At Swan, Consent is built-in. This is quite special, because other BaaS' have their clients do it themselves. Setting up consent can be a real bother...We are happy to take it off your hands.


Some operations at Swan, such as initiating a payment, are sensitive and require user consent. This is obtained by sending a text message to the user. The user then consents via the web browser.
To protect the user and comply with legal requirements, consent can be given through a Strong Customer Authentication.

Strong Customer Authentication

Strong Customer Authentication (SCA) is a requirement of the EU Revised Directive on Payment Services (PSD2) to payment service providers within the European Economic Area. The requirement ensures that electronic payments are performed with multi-factor authentication, to increase the security of electronic payments.
When a Strong Customer Authentication is necessary, when giving consent on a smartphone, the user must enter his 6-digit security passcode or use FaceID / TouchID when available.
Example of FaceID used to validate a transfer

Sensitive operations

If you want to perform sensitive operations by API, you must call our API while authentified with a User Access Token. Learn More.
The following mutations concern sensitive operations, and could require consent: