Payment Initiation Service (PIS)

Put simply, a payment initiation is conducted when a customer allows a licensed third-party provider () to execute a payment via direct bank transfer. To initiate this type of payment, the customer must consent to give the TPP access to their bank account information.

However, open banking in no way implies unrestricted access to a user's private data. User consent allows the to execute its services only for the specific user-approved purpose, in accordance with the EU’s regulation and a -compliant notification.

In the context of Token.io-supported payments discussed here, TPP and PISP are one and the same. The acronyms are interchangeable.

Essentially, after a customer agrees to allow you to access his/her banking data for an online payment, Token.io's payment interface prompts the user to select a Token.io-connected bank, whereupon the user is transferred to the bank's login interface for multi-factor authentication (e.g., valid user login credentials plus an received by , email or telephone, which must also be entered correctly).

Once the bank authenticates the user, it then authorizes the request, returning the order status back to the PISP through Token.io. Throughout this request-response interchange, banking and user data is transmitted via encrypted code.

Five crucial actions are required by the PISP to initiate a payment using the Token.io SDK:

  1. Filtering the list of Token.io-connected banks for user selection.
  2. Creating the transfer token request.
  3. Redirecting the user to authenticate and provide consent.
  4. Handling the callback containing the token ID or the transfer ID.
  5. Redeeming the token and requesting the status of the transfer.

A number of underlying activities need to take place to make all of this happen successfully, including customising the Token.io web app to reflect your brand, processing the callback, and retrieving/canceling unredeemed tokens. There are also a number of different payment types supported — single immediate payments, future-dated payments, bulk transfers, and standing orders (recurring payments), with different parameters required to specify when the transfer will occur and whether it is a domestic payment or a cross-border transaction.

So, let's start by going through how to filter the list of Token.io-connected banks for user selection and what comes after a bank is selected.

Tip: If you're planning to use the Token.io web app for bank selection, you can skip directly to Creating the Transfer Token.io Request.