Frequently Asked Questions

The following comprise a growing list of TPP developer queries. Check back often, as the list is updated periodically with/without notice.

Do I need to have an AISPClosedAccount Information Service Provider – a TPP authorised to access consumer or business account data from the account holder's financial institutions with the account holder's explicit consent. or PISPClosedPayment Initiation Service Provider – a TPP that initiates a payment order at the request of the payment service user with respect to a payment account held at another payment service provider. license to use your service?

No, Token has obtained AISP and PISP approval from the FCAClosedFirms and individuals must be authorised by the Financial Conduct Authority (FCA) equivalent in each country to carry out regulated financial service activities and offer credit to consumers. For the list of FCA-equivalent regulators outside of the UK, please visit in the UK, passported across Europe. However, please note that if you require AISClosedAccount Information Service – supports TPP secure access to customer accounts and data, but only with the bank-verified consent of the customer. functionality, you may be required to register as an agent of Token via the FCA. We will assist you with any required formalities. Contact us for further information.

Do you have a sandbox that I can test with?

Yes, Token has a full sandbox and notional banks with which you can test your integration. During initial setup (see Onboarding), follow the client setup instructions to connect to our SANDBOX environment. We recommend you start out with Wood Bank (United Kingdom). Contact us to learn more about other available banks in the sandbox.

Can I test against sandboxes hosted by real banks in your network?

Yes. Upon completing your integration testing with Token’s notional banks, you can test with any of our directly integrated partner banks (pursuant to PSD2 regulations). For additional details, don’t hesitate to contact us.

Can I set up a standing order or recurring payment using your Smart Token technology?

Yes. See Standing Orders in Creating a Transfer Token Request.

Does Token offer categorisation options for retrieving transaction history?

No, Token does not currently offer categorization. However we expect support for this feature to be available sometime in the future.

Can I make cross-border payments?

Yes. See Specifying Transfer Destination Details in Creating a Transfer Token Request.

What timezones do banks use?

Token uses UTCClosedCoordinated Universal Time – a standard used to set all time zones around the world. For instance, Berlin is in the time zone UTC plus one hour (UTC+1:00), which means it is 1 hour later in Berlin than the reading on a UTC clock. Most EU countries are in the Central European Time zone. CET alternates between UTC+1 (standard time) and UTC+2 (when daylight saving time (DST) is observed). All countries in the CET time zone observe DST (UTC+2) from 02:00 am on the last Sunday of March until 03:00 am on the last Sunday of October. as the default time zone for all banks across all countries.

Is there a way to get the status of a transaction/payment with a token request ID If due to some reason we lost the response for redeem token call?

Yes. Call getToken to find its associated token requestId. You can also use the tokenId to call GetTransfers to see all associated transfers. In short, the transfer(s) and the token requestId are all linked to a tokenId.

What provides Idempotence for the CreateTransfer (aka redeemToken) call?

Including the same refId when calling CreateTransfer provides idempotenceClosedFrom a RESTful service standpoint, for an operation (or service call) to be idempotent, clients can make that same call repeatedly while producing the same result. In other words, making multiple identical requests has the same effect as making a single request. Note that while idempotent operations produce the same result on the server (no side effects), the response itself may not be the same (e.g. a resource's state may change between requests)..

What do different transaction statuses mean? How should each case be handled? Which cases should we retry, what’s the proper retry interval, its lifecycle, etc.?

See Payment Status: Values and Meaning for the complete list of status codes and their definition.

Handling with regard to retry intervals is almost entirely bank-dependent, but here are some general pointers:

Why do some banks require the Token App to work with Finvertax/Southside and others don’t?

Token supports both Appless and App flows. To discover which banks support a particular flow, use a getBanks call and set supportsAppless to true/false to filter the list accordingly.

Can I customise the token request flow with a logo, display, etc.?

Yes. You can set your profile display and picture when you set up your business member profile (see Step 6 in Onboarding). You can also customise the Token Webapp UI with your logo and colors. See Customising the Token Webapp for details.

What is the process for going live in Token's production environment?

See Going Into Production for detailed guidance.

What about transfer reconciliation? What information will be included for the transaction description in the source bank account statement?

Much of this is bank-dependent. For CMA9 banks, Token passes the refId to the source bank to use according to bank policy. In general, most banks include the refId in the transaction description, but it's entirely at the bank's discretion.

Why is there no description in the receipt email?

The description in the email is from the transfer description, not the token description, and should be provided when calling redeemToken.

How do I notify Token of questions or issues I’m encountering?

Contact our support desk with details on the issue or question. We’ll follow up with you straightaway.