4.1.3 "updatePaymentResource" interface
This API manage two different payment scenarios:
- To Process PSU identification, PSU authentication and explicit authorisation of transactions by using SCA, very similar in PIS and AIS services.
- To transfer data for SCA checks by the ASPSP only in case of an Embedded SCA Approach.
- To restart the payment execution flow after that the PSU has confirmed the payment after the inspection of the transaction fees.
|psu-id||The ID of the PSU in the ASPSP client interface. Mandatory if “psu-corporate-id” is valorized.|
|psu-id-type||Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.|
|psu-corporate-id||Identification of a Corporate, only used in a corporate context.|
|operation-name||Operation to execute. Accepted values are:
- updatePsuData - transactionAuthorisation
|tpp-signature-certificate||This is a X509 certificate that the TPP uses for signing the request, in base64
encoding. This certificate is in PEM format without the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----". Must be contained if a signature is contained, see above.
|signature||A signature of the request by the TPP on application level. This might be mandated by the account servicing payment service provider.|
|digest||Is contained if and only if the “Signature” element is contained in the header of the
request. The “digest” Header contains a Hash of the message body. The only hash algorithms that may be used to calculate the digest within the context of this specification are SHA-256 and SHA-512.
|aspsp-product-code||The account servicing payment service provider product code.|
|payment-product||The addressed payment product endpoint.
The value list of products supported is:
|payment-id||Resource Identification of the related payment initiation.|
|psuCredentials||PSU Credentials on the ASPSP system
This is mandatory if the operation to perform is an "updatePsuData" and the request is an “Update psu data for authentication”. If this field is filled the “authenticationMethodId” must be empty.
|authenticationMethodId||The authentication method ID as provided by the ASPSP.
This field is mandatory if the operation to perform is an "updatePsuData" and the request is an Update psu data for select authentication. If this field is filled the psuCredentials field must be empty.
|scaAuthenticationData||SCA authentication data, depending on the chosen authentication method. If the data is binary, then it is base64 encoded.
The field is mandatory if the selected operation to perform is a transactionAuthorisation.
|result Code||Result of the update payment resource.|
|Error Management||Description of the type of error obtained in the event that the outcome is negative.|
|psu-id||The Payment Service User identifier.|
|psu-id-type||The Payment Service User identifier type.|
|psuCorporateDdType||The Payment Service User corporate identifier. Might be mandated by the ASPSP in addition if the PSU-Corporate-ID is contained.|
|chosenScaMethod||This data element is only contained in the response if the APSPS has chosen the
Embedded SCA Approach, if the PSU is already identified.
|scaMethods||Might be contained, if several authentication methods are available. (name, type).|
|psuCredentials||The Payment Service User credentials on the ASPSP system|
|transactionFees||Can be used by the ASPSP to transport transaction fees relevant for the underlying payments.|
|transactionFeeIndicator||If The value is ‘true’ the transaction will involve specific transaction cost as shown by the ASPSP in their public price list or as agreed between ASPSP and PSU.
Otherwise if it is ‘false’ the transaction will not involve additional specific transaction costs to the PSU.