Implement OB Security Profile Implementer's Draft v1.1.2
COMPLETE
Implement FAPI Profile Implementers Draft 2
TBC
Plans to be confirmed
Implement CIBA Profile Implementers Draft 1
TBC
Plans to be confirmed
Implement Dynamic Client Registration v1.1
Not Delivered
Implement Dynamic Client Registration v3.1
TBC
Plans to be confirmed
Decommission Read/Write API Specification v1.x/2.x
TBC - No Plans
Decommission OB Security Profile Implementer's Draft v1.x
TBC - No Plans
Article 10 SCA Exemption (for 90 days)
N / A
Barclays provide access for a maximum period of 90 days if requested, however we will require no additional authorisation should the PSU consent to more than 90 days worth of data
Resources covered (delete as appropriate): Accounts, Balances, Transactions, Beneficiaries, Direct Debits, Standing Orders, Products, Offers, Parties, Scheduled Payments, Statements
Method of Identification
Commence support for eIDAS QWAC certificates
TBC
Plans to be confirmed
Commence support for eIDAS QSEAL certificates
TBC
Plans to be confirmed
Commence support for OBIE QWAC-like certificates
TBC
Plans to be confirmed
Commence support for OBIE QSEAL-like certificates
TBC
Plans to be confirmed
Cease support for OBIE non eIDAS-like certificates for transport
TBC - No Plans
Cease support for OBIE non eIDAS-like certificates for signing
TBC - No Plans
Support for MTLS token endpoint authentication
TBC - No Plans
Support for private_key_jwt token endpoint authentication
June 2019
Cease support for client id and client secret token endpoint authentication
TBC - No Plans
Implementation
Directory?
Open Banking
Location of Well Known Endpoints?
OB Technical Directory
API Standard Implemented?
Open Banking
Name of Account Holder Implementation Date?
September 2019
Supported identification method?
OB identity provider service
OB-WAC / OB-SEAL from September
Major Milestones
v3.1 –
v3.1.1 –
Products
Current Accounts (Personal and Business) – V3.1 Live 14 March
Current Accounts (Corporate) – V3.1 Live 18 March
Savings Accounts (Personal and Business) – v3.1 Live 14 March when authenticated via Online Banking (due to be included in Mobile Banking in May)
Barclaycard – v3.1 Live 14 March when authenticated via Barclaycard Online Banking (due to be included in Mobile Banking in June)
Corporate Credit Cards for SMEs – v3.1 Live 14 March
Corporate Credit Cards for Large Corporates – Will be v3.1 due before September 14th (date being firmed up)
Currency Accounts (Personal and Business) – v3.1 Live 14 March when authenticated via Online Banking (due to be included in Mobile Banking in June)
Currency Accounts (Corporate) – v3.1 Live 14 March
Pingit E-Wallets – v3.1 Due to be live by 14 June
(Inc Other Products, API Updates, API Deprecations, etc)
FAPI Compliant?
Yes
CIBA
TBC
Using Open Banking as your eIDAS Trust Framework?
Are you caching the Directory?
Transaction IDs
March 2019 - Option 3 Supported
3 (longer term commitment to option 1)
Customer Journey
Implementing Customer Experience Guidelines?
Yes
Implementing Bespoke User Journeys?
No
Implementing App to App?
Yes
App to App Implementation Date?
Live
Options on 90 day re-authentication?
90 day re-authentication required across all Open Banking flows
Support Embedded Flow?
No
PSD2
Dispute Management System?
Yes
FCA Adjustment Period - Maintaining Screen Scraping?