Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 84 Next »

OB Standards


Implement Open Data v2.2N/A
Implement Read/Write API Specification v3.1 
Implement Customer Experience Guidelines v1.1 
Implement App-to-App Redirection 
Implement OB Security Profile Implementer's Draft v1.1.2N/A
Implement FAPI Profile Implementers Draft 2 
Implement CIBA Profile Implementers Draft 1N/A
Implement Dynamic Client Registration v1.1N/A
Implement Dynamic Client Registration v3.1V3.2 Implemented
Decommission Read/Write API Specification v1.x/2.x16th Jan 2020 V1.1 of our Account Information API endpoints will be deprecated on the 16th of January 2020.
Decommission OB Security Profile Implementer's Draft v1.xN/AAIB supports v1.1.0


Method of Identification


Commence support for eIDAS QWAC certificates

05 Sept 2019


Commence support for eIDAS QSEAL certificates
  

Commence support for OBIE QWAC-like certificates

N/A
Commence support for OBIE QSEAL-like certificates 
Cease support for OBIE non eIDAS-like certificates for transportN/A

AIB will continue to accept OBIE certs after the 6th of June in line with the FCA guidance. 

Cease support for OBIE non eIDAS-like certificates for signingN/A 

AIB will continue to accept OBIE certs after the 6th of June in line with the FCA guidance. 

Support for MTLS token endpoint authenticationN/A
Support for private_key_jwt token endpoint authentication

 


Cease support for client id and client secret token endpoint authentication 
Post Brexit Certificate Implementation
PRE-BREXIT - Certificates Accepted (until 31st Dec 2020)
  • eIDAS QWAC
  • eIDAS QSealC
  • OB legacy (obtransport, obsigning)
  • OBWAC
  • OBSeal
  • Other (Please define) 

POST-BREXIT TRANSITION - Certificates Accepted (1st Jan 2021 - 30th Jun 2021)
  • eIDAS QWAC
  • eIDAS QSealC
  • OB legacy (obtransport, obsigning)
  • OBWAC
  • OBSeal
  • Other (Please define) 

eIDAS certificates will be supported for EU based TPPs.

POST-BREXIT POST TRANSITION - Certificates Accepted (from 1st Jul 2021)
  • eIDAS QWAC
  • eIDAS QSealC
  • OB legacy (obtransport, obsigning)
  • OBWAC
  • OBSeal
  • Other (Please define) 
TBC
Planned Implementation Date to Satisfy FCA's Post Transition



TPP PSU Migration Options Supported



POST-BREXIT Certificate Implementation Status (updated by OBIE IES team)



Implementation

Directory?

Open Banking

Location of Well Known Endpoints?

OB Technical Directory and Dev Portal

API Standard Implemented?

Open Banking

Name of Account Holder Implementation Date?

TBCNo confirmed date in short or medium term
Date of Current eIDAS Implementation? 

Current Certificates used for Identification?OB Transport + ClientID + Secret
OBWAC / OBSEAL/ QWAC

Current Certificates used for Transport?OB Transport / OBWAC / QWAC

Current Certificates used for Signing?OB Signing / OBSEAL / QSEAL

Date of Future eIDAS Implementation? 

Future Certificates used for Identification?N/A - No further updates planned 

Future Certificates used for Transport?

N/A - No further updates planned 



Future Certificates used for Signing?N/A - No further updates planned 

Major Milestones

N/A(Inc Other Products, API Updates, API Deprecations, etc)
Brand(s)


Security Profile?

Open Banking V1.X



Security Profile Certification?No

CIBA

N/A

Using Open Banking as your eIDAS Trust Framework?Yes, JWKS for TPP’s and the EC trusted list  for eIDAS QTSP’s

Are you caching the Directory?Yes

Transaction IDs

Date TBC - Option 4 Supported

4. ASPSPs provide neither a TransactionID nor the method by which TPPs can generate on
Customer Journey

Implementing Customer Experience Guidelines?

Yes


Current CEG Version?TBC
Next CEG Version?TBC
Next Version Implementation DateTBC

Implementing Bespoke User Journeys?

No

Implementing App to App?

Yes
App to App Implementation Date? 

Options on 90 day re-authentication?

At log in after 90 days the customer will have to re-authenticate.

Support Embedded Flow?

No
PSD2

Dispute Management System?

Yes
FCA Adjustment Period - Maintaining Screen Scraping?Yes 

Seeking Fallback Exemption?

Yes

Allied Irish Bank (AIB) and First Trust Bank are exempt from the requirement to build a contingency mechanism for the “Retail API Channel”

Adjusted or Fallback Interface?

N/A
Adjusted or Fallback URL?

Contact Email or Phone Number?

api@aib.ie



Dev Portal URL?

https://developer.firsttrustbank.co.uk/ 

https://developer.aibgb.co.uk/


Test Facility Implementation Date? 
Production Interface Implementation Date? 
Contingency Measures

Article 10 - Maximum time period after authentication?90 days
Article 10 - Endpoints exempt of SCA

Balances, Transactions

(last 90 days only)


Authentication Method - Open Banking Channel (Browser)?



Authentication Method - Open Banking Channel (APP)?



Authentication Method - Private Channel (Browser)?



Authentication Method - Private Channel (APP)?



Authentication Method Implementation Date (Open Banking Channel)?

AIB are currently aligned with the FCA adjustment period – SCA will be implemented in Q1 2020


Authentication Method Implementation Date (Private Channel)?

AIB are currently aligned with the FCA adjustment period – SCA will be implemented in Q1 2020

SCA Implementation Date?

Q1 2020SCA applied as planned through January to March. 

SCA Scope? (will it inhibit non PSD2 accounts)

SCA will be implemented across all channel interactions regardless of account type, however non PSD2 accounts will not be exposed via our Open Banking API’s.
Key Implementations

High Cost Credit

AIB - HCC.xlsx

After Waiver 7 Expiry (16/06/20) option supported: Option 1 - The parameter b64 being set to FALSE OR Option 2 - The b64 claim not being in the header

  • Option 1 - The parameter b64 being set to FALSE

  • No labels