Implement OB Security Profile Implementer's Draft v1.1.2
N/A
Implement FAPI Profile Implementers Draft 2
Implement CIBA Profile Implementers Draft 1
N/A
Implement Dynamic Client Registration v1.1
N/A
Implement Dynamic Client Registration v3.1
TBC
Decommission Read/Write API Specification v1.x/2.x
16th Jan 2020
V1.1 of our Account Information API endpoints will be deprecated on the 16th of January 2020.
Decommission OB Security Profile Implementer's Draft v1.x
N/A
AIB supports v1.1.0
Method of Identification
Commence support for eIDAS QWAC certificates
05 Sept 2019
Commence support for eIDAS QSEAL certificates
Commence support for OBIE QWAC-like certificates
N/A
Commence support for OBIE QSEAL-like certificates
Cease support for OBIE non eIDAS-like certificates for transport
Cease support for OBIE non eIDAS-like certificates for signing
Support for MTLS token endpoint authentication
N/A
Support for private_key_jwt token endpoint authentication
Cease support for client id and client secret token endpoint authentication
Implementation
Directory?
Open Banking
Location of Well Known Endpoints?
OB Technical Directory and Dev Portal
API Standard Implemented?
Open Banking
Name of Account Holder Implementation Date?
TBC
No confirmed date in short or medium term
Date of Current eIDAS Implementation?
Current Certificates used for Identification?
OB Transport + ClientID + Secret OBWAC / OBSEAL/ QWAC
Current Certificates used for Transport?
OB Transport / OBWAC / QWAC
Current Certificates used for Signing?
OB Signing / OBSEAL / QSEAL
Date of Future eIDAS Implementation?
Future Certificates used for Identification?
QWAC / QSEAL
Future Certificates used for Transport?
QWAC
Future Certificates used for Signing?
OB Signing / OBSEAL/ QSEAL
Major Milestones
N/A
(Inc Other Products, API Updates, API Deprecations, etc)
Brand(s)
Security Profile?
Open Banking V1.X
Security Profile Certification?
No
CIBA
N/A
Using Open Banking as your eIDAS Trust Framework?
Yes, JWKS for TPP’s and the EC trusted list for eIDAS QTSP’s
Are you caching the Directory?
Yes
Transaction IDs
Date TBC - Option 4 Supported
4. ASPSPs provide neither a TransactionID nor the method by which TPPs can generate on
Customer Journey
Implementing Customer Experience Guidelines?
Yes
Implementing Bespoke User Journeys?
No
Implementing App to App?
Yes
App to App Implementation Date?
Options on 90 day re-authentication?
At log in after 90 days the customer will have to re-authenticate.
Support Embedded Flow?
No
PSD2
Dispute Management System?
Yes
FCA Adjustment Period - Maintaining Screen Scraping?
Yes
Seeking Fallback Exemption?
Yes
The FCA have minded to exempt AIB from the requirement to build a contingency mechanism for the “AIB Retail API Channel”. The exemption is dependent on the Confirmation of Funds for Credit Cards API going live before 14 March 2020.
Authentication Method Implementation Date (Open Banking Channel)?
AIB are currently aligned with the FCA adjustment period – SCA will be implemented in Q1 2020
Authentication Method Implementation Date (Private Channel)?
AIB are currently aligned with the FCA adjustment period – SCA will be implemented in Q1 2020
SCA Implementation Date?
Q1 2020
SCA applied as planned through January to March.
SCA Scope? (will it inhibit non PSD2 accounts)
SCA will be implemented across all channel interactions regardless of account type, however non PSD2 accounts will not be exposed via our Open Banking API’s.