# Standards

Solaris adheres to specific international standards to ensure data consistency, security, and regulatory compliance.

## Corporate security standards

Solaris maintains the highest levels of enterprise security and operational resilience. We are officially certified and compliant with the following frameworks:

* **CRR Banking License:** Solaris operates with a full German commercial banking license.
* **ISO/IEC 27001:** Solaris is certified for information security management, ensuring systematic risk management.
* **PCI DSS 4.0:** Solaris is fully certified under the Payment Card Industry Data Security Standard version 4.0.
* **DORA:** Solaris complies with the EU-wide Digital Operational Resilience Act.
* **GDPR:** Solaris is fully compliant with European data protection regulations.


For official documentation and due diligence verification, visit the [Solaris Licenses & security page ↗](https://www.solarisgroup.com/en/license/).

## API data formats

The following standards apply specifically to data formatting within API requests and responses.

| Standard | Description | Reference | Example |
|  --- | --- | --- | --- |
| **Country Codes** | ISO 3166-1 alpha-2 | [Wikipedia](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements) | `DE`, `FR`, `ES` |
| **Currency Codes** | ISO 4217 | [Wikipedia](https://en.wikipedia.org/wiki/ISO_4217) | `EUR` |
| **State Codes** | ISO 3166-2 (Germany) | [Wikipedia](https://en.wikipedia.org/wiki/ISO_3166-2:DE) | `BE` (Berlin) |
| **Dates & Times** | ISO 8601 | [Wikipedia](https://en.wikipedia.org/wiki/ISO_8601) | `2023-12-31T23:59:59Z` |
| **Phone Numbers** | E.164 | [Wikipedia](https://en.wikipedia.org/wiki/E.164) | `+491701234567` |


### Character encoding

The Solaris API uses **UTF-8** encoding.

KYC Restriction
For all fields related to **Customer Data** (Names, Addresses), Solaris only accepts **UTF-8 Latin characters**. Submitting other character sets (e.g., Cyrillic, Kanji) will cause the KYC flow to fail.

## The Money object

Solaris does **not** use floating-point numbers for financial amounts. Instead, all monetary values (`amount`, `balance`, `fee`, `charge`) use a structured **Money Object**.

### Properties

| Property | Type | Description |
|  --- | --- | --- |
| `value` | integer | The amount in the smallest unit (e.g., Cents). |
| `unit` | string | The unit of currency. Currently only `cents`. |
| `currency` | string | The currency code. Currently only `EUR`. |
| `precision` | integer | (Optional) The decimal precision of the value. |


### Example

To represent **€10.00**, you send a value of `1000` cents.


```json
{
  "amount": {
    "value": 1000,
    "unit": "cents",
    "currency": "EUR",
    "precision": 2
  }
}
```

## SEPA character set

The European Payments Council (EPC) limits the characters allowed in SEPA transactions ([EPC217-08](https://www.europeanpaymentscouncil.eu/sites/default/files/KB/files/EPC217-08%20Draft%20Best%20Practices%20SEPA%20Requirements%20for%20Character%20Set%20v1.1.pdf)). Solaris enforces this restricted set on the following fields:

* **Credit Transfers:** `recipient_name`, `end_to_end_id`, `description`.
* **Direct Debits:** `end_to_end_id`, `description`, `mandate.reference`, `mandate.debtor_name`.


### Allowed characters


```text
a b c d e f g h i j k l m n o p q r s t u v w x y z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9
/ - ? : ( ) . , ' +
```

### Formatting rules

1. **No leading spaces.**
2. **Slashes (`/`):**
  * Cannot start or end with a slash.
  * Cannot contain double slashes (`//`).
3. **Extended Characters:** Solaris automatically converts extended Latin characters (e.g., `ö` $\rightarrow$ `o:`) according to EPC guidelines.


### Escaping and length

Solaris must escape specific characters internally. This affects the character count limit.

| Character | Escaped As | Count Impact |
|  --- | --- | --- |
| `'` (Single Quote) | `'` | Counts as **6 characters** |


## Merchant Category Codes (MCC)

Solaris uses standard Merchant Category Codes for transaction classification.

* [Visa Merchant Data Standards](https://usa.visa.com/content/dam/VCOM/download/merchants/visa-merchant-data-standards-manual.pdf)
* [Mastercard MCC Reference](https://www.mastercard.us/content/dam/public/mastercardcom/na/global-site/documents/quick-reference-booklet-merchant.pdf)


## Return codes

Return codes for SEPA R-transactions (Refunds, Returns, Rejects) follow the [EPC173-14](https://www.europeanpaymentscouncil.eu/document-library/guidance-documents/epc-guidance-reason-codes-sepa-direct-debit-r-transactions) standard.