Payments are also linked to a consent that has declared the account "visible" for at least one of the three statements - balance, transactions or details. So, in operations related to payments, the ID of the consent that requested it must be sent. The sending takes place in the HTTP header Consent-ID. If the consent is invalid (unauthorized, expired), the payment request is rejected. The same can happen if the daily limit for the number of operations on the account set in the consent has been reached.
Transfers are also like consents a 3 step process – payment initiation, authorization and then payment status check(s). The status check is necessary because in most accounting systems payments are not made immediately for a number of reasons - they are queued up, the system may be in maintenance mode, End of day, etc.
The statuses of payment requests are as follows:
RCVD - request received but not authorized
ACCP – request confirmed via OTP
ACSP - request subject to posting
ACSC - request successfully posted
RJCT - request rejected - invalid/expired/unauthorized/consent problem