Open Banking payments
Accept Open Banking payments, issue refunds, and send payouts through emerchantpay.
Introduction
Open Banking is a secure and regulated payment method that enables customers to make direct bank payments without using traditional card networks. Instead of entering card details, customers authenticate with their bank and authorise the payment through a secure bank connection.
With Open Banking, you can accept account-to-account payments, issue refunds, and make payouts as part of the full payment lifecycle. Open Banking helps provide a simple checkout experience, reduces manual payment entry, and supports secure customer authentication through the customer’s banking environment.
Open Banking allows you to accept direct bank transfers while benefiting from:
- Lower transaction fees – No card processing or interchange fees.
- Faster settlements – Receive payments in real-time or within hours.
- Enhanced security – Customers authenticate directly through their bank, reducing fraud risk.
- Improved checkout experience – No need for card details, making payments smoother for your customers.
| PAYMENT METHOD | COUNTRIES | CURRENCIES |
|---|---|---|
| Open Banking | United Kingdom, Ireland, Germany, France, Belgium, Finland, Spain, Italy | GBP, EUR |
With Open Banking, you can process bank transfer transactions across the following use cases:
| USE CASE | DIRECTION | TRANSACTION TYPE | SUPPORTED INTEGRATIONS |
|---|---|---|---|
| Pay-ins | The customer pays you | online_banking |
Server-to-server Web Payment Form (WPF) Virtual Terminal Pay-by-Link |
| Payouts | You send funds to the customer | bank_payout |
Server-to-server Virtual Terminal |
| Refunds | You return funds for a previous payment | async_refund | Server-to-server |
Prerequisites
Before you begin, ensure the following:
- You have an emerchantpay account. If not, apply for one.
- An emerchantpay Account Manager has provided your API credentials.
- Your development team is familiar with:
- Web programming languages.
- HTTP methods in XML and JSON formats.
- UTF8 encoding.
- For simpler integration, you can use the emerchantpay Web Payment Form (WPF). Contact your Account Manager to set up Open Banking payments via WPF and refer to the WPF API.
Receive Open Banking payments
To accept an Open Banking pay-in, submit a transaction request with transaction_type set to online_banking and bank_code set to TRL. At a minimum, your request should also include the amount and currency and provide the customer and billing details required for your setup.
Open Banking pay-ins are redirect-based. After you create the transaction, the response returns a redirect_url. Redirect the customer to this URL so they can select their bank, authenticate, and authorise the payment.
See the Online banking API reference for the complete request and response parameter details.
This is the typical Open Banking flow:
- The customer selects Open Banking as the payment method at checkout.
- You send a transaction request to the gateway with the
transaction_typeasonline_bankingandbank_codeset toTRL. - The gateway returns a
pending_asyncresponse with aredirect_url. - You redirect the customer to the
redirect_url. - The customer selects their bank, authenticates, and authorises the payment.
- The customer is redirected to your success, failure, or pending URL. If you do not provide return URLs, the customer is redirected to a standard default emerchantpay success, failure, or pending page.
- The gateway sends the final transaction result to your
notification_url. - You verify the notification and update the order status.
Example server-to-server request
The following is an example pay-in request for a server-to-server integration:
<payment_transaction>
<transaction_type>online_banking</transaction_type>
<transaction_id>acme-openbanking-payin-123456</transaction_id>
<usage>Acme Co. order 123456</usage>
<remote_ip>245.253.2.12</remote_ip>
<notification_url>https://www.example.com/payment-notification</notification_url>
<return_success_url>https://example.com/payment-success</return_success_url>
<return_failure_url>https://example.com/payment-failure</return_failure_url>
<amount>1000</amount>
<currency>GBP</currency>
<customer_email>jsmith@example.com</customer_email>
<customer_phone>+441234567890</customer_phone>
<bank_code>TRL</bank_code>
<billing_address>
<first_name>John</first_name>
<last_name>Smith</last_name>
<address1>45 North Str</address1>
<zip_code>W1T 2QS</zip_code>
<city>London</city>
<country>GB</country>
</billing_address>
</payment_transaction>
If the request is accepted, you receive a response containing a redirect_url. Redirect the customer to this URL. Do not treat the initial response as the final payment result.
After the customer completes the bank authorisation flow, emerchantpay sends the final transaction result to your notification_url.
Example WPF request
The following is an example pay-in request for a Web Payment Form (WPF) integration:
<wpf_payment>
<transaction_types>
<transaction_type>
<name>online_banking</name>
<bank_codes>
<bank_code>TRL</bank_code>
</bank_codes>
</transaction_type>
</transaction_types>
<transaction_id>acme-wpf-openbanking-123456</transaction_id>
<usage>Acme Co. order 123456</usage>
<description>Open banking payment for Acme Co.</description>
<merchant_website>https://www.example-site.com</merchant_website>
<notification_url>https://www.example-site.com/payment-notification</notification_url>
<return_success_url>https://www.example-site.com/payment-success</return_success_url>
<return_failure_url>https://www.example-site.com/payment-failure</return_failure_url>
<return_cancel_url>https://www.example-site.com/payment-cancelled</return_cancel_url>
<return_pending_url>https://www.example-site.com/payment-pending</return_pending_url>
<payment_lifetime_field_type>select</payment_lifetime_field_type>
<lifetime>131487</lifetime>
<reminder_language>en</reminder_language>
<send_link_by>none</send_link_by>
<email_field_type>select</email_field_type>
<consumer_id>171140697</consumer_id>
<customer_email>jsmith@example-site.com</customer_email>
<billing_address>
<first_name/>
<last_name/>
<address1/>
<address2/>
<zip_code/>
<city/>
<country/>
<state/>
</billing_address>
<pay_later>false</pay_later>
<send_reminders>false</send_reminders>
<amount>100</amount>
<currency>GBP</currency>
</wpf_payment>
After the customer completes the bank authorisation flow, emerchantpay sends the final transaction result to your notification_url.
Refund Open Banking payments
Use a refund to return funds for a previous Open Banking payment by submitting a transaction request with transaction_type set to async_refund.
An async refund is a refund that is processed asynchronously. This means the refund request is accepted for processing first, and the final refund result is confirmed later through a transaction status update or asynchronous notification. Unlike a standard refund, the final outcome is not returned immediately in the initial API response.
The refund must reference the original pay-in transaction using the original transaction’s unique_id.
Use async_refund for both full and , where partial refunds are enabled for your account.
See the Async refund API reference for the complete request and response parameter details.
This is the typical refund flow:
- You confirm that the original Open Banking pay-in has reached a refundable state.
- You send an
async_refundtransaction request. - The refund request references the original pay-in transaction by using the original transaction’s
unique_idas thereference_id. - The gateway validates the refund request with a response.
- The gateway processes the refund asynchronously and returns the refund transaction status.
- You confirm the refund result through the asynchronous . To receive refund notifications, include
notification_urlin the request. - You update the order or customer account status.
Example refund request
The following is an example refund request:
<payment_transaction>
<transaction_type>async_refund</transaction_type>
<transaction_id>acme-openbanking-refund-123456</transaction_id>
<usage>Refund for Acme Co. order 123456</usage>
<remote_ip>245.253.2.12</remote_ip>
<amount>1000</amount>
<currency>GBP</currency>
<reference_id>44177a21403427eb96664a6d7e5d5d48</reference_id>
<notification_url>https://example-site.com/refund-notification</notification_url>
<return_success_url>https://example-site.com/refund-success</return_success_url>
<return_failure_url>https://example-site.com/refund-failure</return_failure_url>
<customer_email>jsmith@example-site.com</customer_email>
</payment_transaction>
In this example, reference_id is the unique_id of the original approved open banking pay-in. The amount is submitted in minor currency units. If you include notification_url, the refund notification is sent to that URL.
Refunds should only be submitted after the original pay-in has reached a refundable state. To refund only part of the original amount, submit the refund amount in minor currency units.
Send Open Banking payouts
Use a payout to send funds to a customer or recipient.
For Open Banking payouts, submit a transaction request with transaction_type set to bank_payout and the payment_type set to bank_to_bank. Your request must contain the payout amount, currency, recipient bank account details, and the customer or recipient information required for your configuration.
See the Bank payout API reference for the complete request and response parameter details.
This is the typical payout flow:
- You confirm that
bank_payoutis enabled for your terminal. - You collect and validate the customer or recipient bank account details.
- You send a transaction with
transaction_typeset tobank_payoutandpayment_typeset tobank_to_bank. - The gateway validates the payout request and recipient details and submits the payout for processing.
- The payout result is sent asynchronously to your
notification_url. - You verify the notification signature and the payout result.
- You update the customer or recipient account status.
Example payout request
The following is an example payout request:
<payment_transaction>
<transaction_type>bank_payout</transaction_type>
<transaction_id>acme-openbanking-payout-123456</transaction_id>
<remote_ip>62.73.122.238</remote_ip>
<amount>8000</amount>
<currency>GBP</currency>
<payment_type>bank_to_bank</payment_type>
<bank_branch>560029</bank_branch>
<bank_account_number>26207729</bank_account_number>
<bank_account_name>John Smith</bank_account_name>
<return_success_url>https://www.example-site.com/payout-success</return_success_url>
<return_failure_url>https://www.example-site.com/payout-failure</return_failure_url>
<return_pending_url>https://www.example-site.com/payout-pending</return_pending_url>
<billing_address>
<first_name>John</first_name>
<last_name>Smith</last_name>
<address1>45 North Str</address1>
<zip_code>W1T 2QS</zip_code>
<city>London</city>
<country>GB</country>
</billing_address>
<customer_email>jsmith@example-site.com</customer_email>
</payment_transaction>
Handle asynchronous notifications
Open Banking pay-ins are asynchronous. The final result of the customer’s payment is sent as a separate HTTP POST notification from the gateway to the notification_url supplied in the transaction request.
For payouts, there is no customer checkout redirect like there is with pay-ins, but the payout can still have an asynchronous outcome.
The status field provides the final outcome of the transaction. For example, an approved status means the payment has been successfully completed. See Transaction States for details about all statuses.
Do not fulfil the order based only on the initial pending_async response or the customer’s return to your website. Always use the asynchronous notification to confirm the final transaction status. Alternatively, reconcile the transaction status using the Reconcile API or a cron job. For assistance with cron-based reconciliation, contact emerchantpay support.
The following is an example notification for an Open Banking payout:
{
“transaction_id”: “a38b1322-af8e-4938-aa7e-e52ffff3d0c1”,
“terminal_token”: “9eb0c2290d802fc0035cddaab03db591ccb98d76”,
“unique_id”: “bfea8ff87cb0a11d17f3afb29ee6d171”,
“transaction_type”: “bank_payout”,
“status”: “approved”,
“signature”: “d28bbff5e2bb5e592eb45159e0e302825bf56b5d”,
“amount”: “100”
}
Use the signature field to verify that the notification was sent by emerchantpay. Each session signature is generated by combining the transaction’s unique_id with your API password and generating a SHA-1 hash of the combined string.
signature = SHA-1 hash value of <unique_id><API password>
Notification signature examples:
| UNIQUE_ID | API PASSWORD | SIGNATURE |
|---|---|---|
| 26aa150ee68b1b2d6758a0e6c44fce4c | 50fd87e65eb415f42fb5af4c9cf497662e00b785 | c5219b3d385e74496b2b48a549 |
| 3f760162ef57a829011e5e2379b3fa17 | 50fd87e65eb415f42fb5af4c9cf497662e00b785 | 14519d0db2f7f8f407efccc9b099 |
After you have verified the notification status and signature, return an XML response containing the transaction’s unique_id to acknowledge that you have received the notification.
Example notification acknowledgement:
<notification_echo>
<unique_id>44177a21403427eb96664a6d7e5d5d48</unique_id>
</notification_echo>
Test your integration
Before accepting live payments, test the full Open Banking payment flow in the staging environment.
For pay-ins:
- Create an
online_bankingpayment request withbank_codeset toTRL. - Confirm that the gateway returns a
pending_async - Redirect the customer to the returned
redirect_url. - Complete the simulated bank authorisation flow.
- Confirm that the customer is redirected to the correct success, failure, or pending URL.
- Confirm that your
notification_urlreceives the final asynchronous notification. - Verify the notification signature.
- Confirm that the transaction appears in your Gateway Console.
For refunds:
- Create an approved test pay-in.
- Submit an
async_refundrequest referencing the original payment unique_id. - Confirm the refund status from the final asynchronous notification.
- Verify the notification signature.
- Confirm that the transaction appears in your Gateway Console.
For payouts:
- Confirm that
bank_payoutis enabled for your test terminal. - Submit a test payout with valid recipient details.
- Confirm the payout status from the final asynchronous notification.
- Verify the notification signature.
- Confirm that the transaction appears in your Gateway Console.
Go live
After testing is complete, you are ready to move to the production environment and accept live payments:
- Contact your emerchantpay Account Manager to get your login credentials for the production environment.
- Replace the staging credentials with production credentials.
- Replace the staging URLs with production URLs.
- Test again and confirm that redirects, notifications, and reconciliation work as expected.
You are now ready to accept Open Banking payments.