Setting the Transfer Destination(s)

Also called the beneficiary account(s), the transfer destination in a transfer token request tells the bank where to send the money and how to send it. For instance, to use the system in the UK, you'll need to supply the and the account number; whereas cross-border transfers with  require an and a . Typically, these are TPP-controlled accounts administered for appropriate funds distribution in accordance with the governing regulations where the TPP is licensed.

The following table lists the various payment systems currently supported by Token.io and the respective routing information required.

Beneficiary Account Details
Payment System Fields to Set Applicable Country/Area Supported by Token?
SEPA • IBAN
• BIC

Europe

Supported
SEPA Instant • IBAN
• BIC
Europe Supported
Faster Payments • Sort code
• Account number
UK Supported
Elixir Enter the IBAN in the Account number field Poland Supported
Domestic Non Euro • IBAN
• BIC
EU domestic payments systems Supported
Bankgiro • Bankgiro number Sweden In development
Plusgiro • PlusGiro number Sweden In developement

As briefly touched on above, you can create and store a transfer token request without setting the transfer destination and, instead, store a transferDestinationsCallback URL with the token request. Then, once you receive the request-id in the token request payload, you can retrieve the original request and set its transfer destination. Or, you can set the transfer destination when you redeem the token.

Storing a Transfer Token Request with a Transfer Destinations Callback

Storing the transfer destinations callback URL with your token request gives you the advantage of determining which payments system the customer-selected bank supports. You can then identify a supported transfer destination type by parsing the URL for a match (e.g., Sepa or FASTER_PAYMENTS).

Just insert setSetTransferDestinationsUrl() with setTransferDestinationsCallback within the transferTokenRequestBuilder(). An appropriately modified Java example for single immediate payment looks like this:

/**

 * Stores a transfer token without setting transfer destinations;

 * provides a callback URL instead

 *

 * @param payee (the member requesting transfer token creation)

 * @param setTransferDestinationsCallback callback url

 * @return token request id

 */

public static String storeTransferTokenRequestWithDestinationsCallback(

    Member payee,

    String setTransferDestinationsCallback) {

 

        TokenRequest tokenRequest =

            TokenRequest.transferTokenRequestBuilder(250, "EUR")

                .setToMemberId(payee.memberId())

                .setDescription("Book purchase")

                // stores TPP-provided url with the token request for a callback

                .setSetTransferDestinationsUrl(setTransferDestinationsCallback)

                // Redirect URL is called when transfer token is ready

                // to be redeemed

                .setRedirectUrl("https://tpp-sample.com/callback")

                .setFromAlias(AliasProtos.Alias.newBuilder()

                    .setValue("payer-alias@token.io") // user alias

                    .setType(AliasProtos.Alias.Type.EMAIL)

                    .build())

                .setBankId("iron") // bank ID

                .build();

 

        String requestId = payee.storeTokenRequestBlocking(tokenRequest);

 

        return request-id;

}

For future-dated payments and standing orders, add the corresponding parameters (executionDate or frequency, startDate, endDate) cited in the transfer token request examples introduced above.

Specifying Transfer Destination Details

Setting the transfer destination details after creating and storing your transfer token request with a transfer destinations callback URL takes the form shown next. Remember to include the request-id returned in the request payload to identify the correct transfer token request.

Tip: You can look up the request-id for any of your stored token requests at any time. See Token Request Lookup for details.

/**

 * Sets transfer destinations for a given token request.

 *

 * @param payee (member requesting transfer token creation)

 *

 * @param request-id token request id

 * @param tokenClient Token.io SDK client

 * @param setTransferDestinationsCallback callback url

 */

public static void setTokenRequestTransferDestinations(

    Member payee,

    String request-id,

    TokenClient tokenClient,

    String setTransferDestinationsCallback) {

        TokenRequestTransferDestinationsCallbackParameters params =

         tokenClient.parseSetTransferDestinationsUrl(setTransferDestinationsCallback);

 

    List<TransferDestination> transferDestinations = new ArrayList<>();

    if (params.getSupportedTransferDestinationTypes()

        .contains(DestinationCase.FASTER_PAYMENTS)) {

            TransferDestination destination = TransferDestination.newBuilder()

                .setFasterPayments(TransferDestination.FasterPayments

                    .newBuilder()

                    .setSortCode(generateNonce())

                    .setAccountNumber(generateNonce())

                .build())

            .build();

        transferDestinations.add(destination);

    } else {

        transferDestinations.add(TransferDestination

            .newBuilder()

            .setSepa(TransferDestination.Sepa.newBuilder()

                .setBic(generateNonce())

                .setIban(generateNonce())

                .build())

            .build());

    }

    payee.setTokenRequestTransferDestinationsBlocking(

        request-id, transferDestinations);

Nonce generation to protect account information ensures that the specified transfer destination account cannot be reused in a replay attack.

For the complete list of transfer destination data required by each supported payment system, see the common.transferinstructions protocol buffer.

After storing the transfer token request, you're ready to construct the redirect URL for authorization so the customer can authenticate, provide consent, and confirm the payment amount in accordance with the payment flow for your TPP use case.

Tip: When integrating the Token.io SDK with a mobile app, you can initiate the token request in so that the redirect is also in the form of an . However, in terms of activity layout, WebView lacks many features found in a fully developed web browser.

Nevertheless, WebView provides increased control over the UI and advanced configuration options that allow you to embed web pages in a specially-designed environment for your app, but you will forfeit an array of features supported by Chrome, Firefox, and other browsers.