Payments are also linked to consent, which must declare the account to be “visible” for at least one of the three inquiries – balance, transactions, or details. Therefore, for payment-related operations, the consent ID must be included in the HTTP header Consent-ID. If the consent is invalid (unauthorized, expired), the payment request will be rejected. The same can happen if the daily limit for the number of operations on the account, as specified in the consent, is reached.
Similar to consents, payments follow a three-step process: payment initiation, authorization, and subsequent status checks. Status checks are necessary because, in most accounting systems, payments are not processed immediately due to various reasons – they are queued, the system might be in maintenance mode, end-of-day processing, etc.
The statuses of payment requests are as follows:
- RCVD – The request is received but not authorized
- ACCP – The request is confirmed via OTP
- ACSP – The request is pending accounting
- ACSC – The request is successfully accounted
- RJCT – The request is rejected – invalid/expired/unauthorized/problem with consent