Skip to content
Single Immediate Payments...
/
/
Pay by Link
Last updated

Pay by Link

Overview
Pay by Link is Token.io's flexible solution for fast, secure account-to-account payments. Merchants, banks, and third-party providers can generate unique payment links to share with customers via email, SMS, messaging apps, or QR codes. These links pre-fill recipient account details, making payments easier and reducing manual errors. Customers can pay remotely or in person, with a seamless experience on Token.io's hosted payment pages.

Key Features

  • Flexible Payment Links: Generate links with or without pre-filled amount and reference. The payer can enter missing details if needed.
  • Custom Branding: Landing pages can be customised with your own logo, colours, field labels and error descriptions.
  • Multi-Channel Sharing: Distribute links via email, SMS, messaging apps, or display as a QR code.
  • Custom Domains: TPPs can host links on their own branded domains for trust and consistency.
  • Bespoke Validity: Set how long a link is valid (default 24 hours, up to 90 days).
  • Single Use: Each link can be used only once for security.
  • Status Tracking: Easily check if a link is active, expired, cancelled, or completed.
  • API-First: All features are available via Token.io's API. See the Token Open Banking API.

How It Works

  1. Create a Payment Link: A unique link is generated by the requester
  2. Share the Link: The PSU / Merchant shares the link SMS, email, chat, or invoice.
  3. Customer Pays: The receiver clicks → authenticates in their own banking app.
  4. Receive Payment Updates: The payment moves instantly, account-to-account, with no need for card details or sort codes. The payer is immediately notified on the confirmation page once the payment is completed. After this, the third-party provider or merchant receives a real-time notification (such as a webhook or API callback) confirming the payment status.

Example Scenarios

1. Peer-to-Peer (P2P) Payments

Pay by Link enables individuals to transfer money directly between accounts without the need to share sort codes or IBANs.

Common use cases include:

  • Splitting bills: Share a payment link to quickly settle expenses such as dinner, rent, or group activities.
  • Personal reimbursements: Repay friends or family securely without exchanging bank details.
  • Gifting: Send money instantly through a secure and personalised payment link.
  • One-off transfers: Provide a simple alternative to manually entering account details.

2. ShopEase - Online Orders Without a Checkout

ShopEase empowers small online stores to sell directly through chat or social media using Pay by Link, eliminating the need for a full e-commerce checkout.

How it works:

  1. ShopEase: Creates a Pay by Link for each order, including the item, price, and expiry time. The link opens a secure, branded payment page.
  2. Seller: Shares the payment link with the customer and receives instant confirmation once payment is complete.
  3. Customer: Clicks the link, pays using their preferred bank, and receives immediate order confirmation.

3. In-Store Payments for Merchants

Jimmy, a small business owner selling jeans, uses Pay by Link to collect in-person payments.

Example flow:

  1. Jimmy generates a payment link and displays it as a QR code at the checkout counter.
  2. Customers scan the code using their mobile device, review or enter the payment amount, and confirm payment through their mobile banking app.
  3. Jimmy receives instant notification once the payment is successfully processed.

QR Codes

  • QR code image can be generated via a dedicated endpoint if required
  • QR code is returned in 240x240px as an embedded string format (SVG)

More can be found in the QR code API spec.

StatusName
LINK_ACTIVEThe payment link is active
LINK_EXPIREDThe payment link has expired
LINK_REDEEMEDThe payment link has been redeemed
LINK_CANCELEDThe payment link has been canceled

Additional Notes

  • Links can be created with or without amount/reference.
  • Links expire after a set time (default 24 hours, max 90 days).
  • Each link is single-use.
  • Customers see a clear message if a link is expired, cancelled, or already used.
  • Payment status (active, expired, cancelled, completed) is available via API.
  • QR code generation is supported.
  • Custom branding and field labels are available.
  • TPPs can choose to host links on their own custom domain or use Token.io's default domain.

Customisation Options

1. Branding & Visual Identity

  • Logo: Upload your company logo to appear on the Pay by Link payment page. The logo can be inherited from your existing WAV2 configuration or uploaded specifically for Pay by Link. Supported formats include PNG, JPG, and JPEG, with size and dimension guidelines to ensure optimal display.
  • Logo Alt Text: Add descriptive alt text for your logo to improve accessibility for users with screen readers.
  • Primary Colour: Set your brand’s primary colour, which will be used for key UI elements (such as buttons and highlights) on the payment page.
  • Favicon: Upload a custom favicon to appear in the browser tab when customers open your payment link.

2. Text & Field Labels

  • Custom Field Names: Change the labels for key fields such as “Amount” and “Reference” to match your business terminology (e.g., “Total,” “Order Number,” etc.).
  • Header Text: Customise the welcome or header message displayed at the top of the payment page (e.g., “Welcome to [Your Brand] Pay by Link”).
  • Instructional Text: Add or edit instructional or informational text to guide your customers through the payment process.

3. Feature Toggles

  • PDF Download Option: Enable or disable the option for customers to download a PDF receipt of their payment directly from the confirmation page.
  • Custom Domain: Configure your own branded domain for payment links and QR codes, or use the default Token.io domain. Note: this will require custom configuration and is best achieved by talking to our Sales team.

4. Permissions & Access Control

  • Feature Access: Admin users can control which team members have permission to generate, use, and configure Pay by Link features within your organisation.
  • Visibility: The Pay by Link configuration tab in the Dashboard is only visible to users with the appropriate permissions.

5. Accessibility & Usability

  • Alt Text for Images: Ensure all uploaded images (logos, favicons) have descriptive alt text for accessibility.
  • Preview: Instantly preview your customisations before saving, so you can see exactly how your payment page will look to customers.

These customisation options are managed directly from the Pay by Link configuration section in your Dashboard, allowing you to update branding, text, and features without any code changes.

API Flow

FAQ

What happens if a payment link is expired or already used?
If a customer tries to open a link that is expired or has already been used, they will see a clear message explaining that the link is no longer valid. They will not be able to proceed with payment. This text is customisable via the Admin dashboard, as seen in Customisation Options.

Can a payment link be cancelled?
Yes, links can be cancelled via the API before they are used. If a cancelled link is opened, the customer will see a message that the link is no longer available.

What if the customer closes the payment page before completing payment?
If the customer closes the page and reopens the link (and it is still valid), they will be returned to the payment journey and can continue from where they left off.

What if required fields (amount or reference) are missing?
If the link was generated without an amount or reference, the customer will be prompted to enter the missing information before proceeding with payment.

What if there is a technical error generating a link or QR code?
If there is an error generating a payment link or QR code, an error message will be returned via the API. The merchant or TPP should retry the request or contact support if the issue persists.

What is the max length of the custom payment link that is generated?
Maximum 255 chars.

Can I use the same link for multiple payments?
No, each link is single-use for security. For multiple payments, generate a new link for each transaction.

What if the link validity period is not specified?
If no expiry is set, the link will default to 24 hours validity.

What if the link is set to expire in more than 90 days?
The system will reject the request and return an error, as the maximum allowed validity is 90 days.

What if the customer tries to pay after the link has expired?
They will see a message that the link is expired and will not be able to complete the payment.

What happens if a TPP wants to use their own domain for links?
TPPs can configure their account to use a custom domain for payment links and QR codes. If not configured, Token's default domain will be used.

What if a link cannot be generated or cancelled due to a technical issue?
If a link or QR code cannot be generated or cancelled, the API will return an error message. The merchant or TPP should retry or contact support.

Get Started

If you have any feedback about the developer documentation, please contact devdocs@token.io

Previous page
Next page