This documentation is for merchants using iDEAL with BNPP NL as an acquirer.


Contents


 


About iDEAL

General information about iDEAL

Like giropay in Germany, Dutch banks established the iDEAL money transfer standard. Approximately 50% of all e-commerce payments in the Netherlands are processed with iDEAL. Offering iDEAL is a vital success factor for e-commerce business wanting to sell in the Netherlands. The customer is using the familiar and trusted online banking of its own credit institution, just the same as with online banking.

With online banking, the data disclosed in the online transfer is encrypted with SSL (Secure Sockets Layer) to prevent manipulation.

 

Bank transfers with iDEAL are a guarantee of success in the Netherlands: About 100.000 webshops and organizations offers iDEAL with approximately 50% of all e-commerce payments being processed with iDEAL. Monthly there are about 13 million transactions.

 

Further information can be found iDEAL-website in Dutch and English (www.ideal.nl).

Specific requirement iDEAL Mobile: Redirect to Issuer (no in-app browser)

The Merchant needs to provide the redirect to the Issuer from the browser window or Merchant app where the Consumer selected the Issuing bank. If it is not possible to keep the Consumer in the same browser window then this should be communicated to the Consumer (e.g. ‘You will now be redirected to the app or mobile website of your bank’).

In case of a payment initiated in the Merchant app, it is not allowed to present the Issuer approval screens in a webview component within the Merchant’s own app (in-app browser). The complete payment flow, up to the redirect back to the Merchant’s app, must take place in an app that is trusted by the Consumer, either the Consumer’s chosen browser or the Issuer’s mobile app. Thus, for execution the issuerAuthentionURL must be offered to the operating system at all times. During the payment flow it must not be possible for the Consumer to initiate another payment through the Merchant’s original app.

Relevant details about the redirect from the Merchant to the Issuer’s mobile channel:

  • The Issuer decides which Consumers to redirect to which channel. For example some Issuers may treat users of tablet devices the same as mobile users while others will treat them like PC users;
  • The Merchant should not intervene with the redirect. There is only one issuerAuthenticationURL for the Merchant to use in all transactions, not a separate URL for mobile iDEAL transactions. The issuerAuthenticationURL should be executed by the operating system at all times;
  • If the Issuing bank has integrated iDEAL mobile in its mobile banking app, the Consumer is offered the option, on a ‘landing page’, to open the app or pay via the (mobile) web page. On this ‘landing page’ the Consumer might be offered the option to download the latest version of the mobile banking app, if it is not yet installed on the Consumer’s device.

 

Process flow chart

 


Advice


Customer journey in a merchant webshop


To create an iDEAL payment, the merchant should provide the issuer bank (issuerID) in the request.

It means the consumer has to choose his bank.

The bank list can be retrieved via a call to Axepta (idealIssuerList.aspx).




Payment platform interface

Definitions

Data formats:

Format

Description

a

alphabetical

as

alphabetical with special characters

n

numeric

an

alphanumeric

ans

alphanumeric with special characters

ns

numeric with special characters

bool

boolean expression (true or false)

3

fixed length with 3 digits/characters

..3

variable length with maximum 3 digits/characters

enum

enumeration of allowed values

dttm

ISODateTime (YYYY-MM-DDThh:mm:ss)


Abbreviations:

Abbreviation

Description

CND

condition

M

mandatory

O

optional

C

conditional


Notice: Please note that the names of parameters can be returned in upper or lower case.


Calling the iDEAL interface

To process a payment with online transfer with iDEAL, please use the following URL:

 

Notice: For security reasons, Payment platform rejects all payment requests with formatting errors. Therefore please use the correct data type for each parameter.

The following table describes the encrypted payment request parameters:

Parameter

Format

CND

Description

MerchantID

ans..30

M

ID of merchant. Additionally this parameter has to be passed in plain language too.

TransID

ans..64

M

TransactionID which should be unique for each payment

RefNr

an12

M

Merchant's unique reference number. In case of using the EMS interface the length is limited to 15 chars.

Amount

n..10

M

Amount in the smallest currency unit (e.g. EUR Cent)

Please contact the helpdesk, if you want to capture amounts < 100 (smallest currency unit).

Currency

a3

M

Currency, three digits DIN / ISO 4217

OrderDesc

ans..384

M

Description of purchased goods, unit prices etc.

Please note: The first 27 characters appear on the customer-account statement. You can view the full data in Analytics.

MAC

an64

M

Hash Message Authentication Code (HMAC) with SHA-256 algorithm

UserData

ans..1024

O

If specified at request, Payment platform forwards the parameter with the payment result to the shop

URLSuccess

ans..256

M

Complete URL which calls up Payment platform if payment has been successful. The URL may be called up only via port 443 This URL may not contain parameters: In order to exchange values between Payment platform and shop, please use the parameter UserData.

URLFailure

ans..256

M

Complete URL which calls up Payment platform if payment has been unsuccessful. The URL may be called up only via port 443 This URL may not contain parameters: In order to exchange values between Payment platform and shop, please use the parameter UserData.

Response

a7

O

Status response sent by Payment platform to URLSuccess and URLFailure, should be encrypted. For this purpose, transmit Response=encrypt parameter.

URLNotify

ans..256

M

Complete URL which Payment platform calls up in order to notify the shop about the payment result. The URL may be called up only via port 443 It may not contain parameters: Use the UserData parameter instead.

ReqID

ans..32

O

To avoid double payments, enter an alphanumeric value which identifies your transaction and may be assigned only once. If the transaction is submitted again with the same ReqID, the payment platform will not carry out the payment, but will just return the status of the original transaction. Please note that the payment platform must have a finalized transaction status for the first initial action. Submissions with identical ReqID for an open status will be processed regularly.

IssuerID

ans..11

MC

BIC for the selected bank (see querying the stored iDEAL banks)

Plain

ans..50

O

A value to be set by the merchant to return some information unencrypted, e.g. the MID

Custom

ans..1024

O

The merchant can submit several values separated by | which are returned unencrypted and separated by &.

Custom=session=123|id=456 will change in the answer to Session=123&id=456

The following table gives the result parameters which the Payment platform transmits to URLSuccess or URLFailure and URLNotify. If you have specified the Response=encrypt parameter, the following parameters are forwarded Blowfish encrypted to your system:

Parameter

Format

CND

Description

MID

ans..30

M

ID of merchant

PayID

an32

M

ID assigned by Payment platform for the payment, e.g. for referencing in batch files

XID

an32

M

ID for all single transactions (authorisation, capture, credit note) for one payment assigned by Payment platform

TransID

ans..64

M

Merchant’s transaction number

Status

a..50

M

OK (URLSuccess) or FAILED (URLFailure)

Description

ans..1024

M

Further details in the event that payment is rejected. Please do not use the Description but the Code parameter for the transaction status analysis!

Code

n8

M

Error code according to Payment platform Response Codes Excel file

RefNr

an12

M

Merchant’s unique reference number

UserData

ans..1024

O

If specified at request, Payment platform forwards the parameter with the payment result to the shop

MAC

an64

M

Hash Message Authentication Code (HMAC) with SHA-256 algorithm

AccBank

ans..20

MC

Identification of the financial institution of the account holder

AccOwner

a..50

MC

Name of the account holder

IBAN

ans..34

MC

IBAN of the account holder

BIC

ans..11

MC

BIC of the account holder

Plain

ans..50

O

A value to be set by the merchant to return some information unencrypted, e.g. the MID

Custom

ans..1024

O

The merchant can submit several values separated by | which are returned unencrypted and separated by &.

Custom=session=123|id=456 will change in the answer to Session=123&id=456

Querying the stored iDEAL banks

Payment platform offers merchants the possibility to query which banks are stored for the merchant before the actual payment process. Since the configured bank list rarely changes, this does not need to be queried for each bank transfer. For this verification call up the following URL:

 

The following table describes the encrypted payment request parameters: Please note that the Merchant-ID plus Len and Data must be transferred every time as with all Payment platform requests:

Parameter

Format

CND

Description

MerchantID

ans..30

M

ID of merchant, assigned by BNP. Additionally this parameter has to be passed in plain language too.


Please transfer the Merchant-ID both in the unencrypted as well as the encrypted string.

The following table describes the result parameters, which Payment platform sends in response:

Parameter

Format

CND

Description

MerchantID

ans..30

M

ID of merchant, assigned by BNP. Additionally this parameter has to be passed in plain language too.

IdealIssuerList

ans..

M

The IdealIssuerList contains all banks stored for the merchant at the time of the query in the format IssuerID,Name,Country|…

IssuerID = BIC of the bank

Name = name of the bank

Country = Name of the country for the bank (max. 128 charachters)


  • No labels