Paths
/{aspsp-cde}/v1-0-2/multibanco-payments/{multibanco-payment-type}/{service-payment-name}
MB Payment Service Initiation
Creates a Multibanco payment initiation request at the ASPSP.
Identification of the aspsp
Multibanco Payment type should be fulfilled as determined by the initiating party and should assume the following values: - service-payments; - special-service-payments; - public-sector-payments.
{
"default": "service-payments",
"enum": [
"service-payments",
"special-service-payments",
"public-sector-payments"
]
}
service-payment-name should be fulfilled whenver Multibanco payment type is "special-service-payments"
ID of the request, unique to the call, as determined bu the initiating party.
URI of the TPP, where the transaction flow shall be redirected to after a Redirect. Shall be contained at least if the tppRedirectPreferred parameter is set to true or is missing.
If it equals “true”, the TPP prefers a redirect over an embedded SCA approach. If it equals “false”, the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU. If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU.
The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
The forwarded Agent header field of the http request between PSU and TPP.
The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
User identification in ASPSP
{
"default": ""
}
Corporate User identification in ASPSP
{
"default": ""
}
Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
{
"default": ""
}
Might be mandated in the ASPSPs documentation. Only used in a corporate context.
{
"default": ""
}
This data element may be contained, if the payment initiation transaction is part of a session, i.e. combined AIS/PIS service. This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
Standard https header element date and time
ID of the transaction as determined by the initiating party.
A signature of the request by the TPP on application level. This might be mandated by ASPSP.
Payment Initiation Request
{
"schema": {
"type": "object",
"properties": {
"instructedAmount": {
"$ref": "#\/definitions\/Amount",
"description": "Transaction amount to be checked within the funds check mechanism."
},
"multibancoPaymentReference": {
"type": "string",
"description": "Multibanco Payment Reference"
},
"multibancoPaymentEntity": {
"type": "string",
"description": "Multibanco Payment Entity"
},
"taxpayerIdentificationNumber": {
"type": "string",
"maxLength": 12,
"description": "Taxpayer Identification Number"
},
"debtorAccount": {
"$ref": "#\/definitions\/AccountReference",
"description": "Debtor account"
},
"requestedExecutionDate": {
"type": "string",
"description": "Indicates the acceptance of future dated payments by issuing an ASPSP.",
"format": "date"
},
"requestedExecutionTime": {
"type": "string",
"description": "Reserved for future use",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"instructedAmount",
"multibancoPaymentReference",
"multibancoPaymentEntity"
],
"description": "Creates a Multibanco payment initiation request at the ASPSP."
}
}
The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.
Hash of the message body. Should be present when Request body exists
Created.
Bad Request.
Unauthorized.
Forbidden.
Not Found.
Method Not Allowed.
Not Acceptable.
Request Timeout.
Unsupported Media Type.
Too Many Requests.
Internal Server Error.
Service Unavailable.
Gatewaty Timeout.
/{aspsp-cde}/v1-0-2/multibanco-payments/{multibanco-payment-type}/{service-payment-name}/{payment-id}
MB Payment service inquiry request
Requests the content of Multibanco payment initiation object.
Identification of the aspsp
Multibanco Payment type should be fulfilled as determined by the initiating party and should assume the following values: - service-payments; - special-service-payments; - public-sector-payments.
{
"default": "service-payments",
"enum": [
"service-payments",
"special-service-payments",
"public-sector-payments"
]
}
service-payment-name should be fulfilled whenver Multibanco payment type is "special-service-payments"
Identification of the payment
ID of the request, unique to the call, as determined bu the initiating party.
The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
The forwarded Agent header field of the http request between PSU and TPP.
The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
User identification in ASPSP
{
"default": ""
}
Corporate User identification in ASPSP
{
"default": ""
}
Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
{
"default": ""
}
Might be mandated in the ASPSPs documentation. Only used in a corporate context.
{
"default": ""
}
Standard https header element date and time
ID of the transaction as determined by the initiating party.
A signature of the request by the TPP on application level. This might be mandated by ASPSP.
The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.
Bad Request.
Unauthorized.
Forbidden.
Not Found.
Method Not Allowed.
Not Acceptable.
Request Timeout.
Unsupported Media Type.
Too Many Requests.
Internal Server Error.
Service Unavailable.
Gatewaty Timeout.
MB Payment Service Initiation Update request
Update information related to a previous Multibanco payment initiation in order to obtain PSUId credentials. It is only to be used to support Embedded method.
Identification of the aspsp
Multibanco Payment type should be fulfilled as determined by the initiating party and should assume the following values: - service-payments; - special-service-payments; - public-sector-payments.
{
"default": "service-payments",
"enum": [
"service-payments",
"special-service-payments",
"public-sector-payments"
]
}
service-payment-name should be fulfilled whenver Multibanco payment type is "special-service-payments"
Identification of the payment
ID of the request, unique to the call, as determined bu the initiating party.
User identification in ASPSP
{
"default": ""
}
Corporate User identification in ASPSP
{
"default": ""
}
Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
{
"default": ""
}
Might be mandated in the ASPSPs documentation. Only used in a corporate context.
{
"default": ""
}
This data element may be contained, if the payment initiation transaction is part of a session, i.e. combined AIS/PIS service. This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
Standard https header element date and time
A signature of the request by the TPP on application level. This might be mandated by ASPSP.
Account Consent Request Update
{
"schema": {
"type": "object",
"properties": {
"psuData": {
"$ref": "#\/definitions\/PSUData",
"description": "Include all credentials related data (e.g., user, password and additional data accordingly with ASPSP requests)"
},
"scaAuthenticationData": {
"description": "SCA authentication data, depending on the chosen authentication method.\n\nif the data is binary, then it is base64 encoded.\n",
"type": "string",
"default": ""
},
"authenticationMethodId": {
"description": "The authentication method ID as provided by the ASPSP\n\nThis property is mandatory in a Select Authentication Method\n",
"type": "string",
"default": ""
}
},
"additionalProperties": false,
"description": "Update information related to a previous Multibanco payment initiation in order to obtain PSUId credentials.\nIt is only to be used to support Embedded method."
}
}
The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.
Hash of the message body. Should be present when Request body exists
Created.
Bad Request.
Unauthorized.
Forbidden.
Not Found.
Method Not Allowed.
Not Acceptable.
Request Timeout.
Unsupported Media Type.
Too Many Requests.
Internal Server Error.
Service Unavailable.
Gatewaty Timeout.
MB Cancel Payment Request
Cancels a given Multibanco payment initiaton resource.
Identification of the aspsp
Multibanco Payment type should be fulfilled as determined by the initiating party and should assume the following values: - service-payments; - special-service-payments; - public-sector-payments.
{
"default": "service-payments",
"enum": [
"service-payments",
"special-service-payments",
"public-sector-payments"
]
}
service-payment-name should be fulfilled whenver Multibanco payment type is "special-service-payments"
Identification of the payment
ID of the request, unique to the call, as determined bu the initiating party.
URI of the TPP, where the transaction flow shall be redirected to after a Redirect. Shall be contained at least if the tppRedirectPreferred parameter is set to true or is missing.
The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
The forwarded Agent header field of the http request between PSU and TPP.
The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
User identification in ASPSP
{
"default": ""
}
Corporate User identification in ASPSP
{
"default": ""
}
Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
{
"default": ""
}
Might be mandated in the ASPSPs documentation. Only used in a corporate context.
{
"default": ""
}
Standard https header element date and time
ID of the transaction as determined by the initiating party.
A signature of the request by the TPP on application level. This might be mandated by ASPSP.
The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.
Bad Request.
Unauthorized.
Forbidden.
Not Found.
Method Not Allowed.
Not Acceptable.
Request Timeout.
Unsupported Media Type.
Too Many Requests.
Internal Server Error.
Service Unavailable.
Gatewaty Timeout.
/{aspsp-cde}/v1-0-2/multibanco-payments/{multibanco-payment-type}/{service-payment-name}/{payment-id}/status
MB Payment service status inquiry request
Request to check the status of a Multibanco payment initiation.
Identification of the aspsp
Multibanco Payment type should be fulfilled as determined by the initiating party and should assume the following values: - service-payments; - special-service-payments; - public-sector-payments.
{
"default": "service-payments",
"enum": [
"service-payments",
"special-service-payments",
"public-sector-payments"
]
}
service-payment-name should be fulfilled whenver Multibanco payment type is "special-service-payments"
Identification of the payment
ID of the request, unique to the call, as determined bu the initiating party.
Standard https header element date and time
ID of the transaction as determined by the initiating party.
A signature of the request by the TPP on application level. This might be mandated by ASPSP.
The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.
Bad Request.
Unauthorized.
Forbidden.
Not Found.
Method Not Allowed.
Not Acceptable.
Request Timeout.
Unsupported Media Type.
Too Many Requests.
Internal Server Error.
Service Unavailable.
Gatewaty Timeout.
Definitions
Identifier of the addressed account.
{
"type": "object",
"properties": {
"iban": {
"description": "International Bank Account Number",
"type": "string",
"pattern": "^[A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30}$",
"default": "PT000"
},
"bban": {
"description": "This data elements is used for payment accounts which have no IBAN.",
"type": "string",
"default": "1",
"pattern": "^[a-zA-Z0-9]{1,30}$"
},
"pan": {
"description": "Primary Account Number (PAN) of a card, can be tokenised by the ASPSP due to PCI DSS requirements.",
"type": "string",
"maxLength": 35,
"default": ""
},
"maskedPan": {
"description": "Primary Account Number (PAN) of a card in a masked form.",
"type": "string",
"maxLength": 35,
"default": ""
},
"msisdn": {
"description": "An alias to access a payment account via a registered mobile phone number",
"type": "string",
"maxLength": 35,
"default": ""
},
"currency": {
"description": "ISO 4217 Alpha 3 currency code.",
"type": "string",
"default": ""
}
},
"additionalProperties": false
}
Amount
{
"type": "object",
"required": [
"currency",
"content"
],
"properties": {
"currency": {
"description": "ISO 4217 currency code\n",
"type": "string",
"pattern": "^[A-Z]{3,3}$",
"default": "EUR"
},
"content": {
"description": "The amount given with fractional digits, where fractions must be compliant to the currency definition.\n\nThe decimal separator is a dot.\n",
"type": "string",
"pattern": "^\\-{0,1}[0-9]{1,9}(\\.[0-9]{0,2}){0,1}$",
"default": "0"
}
},
"additionalProperties": false
}
Authentication Data
{
"type": "object",
"required": [
"authenticationMethodId"
],
"properties": {
"authenticationType": {
"description": "Type of the authentication method.",
"$ref": "#/definitions/AuthenticationType"
},
"authenticationVersion": {
"description": "Depending on the authenticationType. This version can be used by differentiating authentication tools used within performing OTP generation in the same authentication type. This version can be referred to in the ASPSP’s documentation.\n",
"type": "string",
"default": ""
},
"authenticationMethodId": {
"description": "An identification provided by the ASPSP for the later identification of the authentication method selection.\n",
"type": "string",
"maxLength": 35,
"default": ""
},
"name": {
"description": "This is the name of the authentication method defined by the PSU in the Online Banking frontend of the ASPSP. Alternatively this could be a description provided by the ASPSP like “SMS OTP on phone +49160 xxxxx 28”. This name shall be used by the TPP when presenting a list of authentication methods to the PSU, if available.\n",
"type": "string",
"default": ""
},
"explanation": {
"description": "detailed information about the sca method for the PSU.\n",
"type": "string",
"default": ""
}
},
"additionalProperties": false
}
Array of Authentication object
{
"type": "array",
"items": {
"$ref": "#/definitions/Authentication"
}
}
authentication types:
SMS_OTP - An SCA method, where an OTP linked to the transaction to be authorised is sent to the PSU through a SMS channel.
CHIP_OTP - An SCA method, where an OTP is generated by a chip card, e.g. an TOP derived from an EMV cryptogram. To contact the card, the PSU normally needs a (handheld) device. With this device, the PSU either reads the challenging data through a visual interface like flickering or the PSU types in the challenge through the device key pad. The device then derives an OTP from the challenge data and displays the OTP to the PSU.
PHOTO_OTP - An SCA method, where the challenge is a QR code or similar encoded visual data which can be read in by a consumer device or specific mobile app. The device resp. the specific app than derives an OTP from the visual challenge data and displays the OTP to the PSU.
PUSH_OTP - An OTP is pushed to a dedicated authentication APP and displayed to the PSU.
{
"type": "string",
"enum": [
"SMS_OTP",
"CHIP_OTP",
"PHOTO_OTP",
"PUSH_OTP"
],
"default": "SMS_OTP",
"additionalProperties": false
}
Requested Authentication Data
{
"properties": {
"data": {
"type": "string",
"description": "String challenge data"
},
"imageLink": {
"type": "string",
"description": "A link where the ASPSP will provides the challenge image for the TPP."
},
"otpMaxLength": {
"type": "string",
"description": "The maximal length for the OTP to be typed in by the PSU."
},
"otpFormat": {
"type": "string",
"description": "The format type of the OTP to be typed in."
},
"additionalInformation": {
"type": "string",
"description": "Additional explanation for the PSU to explain e.g. fallback mechanism for the chosen SCA method. The TPP is obliged to show this to the PSU."
},
"image": {
"type": "string",
"description": "PNG data (max. 512 kilobyte) to be displayed to the PSU, Base64 encoding , cp. [RFC 4648]. This attribute is used only, when PHOTO_OTP or CHIP_OTP is the selected SCA method."
}
},
"additionalProperties": false
}
Error and status Information.
{
"type": "object",
"properties": {
"transactionStatus": {
"$ref": "#/definitions/TransactionStatusType",
"description": "The transaction status is filled with codes of the ISO 20022 corresponding element."
},
"tppMessages": {
"$ref": "#/definitions/TppMessageArray",
"description": "Messages to the TPP on operational issues."
}
},
"additionalProperties": false
}
Message error codes.
{
"type": "string",
"enum": [
"SERVICE_BLOCKED",
"CORPORATE_ID_IVALID",
"CONSENT_UNKNOWN",
"CONSENT_INVALID",
"CONSENT_EXPIRED",
"RESOURCE_UNIKNOWN",
"RESOURCE_EXPIRED",
"TIMESTAMP_INVALID",
"PERIOD_INVALID",
"SCA_METHOD_UNKKNOWN",
"TRANSACTION_ID_INVALID",
"PRODUCT_INVALID",
"PRODUCT_UNKNOWN",
"PAYMENT_FAILED",
"REQUIRED_KID_MISSING",
"SESSIONS_NOT_SUPPORTED",
"ACCESS_EXCEEDED",
"REQUESTED_FORMATS_INVALID",
"CARD_INVALID",
"NO_PIIS_ACTIVATION"
],
"default": "CONSENT_INVALID",
"additionalProperties": false
}
A list of hyperlinks to be recognized by the TPP.
{
"properties": {
"redirect": {
"type": "string",
"description": "A link to an ASPSP site where SCA is performed within the Redirect SCA approach."
},
"updatePsuIdentification": {
"type": "string",
"description": "The link to the payment initiation or account information resource, which needs to be updated by the PSU NextGenPSD2 XS2A Framework – Implementation Guidelines Complex Data Types and Code Lists Published by the Berlin Group under Creative Commons Attribution-NoDerivatives 4.0 International Public License Page 133(ref. License Notice for full license conditions) Attribute Type Condition Description identification if not delivered yet."
},
"updatePsuAuthentication": {
"type": "string",
"description": "The link to the payment initiation or account information resource, which needs to be updated by a PSU password and eventually the PSU identification if not delivered yet."
},
"selectedAuthenticationMethod": {
"type": "string",
"description": "This is a link to a resource, where the TPP can select the applicable second factor authentication methods for the PSU, if there were several available authentication methods."
},
"authoriseTransaction": {
"type": "string",
"description": "The link to the payment initiation or consent resource, where the “Transaction Authorisation”Request” is sent to.This is the link to the resource which will authorise the payment or the consent by checking the SCA authentication data within the Embedded SCA approach."
},
"self": {
"type": "string",
"description": "The link to the payment initiation resource created by the request itself. This link can be used later to retrieve the transaction status of the payment initiation."
},
"updateProprietaryData": {
"type": "string",
"description": "Status of the resource."
},
"status": {
"type": "string"
}
},
"additionalProperties": false
}
The password or encryptedPassword subfield is used, depending on encryption requirements of the ASPSP as indicated in the corresponding hyperlink contained in the last response message of the ASPSP.
{
"properties": {
"password": {
"type": "string",
"description": "PSU Password."
}
},
"additionalProperties": false
}
Transports additional error information.
{
"required": [
"category",
"code"
],
"properties": {
"category": {
"type": "string",
"default": "",
"description": "Only ”ERROR” or \"WARNING\" permitted"
},
"code": {
"$ref": "#/definitions/MessageCode",
"description": "Message error code."
},
"path": {
"type": "string",
"default": "",
"description": "Path of the element of the request message which provoked this error message."
},
"text": {
"type": "string",
"maxLength": 512,
"default": "",
"description": "Additional explaining text."
}
},
"additionalProperties": false
}
Messages to the TPP on operational issues.
{
"type": "array",
"items": {
"$ref": "#/definitions/TppMessage",
"description": "Transports additional error information."
},
"additionalProperties": false
}
Amount
{
"properties": {
"amount": {
"type": "string",
"description": "ISO 4217 currency code"
},
"currency": {
"type": "string",
"description": "The amount given with fractional digits, where fractions must be compliant to the currency definition.The decimal separator is a dot."
}
},
"additionalProperties": false
}
ISO20022: The transaction status is filled with value of the ISO20022 data table. RCVD : RECEIVED PDNG : PENDING PATC : PARTIALLY ACCEPTED TECHNICAL CORRECT ACTC : ACCEPTED TECHNICAL VALIDATION ACFC : ACCEPTED FUNDS CHECKED ACWC : ACCEPTED WITH CHANGE ACWP : ACCEPTED WITHOUT POSTING ACSP : ACCEPTED SETTLEMENT IN PROCESS ACSC : ACCEPTED SETTLEMENT COMPLETED CANC : CANCELED RJCT : REJECTED
{
"type": "string",
"enum": [
"RCVD",
"PDNG",
"PATC",
"ACTC",
"ACFC",
"ACWC",
"ACWP",
"ACSP",
"ACSC",
"CANC",
"RJCT"
],
"default": "RJCT",
"additionalProperties": false
}
Cancels a given Multibanco payment initiaton resource.
{
"type": "object",
"properties": {
"transactionStatus": {
"description": "The transaction status is filled with codes of the ISO 20022 data table.",
"$ref": "#/definitions/TransactionStatusType"
},
"_links": {
"$ref": "#/definitions/MultibancoPaymentLinks",
"description": "A list of hyperlinks to be recognised by the TPP. The actual hyperlinks used in the response depend on the dynamical decisions of the ASPSP when processing the request. Remark: All links can be relative or full links, to be decided by the ASPSP. Type of links admitted in this response, (further links might be added for ASPSP defined extensions): “redirect”: In case of an SCA Redirect Approach, the ASPSP is transmitting the link to which to redirect the PSU browser. “updatePsuIdentification”: The link to the payment initiation resource, which needs to be updated by the PSU identification. This might be used in an embedded, redirect or decoupled SCA Approach, where the PSU ID was missing in the first request. “updatePsuAuthentication”: The link to the payment initiation resource, which needs to be updated by a PSU password and eventually the PSU identification if not delivered yet. This is used in case of the Embedded or Decoupled SCA approach. “selectAuthenticationMethod” : This is a link to a resource, where the TPP can select the applicable strong customer authentication methods for the PSU, if there were several available authentication methods. This link contained under exactly the same conditions as the data element “authenticationMethods”, see above. “authoriseTransaction” : The link to the payment initiation resource, where the “Payment Authorisation Request” is sent to. This is the link to the resource which will authorise the payment by checking the SCA authentication data within the Embedded SCA approach."
},
"psuMessage": {
"type": "string",
"description": "Text to be displayed to the PSU."
},
"tppMessages": {
"$ref": "#/definitions/TppMessageArray",
"description": "Messages to the TPP on operational issues."
},
"transactionFees": {
"description": "Can be used by the ASPSP to transport transaction fees relevant for the underlying payments.",
"$ref": "#/definitions/Amount"
},
"transactionFeeIndicator": {
"type": "boolean",
"description": "If equals “true”, the transaction will involve specific transaction cost as shown by the ASPSP in their public price list or as agreed between ASPSP and PSU. If equals “false”, the transaction will not involve additional specific transaction costs to the PSU."
},
"scaMethods": {
"description": "This data element might be contained, if SCA is required and if the PSU has a choice between different authentication methods. Depending on the risk management of the ASPSP this choice might be offered before or after the PSU has been identified with the first relevant factor, or if an access token is transported. If this data element is contained, then there is also an hyperlink of type “selectAuthenticationMethods” contained in the response body. These methods shall be presented towards the PSU for selection by the TPP.",
"$ref": "#/definitions/AuthenticationArray"
}
},
"additionalProperties": false
}
Creates a Multibanco payment initiation request at the ASPSP.
{
"type": "object",
"properties": {
"instructedAmount": {
"$ref": "#/definitions/Amount",
"description": "Transaction amount to be checked within the funds check mechanism."
},
"multibancoPaymentReference": {
"type": "string",
"description": "Multibanco Payment Reference"
},
"multibancoPaymentEntity": {
"type": "string",
"description": "Multibanco Payment Entity"
},
"taxpayerIdentificationNumber": {
"type": "string",
"maxLength": 12,
"description": "Taxpayer Identification Number"
},
"debtorAccount": {
"$ref": "#/definitions/AccountReference",
"description": "Debtor account"
},
"requestedExecutionDate": {
"type": "string",
"description": "Indicates the acceptance of future dated payments by issuing an ASPSP.",
"format": "date"
},
"requestedExecutionTime": {
"type": "string",
"description": "Reserved for future use",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"instructedAmount",
"multibancoPaymentReference",
"multibancoPaymentEntity"
]
}
Creates a Multibanco payment initiation response to TPP.
{
"type": "object",
"properties": {
"transactionStatus": {
"description": "The values defined in Section 13.18 might be used.",
"$ref": "#/definitions/TransactionStatusType"
},
"paymentId": {
"type": "string",
"description": "Resource identification of the generated payment initiation resource."
},
"transactionFees": {
"$ref": "#/definitions/Amount",
"description": "Can be used by the ASPSP to transport transaction fees relevant for the underlying payments."
},
"transactionFeeIndicator": {
"type": "boolean",
"description": "If equals “true”, the transaction will involve specific transaction cost as shown by the ASPSP in their public price list or as agreed between ASPSP and PSU. If equals “false”, the transaction will not involve additional specific transaction costs to the PSU."
},
"scaMethods": {
"$ref": "#/definitions/AuthenticationArray",
"description": "This data element might be contained, if SCA is required and if the PSU has a choice between different authentication methods. Depending on the risk management of the ASPSP this choice might be offered before or after the PSU has been identified with the first relevant factor, or if an access token is transported. If this data element is contained, then there is also an hyperlink of type “selectAuthenticationMethods” contained in the response body. These methods shall be presented towards the PSU for selection by the TPP."
},
"choosenScaMethod": {
"$ref": "#/definitions/Authentication",
"description": "This data element is only contained in the response if the APSPS has chosen the Embedded SCA Approach, if the PSU is already identified e.g. with the first relevant factor or alternatively an access token, if SCA is required and if the authentication method is implicitly selected."
},
"challengeData": {
"description": "It is contained in addition to the data element chosenScaMethod if challenge data is needed for SCA. In rare cases this attribute is also used in the context of the psuAuthentication link.",
"$ref": "#/definitions/ChallengeData"
},
"_links": {
"$ref": "#/definitions/MultibancoPaymentLinks",
"description": "A list of hyperlinks to be recognised by the TPP. The actual hyperlinks used in the response depend on the dynamical decisions of the ASPSP when processing the request. Remark: All links can be relative or full links, to be decided by the ASPSP. Type of links admitted in this response, (further links might be added for ASPSP defined extensions): “redirect”: In case of an SCA Redirect Approach, the ASPSP is transmitting the link to which to redirect the PSU browser. “oAuth”: In case of a SCA OAuth2 Approach, the ASPSP is transmitting the URI where the configuration of the Authorisation Server can be retrieved. The configuration follows the OAuth 2.0 Authorisation Server Metadata specification. “updatePsuIdentification”: The link to the payment initiation resource, which needs to be updated by the PSU identification. This might be used in an embedded, redirect or decoupled SCA Approach, where the PSU ID was missing in the first request. “updatePsuAuthentication”: The link to the payment initiation resource, which needs to be updated by a PSU password and eventually the PSU identification if not delivered yet. This is used in case of the Embedded or Decoupled SCA approach. “selectAuthenticationMethod” : This is a link to a resource, where the TPP can select the applicable strong customer authentication methods for the PSU, if there were several available authentication methods. This link contained under exactly the same conditions as the data element “authenticationMethods”, see above. “authoriseTransaction” : The link to the payment initiation resource, where the “Payment Authorisation Request” is sent to. This is the link to the resource which will authorise the payment by checking the SCA authentication data within the Embedded SCA approach. “self” : The link to the payment initiation resource created by this request. This link can be used to retrieve the resource data. “status”: The link to retrieve the transaction status of the payment initiation."
},
"psuMessage": {
"type": "string",
"description": "Text to be displayed to the PSU."
},
"tppMessages": {
"description": "Messages to the TPP on operational issues.",
"$ref": "#/definitions/TppMessageArray"
}
},
"additionalProperties": false,
"required": [
"transactionStatus",
"paymentId",
"_links"
]
}
Requests the content of Multibanco payment initiation object.
{
"type": "object",
"properties": {
"transactionStatus": {
"description": "The values defined in Section 13.18 might be used.",
"$ref": "#/definitions/TransactionStatusType"
},
"paymentId": {
"type": "string",
"description": "Resource identification of the generated payment initiation resource."
},
"instructedAmount": {
"$ref": "#/definitions/Amount",
"description": "Transaction amount to be checked within the funds check mechanism."
},
"transactionFees": {
"$ref": "#/definitions/Amount",
"description": "Can be used by the ASPSP to transport transaction fees relevant for the underlying payments."
},
"requestedExecutionDate": {
"type": "string",
"format": "date",
"description": "Indicates the acceptance of future dated payments by issuing an ASPSP."
},
"debtorAccount": {
"$ref": "#/definitions/AccountReference",
"description": "Debtor account"
},
"transactionFeeIndicator": {
"type": "boolean",
"description": "If equals “true”, the transaction will involve specific transaction cost as shown by the ASPSP in their public price list or as agreed between ASPSP and PSU. If equals “false”, the transaction will not involve additional specific transaction costs to the PSU."
},
"multibancoPaymentEntity": {
"type": "string",
"description": "Multibanco Payment Entity."
},
"multibancoPaymentReference": {
"type": "string",
"description": "Multibanco Payment Reference"
},
"taxpayerIdentificationNumber": {
"type": "string",
"description": "Tax Payer identification Number"
},
"serviceEntityShortName": {
"type": "string",
"description": "It identifies Service Entity Name."
},
"additionalReference": {
"type": "string",
"description": "Additional Multibanco Payment Reference"
},
"plainInvoiceNumber": {
"type": "string",
"description": "Only mandatory for Multibanco Payments type 'special services' and when transaction status is accepted."
},
"plainInvoiceFootnote": {
"type": "string",
"description": "Only mandatory for Multibanco Payments type 'special services' and when transaction status is accepted."
},
"processorAuthorisation": {
"type": "string",
"description": "Only mandatory for Multibanco Payments type 'Payment of Services' and when transaction status is accepted."
}
},
"additionalProperties": false,
"required": [
"transactionStatus",
"paymentId",
"debtorAccount",
"instructedAmount",
"multibancoPaymentReference"
]
}
Update information related to a previous Multibanco payment initiation in order to obtain PSUId credentials. It is only to be used to support Embedded method.
{
"type": "object",
"properties": {
"psuData": {
"$ref": "#/definitions/PSUData",
"description": "Include all credentials related data (e.g., user, password and additional data accordingly with ASPSP requests)"
},
"scaAuthenticationData": {
"description": "SCA authentication data, depending on the chosen authentication method.\n\nif the data is binary, then it is base64 encoded.\n",
"type": "string",
"default": ""
},
"authenticationMethodId": {
"description": "The authentication method ID as provided by the ASPSP\n\nThis property is mandatory in a Select Authentication Method\n",
"type": "string",
"default": ""
}
},
"additionalProperties": false
}
Sends an update information related to a previous Multibanco payment initiation to TPP. It is only to be used to support Embedded method.
{
"type": "object",
"properties": {
"transactionStatus": {
"description": "This is the “authentication status” of the consent.",
"$ref": "#/definitions/TransactionStatusType"
},
"psuMessage": {
"type": "string",
"description": "Include all credentiText to be displayed to the PSUals related data (e.g., user, password and additional data accordingly with ASPSP requests)"
},
"tppMessages": {
"$ref": "#/definitions/TppMessageArray",
"description": "Messages to the TPP on operational issues."
},
"scaMethods": {
"$ref": "#/definitions/AuthenticationArray",
"description": "This data element might be contained, if SCA is required and if the PSU has a choice between different authentication methods. Depending on the risk management of the ASPSP this choice might be offered before or after the PSU has been identified with the first relevant factor, or if an access token is transported. If this data element is contained, then there is also an hyperlink of type \"startAuthorisationWith AuthenticationMethodSelection\" contained in the response body. These methods shall be presented towards the PSU for selection by the TPP."
},
"choosenScaMethod": {
"$ref": "#/definitions/Authentication",
"description": "If the ASPSP has chosen the Embedded SCA Approach, if the PSU is already identified e.g. with the first relevant factor or alternatively an access token, if SCA is required and if the authentication method is implicitly selected."
},
"ChallengeData": {
"$ref": "#/definitions/ChallengeData",
"description": "It is contained in addition to the data element chosenScaMethod if challenge data is needed for SCA. In rare cases this attribute is also used in the context of the psuAuthentication link."
},
"_links": {
"$ref": "#/definitions/MultibancoPaymentLinks",
"description": "A list of hyperlinks to be recognised by the TPP. The actual hyperlinks used in the response depend on the dynamical decisions of the ASPSP when processing the request. Remark: All links can be relative or full links, to be decided by the ASPSP. Type of links admitted in this response, (further links might be added for ASPSP defined extensions): “redirect”: In case of an SCA Redirect Approach, the ASPSP is transmitting the link to which to redirect the PSU browser. “oAuth”: In case of a SCA OAuth2 Approach, the ASPSP is transmitting the URI where the configuration of the Authorisation Server can be retrieved. The configuration follows the OAuth 2.0 Authorisation Server Metadata specification. “updatePsuIdentification”: The link to the payment initiation resource, which needs to be updated by the PSU identification. This might be used in an embedded, redirect or decoupled SCA Approach, where the PSU ID was missing in the first request. “updatePsuAuthentication”: The link to the payment initiation resource, which needs to be updated by a PSU password and eventually the PSU identification if not delivered yet. This is used in case of the Embedded or Decoupled SCA approach. “selectAuthenticationMethod” : This is a link to a resource, where the TPP can select the applicable strong customer authentication methods for the PSU, if there were several available authentication methods. This link contained under exactly the same conditions as the data element “authenticationMethods”, see above. “authoriseTransaction” : The link to the payment initiation resource, where the “Payment Authorisation Request” is sent to. This is the link to the resource which will authorise the payment by checking the SCA authentication data within the Embedded SCA approach. “self” : The link to the payment initiation resource created by this request. This link can be used to retrieve the resource data. “status”: The link to retrieve the transaction status of the payment initiation."
}
},
"additionalProperties": false,
"required": [
"transactionStatus",
"_links"
]
}
Informs TPP about status of a Multibanco payment initiation. For applicable Multibanco payments, it must have all necessary invoice data.
{
"type": "object",
"properties": {
"transactionStatus": {
"description": "In case where the Payment Initiation Request was JSON encoded as defined in Section 5.3.1, the status is returned in this JSON based encoding.",
"$ref": "#/definitions/TransactionStatusType"
},
"additionalReference": {
"type": "string",
"description": "Additional Multibanco Payment Reference"
},
"serviceEntityShortName": {
"type": "string",
"description": "It identifies Service Entity Name."
},
"plainInvoiceNumber": {
"type": "string",
"description": "Only mandatory for Multibanco Payments type 'special services' and when transaction status is accepted."
},
"plainInvoiceFootnote": {
"type": "string",
"description": "Only mandatory for Multibanco Payments type 'special services' and when transaction status is accepted."
},
"processorAuthorisation": {
"type": "string",
"description": "Only mandatory for Multibanco Payments type 'Payment of Services' and when transaction status is accepted."
}
},
"additionalProperties": false,
"required": [
"transactionStatus"
]
}