SEPA Direct Debit Payments with Sources
Use Sources to accept payments using SEPA Direct Debit, a popular European banking payment method.
Stripe users in Europe and the United States can use Sources—a single integration path for creating payments using any supported method—to accept SEPA Direct Debit payments from customers in countries within the Single Euro Payments Area.
During the payment process, your integration collects your customer’s EUR-denominated IBAN bank account information. SEPA Direct Debits require the bank account holder to accept a mandate (debit authorization) that allows you to debit their account. A Source object is then created and your integration uses this to make a charge request and complete the payment.
Within the scope of Sources, SEPA Direct Debit is a pull-based, reusable and asynchronous method of payment. This means that you take action to debit the amount from the customer’s account. It can take up to 14 business days to confirm the success or failure of a payment.
Prerequisite: Collect mandate acceptance
Before a source can be created, your customer must accept the SEPA Direct Debit mandate. Their acceptance authorizes you to collect payments for the specified amount from their bank account using SEPA Direct Debit.
When your customer confirms the payment they are making, they are also accepting a mandate. Their acceptance authorizes you to collect payments for the specified amount from their bank account via SEPA Direct Debit. You must display the following standard authorization text (replacing Rocketship Inc with your company name) close to the payment confirmation button so that your customer can read and accept it.
The details of the accepted mandate is generated as part of the Source object creation. A URL to view the mandate is returned as the value for sepa_debit[mandate_url]. Since this is the mandate that the customer has implicitly signed when accepting the terms suggested above, it must be communicated to them, either on the payment confirmation page or by email.
Step 1: Create a Source object
Bank account information is sensitive by nature. To securely collect your customer’s IBAN details and create a source, use Stripe.js and the IBAN Element. This prevents your customer’s bank account information from touching your server and reduces the amount of sensitive data that you need to handle securely.
<script src="https://js.stripe.com/v3/"></script>
<form action="/charge" method="post" id="payment-form">
<div class="form-row inline">
<div class="col">
<label for="name">
Name
</label>
<input id="name" name="name" placeholder="Jenny Rosen" required>
</div>
<div class="col">
<label for="email">
Email Address
</label>
<input id="email" name="email" type="email" placeholder="jenny.rosen@example.com" required>
</div>
</div>
<div class="form-row">
<label for="iban-element">
IBAN
</label>
<div id="iban-element">
<!-- A Stripe Element will be inserted here. -->
</div>
</div>
<div id="bank-name"></div>
<button>Submit Payment</button>
/**
* The CSS shown here will not be introduced in the Quickstart guide, but
* shows how you can use CSS to style your Element's container.
*/
input,
.StripeElement {
height: 40px;
padding: 10px 12px;
color: #32325d;
background-color: white;
border: 1px solid transparent;
border-radius: 4px;
box-shadow: 0 1px 3px 0 #e6ebf1;
-webkit-transition: box-shadow 150ms ease;
transition: box-shadow 150ms ease;
}
input:focus,
.StripeElement--focus {
box-shadow: 0 1px 3px 0 #cfd7df;
}
.StripeElement--invalid {
border-color: #fa755a;
}
.StripeElement--webkit-autofill {
background-color: #fefde5 !important;// Create a Stripe client.
// Note: this merchant has been set up for demo purposes.
var stripe = Stripe('pk_test_6pRNASCoBOKtIshFeQd4XMUh');
// Create an instance of Elements.
var elements = stripe.elements();
// Custom styling can be passed to options when creating an Element.
// (Note that this demo uses a wider set of styles than the guide below.)
var style = {
base: {
color: '#32325d',
fontFamily: '-apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif',
fontSmoothing: 'antialiased',
fontSize: '16px',
'::placeholder': {
color: '#aab7c4'
},
':-webkit-autofill': {
color: '#32325d',
},
},
invalid: {
color: '#fa755a',
iconColor: '#fa755a',
':-webkit-autofill': {
color: '#fa755a',
},
}
};Follow the IBAN Element Quickstart to create your payment form, collect your customers’ IBAN, and create a source. Once you’ve created a source object, you can proceed to charge the source in the next step.
Custom client-side source creation
If you choose to handle bank account numbers yourself, you can create your
own form and call stripe.createSource as described in the
Stripe.js reference. When
doing so, make sure to collect the following information from your customer:
| Parameter | Value |
|---|---|
type |
sepa_debit |
currency |
eur (bank accounts used for SEPA Direct Debit must always use Euros) |
sepa_debit[iban] |
The IBAN number for the bank account that you wish to debit, collected by the IBAN Element. For custom integrations, you must collect this yourself and include it in when calling stripe.createSource. |
owner[name] |
The full name of the account holder. |
Server-side source creation
The use of Stripe.js to create a SEPA Direct Debit source is optional, but
highly recommended. If you forgo this step and pass the information directly
to Stripe when creating a Source object, you must take appropriate steps
to safeguard the sensitive bank information that passes through your servers.
curl https://api.stripe.com/v1/sources \
-u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
-d type=sepa_debit \
-d sepa_debit[iban]=DE89370400440532013000 \
-d currency=eur \
-d owner[name]="Jenny Rosen"
# Set your secret key: remember to change this to your live secret key in production
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'
source = Stripe::Source.create({
type: 'sepa_debit',
sepa_debit: {iban: 'DE89370400440532013000'},
currency: 'eur',
owner: {
name: 'Jenny Rosen',
},
})
# Set your secret key: remember to change this to your live secret key in production
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'
source = stripe.Source.create(
type='sepa_debit',
sepa_debit={'iban': 'DE89370400440532013000'},
currency='eur',
owner={
'name': 'Jenny Rosen',
},
)
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');
$source = \Stripe\Source::create([
"type" => "sepa_debit",
"sepa_debit" => ["iban" => "DE89370400440532013000"],
"currency" => "eur",
"owner" => [
"name" => "Jenny Rosen",
],
]);
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";
Map<String, Object> sepaParams = new HashMap<String, Object>();
sepaParams.put("iban", "DE89370400440532013000");
Map<String, Object> ownerParams = new HashMap<String, Object>();
ownerParams.put("name", "Jenny Rosen");
Map<String, Object> sourceParams = new HashMap<String, Object>();
sourceParams.put("type", "sepa_debit");
sourceParams.put("sepa_debit", sepaParams);
sourceParams.put("currency", "eur");
sourceParams.put("owner", ownerParams);
Source source = Source.create(sourceParams);
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');
stripe.sources.create({
type: "sepa_debit",
sepa_debit: {iban: "DE89370400440532013000"},
currency: "eur",
owner: {
name: "Jenny Rosen",
},
}, function(err, source) {
// asynchronously called
});
Using either method, Stripe returns a Source object containing the
relevant details for the method of payment used. Information specific to
SEPA Direct Debit is provided within the sepa_debit subhash.
{
"id": "src_18HgGjHNCLa1Vra6Y9TIP6tU",
"object": "source",
"amount": null,
"client_secret": "src_client_secret_XcBmS94nTg5o0xc9MSliSlDW",
"created": 1464803577,
"currency": "eur",
"flow": "none",
"livemode": false,
"owner": {As SEPA Direct Debit payments are a pull-based payment method, there is no movement of funds during the creation of a source. Only when a successful charge request has been made is the customer’s debited and you eventually receive the funds.
Source creation in mobile applications
If you’re building an iOS or Android app, you can implement sources using our mobile SDKs. Refer to our sources documentation for iOS or Android to learn more.
Error codes
Source creation for SEPA Direct Debit payments may return any of the following errors:
| Error | Description |
|---|---|
payment_method_not_available |
The payment method is currently not available. You should invite your customer to fallback to another payment method to proceed. |
processing_error |
An unexpected error occurred preventing us from creating the source. The source creation should be retried. |
invalid_bank_account_iban |
The IBAN provided appears to be invalid. Request the customer to check their information and try again. |
invalid_owner_name |
The owner name is invalid. It must be at least three characters in length. |
Step 2: Charge the source
Unlike most other payment methods, SEPA Direct Debit payments do not require any customer action after the source has been created. Once the customer has provided their IBAN details and accepted the mandate, no further action is needed and the resulting source is directly chargeable.
Before creating a charge request to complete the payment, you should attach the source to a Customer for later reuse.
Attaching the source to a Customer
You must attach a source to a Customer object if you wish to reuse it for future payments (e.g., via a billing product).
curl https://api.stripe.com/v1/customers \
-u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
-d email="paying.user@example.com" \
-d source=src_18eYalAHEMiOZZp1l9ZTjSU0
# Set your secret key: remember to change this to your live secret key in production
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'
customer = Stripe::Customer.create({
email: 'paying.user@example.com',
source: 'src_18eYalAHEMiOZZp1l9ZTjSU0',
})
# Set your secret key: remember to change this to your live secret key in production
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'
customer = stripe.Customer.create(
email='paying.user@example.com',
source='src_18eYalAHEMiOZZp1l9ZTjSU0',
)
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');
$customer = \Stripe\Customer::create([
"email" => "paying.user@example.com",
"source" => "src_18eYalAHEMiOZZp1l9ZTjSU0",
]);
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";
Map<String, Object> customerParams = new HashMap<String, Object>();
customerParams.put("email", "paying.user@example.com");
customerParams.put("source", "src_18eYalAHEMiOZZp1l9ZTjSU0");
Customer customer = Customer.create(customerParams);
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');
stripe.customers.create({
email: "paying.user@example.com",
source: "src_18eYalAHEMiOZZp1l9ZTjSU0",
}, function(err, customer) {
// asynchronously called
});
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"
customerParams := &stripe.CustomerParams{
Email: stripe.String("paying.user@example.com"),
}
customerParams.SetSource("src_18eYalAHEMiOZZp1l9ZTjSU0")
c, err := customer.New(customerParams)
Refer to our sources and customers documentation for more details on how to attach sources to new or existing Customer objects and how they interact together.
Making a charge request
Once attached, you can use the Source object’s ID along with the Customer object’s ID to perform a charge request and finalize the payment.
curl https://api.stripe.com/v1/charges \
-u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
-d amount=1099 \
-d currency=eur \
-d customer=cus_AFGbOSiITuJVDs \
-d source=src_18eYalAHEMiOZZp1l9ZTjSU0
# Set your secret key: remember to change this to your live secret key in production
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'
charge = Stripe::Charge.create({
amount: 1099,
currency: 'eur',
customer: 'cus_AFGbOSiITuJVDs',
source: 'src_18eYalAHEMiOZZp1l9ZTjSU0',
})
# Set your secret key: remember to change this to your live secret key in production
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'
charge = stripe.Charge.create(
amount=1099,
currency='eur',
customer='cus_AFGbOSiITuJVDs',
source='src_18eYalAHEMiOZZp1l9ZTjSU0',
)
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');
$charge = \Stripe\Charge::create([
'amount' => 1099,
'currency' => 'eur',
'customer' => 'cus_AFGbOSiITuJVDs',
'source' => 'src_18eYalAHEMiOZZp1l9ZTjSU0',
]);
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";
Map<String, Object> params = new HashMap<String, Object>();
params.put("amount", 1099);
params.put("currency", "eur");
params.put("customer", "cus_AFGbOSiITuJVDs");
params.put("source", "src_18eYalAHEMiOZZp1l9ZTjSU0");
Charge charge = Charge.create(params);
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');
stripe.charges.create({
amount: 1099,
currency: 'eur',
customer: 'cus_AFGbOSiITuJVDs',
source: 'src_18eYalAHEMiOZZp1l9ZTjSU0',
}, function(err, charge) {
// asynchronously called
});
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"
chargeParams := &stripe.ChargeParams{
Amount: stripe.Int64(1099),
Currency: stripe.String(string(stripe.CurrencyEUR)),
Customer: stripe.String("cus_AFGbOSiITuJVDs"),
}
chargeParams.SetSource("src_18eYalAHEMiOZZp1l9ZTjSU0")
ch, err := charge.New(chargeParams)
The resulting Charge object is created with a status of pending. At this stage, the payment is in progress.
By default, your account’s statement descriptor appears on customer statements whenever you create a SEPA Direct Debit payment. If you need to provide a custom description for a payment, include the statement_descriptor parameter when making a charge request. Statement descriptors are limited to 22 characters and cannot use the special characters <, >, ', or ".
Step 3: Confirm that the charge has succeeded
SEPA Direct Debit payments are an asynchronous method, so funds are not immediately available. A charge created from a SEPA Direct Debit source can remain in a pending state for up to 14 business days from its creation, though the average time is around five business days. Once the charge is confirmed, its status is updated to succeeded.
The following events are sent when the charge’s status is updated:
| Event | Description |
|---|---|
charge.succeeded |
The charge succeeded and the payment is complete. |
charge.failed |
The charge has failed and the payment could not be completed. |
After confirming that the charge has succeeded, notify your customer that the payment process has been completed and their order is confirmed. Refer to our best practices for more details on how to best integrate payment methods using webhooks.
A charge is successful once we receive funds from the customer’s bank. However, this often occurs before the bank has debited their customer’s bank account. If there is a problem debiting the customer’s bank account after a charge has been successful, the funds are retrieved in the form of a dispute.
Handling failed charges
If a charge is not confirmed, its status automatically transitions from pending to failed. Should a charge fail, notify your customer immediately upon receipt of the charge.failed event. When using SEPA Direct Debit, you may prefer not to fulfill orders until the charge.succeeded webhook has been received.
Testing charge success and failure
You can mimic a successful or failed charge by first creating a test source with one of the following test IBAN account numbers. Use the resulting source in a charge request to create a test charge that is either successful or failed.
- DE89370400440532013000: The charge status transitions from pending to succeeded
- DE62370400440532013001: The charge status transitions from pending to failed
- DE35370400440532013002: The charge succeeds but a dispute is immediately created
When creating a test charge with this source, its status is initially set to pending before being automatically transitioned.
Webhook events are triggered when using test sources and charges. The charge.pending event is first triggered, followed by either the charge.succeeded or charge.failed event immediately after.
Notifying customers of recurring payments
The SEPA Direct Debit rulebook requires that you notify your customer each time a debit is to be made on their account. You can send these notifications separately or together with other documents (e.g., an invoice).
These notifications should be sent at least 14 calendar days before you create a payment. You can send them closer to the payment date as long as your mandate makes it clear when your customer can expect to receive them. The mandate provided by Stripe specifies this can happen up to two calendar days in advance of future payments, allowing you to send notifications during charge creation. For recurring payments of the same amount (e.g., a subscription of a fixed amount), you may indicate multiple upcoming debits with corresponding dates in a single notice.
When sending your customers a notice, it must include:
- The last 4 digits of the debtor’s bank account
- The mandate reference (
sepa_debit[mandate_reference]on theSourceobject) - The amount to be debited
- Your SEPA creditor identifier
- Your contact information
Using webhooks or automated emails
Source objects provide tooling to help you notify your users compliantly. At Source creation it is possible to specify a mandate[notification_method]. The possible values are the following:
| Value | Description |
|---|---|
email |
As you create Charges, we automatically notify your customers over email. |
manual |
As you create Charges, we emit a source.mandate_notification webhook with all the required information to generate a compliant notification. On reception of this webhook you should notify your customer using the channel of your choice. |
none |
None of the above, you opt to generate debits notifications entirely outside of Stripe. |
By default, mandate[notification_method] is set to none at Source creation but can be updated later.
Obtaining a creditor identifier
Your SEPA creditor identifier is associated with each SEPA Direct Debit payment instruction and identifies the company making the payment. While companies may have multiple creditor identifiers, each creditor identifier is unique and allows your customers to easily identify the debits on their account—reducing the likelihood of payments being disputed. Some payment providers don’t request you to provide your own SEPA creditor identifier, but Stripe does as it improves the experience of your customers.
You can request a SEPA creditor identifier from a financial institution in the country in which you have your main office or residence, (e.g., the bank with which you hold your account). This is commonly done online and can sometimes take a few days. In some cases, your bank may need take additional steps to issue a creditor identifier for you. When contacting your bank for your SEPA creditor identifier, make sure to clarify that you are not requesting they process SEPA Direct Debit payments for you.
If you have trouble obtaining your creditor identifier, let us know.
Disputed payments
SEPA Direct Debit provides a dispute process for bank account holders to dispute payments. As such, you should make the appropriate decisions regarding your business and how you approach SEPA Direct Debit payments.
For a period of eight weeks after their account was debited, an account holder can dispute a payment through their bank on a “no questions asked” basis. Any disputes within this period are automatically honored.
Beyond the eight-week period after the creation of the payment, and for up to 13 months, a customer may only dispute a payment with their bank if they consider the debit had not been authorized. In this event, we automatically provide the customer’s bank with the mandate that the customer approved. This does not guarantee that the dispute can be canceled as the customer’s bank can still decide that the debit was not authorized by the mandate—and that their customer is entitled to a refund.
A dispute can also occur if the customer’s bank is unable to debit their account because of a problem (e.g., the account is frozen or has insufficient funds), but it has already provided the funds to make a charge successful. In this instance, the bank reclaims those funds in the form of a dispute.
If a dispute is created, a dispute.created webhook event is sent and Stripe deducts the amount of the dispute and dispute fee from your Stripe balance. This fee varies based on your account’s default settlement currency:
| Settlement Currency | Dispute Fee |
|---|---|
| CHF | 10.00 Fr |
| DKK | 75.00-kr. |
| EUR | €7.50 |
| GBP | £7.00 |
| NOK | 75.00-kr. |
| SEK | 75.00-kr. |
| USD | $10.00 |
Unlike credit card disputes, all SEPA Direct Debit disputes are final and there is no appeals process. If a customer successfully disputes a payment, you must reach out to them if you would like to resolve the situation. If you’re able to come to an arrangement and your customer is willing to return the funds to you, they will need to make a new payment.
In general, each dispute includes the reason for its creation, though this can vary from country to country. For instance, disputed payments in Germany do not provide additional information for privacy reasons.
Refunds
Payments made with SEPA Direct Debit can only be submitted for refund within 180 days from the date of the original charge. After 180 days, it is no longer possible to refund the charge. Similar to the delays introduced to payments with SEPA Direct Debit, refunds also require additional time to process (typically 3-4 business days). Should you accidentally debit your customer, please contact them immediately to avoid having the payment disputed.
A refund can only be processed after the payment process has completed. If you create a full or partial refund on a payment that has not yet been completed, the refund is actioned once the Charge object’s status has transitioned to succeeded. In the event of a payment where the Charge object’s status transitioned to failed, full and partial refunds are marked as canceled, as the money never left the customer’s bank account.
SEPA does not explicitly label refunds when the funds are deposited back to the customer’s account. Instead, they are processed as a credit and include a visible reference to the original payment’s statement descriptor.
Due to longer settlement time periods and the nature of how banks process SEPA Direct Debit transactions, there is potential for confusion between you, your customer, your customer’s bank, and Stripe. For instance, your customer may contact both you and their bank to dispute a payment. If you proactively issue your customer a refund while the customer’s bank also initiates the dispute process, your customer could end up receiving two credits for the same transaction.
When issuing a refund, it’s important that you immediately inform your customer that it may take up to five business days for the refund to arrive in their bank account.