Sofort | Direct Bank Transfer

Learn how to accept direct bank transfer payments.

Sofort, also known as Pay now with Klarna, is a popular online banking method in Germany, Austria, Switzerland, and other countries.
In order to pay with Sofort, customers are redirected to Sofort’s site where they enter their bank login credentials. Upon authentication, Sofort initiates a bank transfer from their bank account.

Although successful authorization indicates a very high likelihood of payment, funds are not guaranteed to your business until they are actually received, which is typically two business days later (but can be up to 14 days later). Once received, payments cannot be reversed except by business-initiated refunds.

Payment typeOnline banking
MarketAustria, Belgium, France, Germany, Italy, Netherlands, Poland, Spain, Sweden, Switzerland
Customer currenciesEUR
Processing currenciesEUR
RefundsNo

General flow

POST Request -> to /payment_preauthorize
<- Response (direct, synchronous) with status=2000&errormessage=pending and redirect_url
Customer is redirected to redirect_url (Sofort URL)
<- Callback (asynchronous) with errorcode=0&payment_state=not_credited_yet to notification_url
<- Callback (asynchronous) with errorcode=0&payment_state=credited to notification_url

Step 1. Make a transaction request

From your server, make a POST /payment_preauthorize request.

POST https://sandbox.payabl.com/pay/backoffice/payment_preauthorize

The process flow of this payment system is the same as the 3DSecure transaction procedure. Please note the following exceptions:

  1. For Sofortüberweisung transactions, we don’t need param_3d parameter.
  2. The redirect URL is provided in redirect_url, instead of url_3ds (used in step 2 and step 3)
  3. Only Preauthorize interface should be used for sending transactions.
  4. Merchant would be notified on the notification URL about the accepted, success and the failed transaction, capture may remain in the accepted state until credited or not_credited notification has been received from the
  5. Please pay special attention to the following pre-authorization interface parameters:
ParameterFormatDescription
merchantid40 charactersMerchant identification number assigned during account creation
orderidmax. 30 charactersThe field orderid is optional and exclusively for the merchants' convenience
amountdigits only, either no decimals or two decimal places (e.g. 8 or 8.50)Transaction’s total amount that will be deducted from the customer
currency3 characters. ISO 4217The currency field contains the alpha-3 currency code for the transaction. Links to ISO
payment_method17payabl. Payment methods IDs
signature40 charactersSignature Calculation2
emailmax. 50 charactersCustomer email. An RFC 822 compliant email address
url_successmax. 255 characters starting with http or httpsSuccess transaction URL
url_failedmax. 255 characters starting with http or httpsFailed transaction URL
url_returnmax. 255 characters starting with http or httpsURL for customer redirection

You can see a full list of parameters in Pre-Authorization.

Request example:

merchantid=gateway_test&orderid=Payabl-Test&amount=19.99&currency=EUR&payment_method=17&language=en&customerip=2.22.75.244&[email protected]&
firstname=John&lastname=Doe&zip=3035&street=Olympion&house=23&city=Limassol&country=CYP&bankcountry=DE&url_return=http://dev-sim-ng.inatec.local/~simdad/InatecResponse/redirect_response.php&
url_failed=http://dev-sim-ng.inatec.local/~simdad/InatecResponse/failed.php&url_success=http://dev-sim-ng.inatec.local/~simdad/InatecResponse/success.php&
notification_url=https://api.powercash.de/simulation/billing_response.php&signature=bafdb2ba214492b60e4f2fbe21c12322837c09ea

🚧

Public Sandbox information

Do not use your personal email address, Order ID with sensitive information, real customer details and credit card data in the public Sandbox. For email field you may use [email protected]

🚧

Sofort does not support iFrame, full page redirect needs to be done.

📘

Redirection to url_return does not confirm that the transaction is successful. Always check the transaction via notification_url or use the diagnose interface to get the final status of the transaction.

Step 2. Handle the redirect

To complete the payment, you need to redirect the customer to the correct URL in the response.

Response example:

transactionid=104579022&transid=104579022&status=2000&errormessage=pending&errmsg=pending&amount=19.99&price=19.99&
currency=EUR&orderid=Payabl-Test&payment_method=17&account_name=&bic=&country=DE&iban=&redirect_url=https%3A%2F%2F
sandbox.payabl.com%2Fpay%2F818b49519a301805ae3561904bdc31fdc35011ad%2Fpayment%2Fredirect_to_bank&user_id=504459

Response fields reference:

ParameterDescription
transactionidpayabl. internal transaction id. Please use this transaction id when referring to the transaction in communications with the payabl. team
transidThe same as transactionid
statusTransaction error code
errormessageBrief explanation of transaction decline reason (empty on success)
errmsgThe same as errormessage
amountTransaction amount
priceThe same as amount
countryBank country (if it was stated in the pre-authorization request)
account_nameAccount name (if it was stated in the pre-authorization request)
ibanCustomer IBAN (if it was stated in the pre-authorization request)
bicCustomer BIC (if it was stated in the pre-authorization request)
currencyTransaction currency
orderidOptional transaction identifier assigned by the merchant
payment_methodPayment method ID
redirect_urlURL for customer redirection to finalize the payment (URL encoded)
user_idPayment system user identifier

After the client completed payment on the Sofort side, he will be redirected back to your url_return.
Additionally, you will get a notification to provided notification_url, which should be used to update statuses in your system.

Step 3. Receive the final status

Once the customer completes the payment, we will send a notification with the transaction's final status to the notification_url specified by you.

url_return and notification_url should be passed by you in the Pre-authorization request.

Alternatively, you can communicate a notifciation_url to be used by default to payabl. technical team. By doing so, you won't need to send it in every request.

SofortÜberweisung notifications contain an additional notification parameter which is payment_state, which can contain the following values:

  • not_credited_yet: Capture - Accepted.
  • credited: Capture - Successful.
  • not_credited: Capture - Failed.
    Each state change would trigger a notification to the notification URL, notification URL is the URL that was provided when the merchant account was created.

Notification example - Accepted Capture:

errorcode=0&amount=19.99&transactionid=104579022&type=capture&security=3731741fccfce98388f5463d3be1bd64edd4dbcc590c615d5f1da2270d609360&
payment_state=not_credited_yet&timestamp=1660130655&orderid=Payabl-Test&payment_method=17&errormessage=

Notification example - Successful Capture:

timestamp=1660131006&errormessage=&payment_method=17&orderid=Payabl-Test&type=capture&security=059261299e5347a306cf4d4e012d2d17b1b3ac8b3e404b5d7a89fab75ce9fbae&
payment_state=credited&errorcode=0&transactionid=104579022&amount=19.99

Notification fields reference:

ParameterDescription
transactionidpayabl. internal transaction id. Please use this transaction id when referring to the transaction in communications with the payabl. team
typeTransaction type
errorcodeTransaction error code (0 for success)
errormessageBrief explanation of transaction decline reason (empty on success)
amountTransaction amount
orderidOptional transaction identifier given by the merchant
securitySignature to verify the authenticity of the notification. You can find more information here
timestampNotification timestamp
payment_stateTransaction acceptance state as described above

Additional Customer details can be added to both callbacks. Please contact Tech support to enable them:

ParameterDescription
bank_countryCustomer bank country
bicCustomer bank BIC
account_numberCustomer account number
account_holderAccount holder name

Notification example - Accepted Capture (additional parameters):

bank_number=70440&account_number=LTXXXXXXXXXXXXXX4024&payment_state=not_credited_yet&bank_name=SEB&errormessage=&type=capture&
transactionid=104579023&account_holder=Muster+Mann&bank_country=LITHUANIA&timestamp=1605788760&security=19667fb6d9d2f3c
8457e29d949f72319a9986b88b0be47050d9fc49f746d279b&orderid=Payabl-Test&errorcode=0

Notification example - Successful Capture (additional parameters):

bank_number=70440&account_number=LTXXXXXXXXXXXXXX4024&payment_state=credited&bank_name=SEB&errormessage=&type=capture&
transactionid=104579023&account_holder=Muster+Mann&bank_country=LITHUANIA&timestamp=1605788760&security=19667fb6d9d2f3c
8457e29d949f72319a9986b88b0be47050d9fc49f746d279b&orderid=Payabl-Test&errorcode=0

When the customer finished or canceled the payment, he will be redirected back to url_return, provided by you in the initial request to payment_preauthorize. After that, you will receive a notification, posted to notification_url, with the final transaction status, which you suppose to use to update your system.

📘

Notification URL can be configured by our tech support team in your account on our side,
or you can send it as a parameter notification_url in the initial request to payment_preauthorize.

📘

In case 15 days pass and payabl. didn't receive any funds from an issuer, the transaction will be failed automatically. You will receive a notification update.