The signing and validation of electronic mandate offered by the SPS-Signature service can be integrated directly into the creditor’s website as a new means of payment.
The following document aims to assist the creditor during the implementation of the SPSSIGNTAURE web service within its service.
Description of the workflow
-
The client has chosen the Sepa Direct Debit option as a mean of payment.
-
The creditor initiates the e-mandate signature/validation transaction through a web service call. In response, the SPS Signature service sends to the creditor a secured URL in which the client will be redirected. (Ws Method: InitSession)
-
The client is redirected to the secure URL generated in step 2.
-
The client fills his Banking information so that SPS-SIGNATURE can generate an emandate.
-
The client checks that the e-mandate he will sign/validate is correct.
-
The client gives his consent (agreement) by the use of a One Time Password Code (OTP)
sent by SMS or EMAIL. -
The SPS-SIGNATURE service triggers a Direct Debit payment through SPS (optional).
-
The client is informed that the e-mandate has been signed/validated. Additionally he can
download the signed/validated mandate. -
The client is redirected to the creditor’s page. (Using a pre-defined URL declared in step 2)
The detailed description of the steps 4, 5, 6, 7 et 8 is in the document: « SPS-SIGN User Guide (UK) v2.0.pdf ».
Technologies Involved
The integration of SPS Signature involves using the following technologies.
Client (Debtor) |
HTML (For the SPS-SIGNATURE redirection) |
Creditor Server |
- SOAP Web service calls using WS-Security protocol. Its main focus is to provide end-toend security. |
- Digital Certificate (also known as Public Key Certificate): X.509 digital certificates |
Technical exchanges between the creditor and SPS-SIGNATURE
Initialization of the session in SPS-SIGNATURE -> initSession(Required) | |
Started by the | Creditor -> SPS Signature |
Technology | The SOAP request is signed in accordance with the WS-Security protocol and with the given the X509 certificate |
Retrieve the status of the session -> GetSessionStatus (Optional) | |
Started by the | Creditor -> SPS Signature |
Technology | The SOAP request is signed in accordance with the WS-Security protocol and with the given the X509 certificate |
Cancel the session -> CancelSession (Optional) | |
Started by the | Creditor -> SPS Signature |
Technology | The SOAP request is signed in accordance with the WS-Security protocol and with the given the X509 certificate |