Frequently Asked Questions

The following comprise a growing list of TPP developer queries. Check back often, as the list is updated periodically with/without notice.

Do I need to have an or license to use your service?

No, Token.io has obtained AISP and PISP approval from the in the UK, passported across Europe. However, please note that if you require functionality, you may be required to register as an agent of Token.io via the FCA. We will assist you with any required formalities. Contact us for further information.

Do you have a sandbox that I can test with?

Yes, Token.io has a full sandbox and notional banks with which you can test your integration. During initial setup (see Onboarding), follow the client setup instructions to connect to our SANDBOX environment. We recommend you start out with Wood Bank (United Kingdom). Contact us to learn more about other available banks in the sandbox.

Can I test against sandboxes hosted by real banks in your network?

Yes. Upon completing your integration testing with Token.io’s notional banks, you can test with any of our directly integrated partner banks (pursuant to PSD2 regulations). For additional details, don’t hesitate to contact us.

Can I set up a standing order or recurring payment using your Smart Token technology?

Yes. See Standing Orders in Creating a Transfer Token Request.

Does Token.io offer categorisation options for retrieving transaction history?

No, Token.io does not currently offer categorization. However we expect support for this feature to be available sometime in the future.

Can I make cross-border payments?

Yes. See Specifying Transfer Destination Details in Creating a Transfer Token Request.

What timezones do banks use?

Token.io uses as the default time zone for all banks across all countries.

Is there a way to get the status of a transaction/payment with a token request ID If due to some reason we lost the response for redeem token call?

Yes. Call getToken to find its associated token requestId. You can also use the tokenId to call GetTransfers to see all associated transfers. In short, the transfer(s) and the token requestId are all linked to a tokenId.

What provides Idempotence for the CreateTransfer (aka redeemToken) call?

Including the same refId when calling CreateTransfer provides .

What do different transaction statuses mean? How should each case be handled? Which cases should we retry, what’s the proper retry interval, its lifecycle, etc.?

See Payment Status: Values and Meaning for the complete list of status codes and their definition.

Handling with regard to retry intervals is almost entirely bank-dependent, but here are some general pointers:

  • PENDING – request still needs to be sent to bank; bank may be down or otherwise unable to receive requests; should be a relatively short wait.
  • PENDING_EXTERNAL_AUTHORIZATION – the user needs to finish the flow for legacy transfer; it’s possible the user never finished .
  • PROCESSING – the bank has accepted the request but it hasn't yet cleared. The wait is bank-dependent.
  • SENT – (legacy transfers only) the transaction has been sent but has not yet been acknowledged by the bank. This status is final; it occurs when a transient error happens and the provider does not support a method for ensuring idempotency.

Why do some banks require the Token.io App to work with Finvertax/Southside and others don’t?

Token.io supports both Appless and App flows. To discover which banks support a particular flow, use a getBanks call and set supportsAppless to true/false to filter the list accordingly.

Can I customize the token request flow with a logo, display, etc.?

Yes. You can set your profile display and picture when you set up your business member profile (see Step 6 in Onboarding). You can also customize the Token.io Web App UI with your logo and colors. See Customising the Token.io Web App for details.

What is the process for going live in Token.io's production environment?

See Going Into Production for detailed guidance.

What about transfer reconciliation? What information will be included for the transaction description in the source bank account statement?

Much of this is bank-dependent. For CMA9 banks, Token.io passes the refId to the source bank to use according to bank policy. In general, most banks include the refId in the transaction description, but it's entirely at the bank's discretion.

Why is there no description in the receipt email?

The description in the email is from the transfer description, not the token description, and should be provided when calling redeemToken.

How do I notify Token.io of questions or issues I’m encountering?

Contact our support desk with details on the issue or question. We’ll follow up with you straightaway.