Versions Compared

Old Version 83

changes.mady.by.user Adam Bailey

Saved on

compared with

New Version 84

changes.mady.by.user Praveen Ponnumony

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Panel
titleColorBlack
borderStyledashed
titleOB Standards

This Section applies to ASPSPs that have implemented OB Standards

Page Properties
iconfalse
idTC-OB Standards


-Have you Implemented OB Standards?
  •  Yes
  •  No

Open Data - Which version have you Implemented?
  •  None
  •  V2.2
  •  V2.3
  •  V2.4

Read/Write API Specification Implemented or planning to implement

(Lowest version = Current, Highest version = Planned)

  •  V3.0
  •  V3.1
  •  V3.1.1
  •  V3.1.2
  •  V3.1.3
  •  V3.1.4
  •  V3.1.5
  •  V3.1.6
  •  V3.1.7
  •  V3.1.8
  •  V3.1.9
  •  V3.1.10

AISP, CBPII & PISP - v3.1.10 (Also compatible with v3.1)

Read/Write API - Which date are you planning to implement your latest version?

Dynamic Client Registration - Which version have you Implemented or planning to implement?

(Lowest version = Current, Highest version = Planned)

  •  None
  •  V3.1
  •  V3.2
  •  V3.3

DCR - Which date are you planning to implement your latest version?

Have you implemented Trusted beneficiaries, if not date planned to Implement?

  •  Already Implemented
  •  Planning to implement
  •  Not planning to implement 
Not Applicable 

Have you implemented Reverse Payments, if not date planned to Implement?

  •  Already Implemented
  •  Planning to implement
  •  Not planning to implement 
Not Applicable 

Have you implemented ECA Standard?

  •  Already Implemented
  •  Planning to implement
  •  Not planning to implement 

ECA Implementation details


Contact: [enter contact details for the relevant person(s) at your organisation]

[You can use this space to provide your status with respect to the Standard]

Have you implemented Bulk/File Payments?

  •  Already Implemented
  •  Planning to implement
  •  Not planning to implement 

Have you implemented VRP – Sweeping, if not date planned to Implement?

  •  Already Implemented
  •  Planning to implement
  •  Not planning to implement 

Have you implemented VRP non-Sweeping, if not date planned to Implement?

  •  Already Implemented
  •  Planning to implement
  •  Not planning to implement 

Contact: [enter contact details for the relevant person(s) at your organisation]

[You can use this space to provide implementation details relevant to VRP]
PISP - Single Payment Limit£
PISP - Daily Payment Limit£
How many months of transaction do you provide?6 MonthsLast 6 Months worth of transactions
Are you planning to implement TRIs(Transactional Risk Indicator enhancements included in v3.1.10), if so, implementation date?

What is your approach to Implementing TRIs?
  •  Accept payload with TRI fields – Process all fields
  •  Accept payload with TRI fields – Ignore all fields
  •  Reject payload with TRI fields – Error back to TPP
  •  Accept payload with TRI fields – Process few fields (Provide list of accepted fields)  



...

Panel
borderStyledashed
titleSCA-RTS 90-day reauth Implementation


Page Properties
idSCA-RTS


Planned / In-progress / Implemented / TBC

Which date are you planning on implementing the SCA reauthentication exemption?


We implemented this on 14/11/2022.

See the below for reference.

What is your approach to token management to enable application of the reauthentication exemption? (see link to FCA guidance)


  • As part of v3.1.10 Implementation, Vanquis will introduce a long lived refresh token of 60 years.
  • Consent will not be expire and if the consent is revoked then need to create new consent.
  • AIS consents created after implementation of v3.1.10 will no longer require re-authentication every 90 days. The new rules in place will ask for customer reconfirmation with the AISP not ASPSP.
  • Consents issued and authorised before v3.1.10 implementation will remain valid for 90 days.
  • There are no changes to Vanquis current implementation of Access Tokens. Third parties should continue to pass OAuth credentials in a Get Access Token call.  In response, the Vanquis authorisation server issues an access token, reuse the access token until it expires. When it expires, you can get a new token.
Article 10A - Endpoints exempt of SCA-RTS
  •  

    Accounts

  •  

    Transactions (90days)

  •  

    Balances

  •  

    Standing orders

  •  

    Direct debits

  •  

    Beneficiaries

  •  

    Products

  •  

    Offers

  •  

    Parties

  •  

    Scheduled Payments

  •  

    Statements


Article 10A - Endpoints not exempt of SCA-RTS
  •  

    Transactions (more than 90days)

  •  

    Standing orders

  •  

    Direct debits

  •  

    Beneficiaries

  •  

    Products

  •  

    Offers

  •  

    Parties

  •  

    Scheduled Payments

  •  

    Statements


Article 10A - Maximum time period after authentication
Please specify the time period in minutes
SCA-RTS implementation status (updated by OBIE PS team only)

Status
colourGreen
titleImplemented





Panel
titleColorBlack
borderStyledashed
titleSecurity Profile


Page Properties
idID-Production


-Which Security profile have you Implemented or planning to implement?

(Lowest version = Current, Highest version = Planned)

  •  OB Security Profile (Legacy)
  •  FAPI
  •  Other (Please define) 

Security Profile - Next Planned Version Implementation Date



CIBA Profile - Implemented or planning to implement

(Lowest version = Current, Highest version = Planned)

  •  None
  •  CIBA
  •  CIBA FAPI Profile

CIBA Profile - Next Planned Version Implementation Date

Security Profile Certification date?
 05/12/2019
https://openid.net/certification/#FAPI_OPs
Token Endpoint Authentication Methods Supported
  •  
    client_secret_post
  •  
    client_secret_basic
  •  
    client_secret_jwt
  •  
    tls_client_auth
  •  Private_key_jwt

Planned date to Cease support for client id and client secret token endpoint authenticationn/a
POST-BREXIT POST TRANSITION - Certificates Accepted (from 1st Jul 2021)
  •  eIDAS QWAC
  •  eIDAS QSealC
  •  OB legacy (obtransport, obsigning)
  •  OBWAC
  •  OBSeal
  •  Other (Please define) 



...

Panel
titleColorBlack
borderStyledashed
titlePSD2


Page Properties
idTC-PSD2


-Which Directory are you using as your Trust Framework?Open Banking
Are you caching the Directory?No
Transaction IDs Supported

Are you enrolled to Dispute Management System?

  •  Yes
  •  No

Are you Seeking Fallback Exemption?

  •  Yes
  •  No

Exempted. 

Article 10 - Maximum time period after authenticationN/A
Article 10 - Endpoints exempt of SCA

Accounts, Balances, Transactions, Products, Offers, Statements


Major Milestones

Completed

  - Decommissioning of legacy web application 'eVanquis'

 - Migration to internally hosted Test Facility.

 - Implementation of eIDAS certificates.

  - SCA Implementation on Web Channel for Open Banking 

  - Payment Initiation APIs implemented (Money Transfer)

  - Payment Initiation APIs implemented (Balance Transfer)

  - Implemented Open Banking Version 3.1.10.


Brand(s)




Panel
titleColorBlack
borderStyledashed
titleASPSP Dev Portal and Contact Details


Page Properties
idTC-C


Location of Well Known Endpoints

OB Technical Directory and OB ASPSP Implementation GuideImplementation Guide: Vanquis Bank

Modified Customer Interface URL (if applicable)



Dev Portal URLhttps://www.vanquis.co.uk/developer-portal
Test Facility URL

Brand Landing Pages URL
[You can use this space to explain your guidance on using Brand logos]

ASPSP Support Desk Email or Phone Number

(including queries about consent success rates) 

openbankingsupport@vanquisbank.co.uk



...