MobilePay Online

Redirect

schedule 8 min read

MobilePay Online is a two-phase payment instrument which can be implemented by the supported redirect scenario. Swedbank Pay receives the MobilePay Online’s details from the payer through Swedbank Pay Payments. The payment will then be performed by Swedbank Pay and confirmed by the payer through the MobilePay app.

MobilePay Online redirect integration flow

  • When you have prepared your merchant/webshop site, you make a POST request towards Swedbank Pay with your Purchase information.
  • You will receive a Redirect URL, leading to a secure Swedbank Pay hosted environment, in response.
  • You need to redirect the browser of the payer to that URL so that he or she may enter their MobilePay details.
  • When the payment is completed, Swedbank Pay will redirect the browser back to your merchant/webshop site.
  • Finally you need to make a GET request towards Swedbank Pay with the paymentID received in the first step, which will return the purchase result.

screenshot of the Swedbank Pay landing page

mobilepay enter number

mobilepay approve payment

link

Defining callbackUrl: When implementing a scenario, it is strongly recommended to set a callbackUrl in the POST request. If callbackUrl is set, Swedbank Pay will send a POST request to this URL when the payer has fulfilled the payment.

Step 1: Create a Purchase

When the payer starts the purchase process, you make a POST request towards Swedbank Pay with the collected Purchase information. This will generate a payment with a unique id. See the POSTrequest example below.

warning

GDPR

GDPR sensitive data such as email, phone numbers and social security numbers must not be used directly in request fields such as payerReference. If it is necessary to use GDPR sensitive data, it must be hashed and then the hash can be used in requests towards Swedbank Pay.

Request

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
POST /psp/mobilepay/payments HTTP/1.1
Authorization: Bearer <AccessToken>
Content-Type: application/json

{
    "payment": {
        "operation": "Purchase",
        "intent": "Authorization",
        "currency": "DKK",
        "prices": [
            {
                "type": "MobilePay",
                "amount": 1500,
                "vatAmount": 0
            }
        ],
        "description": "Test Purchase",
        "payerReference": "AB1234",
        "userAgent": "Mozilla/5.0...",
        "language": "da-DK",
        "urls": {
            "hostUrls": [ "https://example.com", "https://example.net" ],
            "completeUrl": "https://example.com/payment-completed",
            "cancelUrl": "https://example.com/payment-canceled",
            "callbackUrl": "https://example.com/payment-callback",
            "termsOfServiceUrl": "https://example.com/payment-terms.pdf"
        },
        "payeeInfo": {
            "payeeId": "5cabf558-5283-482f-b252-4d58e06f6f3b",
            "payeeReference": "CD1234",
            "payeeName": "Merchant1",
            "productCategory": "A123",
            "orderReference": "or-12456",
            "subsite": "MySubsite"
        },
        "prefillInfo": {
            "msisdn": "+4598765432"
        }
    },
    "mobilepay": {
        "shoplogoUrl": "https://example.com/shop-logo.png"
    }
}
Required Field Data type Description
check payment object The payment object.
check └➔ operation string Purchase
check └➔ intent string Authorization
check └➔ currency string NOK, SEK, DKK, USD or EUR.
check └➔ prices object The prices object.
check └─➔ type string MobilePay (for supporting all card types configured at Swedbank Pay). If you need to specify what card brands you want to support you may specify this by sending in the card brand, e.g Dankort (for card type Dankort), Visa (for card type Visa), MasterCard (for card type Mastercard),
check └─➔ amount integer The amount (including VAT, if any) to charge the payer, entered in the lowest monetary unit of the selected currency. E.g.: 10000 = 100.00 DKK, 5000 = 50.00 DKK.
check └─➔ vatAmount integer The payment’s VAT (Value Added Tax) amount, entered in the lowest monetary unit of the selected currency. E.g.: 10000 = 100.00 DKK, 5000 = 50.00 DKK. The vatAmount entered will not affect the amount shown on the payment page, which only shows the total amount. This field is used to specify how much ofthe total amount the VAT will be. Set to 0 (zero) if there is no VAT amount charged.
  └─➔ feeAmount integer If the amount given includes Fee, this may be displayed for the user in the payment page (redirect only).
check └➔ description string(40) A 40 character length textual description of the purchase.
  └➔ payerReference string The reference to the payer from the merchant system, like e-mail address, mobile number, customer number etc.
check └➔ userAgent string The User-Agent string of the payer’s web browser.
check └➔ language string da-DK, fi-FI or en-US.
check └➔ urls object The URLs object containing the urls used for this payment.
check └─➔ completeUrl string The URI that Swedbank Pay will redirect back to when the payment page is completed. This does not indicate a successful payment, only that it has reached a completion state. A GET request needs to be performed on the payment to inspect it further. See completeUrl for details.
check └─➔ cancelUrl string The URI that Swedbank Pay will redirect back to when the user presses the cancel button in the payment page.
  └─➔ callbackUrl string The URI that Swedbank Pay will perform an HTTP POST against every time a transaction is created on the payment. See callback for details.
check └─➔ termsOfServiceUrl string The URI to the terms of service document the payer must accept in order to complete the payment. Note that this field is not required unless generateReferenceToken or generateRecurrenceToken is also submitted in the request. This is the Merchants, not the Swedbank Pay Terms of Service. HTTPS is a requirement.
check └➔ payeeInfo object This object contains the identificators of the payee of this payment.
check └─➔ payeeId string This is the unique id that identifies this payee (like merchant) set by Swedbank Pay.
check └─➔ payeeReference string(50) A unique reference from the merchant system. It is set per operation to ensure an exactly-once delivery of a transactional operation. See payeeReference for details.
  └─➔ payeeName string The payee name (like merchant name) that will be displayed when redirected to Swedbank Pay.
  └─➔ productCategory string A product category or number sent in from the payee/merchant. This is not validated by Swedbank Pay, but will be passed through the payment process and may be used in the settlement process.
  └─➔ orderReference String(50) The order reference should reflect the order reference found in the merchant’s systems.
  └─➔ subsite String(40) The subsite field can be used to perform split settlement on the payment. The subsites must be resolved with Swedbank Pay reconciliation before being used.If you send in an unknown subsite value, it will be ignored and the paymentwill be settled using the merchant’s default settlement account.
  └➔ prefillInfo object An object that holds prefill information that can be inserted on the payment page.
  └─➔ msisdn string Number will be prefilled on MobilePay’s page, if valid. Only Danish and Finnish phone numbers are supported. The country code prefix is +45 and +358 respectivly.
check └➔ mobilepay.shoplogoUrl string URI to logo that will be visible at MobilePay Online. For it to display correctly in the MobilePay app, the image must be 250x250 pixels, a png or jpg served over a secure connection using https, and be publicly available.

Response

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
HTTP/1.1 200 OK
Content-Type: application/json

{
    "payment": {
        "prices": {
            "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/prices"
        },
        "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1",
        "number": 75100000121,
        "created": "2018-09-11T10:58:27.4236127Z",
        "updated": "2018-09-11T10:58:30.8254419Z",
        "instrument": "MobilePay",
        "operation": "Purchase",
        "intent": "Authorization",
        "state": "Ready",
        "currency": "DKK",
        "amount": 0,
        "description": "Test Purchase",
        "payerReference": "AB1234",
        "initiatingSystemUserAgent": "PostmanRuntime/7.2.0",
        "userAgent": "Mozilla/5.0",
        "language": "da-DK",
        "transactions": {
            "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/transactions"
        },
        "urls": {
            "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/urls"
        },
        "payeeInfo": {
            "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/payeeinfo"
        }
    },
    "operations": [
        {
            "method": "PATCH",
            "href": "https://api.externalintegration.payex.com/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1",
            "rel": "update-payment-abort"
        },
        {
            "method": "GET",
            "href": "https://ecom.externalintegration.payex.com/mobilepay/payments/authorize/ec2a9b09-601a-42ae-8e33-a5737e1cf177",
            "rel": "redirect-authorization"
        }
    ]
}

Step 2: Get the transaction status

Finally you need to make a GET request towards Swedbank Pay with the id of the payment received in the first step, which will return the purchase result.

Request

1
2
3
4
GET /psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/ HTTP/1.1
Host: api.externalintegration.payex.com
Authorization: Bearer <AccessToken>
Content-Type: application/json

Response

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
HTTP/1.1 200 OK
Content-Type: application/json

{
    "payment": {
        "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1",
        "number": 1234567890,
        "created": "2016-09-14T13:21:29.3182115Z",
        "updated": "2016-09-14T13:21:57.6627579Z",
        "state": "Ready",
        "operation": "Purchase",
        "intent": "Authorization",
        "currency": "DKK",
        "amount": 1500,
        "remainingCaptureAmount": 1500,
        "remainingCancellationAmount": 1500,
        "remainingReversalAmount": 0,
        "description": "Test Purchase",
        "payerReference": "AB1234",
        "initiatingSystemUserAgent": "PostmanRuntime/3.0.1",
        "userAgent": "Mozilla/5.0...",
        "language": "da-DK",
        "prices": {
            "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/prices"
        },
        "payeeInfo": {
            "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/payeeInfo"
        },
        "urls": {
            "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/urls"
        },
        "transactions": {
            "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/transactions"
        },
        "authorizations": {
            "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/authorizations"
        },
        "captures": {
            "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/captures"
        },
        "reversals": {
            "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/reversals"
        },
        "cancellations": {
            "id": "/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/cancellations"
        }
    },
    "operations": [
        {
            "method": "PATCH",
            "href": "https://api.externalintegration.payex.com/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1",
            "rel": "update-payment-abort",
            "contentType": "application/json"
        },
        {
            "method": "GET",
            "href": "https://ecom.externalintegration.payex.com/mobilepay/core/scripts/client/px.mobilepay.client.js?token=5a17c24e-d459-4567-bbad-aa0f17a76119&operation=authorize",
            "rel": "view-authorization",
            "contentType": "application/javascript"
        },
        {
            "method": "GET",
            "href": "https://ecom.externalintegration.payex.com/mobilepay/payments/authorize/ec2a9b09-601a-42ae-8e33-a5737e1cf177",
            "rel": "redirect-authorization",
            "contentType": "text/html"
        },
        {
            "method": "POST",
            "href": "https://api.externalintegration.payex.com/psp/mobilepay/payments/7e6cdfc3-1276-44e9-9992-7cf4419750e1/captures",
            "rel": "create-capture",
            "contentType": "application/json"
        },
        {
            "method": "GET",
            "href": "https://api.externalintegration.payex.com/psp/mobilepay/7e6cdfc3-1276-44e9-9992-7cf4419750e1/paid",
            "rel": "paid-payment",
            "contentType": "application/json"
        },
        {
            "method": "GET",
            "href": "https://api.externalintegration.payex.com/psp/mobilepay/7e6cdfc3-1276-44e9-9992-7cf4419750e1/failed",
            "rel": "failed-payment",
            "contentType": "application/problem+json"
        }
    ]
}
Field Type Description
payment object The payment object contains information about the specific payment.
└➔ id string The relative URI and unique identifier of the payment resource . Please read about URI Usage to understand how this and other URIs should be used in your solution.
└➔ number integer The payment number , useful when there’s need to reference the payment in human communication. Not usable for programmatic identification of the payment, for that id should be used instead.
└➔ created string The ISO-8601 date of when the payment was created.
└➔ updated string The ISO-8601 date of when the payment was updated.
└➔ state string Ready, Pending, Failed or Aborted. Indicates the state of the payment, not the state of any transactions performed on the payment. To find the state of the payment’s transactions (such as a successful authorization), see the transactions resource or the different specialized type-specific resources such as authorizations or sales.
└➔ prices object The prices resource lists the prices related to a specific payment.
└➔ prices.id string The relative URI and unique identifier of the prices resource . Please read about URI Usage to understand how this and other URIs should be used in your solution.
└➔ description string(40) A 40 character length textual description of the purchase.
└➔ payerReference string The reference to the payer from the merchant system, like e-mail address, mobile number, customer number etc.
└➔ userAgent string The user agent string of the payer’s browser.
└➔ language string sv-SE, nb-NO or en-US.
└➔ urls string The URI to the urls resource where all URIs related to the payment can be retrieved.
└➔ payeeInfo string The payeeInfo object, containing information about the payee (the recipient of the money). See payeeInfo for details.
operations array The array of possible operations to perform
└─➔ method string The HTTP method to use when performing the operation.
└─➔ href string The target URI to perform the operation against.
└─➔ rel string The name of the relation the operation has to the current resource.

Purchase flow

The sequence diagram below shows the two requests you have to send to Swedbank Pay to make a purchase. The diagram also shows in high level, the sequence of the process of a complete purchase.

sequenceDiagram
  participant Payer
  participant Merchant
  participant SwedbankPay as Swedbank Pay
  participant MobilePay_API as MobilePay API
  participant MobilePay_App as MobilePay App

  Payer->>Merchant: start purchase (pay with MobilePay)
  activate Merchant

  Merchant->>SwedbankPay: POST <Create MobilePay Online payment>
  note left of Merchant: First API request
  activate SwedbankPay
  SwedbankPay-->>Merchant: payment resource
  deactivate SwedbankPay
  SwedbankPay -->> SwedbankPay: Create payment
  Merchant-->>Payer: Redirect to payment page
  note left of Payer: redirect to MobilePay
  Payer-->>SwedbankPay: enter mobile number
  activate SwedbankPay

  SwedbankPay-->>MobilePay_API: Initialize MobilePay Online payment
  activate MobilePay_API
  MobilePay_API-->>SwedbankPay: response
  SwedbankPay-->>Payer: Authorization response (State=Pending)
  note left of Payer: check your phone
  deactivate Merchant

  MobilePay_API-->>MobilePay_App: Confirm Payment UI
  MobilePay_App-->>MobilePay_App: Confirmation Dialogue
  MobilePay_App-->>MobilePay_API: Confirmation
  MobilePay_API-->>SwedbankPay: make payment
  activate SwedbankPay
  SwedbankPay-->>SwedbankPay: execute payment
  SwedbankPay-->>MobilePay_API: response
  deactivate SwedbankPay
  deactivate MobilePay_API
  SwedbankPay-->>SwedbankPay: authorize result
  SwedbankPay-->>Payer: authorize result
  Payer-->>Merchant: Redirect to merchant
  note left of Payer: Redirect to merchant
  activate Merchant
  SwedbankPay-->>Merchant: Payment Callback
  Merchant-->>SwedbankPay: GET <MobilePay payments>
  note left of Merchant: Second API request
  SwedbankPay-->>Merchant: Payment resource
  deactivate SwedbankPay
  Merchant-->>Payer: Display authorize result
  deactivate Merchant