Versions Compared

Version Old Version 54 New Version 55
Changes made by

Dawn French

Praveen Ponnumony

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Panel
titleColorBlack
borderStyledashed
titleOB Standards

This Section applies to ASPSPs that have impletemented OB Standards


Page Properties
iconfalse
idTC-OB Standards


-Have you Implemented OB Standards?
  •  Yes
  •  No

Open Data - Which version have you Implemented?
  •  None
  •  V2.2
  •  V2.3
  •  V2.4

Read/Write API Specification Implemented or planning to implement

(Lowest version = Current, Highest version = Planned)

  •  V3.0
  •  V3.1
  •  V3.1.1
  •  V3.1.2
  •  V3.1.3
  •  V3.1.4
  •  V3.1.5
  •  V3.1.6
  •  V3.1.7
  •  V3.1.8

Read/Write API - Which date are you planning to implement your latest version?
v3.1.7 minor changes to enable conformance tool expected in July 2021.

Dynamic Client Registration - Which version have you Implemented or planning to implement?

(Lowest version = Current, Highest version = Planned)

  •  None
  •  V3.1
  •  V3.2
  •  V3.3

DCR - Which date are you planning to implement your latest version?

Have you implemented Trusted beneficiaries, if not date planned to Implement?

  •  Already Implemented
  •  Planning to implement
  •  Not planning to implement 

Have you implemented Reverse Payments, if not date planned to Implement?

  •  Already Implemented
  •  Planning to implement
  •  Not planning to implement 

Have you implemented ECA Standard?

  •  Already Implemented
  •  Planning to implement
  •  Not planning to implement 

ECA Implementation details


Contact: [enter contact details for the relevant person(s) at your organisation]

[You can use this space to provide your status with respect to the Standard]

Have you implemented Bulk/File Payments?

  •  Already Implemented
  •  Planning to implement
  •  Not planning to implement 

Have you implemented VRP – Sweeping, if not date planned to Implement?

  •  Already Implemented
  •  Planning to implement
  •  Not planning to implement 

PISP - Single Payment Limit£10,000Payments outside of NBS are limited to the Faster Payments limit of £10,000.
PISP - Daily Payment Limit£no daily payment limit subject to account balance.
How many months of transaction do you provide?15months at initial authorisation, after that it is 90 days with additional data available via our statements API



...

Post Brexit Certificate ImplementationPlanned for 1/7/2021
Panel
titleColorBlack
borderStyledashed
titleSecurity Profile


Page Properties
idID-Production


-Which Security profile have you Implemented or planning to implement?

(Lowest version = Current, Highest version = Planned)

  •  OB Security Profile (Legacy)
  •  FAPI
  •  Other (Please define) 

Security Profile - Next Planned Version Implementation Date
No further planned implementations
CIBA Profile - Implemented or planning to implement

(Lowest version = Current, Highest version = Planned)

  •  None
  •  CIBA
  •  CIBA FAPI Profile

CIBA Profile - Next Planned Version Implementation Date
 

Security Profile Certification date?


FAPI compliance achieved 27/5/2021.  No further planned implementations
Token Endpoint Authentication Methods Supported
  •  
    client_secret_post
  •  
    client_secret_basic
  •  
    client_secret_jwt
  •  
    tls_client_auth
  •  Private_key_jwt

Planned date to Cease support for client id and client secret token endpoint authentication Support for client_secret basic ceased on 26/5/2021.
Panel
borderStyledashed
title
Page Properties
idStandards-Production
POST-BREXIT
TRANSITION - Certificates Accepted (1st Jan 2021 - 30th Jun 2021)
  •  eIDAS QWAC
  •  eIDAS QSealC
  •  OB legacy (obtransport, obsigning)
  •  OBWAC
  •  OBSeal
  •  Other (Please define) 
POST
-BREXIT POST
TRANSITION - Certificates Accepted (from 1st Jul 2021)
  •  eIDAS QWAC
  •  eIDAS QSealC
  •  OB legacy (obtransport, obsigning)
  •  OBWAC
  •  OBSeal
  •  Other (Please define) 
Note: Legacy certs will still be accepted for COP participants
.		Planned Implementation Date to Satisfy FCA's Post Transition
.
TPP PSU Migration Outcomes Supported (see eIDAS Migration Playbook)

TPP’s registered with tls_client_auth authentication method to update their subject DN information using DCR PUT method (PUT endpoint will be live post our DCR v3.3 release in May 2021

Migration is now complete @ 26/5/2021POST-BREXIT Certificate Implementation Status (updated by OBIE IES team)Ready




Panel
titleColorBlack
borderStyledashed
titleCustomer Journey


Page Properties
idTC-CJ


-What is your approach to Implementing OBIE Customer Experience Guidelines (CEG)?

(tick all that apply)

  •  Already Implemented
  •  Planning to implement or upgrade
  •  Not planning to implement CEG

Which version have you implemented or planning to implement?

(Lowest version = Current, Highest version = Planned)

  •  V3.1.2
  •  V3.1.3
  •  V3.1.4
  •  V3.1.5
  •  V3.1.6
  •  V3.1.7
  •  V3.1.8

Which date are you planning to implement your latest CEG version?
Nest material change to CEG will be as a result of Sweeping under v3.1.8 R/W APIs once mandated.
Redirection Model
  •  App to App redirection
  •  Decoupled authentication
  •  Embedded Flow
  •  Bespoke User Journeys

Options on 90 day re-authentication?

In line with A10 SCA RTS.




Panel
titleColorBlack
borderStyledashed
titlePSD2


Page Properties
idTC-PSD2


-Which Directory are you using as your Trust Framework?Open Banking
Are you caching the Directory?Yes, 24hrs
Transaction IDs SupportedMarch 2019 - Option 1 SupportedASPSPs provide a Unique, Immutable TransactionID from their core system

Are you enrolled to Dispute Management System?

  •  Yes
  •  No

Are you Seeking Fallback Exemption?

  •  Yes
  •  No


Article 10 - Maximum time period after authentication1 HourWhen Strong Customer Authentication  (SCA) is completed, you will be able to access all account information the customer has agreed they can access during the initial session (1 hour duration). For subsequent requests we will support requests for accounts, balances and for up to 90 days history of transactions data for 90 days following the authentication (provided the customer has allowed access for this period to the TPP)
Article 10 - Endpoints exempt of SCA

14th September 2019

  • GET /Accounts
  • GET /accounts/{AccountId}
  • GET /accounts/{AccountId}/balances
  • GET /accounts/{AccountId}/transactions
  • Access to accounts endpoints allows retrieval of the AccountId to call balance and transaction endpoints
  • Once initial SCA has been completed you will be able to access the following account information endpoints without SCA (provided the customer has allowed access on an enduring basis to the TPP)
    • GET /Accounts
    • GET /accounts/{AccountId}
    • GET /accounts/{AccountId}/balances
    • GET /accounts/{AccountId}/transactions
    • Access to accounts endpoints allows retrieval of the AccountId to call balance and transaction endpoints
Major Milestones

V3.1 14 June 2019

Offers endpoint 14 Sep 2019


Brand(s)



...

Panel
titleColorBlack
borderStyledashed
titleASPSP Dev Portal and Contact Details


Page Properties
idTC-C


Location of Well Known Endpoints

OB Technical Directory

Modified Customer Interface URL (if applicable)



Dev Portal URLwww.nationwidedeveloper.co.uk
Test Facility URL

ASPSP Support Desk Email or Phone Number

NationwideOpenBanking@nationwide.co.uk



...