This Section applies to ASPSPs that have impletemented OB Standards
-Have you Implemented OB Standards?
Yes
No
Open Data - Which version have you Implemented?
None
V2.2
V2.3
V2.4
Read/Write API Specification Implemented or planning to implement
(Lowest version = Current, Highest version = Planned)
V3.0
V3.1
V3.1.1
V3.1.2
V3.1.3
V3.1.4
V3.1.5
V3.1.6
V3.1.7
V3.1.8
Read/Write API - Which date are you planning to implement your latest version?
Dynamic Client Registration - Which version have you Implemented or planning to implement?
(Lowest version = Current, Highest version = Planned)
None
V3.1
V3.2
V3.3
DCR - Which date are you planning to implement your latest version?
Have you implemented Trusted beneficiaries, if not date planned to Implement?
Already Implemented
Planning to implement
Not planning to implement
Have you implemented Reverse Payments, if not date planned to Implement?
Already Implemented
Planning to implement
Not planning to implement
Have you implemented ECA Standard?
Already Implemented
Planning to implement
Not planning to implement
ECA Implementation details
Contact: [enter contact details for the relevant person(s) at your organisation]
[You can use this space to provide your status with respect to the Standard]
Have you implemented Bulk/File Payments?
Already Implemented
Planning to implement
Not planning to implement
Have you implemented VRP – Sweeping, if not date planned to Implement?
Already Implemented
Planning to implement
Not planning to implement
Have you implemented VRP non-Sweeping, if not date planned to Implement?
Already Implemented
Planning to implement
Not planning to implement
Contact: [enter contact details for the relevant person(s) at your organisation]
[You can use this space to provide implementation details relevant to VRP]
PISP - Single Payment Limit
£
PISP - Daily Payment Limit
£
How many months of transaction do you provide?
Security Profile
-Which Security profile have you Implemented or planning to implement?
(Lowest version = Current, Highest version = Planned)
OB Security Profile (Legacy)
FAPI
Other (Please define)
Security Profile - Next Planned Version Implementation Date
CIBA Profile - Implemented or planning to implement
(Lowest version = Current, Highest version = Planned)
None
CIBA
CIBA FAPI Profile
CIBA Profile - Next Planned Version Implementation Date
Security Profile Certification date?
Token Endpoint Authentication Methods Supported
client_secret_post
client_secret_basic
client_secret_jwt
tls_client_auth
Private_key_jwt
Planned date to Cease support for client id and client secret token endpoint authentication
POST-BREXIT POST TRANSITION - Certificates Accepted (from 1st Jul 2021)
eIDAS QWAC
eIDAS QSealC
OB legacy (obtransport, obsigning)
OBWAC
OBSeal
Other (Please define)
Customer Journey
-What is your approach to Implementing OBIE Customer Experience Guidelines (CEG)?
(tick all that apply)
Already Implemented
Planning to implement or upgrade
Not planning to implement CEG
Which version have you implemented or planning to implement?
(Lowest version = Current, Highest version = Planned)
V3.1.2
V3.1.3
V3.1.4
V3.1.5
V3.1.6
V3.1.7
V3.1.8
Which date are you planning to implement your latest CEG version?
Redirection Model
App to App redirection
Decoupled authentication
Embedded Flow
Bespoke User Journeys
Options on 90 day re-authentication?
N/A for MCI
The concept of 90 day re-authentication is not applicable to MCI channel
PSD2
-Which Directory are you using as your Trust Framework?
Open Banking
Are you caching the Directory?
No
Transaction IDs Supported
Option 1
Metro Bank provide a Unique, Immutable TransactionID from our core system
Are you enrolled to Dispute Management System?
Yes
No
Are you Seeking Fallback Exemption?
Yes
No
Article 10 - Maximum time period after authentication
N/A
Article 10 - Endpoints exempt of SCA
N/A
Major Milestones
Metro will be delivering our Modified Customer Interface (MCI) as our long term TPP access solution on 12thMarch 2020. To be compliant with the PSD2 regulations we will be using eIDAS (QWAC) certificates to authenticate TPPs and will no longer use OBWAC based authentications.
We’d love for you to start using our MCI solution to help bring the Banking Revolution to customers. To register your app to use the MCI, please follow the"Dynamic Client Registration" link. For instructions on how to use the MCI once your app is registered, please follow the"Using the MCI"link.
Our MCI Test Facility is already live – you can find loads of useful information on our Developer Portal:developer.metrobankonline.co.uk.
We previously let you know that we were developing a suite of APIs as our long term strategic solution. We are no longer working on PSD2 APIs (Account API v1, Account API v3.1.1, Payment API v3.1.1) and intend to use the MCI solution as our TPP access interface for the foreseeable future. Our current v1.0 APIs are being deprecated and will be withdrawn on 12 March 2020.