Instant bank pay (IBP) one-off payment page requirements (UK)
Please note: Please note: The Instant Bank Pay feature is currently available for all merchants based in UK, US, Canada, EEA, Australia, and New Zealand who are collecting GBP payments from customers in the UK.
Please register your interest here if you'd like to be notified when Instant Bank Pay is available in your region.
The following is a guide to building Custom Payment Pages for merchants using GoCardless Advanced or GoCardless Pro, and for partners, using the add-on feature Custom Checkout Experience. See our Pricing page for more details.
In order to take IBP one-off payments from your customers, they need to provide their explicit consent to do so, this includes consenting to the amount and payee (you as the merchant) and agreeing to the GoCardless payer terms. They can use your payment pages to set up their payment agreement and provide consent to this online.
Getting Started with Custom Payment Pages
Â
Before designing and hosting IBP one-off Custom Payment Pages, itâs important to be aware that there are strict compliance requirements for the content and formatting of these pages.
Â
Weâll work with you to build compliant Custom Payment Pages, which have to receive a final sign off once theyâre ready (see below for the approval process).
Â
After your Custom Payment Pages have been signed off, they must not be changed without GoCardlessâ approval, and we would like to remind you of your contractual obligations to:
- comply with GoCardlessâ directions, instructions and guidance;
- ensure that no elements of the Custom Payment Pages could put GoCardless in breach of relevant law and regulation; and
- remove or amend any part of the Custom Payment Pages immediately if notified to do so.
Approval process for Custom Payment Pages
- Submit Templates: After completing the design and build of your custom payment pages, submit the templates to GoCardless for approval before your go-live date.
- Receive Feedback: GoCardless will provide feedback on any required changes (if necessary).
- Obtain Approval: Once you have written approval from GoCardless, we will enable a feature on your account for creating IBP one-off payments via the API.
- Implement Client Sign-Up Flow: Integrate the client sign-up and creation flow with the GoCardless API.
- Create Sandbox Account: Set up a sandbox account here and email GoCardless at help@gocardless.com to inform them you have set up your sandbox account and want to test IBP one-off Custom Payment Pages, including the email address used for setup.
- Create Access Token: Generate a read-write access token.
- Link Your Account: Use the access token to connect your sandbox account with your internal system or application.
- Test Integration: Test the customer creation process as per the developer documentation.
- Launch integration: After fully testing your integration and obtaining approval for your Custom Payment Pages, launch your new process for customer sign-ups.
- Move to Production: Rotate your access token from the sandbox to your production GoCardless account to transition from testing to the live environment.
Quick guide
To create fully compliant Custom Payment Pages, there are a number of requirements you must meet. Hereâs the short version for quick reference. Keep reading and weâll explain each step in more detail:
| Step | Quick reference |
|---|---|
| 1 |
You must capture the payerâs first name, last name, and email address. If you have already collected these prior to the checkout flow, you do not need to request them again with the payer, but should pass them to GoCardless. |
|
2 |
You must provide a list of available banks for payers to select (and be redirected to). |
|
3 |
You must provide your payers with the following consent parameters (i.e. payment rules):
|
|
4 |
You must seek the payerâs consent by:
|
|
5 |
You should provide messaging to inform payers how to complete the payment authentication and let them know that they will be taken to their bank. |
|
6 |
You must provide confirmation and certain information to the payer when they have successfully authenticated a payment with their bank. |
|
7 |
You must remind the payer that the payment is being powered by GoCardless and provide information about our regulatory status (including FCA registration number and privacy notice) |
1. Information entry
This is the sign-up page for your product / services, and is used to capture the necessary payer information. You must include the following:
| Requirement | Detailed explanation | Our recommendation |
|---|---|---|
|
Payerâs personal details |
You must be able to provide the payerâs first (given) name, last (family) name, and email address to GoCardless (if you have already captured this information prior to the checkout flow, you donât need to re-capture it from the payer here, but should pass to GoCardless). |
HEADING: âYour personal detailsâ
|
2. Account selection
In order for your payer to authenticate the one-off payment later in the journey, they must be presented with the option to select their bank:
| Requirement | Detailed explanation | Our recommendation |
|---|---|---|
|
Display available banks |
Payers must be allowed to select the bank they wish to make the one-off payment from. You must provide a list of available / supported banks. You can use this endpoint to retrieve the list. |
HEADING: âChoose your bankâ TEXT: Â |
3. Parameters
In order for your payer to provide their explicit consent to set up a one-off payment , they must be presented with these consent parameters:
| Requirement | Detailed explanation | Our recommendation |
|---|---|---|
|
Payee (i.e. your) name |
The payee to be credited with the payment must always be clearly stated. Whilst GoCardless is the âinitial payeeâ, you (the merchant) are the âultimate payeeâ, and therefore you should include your legal name (and trading name if different to your legal name). |
HEADING: âMake a one-off payment to [your legal / trading name]â TEXT: âDescription: ___ |
|
Payment description |
You must include a description, which makes clear what the payer is making a one-off payment for. |
|
|
Amount and currency |
The amount of the one-off payment, along with the currency of the one-off payment (this will be GBP for UK implementation), must be clearly stated. |
4. Consent & terms
In order for the payer to consent to the one-off payment, you must present the following information:
| Requirement | Detailed explanation | Our recommendation |
|---|---|---|
|
GoCardlessâ name |
As a payment initiation service provider (PISP), the GoCardless trading/brand name must be displayed to the payer during the setup of their consent, explaining that GoCardless is your payment provider. |
HEADING: âPermission to make a paymentâ TEXT: âOur payment provider, GoCardless, needs your consent to trigger a one-off payment from your [name of bank] account. Description: ___ Â |
|
Clearly explain what the payer is consenting to |
You must use clear language which requests the payerâs consent to the payment. |
|
|
Repeat consent parameters and payer account information |
If you have used multiple screens, you must re-display: (1) the bank selected by the payer, and (2) the consent parameters previously shown to the payer |
|
|
GoCardlessâ Terms of Use |
In order for the payer to enter into a legally binding agreement with GoCardless, you must enable the payer to view the applicable GoCardless payer terms on the consent screen. To do this, you must include our mandatory component on the consent screen. This component must be free of any obstructions, and as prominent as the rest of the text on the screen. These terms must appear prior to the confirmation / consent button below. |
âBy continuing, you agree to GoCardless, triggering this one-off payment, as per their Payer Terms.â Â |
|
Confirmation / consent button |
You must provide payers with an opportunity to show that they actively consent to all of the above. |
âConfirm and continueâ or âI consentâ or âI allowâ or âI agreeâ |
5. Authentication & redirection
Whilst there are no mandatory requirements governing this part, in order for payers to complete the flow, you should provide messaging to inform payers about the next steps (i.e. that they will be redirected to their bank for authentication of the payment):
| Requirement | Detailed explanation | Our recommendation |
|---|---|---|
|
Authentication |
You should provide messaging to inform payers how to complete the payment authentication, which takes place at their bank. If you choose to provide a QR code, make it clear the payer will need to scan with their mobile phone to open their banking app. This priming is key for setting payers up for success, especially those who may not have made payments via open banking prior and are not expecting to authorise in their bank app. In addition to telling payers theyâll be taken to their bank, you can let them know what this means (e.g. thereâs no need to enter card details, which will save them time and effort). |
HEADING: âPlease authenticate the paymentâ TEXT: âScan the QR code with your phone camera to quickly complete the payment using your banking app. Donât have an app installed? Continue on desktop.â or âWe use bank authentication through your bank app to make this Instant Bank Payment. Youâll automatically be taken to your bank app to authenticate your payment.â |
| Redirection |
You should provide messaging to inform payers that they will be taken to their bank to complete the payment. |
âWe are securely transferring you to [name of bank] to authenticate.â |
6. Confirmation
After the payer has authorised the payment with their bank, you must provide messaging to inform the payer of the following:
| Requirement | Detailed explanation | Our recommendation |
|---|---|---|
|
Payment information (amount, currency, reference) |
After a payment has been successfully initiated, you must provide the payer with these details about the payment:
You must also let payers know that GoCardless will save their payment details in order to process future refunds. |
âYour payment has successfully been submitted to your bank. Payment information Payments to UK banks are normally instant, but may take up to 24 hours or longer in some cases. Our payment provider, GoCardless will save your payment details and can use these to process future refunds. You can safely close this window.â |
|
Privacy notice |
You must display GoCardlessâ Privacy Notice. |
âGoCardless uses personal data as described in their Privacy Notice.â |
7. Footer
On all IBP one-off Custom Payment Pages , you must include a footer with the following information:
| Requirement | Detailed explanation | Our recommendation |
|---|---|---|
|
Regulatory status disclosure |
In addition to including our mandatory component on the consent screen, you must remind the payer that the payment is being securely powered by GoCardless and provide information about our regulatory status (company number, the fact weâre authorised by the FCA, our FCA registration number). |
âPayments securely processed by GoCardless. GoCardless Ltd (company registration number 07495895) is authorised by the Financial Conduct Authority under the Payment Services Regulations 2017, registration number 597190, for the provision of payment services.â |
|
Privacy notice |
You must display GoCardlessâ Privacy Notice. |
âGoCardless uses personal data as described in their Privacy Notice.â |
Summary of required information
| Â |
INFORMATION ENTRY |
ACCOUNT SELECTION |
PARAMETERS |
CONSENT & TERMS |
AUTHENTICATION & REDIRECTION |
CONFIRMATION |
|
Payerâs first name |
Captured | Â | Â | Â | Â | Â |
|
Payerâs last name |
Captured | Â | Â | Â | Â | Â |
|
Payerâs email address |
Captured | Â | Â | Â | Â | Â |
|
Payerâs bank |
 | Captured |  | Displayed |  |  |
|
Your legal name (and trading name if different to your legal name) |
 |  | Displayed | Displayed |  |
Displayed (optional) |
|
Payment description |
 |  |
Displayed (optional) |
Displayed | Â | Displayed |
|
Payment amount and currency |
 |  | Displayed | Displayed |  | Displayed |
|
GoCardless' name |
 |  |  | Displayed |  |  |
|
Clear consent language |
 |  |  | Displayed |  |  |
|
GoCardlessâ Terms of Use |
 |  |  | Displayed |  |  |
|
Consent button |
 |  |  | Displayed |  |  |
|
Authorisation instructions |
 |  |  |  | Displayed |  |
|
Redirection messaging |
 |  |  |  | Displayed |  |
|
Confirmation of success |
 |  |  |  |  | Displayed |
|
Information about saving payment details |
 |  |  |  |  | Displayed |
| Regulatory status disclosure | Displayed | Displayed | Displayed | Displayed | Â | Displayed |
|
Privacy notice |
Displayed | Displayed | Displayed | Displayed | Â | Displayed |
Â
Â
Â
Â