The Regulation on the Generation and Use of the Turkish QR Code in Payment Services ("Regulation") was published in the Official Gazette dated 21 August 2020 and numbered 31220. The Regulation enacted by the Central Bank of the Republic of Turkey ("CBRT") introduces the national QR Code of Turkey in order to establish a standard QR Code structure and common rules within the payment services ecosystem regarding this structure.
With the Regulation, Turkey joins a group of countries using a national QR Code payment system such as Sweden (Swish), Poland (BLIK), and Denmark (Vipps) and through its adoption, the Turkish payment system regulations are getting further aligned with the Payment Services Directive 2 of the European Union. The Regulation introduces several obligations for the payment service providers and merchants.
The CBRT also published the Rules and Principles of Turkish QR Code v1.0 ("Guideline") along with the Regulation. The Guideline clarifies the principles of QR Code generation and details of the QR Code usage workflows.
Pursuant to the Guideline, the usage models of Turkish QR Code are determined according to the reusability and the usage method.
The reusability classification
The reusability classification consists of static and dynamic QR Codes. Static QR Codes are generally preferred by small sized enterprises and can be used several times with a content of fixed information such as merchant’s account information. On the other hand, dynamic QR Codes are generated specifically for each transaction on a single-use basis and contains particular information related to the payment.
The usage methods
The usage methods of QR Codes are mainly divided into the merchant-presented (short and long versions), costumer-presented, and person-to-person payments usages.
The short merchant-presented QR Code includes limited information about the merchant and the customer obtains only the necessary information to initiate the payment. The actual payment transaction starts with the customer scanning the QR Code. However, the long merchant-presented QR Code which is compliant with EMVCo specifications, contains all necessary information about the merchant and the payment.
The customer-presented QR Code includes the customer’s account information.
The QR Code for person-to-person payments is generated by the payment’s receiver party and includes the receiver’s account information.
Use of Turkish QR Code
The Regulation obliges use of Turkish QR Code for all payments made through the QR code, except:
- for payments made in Turkey through a payment instrument issued pursuant to foreign legislation;
- where one of the payment parties is residing abroad; or
- where a foreign payment service provider’s infrastructure is used for the transaction.
Generation of Turkish QR Code
The Turkish QR Code can only be generated by the payment service providers ("PSPs”) holding a code for generation of QR Code and payment system operators authorized by the CBRT. The PSPs are allowed to outsource the Turkish QR Code generation. The code for generation of QR Code is determined by the Interbank Card Center ("ICC") of which the CBRT is a shareholder, and announced on its website upon request of the PSP and the payment system operator authorized by the CBRT.
QR Code Routing System
The Regulation brings a new intermediary infrastructure, the QR Code Routing System, for payments made through the Turkish QR Code between different PSPs in order to transfer the information included to the QR Codes. The QR Code Routing System is established and managed by the ICC. However, its management rules, its conditions of accession, and all procedures and principles including the charging principles are determined by the CBRT and published on its website.
Timetable for implementation of the Regulation
The PSPs providing payment via Turkish QR Code must comply the QR Codes and relevant infrastructure with the Regulation and the Guideline until 31 December 2021. If the payment service is provided through a payment system, the payment service must comply with the guideline that will be prepared regarding relevant payment system, as well.
The PSPs providing services to merchants enabling them to accept payments through payment cards or payment systems operated by the CBRT must establish the necessary infrastructure to their contracted merchants in order for them to accept payments through dynamic QR Code until 31 December 2021.
If the merchants use different devices or applications in addition to the infrastructure provided by the PSPs while accepting payments through payment cards or payment systems operated by the CBRT, the owners of these devices and applications must establish the necessary infrastructure in order to accept payments through QR Code until 31 December 2021.
The CBRT may extend aforementioned deadlines for up to one year.
With the Regulation and Guidelines, the CBRT established a central and standardized QR Code payment system whilst introducing protections for the customers and creating new opportunities for Turkish FinTech ecosystem.
Please do not hesitate to contact us at email@example.com for further details on the Turkish QR Code or with any specific questions.