Checkout v2

Delegated Strong Consumer Authentication

schedule 3 min read

The Checkin alternative.

Edit "Delegated Strong Consumer Authentication" on GitHub

Delegated Strong Consumer Authentication

When the payer is identified and authenticated by the merchant, the payer’s identity can be included in the Payment Order request.

Delegated Strong Consumer Authentication (hereby abbreviated as “Delegated SCA”) is performed as an alternative to Checkin when creating the Payment Order upon the initialization of the Payment Menu. You can only use Delegated SCA if you have an agreement with Swedbank Pay. The additional nationalIdentifier field described below should be added to the paymentorder.payer object already in the Payment Order creation request, as an alternative to consumerProfileRef.

warning

Bank ID authentication required

In order to use the Delegated SCA feature, you need a legal agreement with Swedbank Pay which mandates that the payer identified by the nationalIdentifier is authenticated with Bank ID prior to the request.

An example of how a Delegated SCA request looks is provided below (abbreviated for brevity):

Request

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
POST /psp/paymentorders HTTP/1.1
Host: api.externalintegration.payex.com
Authorization: Bearer <AccessToken>
Content-Type: application/json

{
    "paymentorder": {
        "payer": {
            "nationalIdentifier": {
                "socialSecurityNumber": "199710202392",
                "countryCode": "SE"
            }
        }
    }
}
Required Field Type Description
check paymentorder object The payment order object.
  └➔ payer object The payer object containing information about the payer relevant for the payment order.
  └─➔ nationalIdentifier string The national identifier object.
  └──➔ socialSecurityNumber string The payer’s social security number. Must be part of what you get from your authentication process.
  └──➔ countryCode string The country code of the payer.

When the payer is authenticated by the Merchant, some payment instruments will allow a more frictionless payment process. Invoice One-Click Payments does not require the last 4/5 digits of the payer’s social security number (SSN), for instance.

Below you can see an example of the payment window with and without Delegated SCA. In the first image, the SSN is removed altogether because the payer is authenticated by the Merchant. In the bottom image, the last 4/5 digits of the SSN are required as usual.

One-Click Payments without SSN

Payments with SSN