VRP requires a one-time bank authentication and authorization that defines the parameters within which future transactions can be initiated without authentication. These parameters can include end date, maximum aggregate amount per period (e.g., month) and maximum amount per individual transaction.
This consent may be set up using either:
- the Hosted Pages (HP) integration - the TPP uses Token.io's HP to display the parameters of the VRP consent setup.
See Hosted Pages v2 and Hosted Pages v1 for more information on how to implement the Hosted Pages for VRP.
- the API-only integration - the TPP owns the user experience for VRP consent set up.
The user may revoke consent with the bank at any time via the TPP.
If you have any feedback about the developer documentation, please contact devdocs@token.io