Search…
Consent
At Swan, Consent is built-in. This is quite special, because other BaaS' have their clients do it themselves. Setting up consent can be a real bother...We are happy to take it off your hands.

Definition

Some operations at Swan, such as initiating a payment, are sensitive and require user consent. This is obtained by sending a text message to the user. The user then consents via the web browser.
To protect the user and comply with legal requirements, consent can be given through a Strong Customer Authentication.

Strong Customer Authentication

Strong Customer Authentication (SCA) is a requirement of the EU Revised Directive on Payment Services (PSD2) to payment service providers within the European Economic Area. The requirement ensures that electronic payments are performed with multi-factor authentication, to increase the security of electronic payments.
When a Strong Customer Authentication is necessary, when giving consent on a smartphone, the user must enter his 6-digit security passcode or use FaceID / TouchID when available.
Example of FaceID used to validate a transfer

Sensitive operations

If you want to perform sensitive operations by API, you must call our API while authentified with a User Access Token. Learn More.
The following mutations concern sensitive operations, and could require consent:
  • activatePhysicalCard
  • addAccountMembership
  • addAccountMemberships
  • addCard
  • addCards
  • addCardsWithGroupDelivery
  • addDigitalCard
  • addDirectDebitFundingSource
  • addReceivedSepaDirectDebitB2bMandate
  • addSingleUseVirtualCard
  • addSingleUseVirtualCards
  • closeAccount
  • enableReceivedDirectDebitMandate
  • initiateCreditTransfers
  • initiateFundingRequest
  • printPhysicalCard
  • refund
  • resumeAccountMembership
  • resumePhysicalCard
  • scheduleStandingOrder
  • updateAccountMembership
  • updateCard
  • updateReceivedSepaDirectDebitB2bMandate
  • viewCardNumbers
  • viewPhysicalCardPin
​