PSD2/PSR compliance

When choosing a bank application as a payment method, users are required to explicitly provide consent for each transaction. This consent authorizes the payment and grants access to their account details.

Upon selecting the bank app as their preferred payment method, users are redirected to the Crassula interface, which adapts to either Web or Mobile format based on the device being used. To authorize the transaction, users must consent specifically to the transaction in question. The interface displays essential transaction details, including the amount, payee, and date. For secure consent provision, users are prompted to complete a Two-Factor Authentication (2FA) process, in line with the 2FA method they have selected.

After successfully completing the 2FA, the user's consent is recorded, allowing the bank provider to process the payment. This process securely transfers funds from the user's account to the e-commerce retailer.

Please be aware that the consent token expires in 90 days after its creation.

Users will receive a notification from their bank provider confirming the transaction's completion. They are then redirected back to the e-commerce website, which updates the status of the user’s order to reflect the successful payment.

To manage provided consents, see the Consent management section.