NAV Navbar
Search results for:
    Questions

    Please let us know if you have any questions regarding the guides, references or implementation. We’re here to help!

    Introduction

    Online Payment Platform (OPP) is an end-to-end payment solution with a set of flexible API's designed to support platforms and marketplaces. Allowing a platform to seamlessly onboard new business and consumer merchants enabling them to accept payments on the platform while processing the money in flexible ways to sellers and service providers.

    Usecases:

    Let's get started!

    For each recipient of the money, the partner (platform) is required to create a merchant with OPP. A merchant can be a business or a consumer. Depending on the type of merchant, these have to go through different verifications before they can receive money. It is important to note that transactions can be initiated for a merchant before they are required to finalize any verifications.

    These verifications are required for processing payments because as a Payment Service Provider we are obliged to know to whom payments are made for example to prevent money laundering and the financing of terrorism.

    There are two different ways a partner can create a Merchant:

    API onboarding

    API onboarding allows you to onboard merchants (business or consumer) seamlessly from within your platform environment through API onboarding.

    Advantages
    Disadvantages

    As a partner you can simply create an underlying merchant using the minimal requirements: their emailaddress and phonenumber. Here’s a quick example on how to do that:

    Example Request:
    curl https://api-sandbox.onlinebetaalplatform.nl/v1/merchants \
        -u [apikey]: \
        -d country=nld \
        -d emailaddress=tester@merchant.example.com \
        -d phone=31601234567 \
        -d notify_url=https://platform.example.com/notify
    

    Once a new merchant has been created you will receive a Merchant UID which is the unique identifier for this user. You will need to save the Merchant UID and use it to, amongst other things, create transactions for this merchant.

    How will payouts work for this merchant?

    After creating a merchant, it is immediately possible to start a transaction. Transactions can be created and successfully paid to a merchant of whom only the e-mail address has been verified however funds cannot be paid out to the merchant until they have successfully finished the onboarding process and its compliance requirements.

    Hosted onboarding

    Our hosted onboarding flow is the quickest way to implement the creation of new merchants (business or consumer). It provides a collection of pages where new merchants can verify their bank account and identify themselves.

    Advantages:
    Disadvantages:

    As a partner you simply launch the hosted onboarding flow using the following example:

    Example Request:
    curl https://api-sandbox.onlinebetaalplatform.nl/v1/merchants \
        -u [apikey]: \
        -d country=nld \
        -d emailaddress=tester@merchant.example.com \
        -d phone=31601234567 \
        -d notify_url=https://platform.example.com/notify
    

    Once the registration has been completed, the Merchant UID will be released which is the unique identifier for this user. You will need to save the Merchant UID and use it to, amongst other things, create transactions for this merchant.

    How will payouts work for this merchant?

    Transactions can be created and successfully paid to a merchant once they completed the onboarding flow however funds cannot be paid out to the merchant until they have successfully finished all steps of the onboarding process and its compliance requirements. You can read more about payouts here.

    How will the verification of the e-mail address work?

    Once the merchant completes the onboarding flow OPP sends a verification e-mail to the merchants’ e-mail address.

    Does the hosted onboarding flow work on a mobile device?

    Yes – all our hosted flows have been designed for all common used mobile devices, desktop and screen resolutions.

    Can I adjust the design of the hosted onboarding flow?

    Yes – you can add a logo (of the platform or marketplace). The standard color is blue and the standard logo is the partner name in text.

    Compliance requirements

    A merchant can be a consumer or a business entity and each has its own set of KYC (Know Your Customer) compliance requirements.

    The merchant object contains the ‘compliance’ object. This object contains details on the merchant's current compliance level (1) , compliance status (2) and lists the compliance requirements (3) the merchant should meet to get a verified compliance status. An unverified compliance status results in not being able to receive payouts.

    GET https://api.onlinebetaalplatform.nl/v1/merchants/mer_{uid}

    {
        "uid": "{merchant_uid}",
        "object": "merchant",
        ...
        "compliance": {
            "level": 200, 
            "status": "unverified", 
            
    "requirements": [ { "type": "bank_account.verification.required", "status": "unverified", "object_uid": bnk_1a2b3c4d5e6f, "object_type": "bank_account", "object_url": "https://api-sandbox.onlinebetaalplatform.nl/v1/merchants/...", "object_redirect_url": https://sandbox.onlinebetaalplatform.nl/... } ]
    }, ... }

    Compliance levels

    {
        "uid": "{merchant_uid}",
        "object": "merchant",
        ...
        "compliance": {
            "level": 200,
            "status": "unverified",
            "requirements": [
                {
                    "type": "bank_account.verification.required",
                    "status": "unverified",
                    "object_uid": bnk_1a2b3c4d5e6f,
                    "object_type": "bank_account",
                    "object_url": "https://api-sandbox.onlinebetaalplatform.nl/v1/merchants/...", 
                    "object_redirect_url": https://sandbox.onlinebetaalplatform.nl/...
                }
            ]
        },
        ...
    }
    

    The compliance levels determine which compliance requirements the merchant should meet.

    Compliance levels
    100

    Merchant has been created but does not yet have a linked bank account. Transactions can be created on level 100 but cannot yet be paid out to the merchant.

    200
    Low KYC

    Once the partner creates a bank account object for the merchant the compliance level of the merchant is updated to 200. OPP will review the bank account information provided and once approved the merchant can receive payouts of the money on the bank account.

    Thresholds: the standard thresholds for Level 200 merchants are € 250,- in one transaction or € 1.500,- in lifetime volume. After which the merchant is required to identify itself before payouts can be reactivated. This threshold can be adjusted based on the risk profile and assessment of the platform or marketplace.

    400
    High KYC

    If the merchant passes the threshold the compliance level is updated to 400 is obliged to confirm his or her identity. The merchant can do this by uploading an identity document or by performing a local identification method (such as iDIN or itsme).

    Compliance status

    The compliance status determines whether or not a merchant is able to receive payouts. You may expect the following states:

    Compliance statuses
    Unverified Merchant is unverified and unable to receive payouts. Merchant should meet all unverified ‘compliance requirements’ to get to the ‘verified’ state.
    Pending Merchant compliance status is pending and is unable to receive payouts. OPP is currently reviewing the merchant's updated ‘compliance requirements’.
    Verified Merchant compliance status is verified and is able to receive payouts.

    Compliance requirements

    Each compliance requirement states the compliance requirement type and details of the related object. A merchant can be redirect to object_redirect_url in order to get to the whitelabel OPP page where the required actions will be explained and can be finalized. It is also possible to provide your own redirect URL and seamlessly integrate these compliance requirement steps.

    Compliance requirements
    bank_account.required No bank account available while at least one is required.
    bank_account.verification.required No verified bank account available while at least one verified bank account is required.
    contact.verification.required The merchant must identify itself by uploading an identity document or by performing a local identification method (such as iDIN or itsme).
    ubo.required
    only business merchants
    The merchant has to fill / verify all UBO’s (Ultimate Beneficial Owners).
    ubo.verification.required
    only business merchants
    The merchant has to verify (upload an identification document or local identification method) of an UBO (Ultimate Beneficial Owner).

    API onboarding: Consumer

    Introduction

    As a partner you can use the 4 steps described below to create a consumer merchant and get the merchant fully verified. For example step 4 is only required when the merchant reaches compliance level 400 (High KYC).

    For onboarding a consumer merchant we offer a tiered verification process (Low KYC and High KYC). The standard thresholds for Low KYC merchants are € 250,- in one transaction or € 1.500,- in lifetime volume. If one of these thresholds is reached the consumer is required to identify itself before payouts can be reactivated. The threshold can be adjusted based on the risk profile and assessment of the platform or marketplace.

    In many cases the partner wants the merchant to perform the least amount of actions as possible but in some cases the partner may wish to force the consumer to perform all KYC steps. Both options are possible.

    1. Create a consumer merchant
    2. Create a consumer bank account
    3. Verify consumer bank account
    4. Consumer representative verification (High KYC consumer merchants only)

    1. Create a consumer merchant

    With the example request shown below you can create a consumer merchant. As a partner you will receive the Merchant Object with compliance.level 100 as a response.

    Within the Merchant Object you will also find the Merchant UID, this is the unique identifier of the created merchant and as a partner you will need to save the Merchant UID and use it to, amongst other things, create transactions for this merchant. It is therefore required to store the Merchant UID within your own application.

    The notify_url is the webhook URL used by OPP for notifications of status changes.

    1) Example request:
    curl https://api-sandbox.onlinebetaalplatform.nl/v1/merchants \ 
        -u [apikey]: \

        -d "country=nld" \

        -d "type=consumer" \

        -d "emailaddress=tester@developer.com" \ 
        -d "phone=31612345678" \

        -d "notify_url=https://developer.com/notify" 
    
    2) Example response:
    {
        "uid": "mer_1a2b3c4d5e6f", 
        "object": "merchant", 
        "created": 1487239600, 
        "updated": 1487239600, 
        "status": "pending",
        "compliance": { 
            "level": 100,
            "status": "verified", 
            "requirements": []
        },
        "type": "consumer",
        ...
    }
    

    After the creation of the merchant, it is immediately possible as a partner to create transactions for this merchant. The funds of the paid transactions cannot (yet) be paid out because the merchant does not yet have a linked bank account.

    3) Actions:

    Save the uid in your system; this is the unique identifier of this merchant which you have to use when creating transactions.

    4) Next step(s):

    2. Create a consumer bank account

    With the following request you can create an 'empty' bank account for the merchant. This 'empty' bank account serves as a container that needs to be filled with verified bank account information. The bank account is created with a status of 'new' and needs to be verified by the merchant.

    1) Example request:
    curl https://api-sandbox.onlinebetaalplatform.nl/v1/merchants/{merchant_uid}/bank_accounts \ 
        -u [apikey]: \
        -d "return_url=https://developer.com/return" \
        -d "notify_url=https://developer.com/notify" 
    
    Increased Compliance Level:

    As soon as a bank account has been created for the merchant, the compliance.level of the merchant will immediately be increased to 200. You will receive the merchant.compliance_level.changed notification of this change on the merchant's specified notify_url. Because the level has been increased, you can now also find the bank_acount.verification.required within the Merchant Object. The verification_url is the same URL that is detailed in the compliance requirement.

    2) Example response:
    {
        "uid": "bnk_{uid}",
        "object": "bank_account",
        "created": 1487242600,
        "updated": 1487242600,
        "verified": false,
        "verification_url": "https://onlinebetaalplatform.nl/nl/7a8d3c...", 
        "status": "new",
        "account": {},
        "reference": null,
        "return_url": "https://developer.com/return", 
        "notify_url": "https://developer.com/notify", 
        "is_default": true,
        "payment_details": null
    }
    

    3) Actions:

    4) Next step(s):

    3. Verify consumer bank account

    In the previous step we created an 'empty' bank account for the consumer merchant. To link and verify the bank details you could
    (a) forward the merchant to the verification_url, this is a white-label page of OPP or
    (b) seamlessly redirect the merchant directly to the bank.

    1a) Verify the bank account by redirecting the merchant to the white-label page:

    OPP will send a notification right after the verification took place. The compliance requirement bank_account.verification.required and the bank account status will be pending until OPP has performed a compliance check.

    1b) Verify bank seamlessly by redirecting merchant directly to bank / payment method:

    Additional parameters
    payment_method one of ideal or bcmc
    issuer required if payment_method is ideal, one of the SWIFT codes of the iDEAL issuers list.
    https://onlinebetaalplatform.nl/nl/{partner}/merchants/mer_{uid}/
        verificatie/bankgegevens/
        bnk_{uid}/{hash}?payment_method=ideal&issuer=INGBNL2A
    

    OPP will send a notification right after the verification took place. The compliance requirement bank_account.verification.required and the bank account status will be pending until OPP has performed a compliance check.

    2) Process of the approval OR disapproval

    The compliance team of OPP checks all new or updated verifications within 24 hours on working days and will either approve or disapprove the verification. Notifications are sent as soon as OPP has approved or disapproved the bank account.

    Approved:

    The bank account information has been approved and has received the status approved. The compliance requirement bank_account.verification.required has received the status verified and will no longer be visible within the merchant.compliance.requirements.

    Sent notifications
    merchant.compliance_requirement.status.changed
    status pending > verified
    bank_account.status.changed
    status pending > approved

    If the merchant has no other unverified or pending compliance.requirements, then merchant's compliance.status shall be updated from pending to verified. This change in status will also be sent by the following notification merchant.compliance_status.changed.

    - OR -

    Disapproved:

    The bank account information has been disapproved and has received the status disapproved. The compliance requirement bank_account.verification.required has received the status unverified. Merchant is required to verify its bank details again, see step 1.

    Sent notifications
    merchant.compliance_requirement.status.changed
    status pending > unverified
    bank_account.status.changed
    status pending > disapproved

    If the merchant's compliance.status was pending, this will be changed to unverified. This change in status will also be sent by the following notification merchant.compliance_status.changed.

    3) Next step(s):

    4. Consumer representative verification

    Once the compliance.level of the merchant has reached 400 an additional personal verification is required. The consumer must then confirm his or her identity. Within the Merchant Object you will find the compliance requirement contact.verification.required.

    You can
    (a) redirect the merchant to the white-label object_redirect_url. On this white-label page the merchant can upload a copy of his or her ID/Passport/Drivers License or use a local identification method (such as iDIN or itsme). Alternatively you can
    (b) verify the identification seamlessly by redirecting directly to a local identification method (such as iDIN or itsme).

    {
        "uid": "{merchant_uid}",
        "object": "merchant",
        ...
        "compliance": {
            "level": 400, 
            "status": "unverified",
            "requirements": [
            {
        "type": "contact.verification.required",
        "status": "unverified",
        "object_uid": bnk_1a2b3c4d5e6f,
        "object_type": "contact",
        "object_url": "https://api-sandbox.onlinebetaalplatform.nl/v1/merchants/...", 
        "object_redirect_url": https://sandbox.onlinebetaalplatform.nl/...
    }
            ]
        },
        ...
    }
    

    1a) Redirect merchant to white-label verification page:

    OPP will send a notification immediately after the identification took place. The compliance.requirement contact.verification.required and the contact status will be pending until OPP performed a compliance check.

    1b) Seamlessly identify merchant by redirecting directly to a local idenfication method:

    Additional parameters
    verification_type idin
    issuer required if verification_type is idin, one of the SWIFT codes of the iDIN issuers list.
    https://onlinebetaalplatform.nl/nl/{partner}/merchants/mer_{uid}/
        verificatie/contactgegevens
        /con_{uid}/{hash}?verification_type=idin&issuer=INGBNL2A
    

    OPP will send a notification immediately after the identification took place. The compliance.requirement contact.verification.required and the contact status will be pending until OPP performed a compliance check.

    2) Process of the approval OR disapproval

    The compliance team of OPP checks all new or updated verifications within 24 hours on working days and will either approve or disapprove the verification. Notifications are sent as soon as OPP has approved or disapproved the identification.

    Approved:

    The identification has been approved and has received the status verified. The compliance requirement contact.verification.required has been updated with the status verified and is no longer visible within the merchant.compliance.requirements.

    Sent notifications
    merchant.compliance_requirement.status.changed
    status pending > verified
    contact.status.changed
    status pending > verified

    If the merchant has no other unverified or pending compliance.requirements, merchant's compliance.status will be updated from pending to verified. This change in status will also be sent by the following notification merchant.compliance_status.changed.

    - OR -

    Disapproved:

    The identification has been disapproved and has received the status unverified. The compliance requirement contact.verification.required has been updated with the status unverified. The merchant is required to identify itself again, see step 1.

    Sent notifications
    merchant.compliance_requirement.status.changed
    status pending > unverified
    contact.status.changed
    status pending > unverified

    If the merchant's compliance.status was pending, this will be updated to unverified. This change in status will also be sent by the following notification merchant.compliance_status.changed.

    3) Next step(s):

    The merchant is now fully verified. No additional verifications are required.

    Verifying a bank account by transaction

    OPP also supports the ability to verify a merchant's bank account when the merchant itself completes a transaction to another merchant.

    If the merchant does not yet exist, create a merchant and an 'empty' bank account for this merchant first using the regular API. This allows you to set the right notify_url and other details. Do note that you do not have to redirect merchant to the bank_account verification_url.

    You may pass this new merchant's uid as a parameter to the Create Transaction API call using parameter verification_merchant_uid to verify the bank account via this transaction.

    1) Example Request:
    curl https://api-sandbox.onlinebetaalplatform.nl/v1/transactions \ 
        -u [api_key] \
        -d merchant_uid=mer_{uid} \
        -d "products[0][name]=Verification 12345" \
        -d products[0][price]=10 \
        -d products[0][quantity]=1 \
        -d total_price=10 \
        -d "return_url=https://partner.dev/return/" \
        -d "notify_url=https://partner.dev/notify/" \
        -d "metadata[external_id]=12345" \
        -d checkout=false \
        -d payment_flow=direct \
        -d verification_merchant_uid=mer_{uid}
    

    The bank account will stay in a new state if this transaction is not successfully completed and will change to state pending if transaction is successfully completed, just like the regular bank account verification flow. Once the bank account is verified by OPP, the state will change to approved or disapproved.

    We will update the relevant compliance_requirement object(s) and send notifications for all changes in merchant's bank account.

    API onboarding: Business

    Introduction

    As a partner you can create a business merchant using the 5 steps described below. A business merchant must complete the High KYC. (unlike consumer merchants)

    1. Create a business merchant
    2. Add a business bank account
    3. Verify business bank account
    4. Business representative verification
    5. UBO (Ultimate Beneficial Owner) verification (not required in all cases)

    1. Create a business merchant

    With the example request shown below you can create a business merchant. As a partner you will receive the Merchant Object with compliance.level 400 as a response.

    Within the Merchant Object you will also find the Merchant UID, this is the unique identifier of the created merchant and as a partner you will need to save the Merchant UID and use it to, amongst other things, create transactions for this merchant. It is therefore required to store the Merchant UID within your own application.

    The notify_url is the webhook URL used by OPP for notifications of status changes.

    1) Example request:
    curl https://api-sandbox.onlinebetaalplatform.nl/v1/merchants \ 
        -u [apikey]: \

        -d "country=nld" \

        -d "type=business" \

        -d "coc_nr=12345678" \
        -d "emailaddress=tester@developer.com" \ 
        -d "phone=31612345678" \

        -d "notify_url=https://developer.com/notify" 
    
    2) Example response:
    {
        "uid": "mer_1a2b3c4d5e6f", 
        "object": "merchant", 
        "created": 1487239600, 
        "updated": 1487239600, 
        "status": "pending",
        "compliance": { 
            "level": 400,
            "status": "unverified", 
            "requirements": [
            {
        "type": "bank_account.required",
        "status": "unverified",
        "object_uid": null,
        "object_type": "bank_account",
        "object_url": "https://api-sandbox.onlinebetaalplatform.nl/v1/merchants/mer_1a2b...", 
        "object_redirect_url": null
    },
            {
        "type": "contact.verification.required", 
        "status": "unverified",
        "object_uid": "con_1e9b99369d4f", 
        "object_type": "contact",
        "object_url": "https://api-sandbox.onlinebetaalplatform.nl/v1/merchants/mer_1a2b...",
        "object_redirect_url": "https://sandbox.onlinebetaalplatform.nl/nl/{partner_name}/..."
    } 
        ]},
        "type": "business",
        ...
    }
    

    After the creation of the business merchant it is immediately possible as a partner to create transactions for this merchant. The funds of the paid transactions cannot (yet) be paid out because the merchant has 2 outstanding compliance requirements:

    1. Create and verify bank account
    2. Verify the identity of the representative of the business

    The merchant must meet these 2 outstanding compliance requirements in order to receive the funds from transactions.

    3) Actions:

    4) Next step(s):

    2. Add a business bank account

    With the following request you can create an 'empty' bank account for the business merchant. This 'empty' bank account serves as a container that needs to be filled with verified bank account information. The bank account has status new after it has been created and needs to be verified by the merchant.

    1) Example Request:
    curl https://api-sandbox.onlinebetaalplatform.nl/v1/merchants/{merchant_uid}/bank_accounts \ 
        -u [apikey]: \
        -d "return_url=https://developer.com/return" \
        -d "notify_url=https://developer.com/notify" 
    
    
    2) Example response:
    {
        "uid": "bnk_{uid}",
        "object": "bank_account",
        "created": 1487242600,
        "updated": 1487242600,
        "verified": false,
        "verification_url": "https://onlinebetaalplatform.nl/nl/7a8d3c...", 
        "status": "new",
        "account": {},
        "reference": null,
        "return_url": "https://developer.com/return", 
        "notify_url": "https://developer.com/notify", 
        "is_default": true,
        "payment_details": null
    }
    

    As soon as a bank account has been created for the business merchant compliance requirement bank_account.required will be completed and will no longer be visible within the Merchant Object. A new compliance requirement bank_account.verification.required has been created, because the merchant has to verify and link the bank details.

    3) Actions:

    4) Next step(s):

    3. Verify a business bank account

    In the previous step we created an 'empty' bank account for the business merchant. To link and verify the bank details you could
    (a) forward the merchant to the verification_url, this is a white-label page of OPP or
    (b) seamlessly redirect the merchant directly to the bank.

    1a) Verify the bank account by redirecting the merchant to the white-label page:

    OPP will send a notification right after the verification took place. The compliance requirement bank_account.verification.required and the bank account status will be pending until OPP has performed a compliance check.

    1b) Verify bank seamlessly by redirecting merchant directly to bank / payment method:

    Additional parameters
    payment_method one of ideal or bcmc
    issuer required if payment_method is ideal, one of the SWIFT codes of the iDEAL issuers list
    https://onlinebetaalplatform.nl/nl/{partner}/merchants/mer_{uid}/verificatie/bankgegevens
        /bnk_{uid}/{hash}?payment_method=ideal&issuer=INGBNL2A
    

    OPP will send a notification right after the verification took place. The compliance requirement bank_account.verification.required and the bank account status will be pending until OPP has performed a compliance check.

    2) Process of the approval OR disapproval

    The compliance team of OPP checks all new or updated verifications within 24 hours on working days and will either approve or disapprove the verification. Notifications are sent as soon as OPP has approved or disapproved the bank account.

    Approved:

    The bank account information has been approved and has received the status approved. The compliance requirement bank_account.verification.required has received the status verified and will no longer be visible within the merchant.compliance.requirements.

    Sent notifications
    merchant.compliance_requirement.status.changed
    status pending > verified
    bank_account.status.changed
    status pending > approved

    If the merchant has no other unverified or pending compliance.requirements, then merchant's compliance.status shall be updated from pending to verified. This change in status will also be sent by the following notification merchant.compliance_status.changed.

    - OR -

    Disapproved:

    The bank account information has been disapproved and has received the status disapproved. The compliance requirement bank_account.verification.required has received the status unverified. Merchant is required to verify its bank details again, see step 1.

    Sent notifications
    merchant.compliance_requirement.status.changed
    status pending > unverified
    bank_account.status.changed
    status pending > disapproved

    If the merchant's compliance.status was pending, this will be changed to unverified. This change in status will also be sent by the following notification merchant.compliance_status.changed.

    3) Next step(s):

    4. Business representative verification

    Within the Merchant Object you will find the compliance requirement contact.verification.required. The representative of the business is required to identify him or herself.

    You can
    (a) redirect the merchant to the white-label object_redirect_url. On this white-label page the merchant can upload a copy of his or her ID/Passport/Drivers License or use a local identification method (such as iDIN or itsme). Alternatively you can
    (b) verify the identification seamlessly by redirecting directly to a local identification method (such as iDIN or itsme).

    {
        "uid": "{merchant_uid}",
        "object": "merchant",
        ...
        "compliance": {
            "level": 400, 
            "status": "unverified",
            "requirements": [
                {
        "type": "contact.verification.required",
        "status": "unverified",
        "object_uid": bnk_1a2b3c4d5e6f,
        "object_type": "contact",
        "object_url": "https://api-sandbox.onlinebetaalplatform.nl/v1/merchants/...", 
        "object_redirect_url": https://sandbox.onlinebetaalplatform.nl/...
    }
            ]
        },
        ...
    }
    

    1a) Redirect merchant to white-label verification page:

    OPP will send a notification immediately after the identification took place. The compliance.requirement contact.verification.required and the contact status will be pending until OPP performed a compliance check.

    1b) Seamlessly identify merchant by redirecting directly to a local idenfication method:

    Additional parameters
    verification_type idin
    issuer required if verification_type is idin, one of the SWIFT codes of the iDEAL issuers list
    https://onlinebetaalplatform.nl/nl/{partner}/merchants/mer_{uid}/verificatie/contactgegevens
    /con_{uid}/{hash}?verification_type=idin&issuer=INGBNL2A
    

    OPP will send a notification immediately after the identification took place. The compliance.requirement contact.verification.required and the contact status will be pending until OPP performed a compliance check.

    {
        "uid": "{merchant_uid}",
        "object": "merchant",
        ...
        "compliance": {
            "level": 400, 
            "status": "unverified",
            "requirements": [
                {
        "type": "contact.verification.required",
        "status": "unverified",
        "object_uid": bnk_1a2b3c4d5e6f,
        "object_type": "contact",
        "object_url": "https://api-sandbox.onlinebetaalplatform.nl/v1/merchants/...", 
        "object_redirect_url": https://sandbox.onlinebetaalplatform.nl/...
    }
            ]
        },
        ...
    }
    

    2) Process of the approval OR disapproval

    The compliance team of OPP checks all new or updated verifications within 24 hours on working days and will either approve or disapprove the verification. Notifications are sent as soon as OPP has approved or disapproved the identification.

    Approved:

    The identification has been approved and has received the status verified. The compliance requirement contact.verification.required has been updated with the status verified and is no longer visible within the merchant.compliance.requirements.

    Sent notifications
    merchant.compliance_requirement.status.changed
    status pending > verified
    contact.status.changed
    status pending > verified

    If the merchant has no other unverified or pending compliance.requirements, merchant's compliance.status will be updated from pending to verified. This change in status will also be sent by the following notification merchant.compliance_status.changed.

    - OR -

    Disapproved:

    The identification has been disapproved and has received the status unverified. The compliance requirement contact.verification.required has been updated with the status unverified. The merchant is required to identify itself again, see step 1.

    Sent notifications
    merchant.compliance_requirement.status.changed
    status pending > unverified
    contact.status.changed
    status pending > unverified

    If the merchant's compliance.status was pending, this will be changed to unverified. This change in status will also be sent by the following notification merchant.compliance_status.changed.

    3) Next step(s):

    The merchant is now fully verified. No additional verifications are required. You can see this in the Merchant Object where there will be no unverified compliance requirements left.

    {
        "uid": "{merchant_uid}",
        "object": "merchant",
        ...
        "compliance": {
            "level": 400,
            "status": "verified",
            "requirements": []
        },
        ...
    }
    

    5. UBO (Ultimate Beneficial Owner) verification

    OPP is obliged to trace all Ultimate Beneficial Owners (UBO) of a business entity. Legal business entities such as a B.V., GmbH or BVBA may have more than one UBO. When checking the business verifications, OPP determines whether the UBO verification is required. This verification is therefore never directly required when creating the merchant.

    An UBO is a natural person that has at least one of the following:

    If UBO verification is required and a compliance requirement is created, merchant has to complete the UBO form via the provided object_redirect_url in the compliance requirement with type ubo.verification.required.

    1) Notification when UBO verification required:

    OPP will sent the following notifications when the UBO verification is required:

    Sent notifications
    merchant.compliance_status.changed
    status pending/verified > unverified

    Within the Merchant Object the compliance requirement ubo.verification.required is available.

    {
        "uid": "{merchant_uid}",
        "object": "merchant",
        ...
        "compliance": {
            "level": 400,
            "status": "unverified",
            "requirements": [
                {
        "type": "ubo.verification.required",
        "status": "unverified",
        "object_uid": ubo_1a2b3c4d5e6f,
        "object_type": "contact",
        "object_url": "https://api-sandbox.onlinebetaalplatform.nl/v1/merchants/...", 
        "object_redirect_url": https://sandbox.onlinebetaalplatform.nl/...
    }
            ]
        },
        ...
    }
    

    2) Actions:

    3) Process of the approval OR disapproval

    The compliance team of OPP checks all new or updated verifications within 24 hours on working days and will either approve or disapprove the verification. Notifications are sent as soon as OPP has approved or disapproved the identification.

    Hosted onboarding

    Introduction

    Our hosted onboarding flow is the quickest way to implement the creation of new merchants (business or consumer). It provides a collection of pages where new merchants can verify their bank account and identify themselves.

    Once a signup has been completed you will receive a Merchant UID, this is the unique identifier of the created merchant and as a partner you will need to save the Merchant UID and use it to, amongst other things, create transactions for this merchant.

    Signup statuses
    created Partner has created the signup request; no activity was found (redirect_url was never followed)
    pending Merchant has started signup process
    expired Merchant has not finished the signup process within 5 days
    completed Signup process is completed and merchant has been created and can start transactions. From this point the merchant_uid will be available in the Signup Object

    1. Create a Signup

    With the request below it is possible to create a hosted registration for a merchant. In case the merchant is a business use business as type, in case the merchant is a consumer use consumer as type.

    As soon as a registration is created, you will receive a Signup Object. This is the object of this registration and also contains the redirect_url. This is the URL where the user should be redirected to.

    If the registration is not completed within 5 days then the signup status will be expired.

    1) Example Request:
    curl https://api-sandbox.onlinebetaalplatform.nl/v1/signups \ 
        -u [apikey] \
        -d type=business\
        -d "return_url=https://developer.com/return" \
        -d "notify_url=https://developer.com/notify" \
        -d metadata[external_id]=123456789
    
    2) Example Response:
    {
        "uid": "sgn_1a2b3c4d5e6f7g8h",
        "object": "signup",
        "status": "created",
        "created": 1459858653,
        "updated": 1459858653,
        "completed": null,
        "merchant_uid": null,
        "return_url": "https://developer.com/return",
        "redirect_url": "https://sandbox.onlinebetaalplatform.nl/nl/sgn_1a2b...", 
        "notify_url": "https://developer.com/notify", 
        "metadata": [
        {
            "key": "external_id", 
            "value": "123456789"
        }]
    }
    

    3) Actions:

    4) Next step(s):

    2. Redirect the user

    The Signup has been created and the user should now be redirected to the redirect_url.

    {
        "uid": "sgn_1a2b3c4d5e6f7g8h",
        "object": "signup",
        ...
        "redirect_url": "https://sandbox.onlinebetaalplatform.nl/nl/sgn_1a2b...",
        ...
    }
    

    1) Actions

    As soon as the merchant has been redirected to the redirect_url the merchant must finish the registration. Once the merchant has started the process, a notification is sent to the notify_url because the signup status is updated to pending.

    Sent notifications
    signup.status.changed
    status created > pending

    2) Type business or consumer:

    Below you will find additional information that you can use during the registration process.

    Extra information for type business:

    We allow all kinds of (duplicate) CoC numbers and generate dummy company details for all numbers. This allows for easy testing without the need of (re)entering valid CoC numbers.

    To test certain flows, you may use the following magic CoC numbers:

    First 3 numbers Description

    999******

    Forces a different flow which requires merchant to fill in a form to complete his business details. This is usually the case for foreign CoC number or when a CoC number cannot be checked automatically.

    - OR -

    Extra information for type consumer:

    For SMS verification use the code 12345

    3) Next step(s):

    3.1 Signup completed

    Once the signup has been completed you will receive a notification and the merchant will be returned to the redirect_url.

    Sent notifications
    signup.status.changed
    status pending > completed

    Based on the notification you will have to retrieve the signup through API. In the response you will find the merchant_uid which you have to save into your system.

    1) Example Request:
    curl https://api-sandbox.onlinebetaalplatform.nl/v1/signups/sgn_1a2b3c4d5e6f7g8h \ 
        -u [apikey] 
    
    2) Example Response:
    {
        "uid": "sgn_1a2b3c4d5e6f7g8h",
        "object": "signup",
        "status": "completed",
        "created": 1459858653,
        "updated": 1459858653,
        "completed": 1459859126,
        "merchant_uid": mer_1a2b3c4d5e6f7g8h,
        "return_url": "https://return.url",
        "redirect_url": "https://sandbox.onlinebetaalplatform.nl/nl/sgn_1a2b...", 
        "notify_url": "https://notify.url", 
        "metadata": [
        {
            "key": "external_id", 
            "value": "123456789"
        }]
    }
    

    3) Actions:

    4) Next step(s):

    There are no further steps.

    3.2 Signup expired

    The signup will be expired when the registration was not completed within 5 days and you have to create a new signup.

    Sent notifications
    signup.status.changed
    status created > expired

    Based on the notification you will have to retrieve the signup through API to determine the status change. In the response you will find the status is expired.

    1) Example Request:
    curl https://api-sandbox.onlinebetaalplatform.nl/v1/signups/sgn_1a2b3c4d5e6f7g8h \ 
        -u [apikey] 
    
    2) Example Response:
    {
        "uid": "sgn_1a2b3c4d5e6f7g8h",
        "object": "signup",
        "status": "expired",
        "created": 1459858653,
        "updated": 1459858653,
        "completed": null,
        "merchant_uid": null,
        "return_url": "https://return.url",
        "redirect_url": "https://sandbox.onlinebetaalplatform.nl/nl/sgn_1a2b...", 
        "notify_url": "https://notify.url", 
        "metadata": [
        {
            "key": "external_id", 
            "value": "123456789"
        }]
    }
    

    3) Actions: