Online payments

Set up online payments for your e-shop

Integration with most common e-commerce platforms.
Convenient and safe payment for purchases via Internet banking services of Swedbank, SEB, Citadele and Luminor.
The money for purchases by card will enter your account already in the morning of the following day.

Without activation and monthly fee!

If you have any further questions, don’t hesitate to sign up for a video consultation at a time convenient for you.

Payments with Bank Link from the customers of Internet Banking services of Swedbank, SEB, Citadele and Luminor.
Payments by card by entering the card number.

An intuitive, user-friendly payment environment compatible with any customer device.
24/7 online report system for payment cancellation and refunds, for identifying shopper habits and profile.
Customized reports for Latvian accounting software (in CSV and XML format).
Option to choose a ready-made online store platform operated by Mozello. Start selling right away without any integration (Swedbank Bank Link and card payments available).

Set up your online store and make sure you’re compliant with Visa and Mastercard requirements.

Fill out the application and we will contact you within 1 business day.

Sign the agreement.

Carry out the integration and start selling!

It is one of the most common settlement methods that help expanding your business by selling products 365 days a year worldwide. You don’t need to invoice customers, and money for purchases arrives in the company’s account the next day. Acceptance of card payments also means greater overall trustworthiness of the site as the cardholder gets extra protection thanks to the 3-D Secure 3-D Secure is a technology developed by Mastercard and VISA which is designed to give greater safety in e-commerce for merchants and card users for payment card transactions performed over the Internet. With 3-D Secure, the card issuer authenticates the cardholder online, thus helping online retailers to drastically reduce the number of card fraud cases. technology.

Integration with the most popular website platforms - WooCommerce, PrestaShop, OpenCart, Magento2, Android SDK, iOS SDK. Technical specification designed for the Swedbank Payment Portal or EveryPay.
For a tailor-made integration, use PHP API library for Swedbank Payment Portal or EveryPay.
Verify that your e-shop is compliant with the Visa and Mastercard requirements.
Not only card payments but also Swedbank Bank Link are available on the Swedbank Payment Portal.
Our IT partners who can help with integration.

The customer selects a product or service and chooses paying by card as the payment method.
The customer enters data – first name, surname, card number, expiry date and security code (CVC).
After online verification of card details the customer is redirected to the 3-D Secure verification page to confirm the cardholder’s identity.
After successful verification, money for the payment is reserved in the cardholder’s account and the company gets a transaction confirmation.

Possibility to receive payments by Mastercard, Visa, Maestro and Visa Electron cards in EUR currency. If you wish to accept payments from customers in other currencies, get in touch with our partner Wordline to arrange implementation of a tailor-made solution.

Possibility to oversee all card payments and their statuses.
Payment cancellation and full or partial money refunds to the customer.
Reports and overviews for sales and accounting needs in various formats (CSV, XML).

LinkPay. A possibility to send a payment link to your customer by e-mail or text message when a purchase is paid for by a payment card.
Standing orders. This service will enable you to collect payments for recurring services from your customers according to a payment schedule.
Card number tokenization. Once the customer’s card is registered in your e-shop, all future payments can be executed in a single step – payment confirmation. The customer no longer needs to re-enter all the card details for as long as the card is valid.

Swedbank Bank Link is a secure, fast and convenient way to pay for purchases through our internet banking solution. 80% of shoppers in Latvia opt for paying for purchases via Bank Link.
Bank Link payment initiation service is a modern way to pay for purchases through not only Swedbank’s internet banking solution but also through those of the other largest banks in the Latvia (SEB, Citadele and Luminor). You won’t need to sign agreements with other banks anymore. It will be up to the buyer which bank to make the payment from. After logging in to the chosen internet banking solution, the buyer will only need to confirm a pre-filled payment order.

* According to Swedbank’s sales data as of November 2020.

Integration with the most popular website platforms

Generate the private and public key according to the instructions.
Use technical documentation for plugins.
The Swedbank logo usage guidelines are available here.
Make sure you're compliant with the e-shop requirements and review the terms of service.

Tailor-made integration

Generate the private and public key according to the instructions.
To set up Swedbank Bank Link or Bank Link payment initiation from other banks, follow the instructions in the technical specification or use the PHP example.
To initiate payments from other banks, use the list of banks.
The Swedbank logo usage guidelines are available here.
Make sure you're compliant with the e-shop requirements and review the terms of service.
Our IT partners who can help with integration.

If you have any questions, please visit technical support page. If you can't find the answer, write to the e-mail cashmanagement@swedbank.lv.

The customer selects a product or a service and chooses one Bank Link - that of Swedbank, SEB, Citadele or Luminor - as the payment method.
The customer is redirected to a pre-filled payment order on the Internet Banking site or the mobile app.
The customer gives consent (in case of Bank Link payment initiation service).
In case of Swedbank’s Bank Link, the company gets a notification about the transaction and money for the payment is transferred within seconds. In case of Bank Link payment initiation service, the company only gets a notification that a payment has been initiated.

In case of Bank Link payments, Swedbank is responsible for payment confirmation and settlements. The company gets the money within minutes after confirmation by the customer. In case Bank Link payment initiation service, Swedbank acts as a third-party provider and its responsibility is limited to initiation of the payment. As the customer’s account is with another financial institution - Swedbank only notifies the company of successful initiation of the payment. Swedbank does not guarantee the crediting of funds to the company’s account, so we recommend delivering the respective item or service only after receiving money in the current account.

The company can verify the authenticity of its customer’s identity number and first name, last name through Swedbank. Such verification of authenticity can be performed for Swedbank’s private customers only. This service is made available to companies on the basis of an individual assessment by Swedbank.

	TOP choice Start tariff Apply	Active tariff Apply
Monthly fee	Free of charge	EUR 20.00 Free of charge for the first 3 months
Card transaction fee*	2% + EUR 0.20	from 1.5% + EUR 0.10
Bank Link transaction fee Swedbank, SEB, Citadele, Luminor	2% (min. EUR 0.20)	1.5% (min EUR 0.10)
Signing contracts via Internet Banking**	Free of charge	Free of charge

* VAT applicable to the fixed part of the fee.
** Preparation of contracts in paper format – EUR 20.00

How do card transactions work?

In this video, you will find out about:

the card ecosystem and authorization flow;
possible transaction types;

How to start accepting payment cards?

In this video, you will learn about:

available card acceptance solutions;
how to obtain the terminal and how to quickly set it up;
where to get technical support.

Online card acceptance

In this video, you will get information about:

what is online card acceptance;
what are the benefits of online acceptance;
how do online payments work;
what are the requirements for online merchant;
how can the risk be minimized in online environment.

What is chargeback?

In this video, you will get to know about the chargebacks – the process, timeframe, responsibilities, and solutions to avoid them.

What is card fraud?

This will explain the key things about fraud:

what to do in case of suspected fraud;
how to minimize it.

What a merchant needs to do to be compliant?

This video will explain:

what are the main responsibilities of the merchant
how to ensure compliance with rules of the international card organizations and the bank.

What is the PCI DSS?

With this video, you will understand:

what is the Payment Card Industry Data Security Standard (PCI DSS);
how card data can be stolen;
what are the consequences of the merchant not following the PCI DSS rules;
what can a merchant do to comply with the PCI DSS.

The Payment Card Industry Security Standards Council (PCI SSC) has been established by the leading international card organizations Visa, Mastercard , Amex, Diners, Discovery, JCB. The PCI SSC has developed the PCI DSS rules and documents to regulate and lay down the card security principles and policies. Payment security guidance must be followed by all entities (including banks, merchants, payment processors) which store, process or transmit cardholder data. These rules set the technical and operational requirements for organizations accepting or processing payment transactions.

Please see the latest version of requirements and standards here

All merchants that store, process or transmit cardholder data must be PCI DSS compliant.

Card data and sensitive authentication data elements:

	Data Element	Storage Permitted	Render Stored Data Unreadable
Cardholder Data
	Primary Account Number (PAN)	Yes	Yes Standard requires that the PAN must be rendered unreadable
	Cardholder Name	Yes	No
	Service Code	Yes	No
	Expiration Date	Yes	No
Sensitive Authentication Data Sensitive authentication data must not be stored after authorisation, (even if encrypted)
	Full Track Data Full track data from the magnetic stripe, equivalent data on the chip, or elsewhere	No	Prohibited
	CVV2/CVC2 The three or four-digit value printed on the front or back of a payment card	No	Prohibited
	PIN/PIN Block Personal Identification Number entered by cardholder during a transaction, and/or encrypted PIN block present within the transaction message	No	Prohibited

How to be sure that you are compliant with PCI DSS requirements?

We inform merchants once per year via e-mail what kind of action must be taken to comply with the PCI DSS. The requirements are presented in the table below.

Merchants are categorized into 4 levels based on the annual number of card payment transactions by one card brand (i.e. Mastercard, VISA, Amex etc.). We require Level 1 - Level 3 merchants to notify us of their compliance status after the required action has been taken. Level 4 merchants must notify us of their compliance status by sending a completed Self-Assessment Questionnaire (SAQ).

Merchant level	Merchants transaction criteria	Required actions from merchants	Frequency
Level 1	Merchants with 6 million and more annual transactions in total for Mastercard or VISA	External security audit made by Qualified Security Assessor(QSA)	once per year
Level 1		Network Scan conducted by an Approved Scanning Vendor (ASV) or Qualified Security Assessor (QSA)	once per quarter
Level 2	Merchants with 1 to 6 million annual transactions in total for Mastercard or VISA	Qualified Security Assessor (QSA) or Internal Security Assessor (ISA) Level 2 merchants who choose to complete an annual self-assessment questionnaire must ensure that staff engaged in the self-assessment attend PCI SSC ISA training and pass the associated accreditation program annually in order to continue the option of self-assessment for compliance validation. Alternatively, Level 2 merchants, at their own discretion, must complete an annual onsite assessment conducted by a PCI SSC approved Qualified Security Assessor (QSA) rather than complete an annual self-assessment questionnaire.	once per year
Level 2		1. Merchants completing the SAQ A, A-EP or D are required to engage a QSA or ISA for annual compliance validation. 2. Merchants completing the SAQ B, B-IP, C-VT, C or P2PE may now self-assess without the use of a QSA or ISA for compliance validation Network Scan conducted by an Approved Scanning Vendor (ASV) or Qualified Security Assessor (QSA)	once per quarter
Level 3	E-commerce merchants with 20 000 to 1 million annual transactions in total for Mastercard or VISA	Completing annual Self-Assessment Questionnaire (SAQ) required	once per year
Level 3		Network Scan conducted by an Approved Scanning Vendor (ASV) or Qualified Security Assessor (QSA)	once per quarter
Level 4	All other merchants	Annual Self-Assessment Questionnaire (SAQ) at merchant’s discretion	Recommended once per quarter
Level 4	All other merchants	Network Scan conducted by an Approved Scanning Vendor (ASV) or Qualified Security Assessor (QSA)	Recommended once per year

Keep in mind, that you’ll need to perform:

Security audit by a certified auditor acting as Qualified Security Assessor (QSA) at the legal entities that are presented on the official PCI DSS website.
Scanning of the network by a qualified net scanning vendor acting as Approved Scanning Vendor (ASV) or Qualified Security Assessor (QSA). ASV can conduct a scanning procedure for in-store and online merchants but have no rights to perform annual audits.
Internal audit, during which questions in SAQ (Self Assessment Questionnaire) have to be answered. The questionnaire content depends on technical solution.

PCI DSS requirements and goals

The 12 requirements and goals in the table below will help you to understand what important actions must be performed to be compliant wiht PCI DSS rules.

Goals	PCI DSS Requirements
Build and maintain a secure network and system	1. Install and maintain a firewall configuration to protect cardholder data. 2. Do not use vendor-supplied defaults for system passwords and other security parameters.
Protect cardholder data	3. Protect the stored cardholder data. 4. Encrypt transmission of cardholder data across open public networks.
Maintain a vulnerability managemenet program	5. Protect all systems against malware and regularly update anti-virus software or programs. 6. Develop and maintain secure systems and applications.
Implement strong access control measures	7. Restrict access to cardholder data under business need-to-know. 8. Identify and authenticate access to system components. 9. Restrict physical access to cardholder data.
Regularly monitor and test networks	10. Track and monitor all access to network resources and cardholder data. 11. Test security systems and processes on a regular basis.
Maintain an information security policy	12. Maintain a policy that addresses information security for all personnel.

For more information please visit https://www.pcisecuritystandards.org/

Cardholders have the right to dispute any card transaction processed on a Mastercard or Visa card. Such disputes are resolved as chargebacks and are governed by a series of rules set forth by the international card organizations. In the chargeback process, the burden of proof lies with the merchant who is given the opportunity to provide supporting documentation to prove the legitimacy of the transaction. If the merchant is successful, the value of the transaction is credited back to their account. If the merchant is unsuccessful or does not respond in a timely fashion, they are held financially responsible for returning funds to the consumer who filed the complaint.

What are the most common Chargeback reasons?

Common reasons for chargebacks include:

the cardholder did not perform the transaction (frequently an indication of fraud);
cancelled recurring transaction;
goods not as described;
goods faulty or defective;
failure to respond to voucher requests.

Chargebacks may also be made for other reasons, including goods or services not having been received.

How to avoid Chargebacks?

Tips on dealing with chargebacks:

In order to prevent undelivered product claims it is highly recommended to use a delivery service that offers delivery confirmation.
In order to prevent broken merchandise claims during shipping, always purchase shipping insurance if your items are fragile. Make sure you clearly document the timeframe in which such claims will be processed.
There are two ways of handling claims concerning merchandise breakage not caused by shipping: have the customer contact the manufacturer directly if the item is under warranty or ask the customer to ship the item back to you. Make sure your returns policy is very clear about the timeframe and the returned merchandise authorisation process.
If the customer claims they never ordered the product, make sure you have clear documentation of their order.
Whenever possible handle communication via e-mail as that way you will have a precise record of all conversations.
The requirement is to have terms and conditions clearly presented on the website where the online services are provided. The Consumer Protection Regulations set out the information that must be provided to customers prior to entering into an agreement. The regulations apply to anyone who supplies goods or services under a distance contract; you cannot opt out of them.
The information must be provided in a clear and comprehensible manner appropriate to the means of distance communication used. The information you need to provide includes specific details of the goods or services in question, their price (including VAT and other taxes) and delivery charges, as well as the details of customers' cancellation rights. You also need to include the full contact details of your business.
If the goods or services ordered by the customer are likely to be unavailable, you must inform them if you wish to provide substitute goods or services of equivalent quality and price.

Merchants face various risks when accepting card transactions. This information has been put together to help you understand the types of risk you face and the steps to take in order to reduce the risk of loss. One of the greatest risks to merchants is that of fraudulent transactions. If you are not careful, fraud could cost your business dearly. Some types of merchants - depending on the type of goods sold - are more vulnerable to fraudulent transactions than others. Merchants should be aware that they may be targeted.
It is essential to understand the term "authorisation" - what it does and does not mean.

What does “authorization” mean?

What authorisation does mean:

The account number is valid
The card has not been reported as lost or stolen (although it may still be lost, stolen or compromised, i.e. the card details may have been unduly obtained or copied) and the card owner may be unaware of this)
There are sufficient funds available to cover the transaction

What “authorization” does not mean?

What authorisation does not mean:

Authorisation does not confirm that the person providing the card number is the legitimate cardholder - the risk remains that the person providing the number has either stolen or unduly obtained the card
There is also a risk of the purchaser having unduly obtained the card number without being in possession of the card

Although it is important to obtain authorisation for each transaction, this alone does not protect you against the risk of fraud or chargeback. These risks remain even if authorisation has been obtained.

What products are sold by e-shops that are subject to the risk of fraud the most?

Due to their high value and suitability for resale, the following types of goods are frequently targeted by fraudsters:

Electronics
Household appliances
Jewellery
Computers
Furniture
Goods easily sold for cash

If you trade in any of these goods, be extremely careful before handing over/shipping items. Make sure you take all possible steps to confirm that the purchaser is the actual cardholder.

Examples of transactions that warrant extra precaution

The following are indications of potentially suspicious transactions. Often it is the existence of more than one indication that suggests a potentially fraudulent activity.

First-time shopper - Criminals are always looking for new merchants to steal from
Larger-than-normal orders - Because stolen cards and account numbers have use only for a limited time period, criminals need to maximise their purchases
Orders that include several varieties of the same item - Having more than one of the same item increases the criminal's profits
"Urgent" or "overnight" shipping - Criminals want their fraudulently obtained items as soon as possible for quick resale and are not concerned about extra delivery charges
Shipping outside of the merchant's country - There are times when items purchased in fraudulent transactions are shipped to criminals outside of the home country
Inconsistencies - Information in order details such as a mismatch in the billing and shipping addresses, telephone area codes with corresponding near post office codes, e-mail addresses that do not look legitimate and irregular times of day when orders are placed.
Multiple transactions on one card during a short period of time - This could be an attempt to 'run a card' until the account is closed
Shipping to a single address via transactions on multiple cards - This could involve an account number generated using special software or even a batch of stolen cards
Multiple transactions on one card or a similar card with a single billing address, but multiple shipping addresses - This could represent an organised activity, rather than one individual at work
For online transactions, multiple cards used from a single IP (Internet Protocol) address - More than one or two cards could indicate a fraudulent scheme
Orders from Internet addresses that make use of free e-mail services - These e-mail services involve no billing relationships and often neither an audit trail nor verification that a legitimate cardholder has opened the account

How to minimize the possibility of fraudulent purchases and chargebacks in e-shops?

Merchants can minimise the possibility of fraudulent purchases and chargebacks from online transactions by taking certain precautions:

request the name of the cardholder's bank - fraudsters who have unduly obtained account details will not have this information. If the purchaser hesitates in giving the name of their bank, caution should be exercised;
request the purchaser to provide a faxed copy of their driver's licence;
the risk of goods not being received should be evaluated if goods are forwarded to a post office box;
obtain a signed receipt from the cardholder when the goods are delivered;
in the case of orders for a large number of different goods, telephone the cardholder after the order is placed to confirm the order. Also, have the purchaser read back all details of the order. Frequently, where an order is fraudulent, the purchaser is unable to confirm these details, as they were ordering at random, with no record of what they ordered;
be suspicious in cases where multiple cards are used for a single purchase;
do not continue to attempt authorisation after receiving a decline;
exercise extra caution in relation to overseas orders - large orders should in all cases be held back for shipping until the enquiries above are made into the legitimacy of the purchaser. Merchants should not ship goods until satisfied that the purchase is legitimate.

By using the 3-D Secure authentication services, the merchant obtains chargeback protection (i.e. fraud liability shift) on a transaction in most events where a chargeback would normally be received on the basis of a claim that the customer did not actually participate in the transaction. These services provide customers, retailers and banks with greater security in online card payments.

Please contact us by calling 67 444 444 if you need a consultation or you wish to report a fraudulent situation. You can learn more about how to do your banking securely here.

The IT resources necessary for implementing the Swedbank Payment Portal can be outsourced. Below you will find information about IT companies offering such a service.

SIA Mozello
support@mozello.com
26606765
mozello.lv
A ready-made online store platform provided by an internationally recognized Latvian company. Integrated marketing and CEO solutions, as well as payment systems. Supported payment types: Swedbank Payment Portal payments, API solution (custom programming) etc.

Caballero \| Digital agency (SIA Selected agency)
info@caballero.lv
25377773, 20400222
www.caballero.lv
External system integrations for various platforms: Woocommerce for tailor-made e-commerce solutions and systems. Custom-design online shop development, as well as friendly e-commerce solutions for small and medium-sized enterprises. Payment integrations: Swedbank Bank Link, Bank Link payment initiation from other banks.

SIA Senet
info@senet.lv
26361815
senet.lv
Payment integrations: Swedbank Payment Portal (card acceptance on the web), Swedbank Bank Link, and other.

SIA Wonderland Media
aigars@scandiweb.com
28346764
scandiweb.com
External system integrations for various platforms: Magento, Woocommerce, BigCommerce and other. Payment integrations: Swedbank maksājuma portāls, Swedbank Bank Link and other.

SIA iConcept
matiss@iconcept.lv, klavs@iconcept.lv
22300307 (Matīss), 26466176 (Klāvs)
iconcept.lv
External system integrations for various platforms:Woocommerce, Prestashop, Magento, Opencart. Payment integrations: Swedbank Payment Portal, Swedbank Bank Link and other.

SIA Datateks
info@datateks.lv
67299532
siadatateks.lv
Payment integrations: Swedbank Payment Portal, Swedbank Bank Link and other.

Latvijas Tālrunis SIA
janis.lielmanis@ltdigital.lv
67770515, 29351376
ltdigital.lv
External system integrations for various platforms: anaZana, Datateks. Payment integrations: Swedbank Payment Portal, Swedbank Bank Link and other.

SIA Webdev
info@webdev.lv
24400020
www.webdev.lv
External system integrations for various platforms: OpenCart, NomasVeikals, Woocommerce. Payment integrations: Swedbank Payment Portal, Swedbank Bank Link, Card Payments and other. Additional information: Online shop development and rent. Automatic integration of wholesaler products. Ready-made, rent-based and custom-made solutions for any industry.

These companies are listed as examples of such service providers and are not affiliated with Swedbank. The given list of IT companies is not in the order of priority and is not exhaustive. You are free to engage other IT companies providing the necessary services.