Bank rails and cards on the same integration
SEPA Direct Debit, Bacs, ACH, PIX, Open Banking and Sofort share the same authorisation endpoint as card. The merchant's checkout code doesn't fork per rail; the buyer just picks the method they prefer.
Bank rails · account-to-account
SEPA, Bacs, ACH, UK Open Banking, PIX, PayID, iDEAL, Bancontact and Sofort behind the same unified integration as card — with per-scheme mandate handling, vault tokens for reuse, and one reconciliation feed across rails.
Key benefits
Four properties that show up as soon as bank rails stop sitting inside a separate billing stack and start running through the same orchestration layer as card.
SEPA Direct Debit, Bacs, ACH, PIX, Open Banking and Sofort share the same authorisation endpoint as card. The merchant's checkout code doesn't fork per rail; the buyer just picks the method they prefer.
Bank-rail methods bypass card-scheme interchange. For high-ticket B2B, recurring debits and geo-specific rails (PIX, iDEAL, Bancontact) the landed cost drops noticeably against card equivalents.
SEPA Instant, PIX and PayID land in seconds rather than the T+1 to T+3 card cycle. The reconciliation feed tags each row with its rail, so finance sees settlement timing per method at a glance.
NACHA (US), SEPA (EU) and Bacs (UK) mandate handling is platform-side. The merchant captures the mandate once through the hosted surface; topropay retains the evidence and travels the mandate ID with every debit.
How an internet banking payment gateway works
What actually happens between the buyer picking a bank-rail method and the settled row landing in the merchant's reconciliation feed.
Hosted checkout or embedded fields render the per-market bank-rail list: SEPA / iDEAL / Bancontact / Sofort in the EU, Bacs / Open Banking in the UK, ACH in the US, PIX in Brazil, PayID in Australia.
The buyer authenticates with their bank (redirect or embedded consent, per rail rules). Open Banking uses PSD2 SCA; ACH captures the mandate up front; PIX generates a QR or copy-paste key.
topropay's connectors speak each rail's native protocol — ISO 20022 for SEPA, NACHA for ACH, OBIE for UK Open Banking, PIX for the Brazilian instant rail — with the same API-shape returned to the merchant.
Signed webhooks fire for authorisation, settlement, return / R-code, and dispute events. Each event carries the rail identifier and the vault token for the buyer's mandate or account credential.
Settlements from every bank-rail provider normalise into one reconciliation feed alongside card. Rows are tagged with rail, currency, mandate ID and net-of-fees amount for finance.
Main use cases
Six recurring merchant shapes where bank rails materially change the economics or the buyer experience versus card-only acceptance.
Enterprise counterparties pay by SEPA Direct Debit or ACH rather than card, avoiding interchange on high-ticket amounts. Mandate posture is captured once, travelled with every renewal.
SEPA SDD on EU customers, ACH on US customers, card on rest-of-world — all through the same recurring engine with retries R-code-aware per rail.
Dutch, Belgian and German buyers get their preferred bank-rail method on the same checkout as cards. Rail choice is dashboard-tunable per country.
Brazilian and Australian merchants surface PIX and PayID / OSKO as the default method for their local buyers, with settlement in seconds and no chargeback overhead.
Marketplace payouts land on seller bank accounts through the same bank-rail infrastructure — buyers pay in, sellers cash out, one ledger across both legs.
UK Open Banking rails return a bank-native consent flow with no card details — one-tap authentication in the buyer's banking app, immediate settlement, no PAN exposure at all.
Platform features
Twelve capabilities the platform ships once and reuses across every connected bank rail — the primitives that make SEPA, ACH, Open Banking and Sofort feel like one product.
One REST contract for card, SEPA, Bacs, ACH, Open Banking, Sofort, PIX and other bank-rail methods.
Hosted checkout that renders the correct bank-rail method list per buyer market and language.
Where 'net banking' is the local term (India, Southeast Asia via partners), the gateway surfaces regional bank-rail methods.
Sofort surfaced on the same hosted checkout as card, iDEAL and Bancontact for German-speaking market coverage.
Credit transfers, instant credit transfers and Direct Debits under the same SEPA scheme rules and PSD2 framework.
Bacs Direct Debit and OBIE-compliant Open Banking flows on UK merchant records.
ACH debits, credits, same-day and recurring with R-code-aware retries and NACHA mandate handling.
Brazil (PIX) and Australia (PayID / OSKO) instant-settlement account-to-account rails through partner connectivity.
Netherlands, Belgium and Germany (plus Austria) bank-rail methods on the same EU-market checkout.
Each account credential or mandate is a vault token reusable for renewal, refund, or one-tap-repeat authorisation.
Bank-rail settlements normalise into the same ledger as card, tagged by rail, currency and mandate ID.
SEPA chargebacks, ACH returns (R01–R99), Bacs Direct Debit indemnity claims — one queue with per-scheme evidence-pack templates.
Industry relevance
topropay's bank-rail posture targets licensed merchants operating across Europe, the UK, APAC and LATAM. Bank rails are typically the dominant method by buyer preference in NL / BE / DE / BR / AU markets and by cost preference for high-ticket B2B and recurring billing everywhere.
Trust & compliance
One audited environment underpins the orchestration layer; scheme-side licences and participant relationships sit with connected partner providers. Sub-merchants inherit the posture per rail.
Ready to bring bank rails on
A 30-minute rails review covers the bank-rail methods relevant to your geographies, the mandate posture for SEPA / ACH / Bacs, the Open Banking connectivity for UK and EU markets, and a sandbox you can test against before any commercial commitment.
Frequently asked
Definitions, per-rail authentication mechanics, settlement timing, return / R-code handling and the practicalities of running bank rails alongside card on one orchestration API.
Banking payment systems on topropay is the account-to-account side of the platform's rails catalogue: SEPA (SCT, SCT Instant, SDD), Bacs, UK Open Banking, ACH, PIX, PayID / OSKO, iDEAL, Bancontact and Sofort. These sit alongside card scheme acceptance behind the same unified API and reconcile into the same ledger.
A banking payment gateway carries account-to-account authorisations rather than card scheme messages. Instead of ISO 8583 to Visa / Mastercard, the platform speaks ISO 20022 to SEPA CSMs, NACHA to ACH operators, OBIE APIs to UK Open Banking providers and PIX RPCs to the Brazilian central bank rail. The merchant integrates one API; topropay handles the per-rail message exchange.
Some internet banking payment gateway flows redirect the buyer to their bank's website or banking app for authentication (Sofort, iDEAL, most Open Banking flows). Others use an embedded consent widget (some Open Banking providers). SEPA SDD and ACH don't need per-transaction bank authentication once the mandate is captured — the platform debits against the stored mandate.
Where 'net banking' is the buyer's local term for account-to-account payment (typical in India and parts of Southeast Asia), topropay surfaces those methods through licensed partner gateways. Indian net banking, UPI and RuPay are delivered via licensed partner PA / RBI-authorised gateways; topropay does not hold a direct RBI Payment Aggregator licence.
Sofort banking payment is delivered via the Sofort / Klarna Direct Bank Transfer connector. The buyer selects Sofort on the checkout, is redirected to a Sofort-hosted authorisation surface where they authenticate with their bank credentials, and topropay receives a settled event that lands in the merchant's ledger alongside card and other bank-rail receipts.
SEPA Instant Credit Transfer (SCT Inst), PIX (Brazil), and PayID / OSKO (Australia via NPP) settle in seconds when both banks are participants. SEPA regular SCT and Direct Debit follow the SEPA calendar. Bacs Direct Debit runs a three-day cycle. ACH standard is 1–3 business days; same-day ACH lands the same day where supported.
ACH debits can return with an R-code (R01 insufficient funds, R02 account closed, R03 no account, R04 invalid account, and dozens more). topropay's retry policy is R-code-aware — soft returns (R01) can retry per NACHA rules; hard returns (R03, R04, R08) block the mandate from further attempts and surface to the merchant for follow-up.
SEPA SDD gives the payer an 8-week unconditional refund right and a 13-month challenge window for unauthorised debits. topropay's unified dispute queue surfaces these as they arrive from the SEPA CSM, with per-scheme evidence-pack templates the merchant can use to respond within the SEPA scheme's response windows.
Yes — bank-rail methods don't ride the card schemes so they don't attract Visa / Mastercard interchange. The trade-offs are per-rail: SEPA SDD has scheme fees but no interchange; Open Banking rails charge a per-transaction fee; PIX in Brazil is fee-free for consumers. Effective landed cost depends on volume, geography and per-rail pricing.
Yes. The recurring engine on topropay handles card-on-file recurring and bank-rail recurring (SEPA SDD, recurring ACH) through the same primitives — cycle scheduling, retries, updaters (for card) and mandate-refresh (for bank rails). The merchant doesn't fork billing per method.
Card authorisations use EMV 3DS2 selectively per PSD2 exemption logic. UK / EU Open Banking rails enforce PSD2 SCA at the bank. SEPA SDD relies on the captured mandate rather than per-transaction SCA. ACH captures a mandate at first debit; subsequent debits don't require per-transaction authentication under NACHA rules.
Every bank rail has a scheme-specific dispute mechanism: SEPA has the 8-week / 13-month refund rights, Bacs has the Direct Debit Guarantee, ACH has the R-code returns, Open Banking payments are generally push-authorised and don't carry unilateral chargeback rights, PIX has a MED (mecanismo especial de devolução) window for fraud cases only.
Yes — bank-rail methods don't handle card PAN so they sit outside PCI scope entirely. The merchant's PCI scope is driven by the card side of the surface; moving a portion of traffic to bank rails reduces the PCI burden for that portion of volume.
Bank rails dominate in the Netherlands (iDEAL is ~60%+ of e-commerce volume), Belgium (Bancontact), Germany (Sofort / Giropay), Brazil (PIX has surpassed most cards for online), the UK (Open Banking rising for high-value transactions), and increasingly Australia (PayID / OSKO on NPP). The US mixes ACH strongly for B2B.
Because the bank-rail catalogue rides the same unified API as card, merchants who are already live on topropay can add bank-rail methods as a dashboard toggle — no re-integration. Merchants integrating from scratch reach a live bank-rail method inside 1–3 weeks depending on KYB depth and mandate-side documentation.
Related