SEPA Direct Debit
Information
SEPA Direct Debit is also available through Flow. Flow enables you to accept payments on your website using Checkout.com's global network of payment methods with a single integration.
The Single Euro Payments Area (SEPA) is an European Union initiative to simplify payments within and across member countries. SEPA established and enforced banking standards to enable direct debits from every Euro-denominated bank account within the SEPA region.
Checkout.com supports:
- SEPA Direct Debit Core – For transactions between business and personal bank accounts
- SEPA Direct Debit B2B – For transactions between business bank accounts only
Participating banks must charge the same fees for cross-border core payments as they do for direct debit payments processed within their own country.
You can process SEPA for one-off transactions and recurring payments. However, due to the risk of chargebacks, we do not recommend using SEPA when:
- You need an immediate confirmation of payment.
- The risk of chargebacks from customers is a significant concern.
- You're processing one-off or very infrequent payments.
- Your business process requires immediate notification when a payment fails.
Information
To enable SEPA payments on your account, contact your account manager or [email protected].
Model | Collecting |
---|---|
Payment method | Direct debit |
Auto capture | |
Void | |
Deferred capture | |
Partial capture | |
Multiple partial capture | |
Refund | |
Partial refund | |
Chargeback | Returns and chargebacks |
Recurring payment |
The SEPA Creditor Identifier (Creditor ID or CSI) is a unique reference number used in SEPA Direct Debit payments to identify the creditor or company collecting the payment.
All your payments are collected using Checkout.com's Creditor ID, so you do not need to obtain your own. Ensure that you show our creditor ID in the mandate authorization to request your customer's consent.
To also display your merchant name in the customer's statement, you must provide the billing_descriptor.name
field in your payment request.
To debit payments from your customer's account, you must first obtain their written consent through a mandate. The mandate must contain specific legal wording regarding the customer's authorization and refund rights. See the European Payment Council (EPC) mandate guidelines for more information.
In addition to this mandate, you also collect required information such as the customer's name and bank account details.
After setting up the mandate, you must notify your customer of the amount and collection date at least 14 days before you collect the payment.
The pre-notification must contain the following information:
- For a one-off mandate, the date the payment will be debited from their account
- For a recurring mandate, the recurring date the payment will be debited from their account
- The payment amount
- The mandate ID
- The creditor ID
- Your contact details
You must send the pre-notification within the notice period specified in the mandate you set up with the customer, no more than 14 days before the payment due date.
As a guideline, we recommend that you send the pre-notification three working days before the payment due date.
You can send the pre-notification via any of the following methods:
- Invoice
- Letter
- Phone
- SMS
The payment flow follows these steps:
- When you send the payment request, Checkout.com validates and forwards it to our sponsor bank.
- The bank checks the SEPA direct debit authorization and sends it to the customer's bank.
- The next day, the customer's bank checks the request and either confirms or rejects it.
- If the request is confirmed, the following day the bank credits the amount to our bank account.
SEPA Core offers strong customer protections, including:
- Eight-week refund right – Customers can request a refund for any authorized transaction within eight weeks of the debit.
- 13-month refund right – Customers can request a refund for any unauthorized debits made without a valid mandate for up to 13 months after the debit.
SEPA B2B does not offer these guarantees because customers cannot request refunds for authorized payment collections.
Information
Returns driven by customer's bank rejection can be communicated up to 6 days after the payment capture.
After the payment is captured, it can still get rejected by the customer bank. Returns driven by rejection can be communicated to us up to 6 days after the payment request. You receive a payment_returned
webhook when this happens.
Customers can reverse a payment made against a SEPA Core mandate up to eight weeks after the original payment date.
Customers may submit a claim with their bank to reverse the payment if:
- They want to revoke the direct debit authorization.
- They state that they did not provide authorization for the direct debit.
You cannot challenge a SEPA return initiated by the customer. The funds will always return to the customer. If you have an issues with a reversal, contact your customer directly.
Information
Customers can initiate a reversal for a payment made against a SEPA mandate that has not been authorized up to 13 months after the original payment date.
If you already process SEPA payments yourself or with another provider, you must transfer your mandates to Checkout.com's platform.
To transfer your mandates to Checkout.com, follow these steps:
- Update your creditor ID and inform your customers.
- Upload the details of your mandates to our platform.
- Contact your account manager to request a Checkout.com creditor ID.
- Change your current provider's creditor ID to our creditor ID.
This is the ID that you must show your customers when setting up mandates. - Contact the customers you will collect payments from, and inform them of the creditor ID change.
This helps you reduce chargebacks from your customers, because they are less likely to reject payments if they're aware of the creditor ID change.
You can upload your mandate details to Checkout.com in one of the following ways:
- For each mandate, call the Create instrument endpoint to upload its details.
The response returns ansrc_id
field, which you use for subsequent collections. See Create a payment source before your first payment for more information. - Send the first payment request with the mandate ID and date of signature.
We then generate a newsrc_id
value for you to use for subsequent collections. See Create a payment source with your first payment request for more information.
Checkout.com communicates status updates for your payments through webhooks. You must set up your webhook receiver.
During the lifecycle of a SEPA Direct Debit payment, you receive the following webhooks:
Webhook | Description |
---|---|
| Checkout.com has accepted your request. |
| The bank declined the payment request due to a technical or fraud-related issue. |
| We have successfully sent your request to our sponsor bank. |
| The bank accepted the payment request. |
| There was a failure after an initial success. The funds move out of your account. There are three types of return:
|
| The bank successfully received confirmation from the SEPA network and the funds have been transferred. |
| The bank declined the payment request due to a technical or fraud-related issue. |
The following sections describe the order in which each notification is sent, depending on the payment lifecycle:
You can receive the following response codes when processing SEPA Direct Debit Core payments:
Response code | Description |
---|---|
| Invalid account number |
| Customer dispute |
| Insufficient funds |
| Direct debit forbidden on this account for regulatory reasons |
| Incorrect payment transaction code, or sequence error |
| Incorrect creditor ID |
| Creditor bank not registered under this BIC in the CSM |
| No valid mandate or unauthorized transaction |
| Disputed authorized transaction |
| Debtor refuses the collection You can receive this code before or after settlement, depending on how quickly the debtor's bank responds to the refusal. |
| Reason not specified (agent generated) |
| Incorrect bank identifier |
| Debtor name or address required for regulatory reasons is insufficient or missing |
| Creditor name or address required for regulatory reasons is insufficient or missing |
| Regulatory reasons |
| Conflict with customer instructions The request conflicts with specific instructions your customer has added to their account. For example, they may have added the creditor to a blocklist, or not explicitly added them to an allowlist. |
| Duplicate entry |
| Account closed |
| Account frozen |
| Rejected |
| Returned |