In order for customers to start making payments via PAD, they will need to complete a Pre-Authorized Debit Agreement. This authorises the merchant to collect future payments from this customer.
With GoCardless, you may offer customers the option to complete the PAD Agreement online or via a paper form. For online setup you must ensure that the pages for submitting this information are compliant as per the scheme rules. We call these payment pages.
GoCardless offers fully compliant payment pages for customers should you wish to use our own. If you are looking for a seamless branding experience, GoCardless Pro enables you to build customisable payment pages and we’ll work with you each step of the way to ensure that all compliance requirements are met.
The following 4 steps will guide you to build perfect payment pages with GoCardless Pro:
- Host your payment pages with HTTPS
- Collect the customer’s details - information entry page including:
- Name of the account holder
- Email address
- Bank account information *
- Financial Institution number (3 digits)
- Branch / Transit number (5 digits)
- Account number (up to 12 digits)
- Make sure your customers are aware that payments are powered by GoCardless in the footer of the page.
- Make sure the details are correct - summary and confirmation page
- Confirm that the Direct Debit Instruction has been set up - setup success page
* Although not mandatory, we recommend showing customers a visual to demonstrate where they can find their bank account details on a cheque, as these may not be familiar to them.
Each section is split into PAD required features and GoCardless recommended features for the best customer experience.
STEP 1: Host your payment pages with HTTPS
Required feature
Configure your website to only accept secure (SSL - minimum of SHA-256 SSL support TLS.1 or TLS1.2) connections to ensure customer details are transmitted securely.
STEP 2: Collect the customer’s details - information entry page
This is the page where you can capture customer information in order to correctly setup the DDR.
Required features
- Heading: Make the page identifiable to customers
- ‘Pre-Authorized Debit Agreement’
- Customer’s details: Include entry points for the account holder’s name, email address, and full bank account details.
- We recommend splitting the account number entry fields into three sections -Financial Institution number (3 digits), Branch/Transit number (5 digits), and Account number (up to 12 digits)
- Merchant contact information e.g. email address, phone number
- GoCardless privacy information (see below)
To comply with data protection law, you must let your customers know about third party data controllers that power your website. You can do this by displaying the text below in your page footer:
Payments by GoCardless. Read the GoCardless privacy notice.
Without that upfront notice, we could both be violating the law. (Read more here)
If that’s not technically possible, at a minimum you should include a reference to GoCardless in your website privacy notice. That text should be as follows:
We use GoCardless to process your Direct Debit payments. More information on how GoCardless processes your personal data and your data protection rights, including your right to object, is available at gocardless.com/legal/privacy/
If you are a GoCardless partner, you must include the ‘Payments by’ notice above on your payment pages, or, at a minimum, enable the merchant to provide a link to their privacy notice at the detail intake stage.
Recommended features
- Initiator (merchant) details: Show merchant contact details, such as address, email and phone number so your customers know exactly how they can get in touch.
- If you are a partner integrating with GoCardless, you can find further information on how to retrieve creditor details here.
STEP 3: Make sure the details are correct - summary and confirmation page
Allow your customers to view and verify the details that they have entered before submission.
Required features
- Heading: Make the page identifiable to customers
- ‘Pre-Authorized Debit Agreement’
- All information captured on the payment page
- Name of account holder
- Email address
- Bank account information
- Date
- Merchant contact information e.g. email address, phone number
- GoCardless privacy information
- Payments by GoCardless. Read our privacy notice
- PDF links: PDF versions of the Mandate PDF.
STEP 4: Confirm that the Direct Debit Request has been set up - Setup success page
Recommended features
- Bank statements: Advise your customers of what name they will see on their bank statement
- Standard users will see ‘GOCARDLESS’.
- Plus and Pro users should show their chosen name.
This table summarises the information that is either required or recommended to include in your payment pages as a GoCardless merchant or partner.
| Payment page | Confirmation page | Agreement PDF | |
|---|---|---|---|
| Title 'Pre-Authorized Debit Agreement' | Displayed | Displayed | Displayed |
| Name of account holder | Captured | Displayed | Displayed |
| Email address | Captured | Displayed | Displayed |
|
Financial Institution number (3 digits) |
Captured | Displayed | Displayed |
| Branch/Transit number (5 digits) | Captured | Displayed | Displayed |
| Account number (up to 12 digits) | Captured | Displayed | Displayed |
| Link to Mandate PDF | - | Displayed (‘View PAD Agreement') | - |
| Date | - | Displayed | Displayed |
| Acceptance of 3 day notification window | - | - | Displayed |