Barclays mobile banking app does not display payment consent flow

Description

Whenever Barclays updates terms and conditions (e.g. when the BMB app is updated) or otherwise requires interaction from the PSU (e.g. when requesting confirmation that mailing address or other contact details are up to date), this is displayed with priority over any other UI element.

This leads to the problem that when a PSU is redirected to the BMB app from an AISP or PISP, and the app requires the above attention, the AISP or PISP consent flow is not displayed. Once the terms consent or confirmation of contact details or other interaction is complete, the PSU is dumped into the home page of the app, as if the app was never opened due to an AISP or PISP request. This makes the AISP/PISP journey extremely complex for the PSU, as they will have to manually navigate back to the TPP (or TPP's customer, for platform TPPs), and figure out how to restart the consent process, since this flow is not specified or supported by OB CEG.

To correctly support app2app/web2app, all ASPSP mobile banking apps should ensure that if they require an immediate prioritised action to interrupt the AISP/PISP user journey, they should afterwards resume the AISP/PISP user journey reliably. Otherwise, this is effectively the same as an outage of the dedicated interface.

Since mobile apps are frequently updated, this is an important fix that should be implemented by all ASPSPs with mobile apps; it is also worth calling out in the CEG.

Technical Impact

None

Workaround

None

Resolution Notes

None

Impact Assessment

None

Status

Assignee

Unassigned

Reporter

Service Desk

Reference

None

Service Desk Reference

OBSD-8206

ASPSP

Query Type

App to App

TPP Impact

High

TPP

OB Environment

Production

Business Impact Severity

None

Share

Yes
Configure