SEPA Secure payments using host-to-host
The host-to-host communication allows a merchant to send all the data needed for a KYC of a customer in the background. The customer will not be required to fill in data or manually send proof of identity or proof of address. This flow has the best conversion rate.
Step 1 needs to be finished only once and only if SumSub token sharing is not implemented.
The host-to-host flow for a customer includes the following steps:
Pass KYC for a customer
Wait till the applicant is created.
Average response time for this API is 15 seconds. Please use this API to check user status or wait for a KYC callback.
Patching data for a SOFT_KYC_FAILED case
Wait for KYC to be passed.
In rare cases the process may take several minutes. Please use this API to check user status or wait for a KYC callback.
Get the customer bank details when the KYC is passed.
Create an invoice with deposit data
Create an invoice for a user
Display the invoice with the deposit destination data to the customer or display the IBAN directly.
Process a callback on every deposit
Ensure to check customer status before the invoice creation.
If a status is null - a user account must be created.
If a status is "created" - an applicant must be created next.
Other statuses can be handled on the checkout directly.
Make sure that you control the result of execution of each API request. If one of the requests fails - all the subsequent requests will also fail. Instead, do not go down the flow if a request is failed or not yet complete, setup a retry mechanism where necessary.
Note, that there the KYC needs to be passed only once. There is no need to trigger the API endpoints before every deposit.
Confirming a transaction
Due to security risks, merchants must use our API endpoint to request transaction details. XGateway is not liable for issues caused by relying only on callback data.
To confirm the callback is valid, please use the API endpoint.
Testing SEPA Secure deposits on Demo environment
Check this page for ways to test the integration.
Last updated