MTLS against OB Certificates, Investigating implementation of eIDAS certificates at present with a view towards implementation pre September.
Major Milestones
Releasing at Version 3.1, no plans for subsequent versions as of yet.
FAPI Compliant?
Yes
CIBA
N/A
Using Open Banking as your eIDAS Trust Framework?
Yes
Are you caching the Directory?
No
Transaction IDs
Panel
borderStyle
dashed
title
Customer Journey
Page Properties
id
TC-CJ
Implementing Customer Experience Guidelines?
Yes
Implementing Bespoke User Journeys?
No
Implementing App to App?
No
App to App Implementation Date?
No
Options on 90 day re-authentication?
Same as our online journey. PSU needs to re-authenticate as per standard Open Banking AIS journey (TPP will redirect PSU to AlphaFX login screen, select account, re-authenticate, redirected back to app)
Support Embedded Flow?
No
...
Panel
titleColor
Black
borderStyle
dashed
title
PSD2
Page Properties
id
TC-PSD2
Dispute Management System?
Yes (See notes)
We have our own operational process in place but are going to evaluate whether it would be better served utilising the DMS.
Seeking Fallback Exemption?
Yes
Adjusted or Fallback Interface?
We are planning to scope the work required for a fallback interface should the exemption fail so that the interface fallback can be confirmed as possible within the required 2 month window. If exemption is achieved we’ll keep the implementation plan for the fallback in place for the possible revocation of the exemption.
Adjusted or Fallback URL?
Contact Email or Phone Number?
Dev Portal URL?
Test Facility Implementation Date?
Production Interface Implementation Date?
Authentication Method - Open Banking Channel (Browser)?
Login credentials (Username and password) + SMS OTP to begin with, then as we move to our SCA solution we will have:
Biometric + Trusted device
Password + Trusted Device
SMS OTP + Password (for clients without our mobile app)
Authentication Method - Open Banking Channel (APP)?
See Authentication Method - Open Banking Channel (Browser)? above