Introduction to iDEAL Direct Merchant/CPSP Connection

This Implementation Guide provides a detailed description of the iDEAL specifications for Merchants / CPSPs that directly integrate with the iDEAL Hub. The document is intended for Merchants and CPSPs who are developing or plan to develop a direct integration with iDEAL (so not via an Acquirer or CPSP), and require detailed information on its implementation. The guideline aids in the implementation of iDEAL by:

  • Elaborating on the API specifications and UX flows that are released as part of the iDEAL technical documentation

  • Interpreting the implications of the technical documentation on Merchants / CPSPs

  • Providing additional guidelines or requirements for implementation

Before proceeding, please make sure you have read and understood the Connection Types mentioned in Generic Merchant info and requirements on the New iDEAL to verify whether the Direct Connection (and this documentation) is applicable to you

iDEAL Features

Building on the success of iDEAL as online banking payment method, the iDEAL ecosystem will expand and improve on the existing features. It offers several key improvements, such as seamless customer journeys, a future-proof infrastructure, an agile scheme organization and an open ecosystem for value-added services.

On a high level, iDEAL offers several key features:

  • iDEAL Payment (Standard)

    • Payment without profile recognition enables Users to pay with iDEAL without the need of a registered profile, by means of a manual bank selection or QR code, offered on an iDEAL payment page.

    • Payment with iDEAL profile recognized via a cookie enables iDEAL to recognize the User based on a cookie stored on the User’s device, and show the User’s payment preferences.

  • Payment with iDEAL profile recognized via iDEAL User Token allows the Merchant to immediately present the User with his preferred IBAN, and redirect the User to his preferred bank (with preferred IBAN preselected). A unique iDEAL User Token (expectedDebtor.usertoken) can be provided to the Merchant upon request. Upon future visits, the Merchant can use this token to retrieve and/or make use of the User’s payment preferences in the iDEAL transaction.

  • iDEAL Checkout allows the User to share his centrally stored address and contact details with Merchants upon request. This means that Users, for example, do not have to enter their address details each time they shop at a different Merchant.

Ecosystem overview

The iDEAL ecosystem is composed of several parties that interact in order to fulfill an iDEAL transaction. The focus of this document is on the direct integration of Merchants/CPSPs to the iDEAL Hub. The overview below illustrates the interaction between the parties involved. These interactions take place through REST APIs that are defined by iDEAL. A list of all currently available APIs is included in the overview below. Detailed API specifications can be found on Confluence: https://currencenl.atlassian.net/wiki/pages/createpage.action?spaceKey=IPD&title=Direct%20Connection%20Merchant%2FCPSP%20APIs&linkCreation=true&fromPageId=3417604347 .

Using these API endpoints, Merchants / CPSPs can initiate iDEAL transactions directly with the iDEAL Hub, rather than via their Acquirer. Direct integration must be technically facilitated by the Acquirer by providing a TLS-MA certificate and iDEAL Access Token to the Merchant / CPSP. See Security for Direct Connection for more details. Any required contractual arrangements between Merchant / CPSP and Acquirer are not discussed in this document.

  1. iDEAL - Merchant/CPSP API

  2. Merchant/CPSP Callback API

  3. iDEAL Access Token and certificate/CSR exchange: Security for Direct Connection

Definitions

Definition

Description

Definition

Description

User
(debtor, consumer, customer)

The natural person or Business using the iDEAL Scheme to make an iDEAL Payment through the Banking Environment of its Issuer.

Within the specifications, the User may be referred to as debtor (APIs) or Consumer (sequence diagrams).

Merchant
(creditor, subCreditor)

The party that has concluded an iDEAL Contract with an Acquirer or CPSP in order to offer iDEAL to its customers for the payment of goods or services delivered by it.

Within the API definitions, the Merchant is referred to as creditor (when the iDEAL payment goes directly to IBAN of Merchant) or subCreditor (when e.g. a CPSP is involved)

CPSP (Collecting Payment Service Provider)

An Institution which has entered into a Certificate Agreement or Accreditation Agreement with Currence for the Role of CPSP, as further described in the Role Provisions for the CPSP.

Within the API definitions, the CPSP is referred to as creditor (when a CPSP is involved).

(iDEAL) Payment

A SEPA Credit Transfer (SCT) payment initiated and authorized by a User through the Banking Environment of its Issuer to a Merchant, Acquirer, CPSP or C2C Provider pursuant to the iDEAL Scheme, to be executed upon successful completion of an iDEAL Transaction.

iDEAL Transaction

A set of iDEAL messages pursuant to the iDEAL API that is exchanged by and between iDEAL Partners and Merchants in relation to iDEAL services.

iDEAL Hub

The technical platform which is owned by Currence and which is used for the exchange of iDEAL Transactions by and between iDEAL Partners, Merchants and Currence, e.g. in relation to:

  • the issue, receipt, processing or Authorization of iDEAL Transactions; and

  • the use of iDEAL Profiles for iDEAL Transactions.

iDEAL User Token

The token as provided by Currence to a Merchant to identify an iDEAL Profile, which is linked to an iDEAL Profile of the User on the iDEAL Hub and which is used to exchange the User preferences (i.e. preferred IBAN) for the iDEAL Transactions with the Merchant.

In specifications referred to as expectedDebtor.userToken or User token. Note that an iDEAL User Token can link to one iDEAL profile only.

iDEAL Access Token

A short-lived token to be provided by the Acquirer to an Acquiring Participant that connects to the iDEAL Hub directly and which includes contractual data needed for the iDEAL Transaction (e.g. IBAN, Merchant name etc.). The Acquiring Participant needs to include this token in each iDEAL message towards to iDEAL Hub in order for Currence to authenticate the contractual validity of the direct access of the Acquiring Participant to the iDEAL Hub. In specifications referred to as JWT Access Token.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in
RFC 2119.

Copyright © Currence iDEAL B.V. All rights reserved.