageid": "98348932",
"notificationid": "4876513450",
"attributes": {
"reason": "ERROR_CHARGE_NOT_APPROVED",
"details": "BACS ARUDD_1(INSTRUCTION CANCELLED BY PAYER)",
}
},
"signature": "F6+hjuMqbsH0Ku ... S16VbzRsw==",
},
"version": "1.1"
}
credit
When funds have credited the account, a credit notification is sent.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, credit | Yes | Text | credit |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | a231a-.....-123123 |
Data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order returned when creating the directdebit. | Text | 87654567 |
accountid | The AccountID used when setting up the mandate | Text | 1234567890 |
messageid | Your unique ID of the order. | Text | 234234 |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 4567897654 |
amount | The amount | Text | 98.02 |
currency | The currency | Text | GBP |
timestamp | The time when the directdebit processed. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZ | Text | 2023-05-31T09:19:30.066773Z |
Attributes | Description | Type | Example |
reference | Payment reference sent to the scheme | Text | TRLY80494-1001 |
statement | Statement that appear on the end users bank account | Text | TRLY80494-1001 |
Example request
{
"method": "credit",
"params": {
"signature": "D67hjuMqbsH0Ku ... S16VbzRsw==",
"uuid": "258a2184-2842-b485-25ca-293525152425",
"data": {
"orderid": "87654567",
"messageid": "98348932",
"notificationid": "9876543456",
"amount": "90.02",
"currency": "GBP",
"timestamp": "2010-01-20 14:42:04.675645+01",
"attributes": {
"reference": "TRLY80494-1001",
"statement": "TRLY80494-1001"
}
}
},
"version": "1.1"
}
debit
If a previously credited direct-debit is revesed, a debit notification is sent for the same order. This basically means that the funds where sent to the merchant account and later sent back to the end-user account.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, debit | Yes | Text | debit |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | a231a-.....-123123 |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order returned when creating the directdebit. | Text | 87654567 |
messageid | Your unique ID of the order | Text | 234234df |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 234234234 |
amount | The amount | Text | 98.02 |
currency | The currency | Text | GBP |
timestamp | The time for the when the reversal happened. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZ | Text | 2023-05-31T09:19:30.066773Z |
paymentbatch | Flag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1. | Text | 1 |
attributes | Description | Type | Example |
reference | Payment reference sent to the scheme | Text | TRLY80494-1001 |
statement | Statement that appear on the end users bank account | Text | TRLY80494-1001 |
reason | - ERROR_MANDATE_INVALID - The mandate is invalid for some reason. - ERROR_CHARGE_NOT_APPROVED - Ie. missing funds or being cancelled by the end-user. - CANCELLED - If the payment was cancelled from the api - FAILED - All other failures | Text | ERROR_MANDATE_INVALID |
details | The scheme message if available | Text | BACS ARUDD_1(INSTRUCTION CANCELLED BY PAYER) |
Example request
{
"method": "debit",
"params": {
"uuid": "258a2184-2842-b485-25ca-293525152425",
"data": {
"orderid": "87654567",
"messageid": "asdfasdasdf",
"notificationid": "9876543456",
"amount": "90.02",
"currency": "GBP",
"messageid": "98348932",
"timestamp": "2010-01-20 14:42:04.675645+01",
"attributes": {
"reference": "TRLY80494-1001",
"statement": "TRLY80494-1001",
"reason": "ERROR_CHARGE_NOT_APPROVED",
"details": "BACS ARUDD_1(INSTRUCTION CANCELLED BY PAYER)"
}
},
"signature": "D67hjuMqbsH0Ku ... S16VbzRsw==",
},
"version": "1.1"
}
Crediting end-user
Crediting the end-user is done with the DirectCredit instruction. Note that credit is not available in the SEPA region, instead a refund will have to be used.
DirectCredit
This method is used to credit the end-user, eg transferring funds from your account to the consumer. As this feature is a bit different depending on market, please check the differences below
[BACS] - Crediting the user can be archived either by specifying the accountId or the full account number (sort-code and account number). If you know the accountId for the consumer, it’s a convenient way to send funds to the account behind that account number.
[Bankgiro] - Crediting the user can be done in two ways, either via Autogiro or via “Leverantörsutbetalningar”. Using Autogiro, you must use the merchantReference as that is mapped to the payerNumber in Autogiro which is to whom the credit is sent. Please note that for this, the mandate must be active. For this, there must be an active mandate. With “Leverantörsutbetalningar”, you may send funds to another bankgiro-number or any other swedish bank account. You will however need to have this enabled with your bank.
[SepaDD] - Credit is not available using the direct debit rails, however, if needed, you may use the Trustly AccountPayout functionality but that will require your Trustly account to be funded.
For Bankgiro, it's important to use the merchantReference if accountId is used, as it's basically the merchantReference that is mapping to the correct account number. If just AccountNumber/BankIdentifier fields are used, then the merchantReference is not in use at all.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, DirectCredit | Yes | Text | DirectCredit |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | a231a-.....-123123 |
Data | Description | Required | Type | Example |
---|---|---|---|---|
Username | The username, should be received when onboarding. | Yes | Text | joe |
Password | The password, should be received when onboarding. | Yes | Text | secret |
MessageID | Your unique ID for for the order in your system. This is to manage idempotency at the application layer. | Yes | Text | asdfasdfasdfasdf |
EndUserID | The identifier of the owner of the account being credited. If there is a mandate, it's highly recommended using the same enduserid as when the mandate was created. [Sepa-DD] This field is limited to 35 characteres [BACS/Bankgiro] This field is limited to 63 characters | Yes | Text | [email protected] |
NotificationURL | The URL to which notifications for this charge should be sent to. | Yes | Text | https://example.com/notificaion |
AccountID | [BACS] The AccountID used in the UK market only and must be used unless the bankIdendifier/accountnumber is used. | No | Text | 1234567890 |
BankIdentifier | The bank identifier, please note that either BankIdentifier&AccountNumber or AccountID is required. [BACS] This should be the sort-code [Bankgiro] This should be the clearing number or "bg" if the accountNumber is a bg-number [Sepa] Not supported | Yes/No | Text | 6000, bg, 123123, HANDSESS |
AccountNumber | The account number. Please note that either BankIdentifier&AccountNumber or AccountId is required. [Bacs] The domestic GB account number [Bankgiro]The swedish bank account number. Note that for bg-number, the bankIdentifier must be 'bg'. [Sepa]Not supported | Yes/No | Text | 157-1234, 310902352, AT483200000012345864 |
Amount | The amount to credit the end-user. See format in Currencies Only digits. Use dot (.) as decimal separator. Note that 98.5 is not a valid amount. The following examples are valid formats 98.50. 98.00 and 98. | Yes | Text | 98.02 |
Currency | The currency, ISO 4217 alphabetic code. | Yes | Text | GBP |
Country | The country-code for the account receiving the funds. | Yes | Text | GB |
Attributes | ||||
MerchantReference | Only used in Sweden and is mapped to the paymentIdentifer in the autogiro manual. [Bankgiro] Must be a numeric value identifying the end-user. [Bacs]according to the merchantReference for debits, eg 6-10 chars. [SepaDD] DirectCredit is NOT supported | Yes | Text | 197012131234 |
PaymentDate | The day the payment should arrive at the end-user's bank account. If this is too early in time, it will be postponed to the earliest paymentDate, eg same as not submitting it. Must be following the format of yyyy-MM-dd. | No | Text | 2024-01-24 |
The email address of the end user. | No | Text | [email protected] | |
FirstName | First name of the creditor. This is mandatory in GB if the accountId is not used. | Yes/No | Text | John |
LastName | Last name of the creditor. This is mandatory in GB if the accountId is not used. | Yes/No | Text | Doe |
Response parameters
Description | Required | Type | Example | |
---|---|---|---|---|
version | The api version | Yes | Text | 1.1 |
result | ||||
method | The method, DirectCredit | Yes | Text | DirectCredit |
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The uuid from the request | Yes | Text | a231a-.....-123123 |
Data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order | Text | 87654567 |
result | 1 if the charge was accepted for processing, 0 otherwise. Note that this is an acceptance of the order, no money has been charged from the account until you receive notifications thereof. | Text | 1 |
rejected | The following errors reasons: _ ERROR_MANDATE_NOT_FOUND - No matching active accountId ERROR_DIRECT_DEBIT_NOT_ALLOWED - Account not properly configured ERROR_PAYMENT_DATE_FAILURE - Payment date is invalid ERROR_AMOUNT_FAILURE - Amount is invalid or not within the configured range ERROR_CURRENCY_FAILURE - The mandate doesn't support the currency | Text | ERROR_MANDATE_NOT_FOUND |
Example request
{
"method":"DirectCredit",
"params":{
"UUID":"258a2184-2842-b485-25ca-293525152425",
"Data":{
"Username":"merchant_username",
"Password":"merchant_password",
"MessageID":"your_unique_order_id",
"EndUserID":"unique_end_user_id",
"NotificationURL":"https://URL_to_your_notification_service",
"AccountID":"1234567890",
"Amount":"25.00",
"Currency":"GBP",
"Country": "GB",
"Attributes":{
"PaymentDate":"2022-11-17",
"MerchantReference": "AAADESF0F1"
}
},
"Signature":"f4ThjuMqbsdG6u ... S16VbzD4h==",
},
"version":"1.1"
}
Example response
{
"result": {
"signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA==",
"uuid":"258a2184-2842-b485-25ca-293525152425",
"method":"DirectCredit",
"data":{
"result":"1",
"rejected":"",
"orderid":"1234512345"
}
},
"version":"1.1"
}
Errors and details for crediting
The information in this section relates to the notifications and describes the different meanings of the detail attribute.
Please note that as far as possible, the details is formatted as scheme error(message), but not that some scheme errors are duplicates in the scheme and we may add eg _01 to the first part.
BACS
For bacs, the first part, eg AUDDIS_1 is the same as with the bacs error codes.
Description of detail in cancel notifications
The reason for why a mandate was failed or cancelled can be found in the details.
Format for cancel notification detail: [SCHEME] [CATEGORY]_[CODE](DESCRIPTION) BACS ADDACS_0(INSTRUCTION CANCELLED - REFER TO PAYER) BACS ADDACS_1(INSTRUCTION CANCELLED BY PAYER) BACS ADDACS_2(PAYER DECEASED) BACS ADDACS_3(INSTRUCTION CANCELLED, ACCOUNT TRANSFERRED) BACS ADDACS_B(ACCOUNT CLOSED) BACS ADDACS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH) BACS ADDACS_D(ADVANCE NOTICE DISPUTED) BACS ADDACS_E(INSTRUCTION AMENDED) BACS ADDACS_R(INSTRUCTION REINSTATED) BACS AUDDIS_1(INSTRUCTION CANCELLED BY PAYER) BACS AUDDIS_2(PAYER DECEASED) BACS AUDDIS_3(ACCOUNT TRANSFERRED) BACS AUDDIS_5(NO ACCOUNT) BACS AUDDIS_6(NO INSTRUCTION) BACS AUDDIS_B(ACCOUNT CLOSED) BACS AUDDIS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH OF BANK…) BACS AUDDIS_F(INVALID ACCOUNT TYPE) BACS AUDDIS_G(BANK WILL NOT ACCEPT DIRECT DEBITS ON ACCOUNT) BACS AUDDIS_H(INSTRUCTION HAS EXPIRED) BACS AUDDIS_I(PAYER REFERENCE IS NOT UNIQUE) BACS AUDDIS_K(INSTRUCTION CANCELLED BY BANK) BACS AUDDIS_L(INCORRECT PAYERS ACCOUNT DETAILS) BACS AUDDIS_M(TRANSACTION CODE/USER STATUS INCOMPATIBLE) BACS AUDDIS_N(TRANSACTION DISALLOWED AT PAYERS BRANCH) BACS AUDDIS_O(INVALID REFERENCE) BACS AUDDIS_P(PAYERS NAME NOT PRESENT) BACS AUDDIS_Q(SERVICE USER NAME IS BLANK)
Bankgiro
For bankgiro, the first part is from the scheme, eg TKXX, while the second part is something we add to make it unique for the scope, _YY for a representation of TKXX_YY(description)
Description of detail in cancel notifications
The reason for why a mandate was failed or cancelled can be found in the details.
Format for cancel notification detail: [SCHEME] [CATEGORY]_[CODE](DESCRIPTION) TK32_1(INSUFFICIENT FUNDS) TK32_2(BANK ACCOUNT CLOSED OR PAYERS BANK HAS NOT APPROVED WITHDRAWAL) TK32_01(MANDATE NOT FOUND) TK32_02(ACCOUNT NOT APPROVED OR CLOSED) TK32_04(INCORRECT PAYER NUMBER) TK32_06(INCORRECT PERIOD CODE) TK32_07(INCORRECT NUMBER FOR RECURRING PAYMENTS) TK32_08(AMOUNT NON NUMERIC) TK32_09(BAN ON OUTGOING PAYMENTS) TK32_10(BANKGIRO NUMBER NOT FOUND AT BANKGIROT) TK32_12(INCORRECT PAYMENT DATE) TK32_13(PAYMENT DATE PASSED) TK32_15(PAYEE BANKGIRO NUMBERS IN OPENING RECORD AND TRANSACTION RECORD NOT SAME) TK32_24(AMOUNT EXCEEDS MAX AMOUNT) TK03_12(CANCELLED) TK11_12(CANCELLED) TK21_12(CANCELLED) TK23_02(INCORRECT PAYER NUMBER) TK23_10(INCORRECT PAYEE BANKGIRO NUMBER) TK23_11(PAYEE BANKGIRO NUMBER MISSING) TK23_12(CANCELLED) TK23_13(PAYMENT MISSING NOT PROCESSED) TK24_01(INCORRECT PAYMENT DATE) TK24_02(INCORRECT PAYER NUMBER) TK24_04(INCORRECT TRANSACTION CODE) TK24_10(INCORRECT PAYEE BANKGIRO NUMBER) TK24_11(PAYEE BANKGIRO NUMBER MISSING) TK24_12(CANCELLED) TK24_13(PAYMENT MISSING NOT PROCESSED) TK25_01(INCORRECT PAYMENT DATE) TK25_02(INCORRECT PAYER NUMBER) TK25_04(INCORRECT TRANSACTION CODE) TK25_05(INCORRECT AMOUNT) TK25_10(INCORRECT PAYEE BANKGIRO NUMBER) TK25_11(PAYEE BANKGIRO NUMBER MISSING) TK25_12(CANCELLED) TK25_13(PAYMENT MISSING NOT PROCESSED)
SepaDD
Credits not supported
Notifications for DirectCredit
Notifications for the direct credit. Please note that the debit/credit notifications should be treated differently than for direct-debit. For a successful credit, a debit notification is sent. If the funds would come back, the credit notification will be emitted for the direct credit order.
Pending
Immediately after the direct-credit has been accepted for processing, a pending notification is sent to the NotificationURL.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, pending | Yes | Text | pending |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | asdfasdfasdf |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order returned when creating the charge. | Text | 87654567 |
messageid | Your unique ID of the order. | Text | 234234234234 |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 123123123 |
amount | The amount set when creating the charge | Text | 98.02 |
currency | The currency set when creating the charge | Text | GBP |
timestamp | The time when the directdebit was prepared for processing. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZ | Text | 2023-05-31T09:19:30.066773Z |
Example request
{
"method": "pending",
"params": {
"uuid": "258a2184-2842-b485-23ca-293425152415",
"data": {
"orderid": "87654567",
"messageid": "98348932",
"notificationid": "4876513450",
"amount": "98.02",
"currency": "GBP",
"timestamp": "2010-01-20 14:42:04.675645+01"
},
"signature": "fVhjuMqbsH0Ku ... S16VbzRsw=="
},
"version": "1.1"
}
cancel
If the direct-credit could not be processed, a cancel notification is sent.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, cancel | Yes | Text | cancel |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | 2r423423-sdfsdf-ssdf |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order returned when creating the request. | Text | 87654567 |
messageid | Your unique id of the order | Text | some-id |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 123123123123 |
attributes | Description | Type | Example |
reason | - INVALID_ACCOUNT -The specified account is not valid, eg sending funds to it is not possible. - CANCELLED - If the payment was cancelled via the api - FAILED - All other failures | Text | INVALID_ACCOUNT |
details | The scheme's message if available | Text |
Example request
{
"method": "cancel",
"params": {
"uuid": "258a2184-9021-b874-21ca-293425152415",
"data": {
"orderid": "87654567",
"messageid": "98348932",
"notificationid": "4876513450",
"attributes": {
"reason": "",
"details": "",
}
},
"signature": "F6+hjuMqbsH0Ku ... S16VbzRsw==",
},
"version": "1.1"
}
debit
Once the direct-credit has been successfully processed, a debit notification is sent for the same order. This basically means that the funds where deducted from the merchants account.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, debit | Yes | Text | debit |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | a231a-.....-123123 |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order returned when creating the request. | Text | 87654567 |
messageid | Your unique ID of the order | Text | 234234df |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 234234234 |
amount | The amount to credit the end-user | Text | 98.02 |
currency | The currency | Text | GBP |
timestamp | The time for the when the reversal happened. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZ | Text | 2023-05-31T09:19:30.066773Z |
attributes | Description | Type | Example |
reference | Payment reference sent to the scheme | Text | TRLY80494-1001 |
statement | Statement that appear on the end users bank account | Text | TRLY80494-1001 |
reason | FAILED - All other failures | Text | FAILED |
details | The scheme message if available | Text |
Example request
{
"method": "debit",
"params": {
"uuid": "258a2184-2842-b485-25ca-293525152425",
"data": {
"orderid": "87654567",
"messageid": "asdfasdasdf",
"notificationid": "9876543456",
"amount": "90.02",
"currency": "GBP",
"messageid": "98348932",
"timestamp": "2010-01-20 14:42:04.675645+01",
"attributes": {
"reference": "TRLY80494-1001",
"statement": "TRLY80494-1001",
"reason": "FAILED",
"details": ""
}
},
"signature": "D67hjuMqbsH0Ku ... S16VbzRsw==",
},
"version": "1.1"
}
credit
If the funds where sent, but later returned, a credit notification is sent for the order.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, credit | Yes | Text | credit |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | a231a-.....-123123 |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order this refers to | Text | 87654567 |
messageid | Your unique ID of the order. | Text | 234234 |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 4567897654 |
amount | The amount | Text | 98.02 |
currency | The currency | Text | GBP |
timestamp | The time when the directdebit processed. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZ | Text | 2023-05-31T09:19:30.066773Z |
paymentbatch | Flag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1. | Text | 1 |
attributes | Description | Type | Example |
reference | Payment reference sent to the scheme | Text | TRLY80494-1001 |
statement | Statement that appear on the end users bank account | Text | TRLY80494-1001 |
Example request
{
"method": "credit",
"params": {
"signature": "D67hjuMqbsH0Ku ... S16VbzRsw==",
"uuid": "258a2184-2842-b485-25ca-293525152425",
"data": {
"orderid": "87654567",
"messageid": "98348932",
"notificationid": "9876543456",
"amount": "90.02",
"currency": "GBP",
"timestamp": "2010-01-20 14:42:04.675645+01",
"attributes": {
"reference": "TRLY80494-1001",
"statement": "TRLY80494-1001"
}
}
},
"version": "1.1"
}
Refunding end-user
Refunding a previous executed DirectDebit instruction is similar to DirectCredit, but with some restrictions. A refund can only be executed once and the maximum amount is the same as for the original debit. Refunds are available for all schemes.
RefundDirectDebit
This method is used to credit the end-user, please note that an active mandate is NOT mandatory for this operation, but the mandate must not have been inactive for more than 2 years.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, RefundDirectDebit | Yes | Text | RefundDirectDebit |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | a231a-.....-123123 |
Data | Description | Required | Type | Example |
---|---|---|---|---|
Username | The username, should be received when onboarding. | Yes | Text | joe |
Password | The password, should be received when onboarding. | Yes | Text | secret |
OrderID | The order to refund. | Yes | Text | 1231231122 |
MessageID | Your unique ID for for the refund in your system. Please note that this must not be the same as used for the DirectDebit even if that orderId is referenced. | Yes | Text | asdfasdfasdfasdf |
PaymentMessageID | When the debit was in a batch, this is the messageId for the individual payment that is to be refunded. This parameter shall only be used refunding a payment that was issued in a batch. | Yes/No | Text | gbjertewrtert |
Amount | The amount to credit the end-user. The amount may not be bigger than the original DirectDebit order's amount. See format in Currencies Only digits. Use dot (.) as decimal separator. Note that 98.5 is not a valid amount. The following examples are valid formats 98.50. 98.00 and 98. | Yes | Text | 98.02 |
Currency | The currency, ISO 4217 alphabetic code. | Yes | Text | GBP |
Attributes | No attributes as of 2023-11-02 |
Response parameters
Description | Required | Type | Example | |
---|---|---|---|---|
version | The api version | Yes | Text | 1.1 |
result | ||||
method | The method, Refund | Yes | Text | Refund |
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The uuid from the request | Yes | Text | a231a-.....-123123 |
data | Description | Type | Example |
---|---|---|---|
result | 1 if the request was accepted for processing, 0 otherwise. Note that this is an acceptance of the order, no money has been sent from the account until you receive notifications thereof. | Text | 1 |
rejected | The following errors reasons: - ERROR_CHARGE_NOT_FOUND - The debit order wasn't found. - ERROR_CHARGE_NOT_REFUNDABLE - The debit order is not refundable - ERROR_AMOUNT_FAILURE - The amount is not valid, eg could be bigger than the debit. - ERROR_CURRENCY_FAILURE - The currency does not match the original debit order. | Text | ERROR_CHARGE_NOT_FOUND |
Example request
{
"method":"RefundDirectDebit",
"params":{
"UUID":"258a2184-2842-b485-25ca-293525152425",
"Data":{
"Username":"merchant_username",
"Password":"merchant_password",
"OrderID": 123123123,
"MessageID":"your_unique_order_id",
"Amount":"25.00",
"Currency":"GBP",
},
"Signature":"f4ThjuMqbsdG6u ... S16VbzD4h==",
},
"version":"1.1"
}
Example response
{
"result": {
"method":"RefundDirectDebit",
"uuid":"258a2184-2842-b485-25ca-293525152425",
"data":{
"result":"1",
"rejected":""
},
"signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA=="
},
"version":"1.1"
}
Errors and details for refunds
The information in this section relates to the notifications and describes the different meanings of the detail attribute.
Please note that as far as possible, the details is formatted as scheme error(message), but not that some scheme errors are duplicates in the scheme and we may add eg _01 to the first part.
BACS
For bacs, the first part, eg AUDDIS_1 is the same as with the bacs error codes.
Description of detail in cancel notifications
The reason for why a mandate was failed or cancelled can be found in the details.
Format for cancel notification detail: [SCHEME] [CATEGORY]_[CODE](DESCRIPTION) BACS ADDACS_0(INSTRUCTION CANCELLED - REFER TO PAYER) BACS ADDACS_1(INSTRUCTION CANCELLED BY PAYER) BACS ADDACS_2(PAYER DECEASED) BACS ADDACS_3(INSTRUCTION CANCELLED, ACCOUNT TRANSFERRED) BACS ADDACS_B(ACCOUNT CLOSED) BACS ADDACS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH) BACS ADDACS_D(ADVANCE NOTICE DISPUTED) BACS ADDACS_E(INSTRUCTION AMENDED) BACS ADDACS_R(INSTRUCTION REINSTATED) BACS AUDDIS_1(INSTRUCTION CANCELLED BY PAYER) BACS AUDDIS_2(PAYER DECEASED) BACS AUDDIS_3(ACCOUNT TRANSFERRED) BACS AUDDIS_5(NO ACCOUNT) BACS AUDDIS_6(NO INSTRUCTION) BACS AUDDIS_B(ACCOUNT CLOSED) BACS AUDDIS_C(ACCOUNT TRANSFERRED TO A DIFFERENT BRANCH OF BANK…) BACS AUDDIS_F(INVALID ACCOUNT TYPE) BACS AUDDIS_G(BANK WILL NOT ACCEPT DIRECT DEBITS ON ACCOUNT) BACS AUDDIS_H(INSTRUCTION HAS EXPIRED) BACS AUDDIS_I(PAYER REFERENCE IS NOT UNIQUE) BACS AUDDIS_K(INSTRUCTION CANCELLED BY BANK) BACS AUDDIS_L(INCORRECT PAYERS ACCOUNT DETAILS) BACS AUDDIS_M(TRANSACTION CODE/USER STATUS INCOMPATIBLE) BACS AUDDIS_N(TRANSACTION DISALLOWED AT PAYERS BRANCH) BACS AUDDIS_O(INVALID REFERENCE) BACS AUDDIS_P(PAYERS NAME NOT PRESENT) BACS AUDDIS_Q(SERVICE USER NAME IS BLANK)
Bankgiro
For bankgiro, the first part is from the scheme, eg TKXX, while the second part is something we add to make it unique for the scope, _YY for a representation of TKXX_YY(description)
Description of detail in cancel notifications
The reason for why a mandate was failed or cancelled can be found in the details.
Format for cancel notification detail: [SCHEME] [CATEGORY]_[CODE](DESCRIPTION) TK77_01(MANDATE NOT SUBMITTED) TK77_02(MANDATE WITHDRAWN) TK77_03(AMOUNT NOT SPECIFIED OR EXCEEDED)
SepaDD
Currently no errors for SEPA
Notifications for Refunds
Notifications for the refund are handled differently from the DirectCredit/DirectDebit, especially as there's no orderId for the refund, all notifications will refer to the original direct debit order, but you can distinguish the notifications by checking if the refund flag is available or not.
Pending
Immediately after the refund has been accepted for processing, a pending notification is sent to the NotificationURL for the original DirectDebit order.
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, pending | Yes | Text | pending |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | asdfasdfasdf |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order that is to be refunded. | Text | 87654567 |
messageid | Your unique ID of the for this refund, note that this should identify the refund and not the original debit order. | Text | 234234234234 |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 123123123 |
amount | The amount | Text | 98.02 |
currency | The currency | Text | GBP |
timestamp | The time when the directdebit was prepared for processing. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZ | Text | 2023-05-31T09:19:30.066773Z |
refund | Flag indicating that this is for refund. Note that this flag is not sent unless it's for a refund. Only value will be 1. | Text | 1 |
paymentbatch | Flag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1. | Text | 1 |
Example notification
{
"method": "pending",
"params": {
"uuid": "258a2184-2842-b485-23ca-293425152415",
"data": {
"orderid": "87654567",
"messageid": "98348932",
"notificationid": "4876513450",
"amount": "98.02",
"currency": "GBP",
"timestamp": "2010-01-20 14:42:04.675645+01",
"refund": "1"
},
"signature": "fVhjuMqbsH0Ku ... S16VbzRsw=="
},
"version": "1.1"
}
Cancel
If the refund fails for some reason, a cancel notification will be sent. Note that this will only be sent if no money have been deducted on the account and treat this notification differently than a debit followed by a credit. Please make sure to check the refund flag on the notification.
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, cancel | Yes | Text | cancel |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | asdfasdfasdf |
data | Description | Type | Example |
---|---|---|---|
orderid | The orderId for the direct-debit order. | Text | 87654567 |
messageid | Your unique id for the refund | Text | some-id |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 123123123123 |
refund | Flag indicating that this is for refund. Note that this flag is not sent unless it's for a refund. Only value will be 1. | Text | 1 |
paymentbatch | Flag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1. | Text | 1 |
attributes | Description | Type | Example |
reason | - INVALID_ACCOUNT -The specified account is not valid, eg sending funds to it is not possible. The account may be closed. - FAILED - All other failures | Text | INVALID_ACCOUNT |
details | The scheme's message if available | Text |
Example notification
{
"method": "cancel",
"params": {
"uuid": "258a2184-9021-b874-21ca-293425152415",
"data": {
"orderid": "87654567",
"messageid": "98348932",
"notificationid": "4876513450",
"refund":"1",
"attributes": {
"reason": "",
"details": "",
}
},
"signature": "F6+hjuMqbsH0Ku ... S16VbzRsw==",
},
"version": "1.1"
}
debit
The debit notification for the refund is sent when a confirmation that the funds have left your account.
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, debit | Yes | Text | debit |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | a231a-.....-123123 |
data | Description | Type | Example |
---|---|---|---|
orderid | The orderId of the direct-debit order. | Text | 87654567 |
messageid | Your unique ID for the refund | Text | 234234df |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 234234234 |
amount | The amount to credit the end-user | Text | 98.02 |
currency | The currency | Text | GBP |
timestamp | The time for the when the reversal happened. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZ | Text | 2023-05-31T09:19:30.066773Z |
refund | Flag indicating that this is for refund. Note that this flag is not sent unless it's for a refund. Only value will be 1. | Text | 1 |
paymentbatch | Flag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1. | Text | 1 |
attributes | Description | Type | Example |
reference | Payment reference sent to the scheme | Text | TRLY80494-1001 |
statement | Statement that appear on the end users bank account | Text | TRLY80494-1001 |
Example notification
{
"method": "debit",
"params": {
"uuid": "258a2184-2842-b485-25ca-293525152425",
"data": {
"orderid": "87654567",
"messageid": "asdfasdasdf",
"notificationid": "9876543456",
"amount": "90.02",
"currency": "GBP",
"timestamp": "2010-01-20 14:42:04.675645+01",
"refund": "1",
"attributes": {
"reference": "TRLY80494-1001",
"statement": "TRLY80494-1001"
}
},
"signature": "D67hjuMqbsH0Ku ... S16VbzRsw==",
},
"version": "1.1"
}
credit
If funds left the account, but later bank returned the funds, a credit notification is sent.
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, credit | Yes | Text | credit |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | a231a-.....-123123 |
data | Description | Type | Example |
---|---|---|---|
orderid | The orderId of the direct-debit order. | Text | 87654567 |
messageid | Your unique ID for the refund. | Text | 234234 |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 4567897654 |
amount | The amount | Text | 98.02 |
currency | The currency | Text | GBP |
timestamp | The time when the directdebit processed. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZ | Text | 2023-05-31T09:19:30.066773Z |
refund | Flag indicating that this is for refund. Note that this flag is not sent unless it's for a refund. Only value will be 1. | Text | 1 |
paymentbatch | Flag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1. | Text | 1 |
attributes | Description | Type | Example |
reference | Payment reference sent to the scheme | Text | TRLY80494-1001 |
statement | Statement that appear on the end users bank account | Text | TRLY80494-1001 |
reason | FAILED - Generic error | Text | FAILED |
details | The scheme message if available |
Example notification
{
"method": "credit",
"params": {
"signature": "D67hjuMqbsH0Ku ... S16VbzRsw==",
"uuid": "258a2184-2842-b485-25ca-293525152425",
"data": {
"orderid": "87654567",
"messageid": "98348932",
"notificationid": "9876543456",
"amount": "90.02",
"currency": "GBP",
"timestamp": "2010-01-20 14:42:04.675645+01",
"refund": "1",
"attributes": {
"reference": "TRLY80494-1001",
"statement": "TRLY80494-1001"
}
}
},
"version": "1.1"
}
Batch instructions
Batch processing is handled by Trustly with two different methods, DirectPaymentBatch for debit/credit and DirectMandateBatch for mandate import/migrations.
You connect to the sftp server with the username provided by Trustly and the same private key used to sign the requests. Please note that if the content of the file is rejected the response will be successful however you will receive a cancel notification.
DirectMandateBatch
For importing/migrating mandates, this option allows you to do it in bulk and if you are to import more than 10-50k mandates, we recommend doing it in batch.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The method to be called | Yes | Text | DirectMandateBatch |
version | The api version | Yes | Text | 1.1 |
params | ||||
Signature | The Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialisation of the Data{} object]. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
UUID | The unique identifier for the request. | Yes | Text | 258a2184-2842-b485-25ca-29352515242 |
Data | Description | Required | Type | Example |
---|---|---|---|---|
NotificationURL | The url where to notify about a new notification file being available on the SFTP server. This must be a valid https url, http is NOT allowed. | Yes | Text | https://your_nofitication_url |
MessageID | Unique ID for this order, note that each mandate has it’s own MessageID | Yes | Text | 12345678 |
Country | The country for the scheme | Yes | Text | SE |
BatchFile | The uploaded unique file name on the SFTP server containing the instructions. | Yes | Text | unique-filename.csv |
Checksum | The MD5 checksum for the file | Yes | Text | 0cdf0945096283b9ba94e42150ba84d8 |
Attributes |
Response parameters
Description | Required | Type | Example | |
---|---|---|---|---|
version | The api version | Yes | Text | 1.1 |
result | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The uuid from the request | Yes | Text | a231a-.....-123123 |
method | The method from the request | Yes | Text | DirectPaymentBatch |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order | Text | 87654567 |
result | 1 if the request was accepted for processing, 0 otherwise. Note that this is an acceptance of the order, processing of the batch has not started. | Text | 1 |
rejected | ERROR_UNABLE_TO_READ_BATCH_FILE - The file on the sftp server can't be interpreted. ERROR_MISSING_BATCH_FILE - The file could not be found on the sftp server. * ERROR_INVALID_CHECKSUM - The checksum for the file doesn't match. | Text | ERROR_MISSING_BATCH_FILE |
Request example
{
"method":"DirectMandateBatch",
"params":{
"Signature":"f4ThjuMqbsdG6u ... S16VbzD4h==",
"UUID":"258a2184-2842-b485-25ca-293525152425",
"Data":{
"Username":"merchant_username",
"Password":"merchant_password",
"MessageID":"your_unique_order_id",
"NotificationURL":"https://URL_to_your_notification_service",
"Country":"SE",
"BatchFile":"batch-20241115.csv",
"Checksum":"0cdf0945096283b9ba94e42150ba84d8",
"Attributes":{
}
}
},
"version":"1.1"
}
Response example
{
"result": {
"method":"DirectMandateBatch",
"uuid":"258a2184-2842-b485-25ca-293525152425",
"data":{
"result":"1",
"rejected":"",
"orderid":"1234512345"
},
"signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA=="
},
"version":"1.1"
}
DirectPaymentBatch
Sends multiple payment instructions for directdebit for already existing mandates or credits(no need for a mandate, UK). Please see the SFTP section for how to connect and where to put/read files.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The method to be called | Yes | Text | DirectPaymentBatch |
version | The api version | Yes | Text | 1.1 |
params | ||||
Signature | The Signature is a Base64 encoding of the RSA signature of [Method concatenated with UUID concatenated with a serialisation of the Data{} object]. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
UUID | The unique identifier for the request. | Yes | Text | 258a2184-2842-b485-25ca-293525152425 |
Data | Description | Required | Type | Example |
---|---|---|---|---|
NotificationURL | The url where to notify about a new notification file being available on the SFTP server. This must be a valid https url, http is NOT allowed. | Yes | Text | https://your_nofitication_url |
MessageID | Unique ID for this order, note that each payment has it’s own MessageID | Yes | Text | 12345678 |
Currency | The currency for all charges in ISO format. | Yes | Text | GBP |
Country | The country for the scheme | Yes | Text | GB |
BatchFile | The uploaded unique file name on the SFTP server containing the instructions. | Yes | Text | unique-filename.csv |
Checksum | The MD5 checksum for the file | Yes | Text | 0cdf0945096283b9ba94e42150ba84d8 |
Attributes | ||||
PaymentDate | This date will be sent to the payment institutions to set what date the payment actually will be performed. Please see the parameter description for PaymentDate for DirectDebit and DirectCredit as different rules apply to the different schemes. | No | Text | 2023-01-27 Format YYYY-MM-DD |
Response parameters
Description | Required | Type | Example | |
---|---|---|---|---|
version | The api version | Yes | Text | 1.1 |
result | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The uuid from the request | Yes | Text | a231a-.....-123123 |
method | The method from the request | Yes | Text | DirectPaymentBatch |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order | Text | 87654567 |
result | 1 if the charge was accepted for processing, 0 otherwise. Note that this is an acceptance of the order, no money has been charged from the account until you receive notifications thereof. | Text | 1 |
rejected | ERROR_DIRECT_DEBIT_NOT_ALLOWED - The account has not properly been configured. ERRORPAYMENT_DATE_FAILURE - Invalid payment date. ERRORUNABLE_TO_READ_BATCH_FILE - The file on the sftp server can't be interpreted. ERROR_MISSING_BATCH_FILE - The file could not be found on the sftp server. * ERROR_INVALID_CHECKSUM - The checksum for the file doesn't match. |
Request example
{
"method":"DirectPaymentBatch",
"params":{
"Signature":"f4ThjuMqbsdG6u ... S16VbzD4h==",
"UUID":"258a2184-2842-b485-25ca-293525152425",
"Data":{
"Username":"merchant_username",
"Password":"merchant_password",
"MessageID":"your_unique_order_id",
"NotificationURL":"https://URL_to_your_notification_service",
"Currency":"GBP",
"Country":"GB",
"BatchFile":"batch-20230215.csv",
"Checksum":"0cdf0945096283b9ba94e42150ba84d8",
"Attributes":{
"PaymentDate":"2022-11-17"
}
}
},
"version":"1.1"
}
Response example
{
"result": {
"method":"DirectPaymentBatch",
"uuid":"258a2184-2842-b485-25ca-293525152425",
"data":{
"result":"1",
"rejected":"",
"orderid":"1234512345"
},
"signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA=="
},
"version":"1.1"
}
Notifications for Batches
Notifications for batch behave a bit different as they always refer to the order and not each individual debit/credit/mandate.
Pending
Immediately after the batch has been accepted for processing, a pending notification is sent to the NotificationURL submitted when setting up the batch.
Please note that pending is not sent at all for directmandatebatch
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, pending | Yes | Text | pending |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | 258a2184-......-293525152425 |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order returned when creating the batch. | Text | 87654567 |
amount | The total amount of submitted charges, | Text | 98.02 |
currency | The currency. | Text | GBP |
messageid | Unique ID for this order, note that this referes to the batch MessageID and not the individual instructions. | Text | asdfasdf-sadfasdf-asdf |
timestamp | This is the last time something happened with the batch. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZ | Text | 2023-05-31T09:19:30.066773Z |
paymentbatch | Flag indicating that this is for payment batch. Note that this flag is not sent unless it's for a payment batch. Only value will be 1. | Text | 1 |
paymentdate | The expected payment date for the batch. Note that this gives you an indication if the paymentDate you submitted has been adjusted eg due to a bank holiday. | Text | 2024-10-14 |
Example request(notification)
{
"method": "pending",
"params": {
"signature": "fVhjuMqbsH0Ku ... S16VbzRsw==",
"uuid": "258a2184-2842-b485-23ca-293425152415",
"data": {
"amount": "98.02",
"currency": "GBP",
"messageid": "98348932",
"orderid": "87654567",
"notificationid": "4876513450",
"paymentdate": "2024-10-11"
}
},
"version": "1.1"
}
Cancel
The cancel notification will be sent for a batch if it could not be processed.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, cancel | Yes | Text | cancel |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text |
data | Description | Type | Example |
---|---|---|---|
orderid | Unique ID of the order returned when creating the charge. | Text | 87654567 |
messageid | Your unique id of the order | Text | some-id |
notificationid | Unique ID for this notification. Each notification must only be handled once in your system. | Text | 123123123123 |
attributes | Description |
Example request(notification)
{
"method": "cancel",
"params": {
"uuid": "258a2184-9021-b874-21ca-293425152415",
"data": {
"orderid": "87654567",
"messageid": "98348932",
"notificationid": "4876513450",
"attributes": {
}
},
"signature": "F6+hjuMqbsH0Ku ... S16VbzRsw==",
},
"version": "1.1"
}
Batch
Sent when the batch has been processed and the result report is available for download on the SFTP server. Note that this file will be available after a couple of days and depends on the processing time for the scheme. If a change occurs after the first notification, subsequent notifications will be sent containing only the instructions affected. So, eg for UK, if the batch notification is sent after three days, a reversal happens on two instructions after 6 days, a new batch notification will be sent and the csv will ONLY contain those instructions and their state.
Request parameters
Description | Required | Type | Example | |
---|---|---|---|---|
method | The notification method, batch | Yes | Text | batch |
version | The api version | Yes | Text | 1.1 |
params | ||||
signature | This is the signature, signed by Trustly and you must use Trustly's public key to verify it. | Yes | Text | R9+hjuMqbsH0Ku.. .S16VbzRsw== |
uuid | The unique id of the notification | Yes | Text | 258a2184-......-293525152425 |
Data | Description | Type | Example |
---|---|---|---|
finalnotification | Flag indicating if the notification is final 1 - final notification 0 - more notifications are excepted | Text | 1 |
orderid | Unique ID of the order returned when creating the batch. | Text | 87654567 |
messageid | The messageId for the batch | Text | 12345678 |
currency | The currency. Note this is not present for mandates | Text | GBP |
debitamount | The total amount of successful debit charges in the batch. Note this is not present for mandates | Text | 10123.87 |
creditamount | The total amount of successful credit charges in the batch. Note this is not present for mandates | Test | 302.67 |
timestamp | This is the last time something happened with the batch. This will be an offset date timestamp, yyyy-MM-ddTHH:mm:ss.SSSSSSZ | Text | 2023-05-31T09:19:30.066773Z |
Attributes | |||
batchfile | The name of the batch file sent earlier | Text | batch.csv |
reportchecksum | The MD5 checksum for the report file | Text | 0cdf0945096283b9ba94e42150ba84d8 |
reportfile | The name of the report file located at the sftp server | Text | batch.csv_20230215_report.csv |
executed | Number of successful instructions | Number | 12311 |
failed | Number of failed instructions | Number | 0 |
delayed | Number of delayed instructions | Number | 0 |
Example request (notification)
{
"method": "batch",
"params": {
"signature": "F6+hjuMqbsH0Ku ... S16VbzRsw==",
"uuid": "258a2184-9021-b874-21ca-293425152415",
"data": {
"messageid": "98348932",
"orderid": "87654567",
"notificationid": "4876513450",
"attributes": {
"batchfile": "batch.csv",
"reportchecksum": "0cdf0945096283b9ba94e42150ba84d8",
"reportfile": "batch.csv_20230215_report.csv",
"executed": 1231,
"failed": 0
}
}
},
"version": "1.1"
}
Transport layer for batch
Transportation for batch is sftp and this part describes how/where you upload and download files over SFTP and how you should work with the flow. On the server, the files must be placed in a specific folder.
For payments
/batch/
For mandate importing
/mandatebatch/
Note make sure to use the batch/mandatebatch folder, there are also the reports folder where you don't have write permissions.
For the batch files, retention period is 4 weeks.
SFTP interaction
When uploading the batch file and downloading reports, SFTP is used. The API is not solely built upon SFTP rather a combination of JSON-RPC and then SFTP for transferring the data. It’s important to understand the flow, and it’s driven by the JSON-api, which instructs Trustly to look for a specific file on the SFTP server. Reporting status for the payments happens the same way, eg Trustly will upload the report file and once there send the notification that the report is available.
Sending batch file
- Create the CSV-File according to the specification and name it to something unique, eg request-20230215.csv.
- Calculate the MD5 checksum of the file (eg on linux/osx, the command is ‘md5sum file’)
- Upload the CSV-File to the SFTP server
- Create the DirectDebitBatchCharge request and set the value of BatchFile and Checksum to the values from above (1 & 2)
Batch notification
- When receiving the notification, respond back to Trustly that the notification has been received.
- Download the report from the SFTP server based on the information in the batch notification
- Process each row in the CSV and update your internal status for each instruction in the file.
Batch Process overview
Batch file format
The file-format used via SFTP is Comma Separated Values (CSV) which is a standard widely used. It’s however important to care about the character-set as well as separators etc, the table below describes what to use.
It's also important to note that you may not mix mandates, debits and credits in one single batch
Data | Description | Example |
---|---|---|
Record separator | New line or carriage return + newline, eg both unix and windows standard \n or \r\n | \n |
Separator char | This is the character used to separate the values, and should always be the comma char | , |
Escape char | If for any reason a comma must be used in any value, the char must be escaped so that it’s not interpreted as a separator. The escape char is the back-slash character | \ |
Quotation char | Mostly for text blocks where eg a comma may be included. Everything within the quotations will be interpreted as the value for the column. | " |
Decimal separator | For all numeric values, always use the dot character as decimal separator | . |
Character set | Always use UTF-8 for the content in the file, even if non-ASCII is not to be used. | UTF-8 |
CSV format
When submitting, eg the csv-file, it's important to always adhere to the columns and it's order. As new fields may be added over time, those will always be added to the right and when we read the request we will NOT consider the header-row if it's included, rather each column is mapped accordingly. The response eg the csv report file will always start with the columns from the request and after that the response values are included. Just as with the request file, you must consider the column index as we may also include new columns to the right.
It should also be clear that debit, credit and mandates are to be sent in different batches and you shall NOT mix the types in the files.
Debit and credit input file format (DirectPaymentBatch)
Data | Description | Type | Mandatory | Example |
---|---|---|---|---|
Type | Describes the instruction type, DEBIT, CREDIT | Text | Yes | DEBIT |
AccountID | The mandate to be used. Note that for Bankgiro, this is not mandatory if one refers to an imported mandate. | Text | Yes/No | 123123123 |
Amount | The amount for the instruction | Numeric | Yes | 12.50 |
MessageID | A unique identifier for each charge | Text | Yes | 123123 |
CollectionType | [Bacs]: Only valid for BACS debit. | Text | Yes/No | INITIAL |
ShopperStatement | Statement that appear on the end users bank account | Text | No | Invoice-23231 |
MandateMerchantReference | The mandate identification | Text | Yes | 197012131234 |
The email address of the end user. | Text | Yes | [email protected] | |
NationalID | The national identification number.Format is yyyyMMddxxxx. Only applicable for Bankgiro(SE) | Text | No | 197105130355 |
EndUserId | For CREDIT it's required, for other types it will be ignored and taken from the mandate it self. | Text | Yes/No | 12345678 |
Debit and credit output file format (DirectPaymentBatch)
For each output file, each row is available on the output file, and then the following columns are added to the end of the row.
Data | Description | Type | Example |
---|---|---|---|
Report timestamp | The instructions transition timestamp. Format yyyy-MM-ddTHH:mm:ss.SSSSSSZ | Text | 2023-05-31T09:19:30.066773Z |
Status | The status of the instruction, either DONE or FAILED | Text | DONE |
FailureReason | In case of failure status, a description of the failure. Please note that this field may be populated with the same info as details for cancel notifications, eg TK82_1(INSUFFICIENT FUNDS) and also the following INVALID_TYPE MISSING_AMOUNT INVALID_AMOUNT INVALID_REFERENCE MISSING_MESSAGE_ID INVALID_MESSAGE_ID INVALID_BANK_STATEMENT INVALID_NATIONAL_ID INVALID_EMAIL INVALID_END_USER_ID MISSING_TYPE MISSING_ACCOUNT_ID INVALID_ACCOUNT_ID INVALID_COLLECTION_TYPE | Text | TK82_1(INSUFFICIENT FUNDS) INVALID_REFERENCE |
Bank execution day | The day the payment was executed at the bank. Blank for failed or delayed payments. | Text | 2023-04-31 |
Example files
For each debit/credit and scheme combination, below are examples of input and output files.
"Type","AccountID","Amount","MessageID","CollectionType","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId"
"DEBIT","1771996974","10.01","248ABCE5-7978-487E-BC16-6F1D410A3A87",,,"197610042389","[email protected]","197610042389","[email protected]"
"DEBIT","1771996974","10.02","7BAE92C7-5A24-4131-9FD5-A03EC8CAB3AD",,,"197610042389","[email protected]","197610042389","[email protected]"
"DEBIT","1771996974","10.05","A0926257-3FEE-4208-A221-75F4E4D56F6E",,,"197610042389","[email protected]","197610042389","[email protected]"
"Type","AccountID","Amount","MessageID","CollectionType","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId"
"CREDIT","1771996974","10.08","08B44B63-1DE2-47AC-99A9-D10087EC2063",,,"197610042389","[email protected]","197610042389","[email protected]"
"CREDIT","1771996974","10.09","49B30997-47A4-4733-AC46-14A56AAA4B6F",,,"197610042389","[email protected]","197610042389","[email protected]"
"CREDIT","1771996974","10.10","98EF7338-83E9-4CD7-8A3A-578FF98EDE23",,,"197610042389","[email protected]","197610042389","[email protected]"
"DEBIT","12312313",12.50,"345678901",INITIAL,"Invoice-1234","reference1"
"DEBIT","12312314",21.00,"345678902",,"Invoice-2345","reference2"
"DEBIT","12312315",39.70,"345678903",RECURRING,"Invoice-3456","reference3"
"DEBIT","12312316",99.10,"345678904",,"Invoice-5678","reference4"
"Type","AccountID","Amount","MessageID","CollectionType","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId"
"CREDIT","1231",88.50,"ClientTxId-1",,"Refund-invoice-1231","merchantRef-1","[email protected]",,"Joe-1"
"CREDIT","1232",188.50,"ClientTxId-2",,"Refund-invoice-1232","merchantRef-2","[email protected]",,"Joe-2"
"CREDIT","1233",388.50,"ClientTxId-3",,"Refund-invoice-1233","merchantRef-3","[email protected]",,"Joe-3"
"Type","AccountID","Amount","MessageID","CollectionType","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId"
"DEBIT","1231",125.50,"ClientTxId-1",,"Invoice-1234","merchantRef-1","[email protected]",,"John-1"
"DEBIT","1232",388.50,"ClientTxId-2",,"Your insurance-1234","merchantRef-2","[email protected]",,"John-2"
"DEBIT","1233",388.50,"ClientTxId-3",,"Payment for TV, receipt 1231231","merchantRef-3","[email protected]",,"John-3"
"Type","AccountID","Amount","MessageID","CollectionType","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId"
"CREDIT","1231",88.50,"ClientTxId-1",,"Re-payment-invoice-1231","merchantRef-1","[email protected]",
"CREDIT","1232",188.50,"ClientTxId-2",,"Re-payment-invoice-1232","merchantRef-2","[email protected]",,"Joe-2"
"CREDIT","1233",388.50,"ClientTxId-3",,"Re-payment-invoice-1233","merchantRef-3","[email protected]",,"Joe-3"
Mandate input file format (DirectMandateBatch)
Data | Description | Type | Mandatory | Example |
---|---|---|---|---|
Type | Describes the instruction type, MANDATE | Text | Yes | MANDATE |
AccountID | If you have the accountId for the account, then you can set it and skip the bankAccount/iban info | Text | Yes/No | 1239812379 |
MessageID | A unique identifier for each mandate | Text | Yes | 123123 |
ShopperStatement | The statement text for the mandate. [Bankgirot] - Not used [BACS] - Supported [SEPADD] - Supported | Text | Yes | Car insurance |
MandateMerchantReference | The mandate identification, merchantReference | Text | Yes | 197012131234 |
The email address of the consumer. | Text | Yes | [email protected] | |
NationalID | The national identification number.Format is yyyyMMddxxxx. Only applicable for Bankgiro(SE) | Text | No | 197105130355 |
EndUserId | For CREDIT it's required, for other types it will be ignored and taken from the mandate it self. | Text | Yes | 12345678 |
Firstname | For MANDATE it's required, for other types it will be ignored. | Text | Yes | John |
Lastname | For MANDATE it's required, for other types it will be ignored | Text | Yes | Doe |
NotificationURL | For MANDATE it's required and is which url we'll notify changes on the mandate for | Text | Yes | https://ex.trustly.com/not/ |
ImportType | For MANDATE, as of now, only CREATE is possible for importing. | Text | Yes | CREATE |
Country | For MANDATE, the country for the mandate | Text | Yes | SE |
MobilePhone | For MANDATE, optionally add the debtors mobile phone | Text | No | +4670000000 |
AddressLine1 | If the debtors address is available. Note that in SEPA, this is mandatory | Text | Yes/No | Rådmansgatan 40 |
AddressLine2 | If eg building name etc is in the address | Text | Yes/No | Fantastic Building |
AddressCity | The city for the debtor | Text | Yes/No | Stockholm |
AddressPostalCode | The postal code of the debtor | Text | Yes/No | 113 12 |
AddressCountry | The debtor's country | Text | Yes/No | SE |
Locale | The debtor's preferred locale. In SEPA in particular it's recomended. | Text | No | sv_SE |
BankNumber | The sort-code (BACS) or clearing number (Bankgiro) | Text | Yes/No | 6100 |
AccountNumber | Account number (BACS, Bankgiro) | Text | Yes/No | 310902269 |
IBAN | For Sepa direct debit | Text | Yes/No | FR123123123123 |
CreditorIdentifier | For sepa, when migrating, this is the old creditor identifier that you are migrating from | Text | Yes/No | FR123123 |
OriginalCreationDate | When the mandate was originally created. | Text | No | 2024-11-26 |
Mandate output file format (DirectMandateBatch)
For each output file, each row is available on the output file, and then the following columns are added to the end of the row.
Data | Description | Type | Example |
---|---|---|---|
Report timestamp | The timestamp for the result | Text | 2024-11-25T13:14:55.76358Z |
Status | The status of the instruction, either DONE or FAILED | Text | DONE |
FailureReason | In case of failure status, a description of the failure. Type of errors are: INVALID_TYPE INVALID_ORIGINAL_CREATION_DATE INVALID_CREDITOR_IDENTIFIER INVALID_IBAN INVALID_BANK_ACCOUNT_NUMBER INVALID_BANK_NUMBER INVALID_ADDRESS_COUNTRY INVALID_ADDRESS_POSTAL_CODE INVALID_ADDRESS_LINE INVALID_MOBILE_PHONE INVALID_COUNTRY INVALID_IMPORT_TYPE UNSUPPORTED_IMPORT_TYPE INVALID_ACCOUNT_ID INVALID_FIRSTNAME INVALID_LAST_NAME INVALID_ADDRESS_CITY INVALID_NOTIFICATION_URL INVALID_REFERENCE MISSING_MESSAGE_ID INVALID_BANK_STATEMENT INVALID_NATIONAL_ID INVALID_EMAIL INVALID_END_USER_ID MISSING_TYPE | Text | INVALID_NATIONAL_ID |
AccountId | The accountId if account information was present in the input file | Text | 213123123 |
OrderID | The orderId representation for this mandate | Text | 123123 |
Example files
For each scheme, below are examples of input and output files.
"Type","AccountID","MessageId","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId","Firstname","Lastname","NotificationURL","ImportType","Country","MobilePhone","AddressLine1","AddressLine2","AddressCity","AddressPostalCode","AddressCountry","Locale","BankNumber","AccountNumber","IBAN","CreditorIdentifier","OriginalCreationDate"
"MANDATE",,"D41F0783-2669-4117-8C55-55281487D448",,"197910032395","[email protected]","197910032395","Fred-1","Fredrik","Svensson","https://example.trustly.com/notification/197910032395","CREATE","SE","+46703121212","Drottninggatan 4",,"Örebro","70210","SE","sv_SE","83279","1110001110",,,
"Type","AccountID","MessageId","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId","Firstname","Lastname","NotificationURL","ImportType","Country","MobilePhone","AddressLine1","AddressLine2","AddressCity","AddressPostalCode","AddressCountry","Locale","BankNumber","AccountNumber","IBAN","CreditorIdentifier","OriginalCreationDate","Report timestamp","Status","FailureReason","AccountId","OrderId"
"MANDATE","","D41F0783-2669-4117-8C55-55281487D448","","197910032395","[email protected]","197910032395","Fred-1","Fredrik","Svensson","https://example.trustly.com/notification/197910032395","CREATE","SE","+46703121212","Drottninggatan 4","","Örebro","70210","SE","sv_SE","83279","1110001110","","","","2024-11-25T13:14:55.76358Z","DONE","","2994583062","8148948051"
"Type","AccountID","Amount","MessageID","CollectionType","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId","Firstname","Lastname","NotificationURL","ImportType","Country","MobilePhone","AddressLine1","AddressLine2","AddressCity","AddressPostalCode","AddressCountry","Locale","BankNumber","BankAccountNumber","Iban","CreditorIdentifier"
# Currently not supported.
"Type","AccountID","MessageId","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId","Firstname","Lastname","NotificationURL","ImportType","Country","MobilePhone","AddressLine1","AddressLine2","AddressCity","AddressPostalCode","AddressCountry","Locale","BankNumber","AccountNumber","IBAN","CreditorIdentifier","OriginalCreationDate","Report timestamp","Status","FailureReason","AccountId","OrderId"
"Type","AccountID","MessageId","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId","Firstname","Lastname","NotificationURL","ImportType","Country","MobilePhone","AddressLine1","AddressLine2","AddressCity","AddressPostalCode","AddressCountry","Locale","BankNumber","AccountNumber","IBAN","CreditorIdentifier","OriginalCreationDate"
"MANDATE",,"BA969EE4-67BF-4208-A960-FB1B1606545A",,"TRLY1729773214933","[email protected]",,"Fred-1","Fredrik","Schweinsteiger","https://example.trustly.com/notification/TRLY1729773214933","CREATE","DE","+49703121212","Zinnowitzer strasse 18",,"Berlin","10115","DE","de_DE",,,"DE75512108001245126199","AC21121223423","2020-03-21"
"Type","AccountID","MessageId","ShopperStatement","MandateMerchantReference","Email","NationalID","EndUserId","Firstname","Lastname","NotificationURL","ImportType","Country","MobilePhone","AddressLine1","AddressLine2","AddressCity","AddressPostalCode","AddressCountry","Locale","BankNumber","AccountNumber","IBAN","CreditorIdentifier","OriginalCreationDate","Report timestamp","Status","FailureReason","AccountId","OrderId"
"MANDATE","","BA969EE4-67BF-4208-A960-FB1B1606545A","","TRLY1729773214933","[email protected]","","Fred-1","Fredrik","Schweinsteiger","https://example.trustly.com/notification/TRLY1729773214933","CREATE","DE","+49703121212","Zinnowitzer strasse 18","","Berlin","10115","DE","de_DE","","","DE75512108001245126199","AC21121223423","2020-03-21","2024-11-25T13:14:55.76358Z","DONE","","1696778901","8148948050"
Reports
Under the reports, most of them are related to the reports that the service generates with one exception, for bankgirot, we also provide a folder for mandates created by the consumer at the bank.
Reports for billing, mandates, debits and credits are available via SFTP. The reports are available for 12 month from creation and files have a naming convention according to below:
[username]_[scheme]_[day]_[type]_[category].csv.zip
eg for test, bacs, generated day dec-10, daily , debits ->
test_bacs_2024-01-10_daily_direct_debit_transitions.csv.zip
There are daily reports, where from and to are the same, weekly and monthly reports. All files are reported in CSV format specified under batch csf-format.
Reports are located under the folder
/reports/'scheme'/'year'/'month'/'user''scheme''type'_'category'.csv.zip
Categorys
Billing report
Example file: trustly_bankgirot_2023-12-01_monthly_billing_items.csv.zip
"Order ID","Message ID","End user ID","Type","Count","Created","Transitioned"
4501293578,"6472c348-282f-4464-9ba9-58b9fdff134d","tester","Successful mandate",1,"2023-11-30T18:02:21.475995Z","2023-12-01T00:30:00.40995Z"
7296456249,"d8354110-6047-4de3-bbd2-6e1a850533e7","tester","Successful mandate",1,"2023-11-30T13:46:50.517494Z","2023-12-04T00:30:00.471891Z"
7140026006,"6f91f17f-193a-486e-8e57-29a642281b2f","tester","Successful mandate",1,"2023-12-04T17:35:58.278369Z","2023-12-05T00:30:00.415242Z"
Mandate report
Example file: trustly_bankgirot_2023-12-01_monthly_mandate_transitions.csv.zip
"Order ID","Message ID","End user ID","Reference","Status","Failure reason","Failure details","Account ID","Amount","Currency","Created","Transitioned","Transitions"
7472622143,"c53ed295-24c1-4eb3-863e-c7de72f5ded6","tester",,"Failed","CHECKOUT_TIMEOUT",,,"N/A",,"2023-12-11T06:03:42.532931Z","2023-12-11T06:34:28.092312Z",
5988131268,"72a9d463-6cac-45a9-b4c7-f5695e6ca752","tester","**********6665","Successful",,,"2672607922","N/A",,"2023-12-07T16:08:11.281118Z","2023-12-11T00:30:00.486905Z","[\"Activated\"]"
4883244788,"8105c922-8fc6-4910-b9cb-35640ef90a72","tester",,"Cancelled",,,,"N/A",,"2023-12-05T10:47:54.479135Z","2023-12-05T10:48:19.734216Z",
4397008398,"5991523a-0477-4bde-853a-70a274c8a17b","tester","**********28076","Successful",,,"1326674678","N/A",,"2023-12-04T17:29:19.779894Z","2023-12-05T00:30:00.48104Z","[\"Activated\"]"
7140026006,"6f91f17f-193a-486e-8e57-29a642281b2f","tester","***********1013","Successful",,,"3805670135","N/A",,"2023-12-04T17:35:58.278369Z","2023-12-05T00:30:00.426667Z","[\"Activated\"]"
Debit report
Example file: trustly_bankgirot_2023-12-01_monthly_debit_payment_transitions.csv.zip
"Order ID","Message ID","End user ID","Reference","Status","Failure reason","Failure details","Account ID","Amount","Currency","Created","Transitioned","Transitions"
4755295954,"ba1df3cf-b42c-4c0f-b664-cc2eb73c6aa2","tester","*********0001GA","Failed","FAILED","BANKGIROT INSUFFICIENT_FUNDS","1304686402","1.00","SEK","2023-09-11T12:12:12.706088Z","2023-09-19T12:30:00.336048Z","[""Failed""]"
4344666554,"4f17bce4-db14-43ef-b725-c32613741391","tester","*********00018Y","Successful",,,"2880023560","1.00","SEK","2023-08-29T07:35:42.639077Z","2023-09-01T12:17:00.382302Z","[\"Successful\"]"
Credit report
Example file: trustly_bankgirot_2023-12-01_monthly_credit_payment_transitions.csv.zip
"Order ID","Message ID","End user ID","Reference","Status","Failure reason","Failure details","Account ID","Amount","Currency","Created","Transitioned","Transitions"
6406872524,"02173724-29a4-43e7-b907-53cf26d80fcd","""[email protected]""","CREDIT000000000Y","Successful",,,"1964406719","1.00","SEK","2023-09-19T06:40:48.85847Z","2023-09-20T09:30:00.324763Z","[""Successful""]"
Bank initiated mandate report (Bankgirot only)
This report is only available for bankgirot where the consumer has the ability to register their mandate towards your bankgiro-number if you have it configured to be searchable in the internet bank.
If your bankgiro is open for registrations via the internet bank, you need to periodically connect to the sftp and check for new files which contains the information needed to import the mandate.
The general flow is, get the file with mandates, parse it and for each mandate-row, call ImportDirectDebitMandate with the corresponding values. Once this has been completed, the mandate is available for debits/credits and behaves as any other mandate you have.
The files on the sftp will be named as eg 2023-11-01T10:15:30.123456789Z-mandates.csv and an example is shown below.
/reports/bankgirot/internet-bank-created-mandates
"MerchantReference","NationalID","ClearingNumber","AccountNumber","NameAndAddressLine1","NameAndAddressLine2","NameAndAddressLine3","NameAndAddressLine4","AddressPostalCode","AddressCity","InformationFromPayer"
"197106090001", "197106090001", "6000","310902371","Anders Svensson"","some street 1","Stockholm","11100","Customer number 123"
SFTP
The sftp server is available on the following locations for sandbox/test and production
Sftp host's for the different environments
- Production: sftp.prd.trustly.cloud
- Test: sftp.sbx.trustly.cloud
It's used both for the batch processing as well as for reports.
Connecting to the server
Important: The private key is extremely secret and should only be kept by authorised personnel.
Then you connect to the SFTP server like this
sftp -i your_private_key.pem [email protected]
cd batch // or cd reports
get/put file
Once there, use the normal ftp commands to transfer files to and from the server. How long the files are kept on the server varies from folder to folder, see the different sections for retention periods.
Test Scenarios
The test scenarios can be selected by clicking on the Show Test Scenarios link in checkout.
The mandates and payments involved in test scenarios are never added to batches and are for mock purposes only.
Activate mandate 10s after confirmation
This will activate the mandate 10s after it has been confirmed in the checkout.
Fail mandate 10s after confirmation
This will deactivate the mandate 10s after it has been confirmed in the checkout.
Fail debit payment for this mandate after 10s
This will simulate a debit payment failure in 2 steps:
- Sign up for a mandate in the checkout, it will activated 10s after it has been confirmed.
- Do a direct debit charge on the activated mandate and it will be marked as failed.
Complete debit payment for this mandate after 10s
This will simulate a successful debit payment in 2 steps:
- Sign up for a mandate in the checkout, it will activated 10s after it has been confirmed.
- Do a direct debit charge on the activated mandate and it will be marked as successful.
Fail credit payment for this account after 10s
This will simulate a credit payment failure in 2 steps:
- Sign up for a mandate in the checkout, it will activated 10s after it has been confirmed.
- Do a direct credit charge on the activated mandate and it will be marked as failed.
Complete credit payment for this account after 10s
This will simulate a successful credit payment in 2 steps:
- Sign up for a mandate in the checkout, it will activated 10s after it has been confirmed.
- Do a direct credit charge on the activated mandate and it will be marked as successful.
Fail refunds for debit payments for this mandate after 10s
This will simulate a debit payment refund failure in 3 steps:
- Sign up for a mandate in the checkout, it will activated 10s after it has been confirmed.
- Do a direct debit charge on the activated mandate and it will be marked as successful.
- Do a refund on the direct debit charge and it will fail.
Complete refunds for debit payments for this mandate after 10s
This will simulate a successful debit payment refund in 3 steps:
- Sign up for a mandate in the checkout, it will activated 10s after it has been confirmed.
- Do a direct debit charge on the activated mandate and it will be marked as successful.
- Do a refund on the direct debit charge and it will be successful.
Test data, BACS manual entry
In order to test how the manual-entry validation works, you will need to use specific information about the consumer.
Person-1
Name: Sharon Rajapaksa
DoB: 1973-08-31
AddressLine1: 80B High street
City: ST. Albans
Postalcode: AL3 8LE
Sort-code: 070116
Account number: 00035305
Person-2
Name: Linda Duff
DoB: 1986-01-21
AddressLine1: 198 Hand avenue
City: Leicester
Postalcode: LE3 1SL
Sort-code: 070116
Account number: 00043156