Online Sales (previously Custome on the Website Chekcout Page and App-to-App) allows you to:
- Generate a one-time usage digital QR code and show it on your website’s check out page. Your consumers scan the QR code with their preferred payment application and confirm the transaction.
- Initiate a one-time-use payment request directly within your mobile checkout experience. When consumers confirm their purchase, they are seamlessly redirected via a universal deeplink to their preferred mobile payment application to authorize the transaction. After completing the payment, users are automatically redirected back to your app or mobile site to view the payment confirmation and finalize the purchase journey.
Online Sales can be used with Bancontact Payconiq's checkout page or your own. Online Sales payment requests are valid for twenty minutes (1200 seconds).
The following section outlines the key steps involved in a Online Sales online payment with Bancontact Payconiq. The process involves several key parties, each playing a specific role in completing the transaction.
- API Key – This is used to secure the request between the Merchant’s backend and Bancontact Payconiq’s backend. Do not share your API keys in public areas such as online sites or client-side code.
- Merchant CallbackUrl – This URL will be called by Bancontact Payconiq’s backend servers in order to send the status of the payment to the merchant.
- Merchant ReturnUrl – This is the URL to which your consumers will be redirected after payment completion.
The following parties participate in a display-based in-store payment with Bancontact Payconiq:
- Payer Application: The consumer's preferred payment app used to complete the transaction.
- Merchant Frontend: Your website's checkout page or your Merchant App or your mobile website's checkout page.
- Merchant Backend: The merchant’s server-side system that integrates with Bancontact Payconiq.
- Bancontact Payconiq Backend: The backend system responsible for handling payment processing and integration services.
Online Sales product can be used either for E-Commerce or M-Commerce (Previously "Custom on the Website Checkout Page" and "App to App")
This section outlines a typical “E-Commerce” in-store payment flow using Bancontact Payconiq. The process begins when the transaction is initiated at the merchant’s location and ends when both the merchant and the consumer receive the final confirmation.
This product contains two distinct flows: one with your own checkout page, one with Bancontact Payconiq's checkout page.
- The merchant frontend sends payment creation details to the merchant backend. Request should at least contain the payment amount.
- The merchant backend issues a REST request to the Bancontact Payconiq backend to create the payment, providing parameters like amount, currency, description, and other relevant parameters.
- The Bancontact Payconiq backend responds with the created payment ID and other relevant details, including a unique QR code URL.
- The merchant backend forwards the QR code URL to the merchant frontend, which displays it for the consumer.
- The merchant backend sends the QR Code url to the merchant frontend to render the payment as a QR Code.
- The Payer app scans the QR code and sends a request to retrieve payment details from the backend.
- The Bancontact Payconiq backend sends payment details to the Payer App, including merchant name and amount to pay.
- The consumer confirms the payment using PIN, fingerprint, or face ID. The app then submits the payment request to the backend for authorization.
- A payment response is sent back to the Payer App, indicating whether the payment was successful or failed.
- The Bancontact Payconiq backend sends a payment notification with the payment status to the merchant backend via the configured callback URL.
- The merchant frontend displays the payment confirmation status.
Important Note: The order in which the merchant and consumer receive payment status notifications is not guaranteed. Network and connectivity differences may cause one party to receive the update before the other.
- The merchant frontend sends payment creation details to the merchant backend. Request should at least contain the payment amount.
- The merchant backend issues a REST request to the Bancontact Payconiq backend to create the payment, providing parameters like amount, currency, description, and other relevant parameters.
- The Bancontact Payconiq backend responds with the created payment ID and other relevant details, including a checkout URL link.
- The merchant backend redirects the consumer to Bancontact Payconiq's checkout page using checkout url provided in response from the previous step.
- The merchant backend forwards the QR code URL to the merchant frontend, which displays it for the consumer.
- The merchant backend sends the QR Code url to the merchant frontend to render the payment as a QR Code.
- The Payer app scans the QR code and sends a request to retrieve payment details from the backend.
- The Bancontact Payconiq backend sends payment details to the Payer App, including merchant name and amount to pay.
- The consumer confirms the payment using PIN, fingerprint, or face ID. The app then submits the payment request to the backend for authorization.
- A payment response is sent back to the Payer App, indicating whether the payment was successful or failed.
- The Bancontact Payconiq checkout page e redirects the consumer back to returnURL provided by the merchant during payment creation.
- The Bancontact Payconiq backend sends a payment notification with the payment status to the merchant backend via the configured callback URL.
- The merchant frontend displays the payment confirmation status.
Important Note: The order in which the merchant and consumer receive payment status notifications is not guaranteed. Network and connectivity differences may cause one party to receive the update before the other.
This section outlines a typical “M-Commerce” in-store payment flow using Bancontact Payconiq. The process begins when the transaction is initiated at the merchant’s location and ends when both the merchant and the consumer receive the final confirmation.
To achieve this, you will have to use the _links.deeplink.href received in the Create Payment response. Simply append your returnURL to create a universal link.
- The merchant app or mobile website sends payment creation details to the merchant backend. Request should at least contain the payment amount.
- The merchant backend issues a REST request to the Bancontact Payconiq backend to create the payment, providing parameters like amount, currency, description, and other relevant parameters.
- The Bancontact Payconiq backend responds with the created payment ID and other relevant details, including several links.
- The merchant backend forwards the payment ID and the deeplink link to the merchant app or mobile website.
- The merchant app or mobile website adds a returnURL to the deeplink to create a universal link.
- The merchant app or mobile website executes the universal link to invoke the payer app.
- The payer app sends a request to retrieve payment details from the Bancontact Payconiq backend.
- The Bancontact Payconiq backend sends payment details to the Payer App, including merchant name and amount to pay.
- The consumer confirms the payment using PIN, fingerprint, or face ID. The app then submits the payment request to the backend for authorization.
- A payment response is sent back to the Payer App, indicating whether the payment was successful or failed.
- The Bancontact Payconiq backend sends a payment notification with the payment status to the merchant backend via the configured callback URL.
- The Payer app returns the consumer to the merchant app by invoking the specified returnURL.
- The merchant app or mobile website displays the payment confirmation status.
Important Note: The order in which the merchant and consumer receive payment status notifications is not guaranteed. Network and connectivity differences may cause one party to receive the update before the other.
The Bancontact Payconiq Fallback
In certain instances, consumers may be redirected to a Bancontact Payconiq page asking them to dowload a payer app, even if the user already has one. If this happens your consumers may be blocked in the flow and be unable to procede to payment.
To circunvent this, you can use the checkout URL (_links.checkout.href) received in the create payment response instead of creating your own universal link. By doing so, your consumers will either be redirected to the payer app to complete the payment, or to the Bancontact Payconiq fallback page, from where they'll be able to select one of their installed apps to complete the payment.
In the following diagrams you will find a visual overview of the process flows presented above:
Please follow the below steps to successfully implement the Payconiq API on your website.
In order to initiate a payment, you will first have to create it through Bancontact Payconiq via a POST request.
Each request will result in a unique payment identifier which will be valid for twenty minutes (1200 seconds).
If the payment does not take place within these two minutes, a new payment must be created.
Merchant payment reference, used to reference the Bancontact Payconiq Company payment in the merchant's system. The characters used must comply with the SEPA Requirements for an Extended Character Set (UNICODE Subset) - Best Practices | European Payments Council.
Field used to reference a bulk batch, so the merchant can inform how the payments should be bulked. If it's not set here it will default to the one configured in the profile.
Amount in cents requested
Description of the payment that will be shown to the debtor, also used in the bank statement for reconciliation purposes. The characters used must comply with the SEPA Requirements for an Extended Character Set (UNICODE Subset) - Best Practices | European Payments Council.
Callback url to which merchants will be notified about the payment identification. If it's not set here it will default to the one configured in the profile
callbackUrl to which the merchant will be notified about the payment payout. If it's not set here it will default to the one set in the profile
Merchant return url to which the dynamic payment page will redirect after the payment is completed
List of Value Added Services (vouchers) eligible amounts within the payment
Payment ID
the status of the payment created
the creation time of the payment
the time from which the payment will be expired
Description of the payment that will be shown to the debtor, also used in the bank statement for reconciliation purposes. The characters used must comply with the SEPA Requirements for an Extended Character Set (UNICODE Subset) - Best Practices | European Payments Council. Only first 35 characters will be used for the remittance info
Merchant payment reference, used to reference the Bancontact Payconiq Company payment in the merchant's system. The characters used must comply with the SEPA Requirements for an Extended Character Set (UNICODE Subset) - Best Practices | European Payments Council.
Amount in cents requested
Currency code. Only EUR is supported ISO 4217
Creditor account set to receive the payment
The configuration ID of the Merchant
the Id of the merchant
Merchant's company name that will be shown to the debtor
Creditor's Bank Account Iban to where the money will be sent to for this current payment
callbackUrl to which the merchant will be notified about the payment identification
callbackUrl to which the merchant will be notified about the payment payout
Provides information to navigate to our REST interfaces dynamically, by including hypermedia links to them. Note that for some links inclusion depends on the status of the payment (e.g. cancel link will be available on PENDING and refund on SUCCEEDED)
| HTTP Status | Code | Meaning |
|---|---|---|
| 400 | BODY_MISSING | A json needs to be provided |
| 400 | FIELD_IS_REQUIRED | Field X is mandatory |
| 400 | FIELD_IS_INVALID | Field X is invalid |
| 401 | UNAUTHORIZED | user doesn’t have an access token |
| 403 | ACCESS_DENIED | The JWT could not be verified (different format) - The JWT doesn’t contain the required authority to access the resource requested |
| 404 | MERCHANT_PROFILE_NOT_FOUND | The merchant profile does not exist |
| 422 | UNABLE_TO_PAY_CREDITOR | Variable reason(Depends on automatic processing). |
| 500 | TECHNICAL_ERROR | Technical error in Payment service |
| 503 | TRY_AGAIN_LATER | one of the internal services is unavailable |
- PREPROD merchant API
https://merchant.api.preprod.bancontact.net/v3/payments
- PROD merchant API
https://merchant.api.bancontact.net/v3/payments
- curl
- JavaScript
- Node.js
- Python
- Java
- C#
- PHP
- Go
- Ruby
- R
- Payload
curl -i -X POST \
https://merchant.api.preprod.bancontact.net/v3/payments \
-H 'Authorization: YOUR_API_KEY_HERE' \
-H 'Content-Type: application/json' \
-d '{
"reference": "19848995",
"bulkId": "Bulk-1-200",
"amount": 1,
"currency": "EUR",
"description": "string",
"identifyCallbackUrl": "https://api.merchant.bancontact.net/identify",
"callbackUrl": "https://api.merchant.bancontact.net/payment",
"returnUrl": "https://api.merchant.bancontact.net/payment",
"voucherEligibility": [
{
"voucherSchemes": [
"BEL_MEAL_VOUCHER"
],
"amount": 1013
}
]
}'To display the Bancontact Payconiq QR code, you can render the URL from the attribute _links.self.href received in the Create Payment reponse in a web view. By doing so, you'll make use of Bancontact Payconiq's QR code generation service and will generate by default a small, magenta QR code (cf. Brand Guidelines).
Important: the format, size and colour of the QR code can be modified if necessary using the parameters below. Please make sure to read our Brand Guidelines for more guidance on the minimum sizes and scanning distances.
| Attribute | Description |
|---|---|
f [String :: Enum] Allowed Values: SVG, PNG | Image format |
s [String :: Enum] Allowed Values: S, M, L, XL | Image size of the QR code to generate. Small (S) = 180x180 Medium (M) = 250x250 Large (L) = 400x400 Extra Large (XL) = 800x800 The sizes only applies to PNG format. |
cl [String :: Enum] Allowed Values: magenta, black | The colour of the QR code. Default is magenta. |
M-Commerce can be set-up either for App-to-App payments or Mobile Browser to App payments. Please follow the intructions bellow accordingly.
The following parameters are used to invoke the Payconiq.
| Attribute | Description |
|---|---|
_links.deeplink.href [String :: URI] | URL String used to perform App2App linking |
| Return Url [String:: URI] | A url to which the Merchant will be notified of a payment. Must be Https for production. |
For further information on implementing universal links on iOS and/or Android, please follow the attached links.
/* Create Payconiq payment */
let createdPayment = createPayconiqPayment(amount: paymentAmount, "description": paymentDescription, "reference": paymentReference, "currency": paymentCurrency, "callbackUrl": paymentCallbackUrl)
//Get deeplink url from created payment
let deeplinkUrl = createdPayment.deeplinkUrl
//Specify return url
let returnUrl = "?returnUrl=https://example.com"
//Start the Payconiq Application
if let url = URL(deeplinkUrl + returnUrl) {
if #available(iOS 10.0, *) {
// Pass custom options if needed
UIApplication.shared.open(url, options: [:], completionHandler: { result in
//Handle result
})
}else {
let result = UIApplication.shared.openURL(url)
//Handle result
}
}// Create a Payconiq Payment
PayconiqPayment createdPayment = createPayconiqPayment(amount, description, reference, currency, callbackUrl);
//Get the deeplink url from the created payment
String deeplinkUrl = createdPayment.getDeeplinkUrl();
// Construct the universal link
String returnUrl = "https://example.com/";
String universalLink = String.format(deeplinkUrl + "?returnUrl=%s", returnUrl);
// Start the Payconiq application
startActivity(new Intent(Intent.ACTION_VIEW, Uri.parse(universalLink)));The set-up for Mobile Browsers is almost the same as App-to-App. However, you will also have to introduce the following logic in your mobile website in order to determine the OS phone used for payment and either fire a Bancontact Payconiq URL for iOS, or an intent for Android.
Introduce this function to identify an iOS device
function isIOS() {
if (/iphone|XBLWP7/i.test(navigator.userAgent.toLowerCase())) {
return true;
} else {
return false;
}
}
Trigger the payer app with the following code sample:
<button onclick="createPayconiqUniversalLink()">Pay with Payconiq iOS</button>
<script>
function createPayconiqUniversalLink() {
var deeplinkUrl = getDeeplinkUrlFromPayconiqPayment(); // placeholder function
var returnUrl = "?returnUrl=www.example.com";
return deeplinkUrl.concat(returnUrl);
}
</script>Introduce this function to identify an Android device:
function isAndroid() {
if (/android|XBLWP7/i.test(navigator.userAgent.toLowerCase())) {
return true;
} else {
return false;
}
}Trigger the payer app with the following code sample:
<button onclick="createPayconiqUniversalLink()">Pay with Payconiq Android</button>
<script>
function createPayconiqUniversalLink() {
var deeplinkUrl = getDeeplinkUrlFromPayconiqPayment(); // placeholder function
var returnUrl = "?returnUrl=www.example.com";
return deeplinkUrl.concat(returnUrl);
}
</script>You can specify a callback URL where the Bancontact Payconiq backend will send notifications about the status of a payment. This will allow you to take appropriate action and process the payment data.
The merchant backend must verify that the notification message originated from Bancontact Payconiq backend was not altered or corrupted during the tranmission. To do so, please ensure signature validation.
For the full Callback documentation, please refer to the Callback Guide.
PaycBancontact Payconiq Company Payment ID
Only EUR is supported currently
Requested amount in cents
Description of the payment that will be shown to the debtor, also used in the bank statement for reconciliation purposes. The characters used must comply with the SEPA Requirements for an Extended Character Set (UNICODE Subset) - Best Practices | European Payments Council.
Merchant payment reference, used to reference the Bancontact Payconiq Company payment in the merchant’s system. The characters used must comply with the SEPA Requirements for an Extended Character Set (UNICODE Subset) - Best Practices | European Payments Council.
When the payment was created
When the payment is going to expire. After that date the payment can't be confirmed anymore
if the payment is SUCCEEDED, then this field represents the date-time on which the payment was SUCCEEDED
| Status | Description |
|---|---|
| PENDING | The merchant has created the payment and and is pending to proceed with identify step. |
| IDENTIFIED | The user has scanned the payment's QR code with the Payconiq By Bancontact APP. |
| AUTHORIZED | The user has confirmed the payment and the bank authorized it. |
| AUTHORIZATION_FAILED | The authorization with the bank failed. |
| FAILED | Something went wrong during the payment process(e.g authorization failed). |
| SUCCEEDED | The payment has succeeded. |
| CANCELLED | When the payment has been canceled after the user has scanned it, or the merchant has cancelled the payment. |
| EXPIRED | The payment has expired. |
| PENDING_MERCHANT_ACKNOWLEDGEMENT | The payment is waiting for the merchant to acknowledge. |
| VOIDED | The payment has been voided |
Customer that paid
Debtor's IBAN masked
Debtor's first name
(No defined response schema)
- PREPROD merchant API
https://merchant.api.preprod.bancontact.net/callback
- PROD merchant API
https://merchant.api.bancontact.net/callback
- curl
- JavaScript
- Node.js
- Python
- Java
- C#
- PHP
- Go
- Ruby
- R
- Payload
curl -i -X POST \
https://merchant.api.preprod.bancontact.net/callback \
-H 'Content-Type: application/json' \
-H 'Signature: YOUR_API_KEY_HERE' \
-H 'User-Agent: Payconiq' \
-d '{
"paymentId": "5f91483d-78a7-4914-bc6f=",
"currency": "EUR",
"amount": 0,
"description": "string",
"reference": "19848995",
"createdAt": "2019-08-24T14:15:22Z",
"expireAt": "2019-08-24T14:15:22Z",
"succeededAt": "2019-08-24T14:15:22Z",
"status": "PENDING",
"debtor": {
"iban": "*************12636",
"name": "John"
}
}'In the event you do not receive a callback or the callback validation fails, please refer to "4. Get Payment Details". This alternative will also allow you to confirm the status of a transaction in order to complete the payment.
By calling this endpoint you can obtain the details of an existing payment transaction by passing the unique payment ID.
Note: it is highly recommended to implement this call as a fallback option if callback fails.
id(string, required)
id of the payment
the creation time of the payment
the time from which the payment will be expired
if the payment is SUCCEEDED, then this field represents the date-time on which the payment was SUCCEEDED
Currency code. Only EUR is supported ISO 4217
| Status | Description |
|---|---|
| PENDING | The merchant has created the payment and and is pending to proceed with identify step. |
| IDENTIFIED | The user has scanned the payment's QR code with the Payconiq By Bancontact APP. |
| AUTHORIZED | The user has confirmed the payment and the bank authorized it. |
| AUTHORIZATION_FAILED | The authorization with the bank failed. |
| FAILED | Something went wrong during the payment process(e.g authorization failed). |
| SUCCEEDED | The payment has succeeded. |
| CANCELLED | When the payment has been canceled after the user has scanned it, or the merchant has cancelled the payment. |
| EXPIRED | The payment has expired. |
| PENDING_MERCHANT_ACKNOWLEDGEMENT | The payment is waiting for the merchant to acknowledge. |
| VOIDED | The payment has been voided |
Creditor account set to receive the payment
The configuration ID of the Merchant
the Id of the merchant
Merchant's company name that will be shown to the debtor
Creditor's Bank Account Iban to where the money will be sent to for this current payment
callbackUrl to which the merchant will be notified about the payment identification
callbackUrl to which the merchant will be notified about the payment payout
Amount in cents originally requested. If no amount was requested by creditor, this will be 0
merchant's description of the payment
debtor's message of the payment
Merchant payment reference, used to reference the Bancontact Payconiq Company payment. The characters used must comply with the SEPA Requirements for an Extended Character Set (UNICODE Subset) - Best Practices | European Payments Council. in the merchant's system
Field used to reference a bulk batch, so the merchant can choose how to bulk the payments. Mandatory if merchant profile does have bulking enabled, otherwise will miss from the response. If it's not set in the create call it will default to the value configured in the profile if it exists, otherwise its value will be defaulted by the application.
Provides information to navigate to our REST interfaces dynamically, by including hypermedia links to them. Note that for some links inclusion depends on the status of the payment (e.g. cancel link will be available on PENDING and refund on SUCCEEDED)
| HTTP Status | Code | Meaning |
|---|---|---|
| 401 | UNAUTHORIZED | caller doesn’t have an api-key access token |
| 403 | ACCESS_DENIED | api-key access token is invalid, creditor it's not a participant of the requested payment |
| 404 | PAYMENT_NOT_FOUND | no payment could be found |
| 500 | TECHNICAL_ERROR | Technical error in Payment service |
- PREPROD merchant API
https://merchant.api.preprod.bancontact.net/v3/payments/{id}
- PROD merchant API
https://merchant.api.bancontact.net/v3/payments/{id}
- curl
- JavaScript
- Node.js
- Python
- Java
- C#
- PHP
- Go
- Ruby
- R
- Payload
curl -i -X GET \
'https://merchant.api.preprod.bancontact.net/v3/payments/{id}' \
-H 'Authorization: YOUR_API_KEY_HERE'You can also retrieve a list of payments by specifying how many records to return, as well as a filter on the results for the total number of records returned per page.
default is today - 1day (yesterday)
Merchant payment reference, used to reference Bancontact Payconiq Company payment in merchant system. The characters used must comply with the SEPA Requirements for an Extended Character Set (UNICODE Subset) - Best Practices | European Payments Council.
Size of the elements returned in current page
Total number of pages in the backend for the list requested
Total number of elements in the list requested
Current page number
| HTTP Status | Code | Meaning |
|---|---|---|
| 401 | UNAUTHORIZED | caller doesn’t have an api-key access token |
| 403 | ACCESS_DENIED | api-key access token is invalid, creditor it's not a participant of the requested payment |
| 500 | TECHNICAL_ERROR | Technical error in Payment service |
- PREPROD merchant API
https://merchant.api.preprod.bancontact.net/v3/payments/search
- PROD merchant API
https://merchant.api.bancontact.net/v3/payments/search
- curl
- JavaScript
- Node.js
- Python
- Java
- C#
- PHP
- Go
- Ruby
- R
- Payload
curl -i -X POST \
'https://merchant.api.preprod.bancontact.net/v3/payments/search?page=0&size=10' \
-H 'Authorization: YOUR_API_KEY_HERE' \
-H 'Content-Type: application/json' \
-d '{
"from": "2019-08-24T14:15:22Z",
"to": "2019-08-24T14:15:22Z",
"paymentStatuses": [
"PENDING"
],
"reference": "19848995"
}'Endpoint delete-payment can be used to cancel a created payment that is still in status PENDING. The endpoint can also be used to cancel a payment in IDENTIFIED status, as long as the consumer has not initiated payment confirmation.
id(string, required) — Payconiq Payment Id
| HTTP Status | Code | Meaning |
|---|---|---|
| 401 | UNAUTHORIZED | user doesn't have an access token |
| 403 | ACCESS_DENIED | access token is invalid |
| 403 | CALLER_NOT_ALLOWED_TO_CANCEL | if caller is not a participant of the payment |
| 404 | PAYMENT_NOT_FOUND | payment is not found in the system |
| 422 | PAYMENT_NOT_PENDING | payment is not in pending or identify state |
| 500 | TECHNICAL_ERROR | Technical error in Payment service |
- PREPROD merchant API
https://merchant.api.preprod.bancontact.net/v3/payments/{id}
- PROD merchant API
https://merchant.api.bancontact.net/v3/payments/{id}
- curl
- JavaScript
- Node.js
- Python
- Java
- C#
- PHP
- Go
- Ruby
- R
- Payload
curl -i -X DELETE \
'https://merchant.api.preprod.bancontact.net/v3/payments/{id}' \
-H 'Authorization: YOUR_API_KEY_HERE'