Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 20 Next »

OB Standards
Implement Open Data v2.2N/A
Implement Read/Write API Specification v3.1

14/09/2019 -AIS

15/05/2020 -PIS


Implement Customer Experience Guidelines v1.1Yes
Implement App-to-App RedirectionN/A
Implement OB Security Profile Implementer's Draft v1.1.2N/A
Implement FAPI Profile Implementers Draft 2

Implement CIBA Profile Implementers Draft 1N/A
Implement Dynamic Client Registration v1.1N/A
Implement Dynamic Client Registration v3.1N/A
Decommission Read/Write API Specification v1.x/2.xN/A
Decommission OB Security Profile Implementer's Draft v1.xN/A
Method of Identification
Commence support for eIDAS QWAC certificates14/09/2019
Commence support for eIDAS QSEAL certificates
 

Commence support for OBIE QWAC-like certificates

N/A
Commence support for OBIE QSEAL-like certificatesN/A
Cease support for OBIE non eIDAS-like certificates for transportN/A
Cease support for OBIE non eIDAS-like certificates for signingN/A
Support for MTLS token endpoint authentication

Support for private_key_jwt token endpoint authentication

Cease support for client id and client secret token endpoint authentication

Post Brexit Certificate Implementation
PRE-BREXIT - Certificates Accepted (until 31st Dec 2020)
  • eIDAS QWAC
  • eIDAS QSealC
  • OB legacy (obtransport, obsigning)
  • OBWAC
  • OBSeal
  • Other (Please define) 

POST-BREXIT TRANSITION - Certificates Accepted (1st Jan 2021 - 30th Jun 2021)
  • eIDAS QWAC
  • eIDAS QSealC
  • OB legacy (obtransport, obsigning)
  • OBWAC
  • OBSeal
  • Other (Please define) 

eIDAS QWAC and QSeal for EU TPPs

and 

OBWAC and OBSeal for UK based TPPs

POST-BREXIT POST TRANSITION - Certificates Accepted (from 1st Jul 2021)
  • eIDAS QWAC
  • eIDAS QSealC
  • OB legacy (obtransport, obsigning)
  • OBWAC
  • OBSeal
  • Other (Please define) 

eIDAS QWAC and QSeal for EU TPPs

and 

OBWAC and OBSeal for UK based TPPs

Planned Implementation Date to Satisfy FCA's Post Transition



TPP PSU Migration Outcomes Supported



POST-BREXIT Certificate Implementation Status (updated by OBIE IES team)



Implementation

Directory?

Preta

Location of Well Known Endpoints?

Dev Portal – URL : https://developer.wellsfargo.com/apis

API Standard Implemented?

Open Banking v3.1

Name of Account Holder Implementation Date?




Date of Current eIDAS Implementation?Q4 2019

Current Certificates used for Identification?

QWAC + ClientID +Secret



Current Certificates used for Transport?QWAC

Current Certificates used for Signing?N/A

Date of Future eIDAS Implementation?Q4 2020

Future Certificates used for Identification?QWAC + ClientID +Secret

Future Certificates used for Transport?

QWAC 



Future Certificates used for Signing?QSEAL

Major Milestones

  1. Test Facility (Sandbox) Open Banking API Standards 3.1 Live -14th March 2019
  2. Stress Testing (Sandbox) Open Banking API Standards 3.1 -13th February 2019.
  3. AIS - Open Banking API Standards 3.1 Live - 14th September 2019.
  4. PIS - Open Banking API Standards 3.1 Live - 15th May 2020
  5. PRETA directory Maintenance and Validation services  - 14th September 2019.
SCA via 2- Factor authentication – Password (knowledge) and Token (possession) and consent Flow as outlined in OBIE Customer Experience Guidelines  - 14th September 2019.

Brand(s)


Security Profile?


Security Profile Certification?


CIBA

N/A

Using Open Banking as your eIDAS Trust Framework?No

Are you caching the Directory?Yes - Preta

Transaction IDsOption 2
  1. ASPSPs provide a Unique, Immutable TransactionID from their core system
  2. ASPSPs generate a Unique TransactionID from a set of Immutable fields
  3. ASPSPs specify field(s) for TPP to generate a Unique Transaction Identifier
  4. ASPSPs provide neither a TransactionID nor the method by which TPPs can generate one

Customer Journey

Implementing Customer Experience Guidelines?

Yes


Current CEG Version?

Next CEG Version?

Next Version Implementation Date

Implementing Bespoke User Journeys?

Yes

Implementing App to App?

Yes
App to App Implementation Date?N/A
Options on 90 day re-authentication?90 Day Re-Authentication for AISP

Support Embedded Flow?

No
PSD2

Dispute Management System?

No
FCA Adjustment Period - Maintaining Screen Scraping?No

Seeking Fallback Exemption?

Exemption Granted Exemption granted on 3rd Jan 2020.

Adjusted or Fallback Interface?

No
Adjusted or Fallback URL?N/A
Contact Email or Phone Number?

Dev Portal URL?https://developer.wellsfargo.com/apis

Test Facility Implementation Date?

 
Production Interface Implementation Date? 
Contingency Measures

Article 10 - Maximum time period after authentication?90 Days
Article 10 - Endpoints exempt of SCAAccounts,Balances, Transactions

Authentication Method - Open Banking Channel (Browser)?

Yes. For the API based Dedicated Interface we will be using the Redirect Method of Authentication with OAUTH2.


Authentication Method - Open Banking Channel (APP)?

N/A


Authentication Method - Private Channel (Browser)?

Yes. For the Direct access channels we will be using the 2FA Authentication which will include (password) Knowledge and (Token) Possession for both Account Information Services and Payment Initiation Services.


Authentication Method - Open Banking Channel (APP)?

N/A

Authentication Method Implementation Date (Open Banking Channel)?

 

Authentication Method Implementation Date (Private Channel)?

 

SCA Implementation Date?

 
SCA Scope? (will it inhibit non PSD2 accounts)

Our scope only includes PSD2 accounts. Non PSD2 accounts will not be inhibited.


Key Implementations

High Cost Credit

TBC

After Waiver 7 Expiry (16/06/20) option supported: Option 1 - The parameter b64 being set to FALSE OR Option 2 - The b64 claim not being in the header

N/A


  • No labels