UBS AG

Post Brexit Certificate Implementation

PRE-BREXIT - Certificates Accepted (until 31st Dec 2020)	eIDAS QWAC eIDAS QSealC OB legacy (obtransport, obsigning) OBWAC OBSeal Other (Please define)
POST-BREXIT TRANSITION - Certificates Accepted (1st Jan 2021 - 30th Jun 2021)	eIDAS QWAC eIDAS QSealC OB legacy (obtransport, obsigning) OBWAC OBSeal Other (Please define)
POST-BREXIT POST TRANSITION - Certificates Accepted (from 1st Jul 2021)	eIDAS QWAC eIDAS QSealC OB legacy (obtransport, obsigning) OBWAC OBSeal Other (Please define)
Planned Implementation Date to Satisfy FCA's Post Transition
TPP PSU Migration Outcomes Supported
POST-BREXIT Certificate Implementation Status (updated by OBIE IES team)

Implementation

Directory?	Other
Location of Well Known Endpoints?	Developer Portal
API Standard Implemented?	The Berlin Group	PSD2 compliant XS2A
Name of Account Holder Implementation Date?	Completed - 14 Jun 2019
Date of Current eIDAS Implementation?		QWAC
Current Certificates used for Identification?
Current Certificates used for Transport?
Current Certificates used for Signing?
Date of Future eIDAS Implementation?	No future update currently planned.
Future Certificates used for Identification?
Future Certificates used for Transport?
Future Certificates used for Signing?
Major Milestones
Brand(s)
Security Profile?		The Open ID Foundation's Financial Grade API (FAPI) is not used
Security Profile Certification?
CIBA	No	The Open ID Foundation's Financial Client Initiated Back-Channel Authentication is not used)
Using Open Banking as your eIDAS Trust Framework?	No
Are you caching the Directory?	No
Transaction IDs		ASPSPs provide a Unique, Immutable TransactionID from their core system ASPSPs generate a Unique TransactionID from a set of Immutable fields ASPSPs specify field(s) for TPP to generate a Unique Transaction Identifier ASPSPs provide neither a TransactionID nor the method by which TPPs can generate one

Customer Journey

Implementing Customer Experience Guidelines?	No
Current CEG Version?
Next CEG Version?
Next Version Implementation Date
Implementing Bespoke User Journeys?	No
Implementing App to App?	No
App to App Implementation Date?	N/A
Options on 90 day re-authentication?	90 day re-authentication	No option offered
Support Embedded Flow?	No

PSD2

Dispute Management System?	No
FCA Adjustment Period - Maintaining Screen Scraping?
Seeking Fallback Exemption?	Yes
Adjusted or Fallback Interface?	No
Adjusted or Fallback URL?	N/A
Contact Email or Phone Number?
Dev Portal URL?	https://www.ubs.com/uk/en/wealth-management/our-service/banking-solutions/psd2.html
Test Facility Implementation Date?	14 Mar 2019
Production Interface Implementation Date?
Contingency Measures
Article 10 - Maximum time period after authentication?
Article 10 - Endpoints exempt of SCA
Authentication Method - Open Banking Channel (Browser)?	Redirection
Authentication Method - Open Banking Channel (APP)?	N/A	Not offered
Authentication Method - Private Channel (Browser)?	N/A	Not offered
Authentication Method - Open Banking Channel (APP)?	N/A	Not offered
Authentication Method Implementation Date (Open Banking Channel)?	14 Jun 2019
Authentication Method Implementation Date (Private Channel)?	N/A	Not offered
SCA Implementation Date?	14 Jun 2019
SCA Scope? (will it inhibit non PSD2 accounts)	PSD2 accounts only	Since access over Open Banking Channel is limited to PSD2 accounts, SCA scope is on PSD2 accounts only

Key Implementations

High Cost Credit	TBC

After Waiver 7 Expiry (16/06/20) option supported: Option 1 - The parameter b64 being set to FALSE OR Option 2 - The b64 claim not being in the header	TBC