Below is a word version of the questionnaire communicated by UK Finance.
Q&AThis section provides clarification about exactly what information is required for the questions detailed in the questionnaire.
Are you going to implement the Open Banking Customer Experience Guidelines? Please response 'Yes' or 'No' |
Enter the current version of the CEG implemented in Production |
Enter the next version to be implemented |
When will the next version of the CEG be implemented |
Are you going to implement bespoke customer journeys? Please respond 'Yes' or 'No' |
If you are implementing App to App for PSU authentication, please specify the implementation date, otherwise please respond 'N/A' |
If you are implementing App to App then please specify the implementation date otherwise please respond 'N/A' |
Please specify the customer journey for refreshing AISP access |
Are you supporting embedded flow for authentication? Please respond 'Yes' or 'No' |
Please specify the Directory your organisation is employing (OBIE, Preta, Other) |
Please specify the location of your 'Well Known Endpoints'. These may be held on the Directory you are employing or or development portal. Please specific 'Directory', 'Dev Portal', 'Other' (specifying) |
Please specify the API Standards your organisation has implemented. You may have implemented OBIE, Berlin Group, STET or your own bespoke standards. Please specify |
Please specify the implementation date for Name of Account Holder |
Enter the date the current eIDAS implementation was deployed into production. |
Please specify the certificates or combination of certificates that are required during TPP identification. (OB Transport + ClientID + Secret / OB Transport/ OB Signing / OBWAC / OBSEAL / QWAC / QSEAL) |
Please specify the certificates or combination of certificates that are required for Transport (OB Transport / OBWAC / QWAC) |
Please specify the certificates or combination of certificates that are required for Signing (OB Signing / OBSEAL / QSEAL) |
Enter the date the future eIDAS implementation will be deployed into production (Q2 2020). If you have no future eIDAS implementation planned over and above your current implementation then please enter 'No future update currently planned' |
Please specify the certificates or combination of certificates that are required during TPP identification. (OB Transport + ClientID + Secret / OB Transport/ OB Signing / OBWAC / OBSEAL / QWAC / QSEAL) |
Please specify the certificates or combination of certificates that are required for Transport (OB Transport / OBWAC / QWAC) |
Please specify the certificates or combination of certificates that are required for Signing (OB Signing / OBSEAL / QSEAL) |
Please specify an other major implementation milestones, version updates, version deprecation, new product releases, etc. |
Please enter the Brand(s) covered by this Transparency Calendar. If your calendar supports multiple brands then please enter a 'comma' separated list. |
Please specify whether you support the Open Banking Security Profile or OIDC. Please respond 'Open Banking', 'FAPI' or 'Other'. |
Please specify whether you have achieved certification with the Security Profile authority. Please respond, 'Yes' or 'No'. |
Please specify whether you are implementing CIBA for authentication. Please respond 'Yes', 'No' or N/A |
If you are using Open Banking to validate third parties regulator status (eIDAS certificates, PSD2 roles and Passports) on your behalf then please respond 'Yes'. |
Please specify whether you are caching the the Open Banking Directory. Please responds 'Yes' or 'No' |
If you are supporting Transaction IDs then please specify 'Option 1', 'Option 2', 'Option 3', or 'Option 4'. Transaction IDs are conditional in the OBIE Read/Write Specification v3.x. There are 4 options for how an ASPSP can treat this field in the API response: - ASPSPs provide a Unique, Immutable TransactionID from their core system
- ASPSPs generate a Unique TransactionID from a set of Immutable fields
- ASPSPs specify field(s) for TPP to generate a Unique Transaction Identifier
- ASPSPs provide neither a TransactionID nor the method by which TPPs can generate one
|
Please specify whether you are a member of the UK Open Banking Dispute Management System. Please respond 'Yes' or 'No' UK Dispute Management System |
Please specify whether you are supporting screen scraping during the FCA Adjustment Period. Please respond 'Yes' or 'No' |
Please specify whether you are a seeking exemption with National Competent Authority (NCA) from building a contingency mechanism / fall back. Please respond 'Yes' or 'No' |
Please specify your plans for building the 'Adjusted Interface' or 'fallback interface' (approach to SCA, etc.). Answer N/A if you do not plan to build one. |
Please specify your 'Adjusted Interface' or 'fallback interface' URL |
Please specify your organisations Open Banking contact email or phone number. |
Please provide or Dev Portal URL. |
Please specify the implementation date of your Test Facility. |
Please specify the location of the guidance that explains your strategy and plans for when your dedicated interface is unavailable. This should be a URL to your dev portal or artefact that provides TPPs with the information they require. |
Please specify how long the AISP has from the time when they receive the access token (after PSU authentication). This is the period the AISP must submit their first request before SCA will be re-applied to endpoints NOT exempt of SCA under Article 10. ASPSPs should consider that this timeline is consistent with the time limit applied by the ASPSP in the existing online PSU interface (i.e. before the PSU is logged out) Please specify the time period. (For example, 1 hour) |
Please specify which AIS endpoints will be exempt from SCA under Article 10. (delete as appropriate): Accounts, Balances, Transactions, Beneficiaries, Direct Debits, Standing Orders, Products, Offers, Parties, Scheduled Payments, Statements |
Please specify the chosen methods of PSU authentication for knowledge (e.g. password), possession (e.g. OTP) and inherence (e.g. fingerprint) |
Please specify the chosen methods of PSU authentication for knowledge (e.g. password), possession (e.g. OTP) and inherence (e.g. fingerprint) |
Please specify the chosen methods of PSU authentication for knowledge (e.g. password), possession (e.g. OTP) and inherence (e.g. fingerprint) |
Please specify the chosen methods of PSU authentication for knowledge (e.g. password), possession (e.g. OTP) and inheritance (e.g. fingerprint) |
Please specify the Authentication Method implementation date for the Open Banking Channel (if applicable). Please specify date or 'N/A' |
Please specify the Authentication Method implementation date for the Private Channel (if applicable). Please specify date or 'N/A' |
Please specify the SCA implementation date |
Please specify the scope of SCA (will it inhibit non PSD2 accounts, such as savings- or mortgage accounts?) |
|
|