# Security
At Intergiro, we proudly support strong security measures and endorse the mission to give users control over their payment experience and security online.
For this reason, some actions cannot be fully automated and require explicit user actions to be completed.
To approve or reject payments for non-trusted beneficiaries and to ensure compliance to PSD2 SCA regulations, the user will be asked to go through SCA (Strong Customer Authentication) to send payments. To send payments via API, the first step is to send POST /v1/bulk_payments
with one or more payment details and source account id. After a payment is created, a user with proper permissions should navigate to the Intergiro Customer Portal (opens new window) and approve API pending payments.
# Send payment(s) via API
As part of the payment sending process, when using the API POST /v1/bulk_payments
endpoint, the payments will be in pending approval status. These payments can then be found on the Intergiro Customer Portal Payments (opens new window) page. Users with appropriate permissions should approve/reject the list of payments created via API.
Trusted beneficiaries
While processing any API payments approval step in the Customer Portal, you will be provided with the option to add these beneficiaries to a trusted list. For security reasons and to comply with Strong Customer Authentication requirements and exemptions, when a new beneficiary is added to the API payment batch, a first manual payment approval will be required.
When "Trust beneficiaries" option is enabled during a successful payment approval flow, all subsequent payments to the same beneficiaries will proceed directly without the need for manual authentication.
Check the beneficiaries endpoint to learn how to create payments to trusted beneficiaries.