The Royal Bank of Scotland Plc
This Section applies to ASPSPs that have impletemented OB Standards
| -Have you Implemented OB Standards? |
| |
|---|---|---|
| Open Data - Which version have you Implemented? |
| |
Read/Write API Specification Implemented or planning to implement (Lowest version = Current, Highest version = Planned) |
| Lowest Version – 3.1.9 Highest Version – 3.1.10 (Dec 2022) |
| Read/Write API - Which date are you planning to implement your latest version? | 3.1.10 Functional Conformance – Dec 2022 | |
Dynamic Client Registration - Which version have you Implemented or planning to implement? (Lowest version = Current, Highest version = Planned) |
| BoA V3.3 Already implemented compliance with 3.3 |
| DCR - Which date are you planning to implement your latest version? | Already implemented in May 2022. No plans to update to higher version of v.3.3 yet. | |
Have you implemented Trusted beneficiaries, if not date planned to Implement? |
| Planning to Implement Q2, 2023 |
Have you implemented Reverse Payments, if not date planned to Implement? |
| Already implemented |
Have you implemented ECA Standard? |
| Already Implemented our own Customer API |
ECA Implementation details | ||
Have you implemented Bulk/File Payments? |
| |
Have you implemented VRP – Sweeping, if not date planned to Implement? |
| VRP Sweeping MRO exited on 21st Sept, and now available to TPPs |
Have you implemented VRP non-Sweeping, if not date planned to Implement? |
| VRP non-Sweeping Delivered – 10th Dec 2021 |
| PISP - Single Payment Limit | Currently at £20k moving to £50k | FAQs | Bank of APIs |
| PISP - Daily Payment Limit | Variable £5k - £50k ( dependent on customer type i.e. Personal/Premier/Business) see BOAPI links for further information | FAQs | Bank of APIs |
| How many months of transaction do you provide? |
| |
| Are you planning to implement TRIs(Transactional Risk Indicator enhancements included in v3.1.10), if so, implementation date? | Planning to implement | Planning to implement Q2, 2023 - adopting most attributes as listed in TRI enhancements in V 3.1.10 |
| What is your approach to Implementing TRIs? |
| Payment Context code, Contract Present Indicator, Beneficiary Payment details pre-populated indicator, Payee Account Name, Beneficiary Account Type, Merchant Customer Identification , Delivery Address , Merchant Category Code, Payment Purpose Code |
Which date are you planning on implementing the SCA reauthentication exemption? | Already Implemented - 8th September 2022 | |
|---|---|---|
What is your approach to token management to enable application of the reauthentication exemption? (see link to FCA guidance) | NatWest Group tokens are already long-lived and not linked to the 90-day re-auth. trigger. | Example approach: NatWest Group tokens are already long-lived and not linked to the 90-day re-auth. trigger. |
| Article 10A - Endpoints exempt of SCA-RTS |
| |
| Article 10A - Endpoints not exempt of SCA-RTS |
| |
| Article 10A - Maximum time period after authentication | Please specify the time period in minutes | |
| SCA-RTS implementation status (updated by OBIE PS team only) | Already Implemented |
|
-Which Security profile have you Implemented or planning to implement? (Lowest version = Current, Highest version = Planned) |
| |
|---|---|---|
| Security Profile - Next Planned Version Implementation Date | N/A | |
| CIBA Profile - Implemented or planning to implement (Lowest version = Current, Highest version = Planned) |
| N/A |
| CIBA Profile - Next Planned Version Implementation Date | N/A | |
| Security Profile Certification date? | Originally Certified - Oct 2020 Re-Certification - 31st Jan 2022 | |
| Token Endpoint Authentication Methods Supported |
| |
| Planned date to Cease support for client id and client secret token endpoint authentication | N/A | |
| POST-BREXIT POST TRANSITION - Certificates Accepted (from 1st Jul 2021) |
|
-What is your approach to Implementing OBIE Customer Experience Guidelines (CEG)? (tick all that apply) |
| Already implemented 3.1.10 Planning to upgrade to 3.1.11 |
|---|---|---|
Which version have you implemented or planning to implement? (Lowest version = Current, Highest version = Planned) |
| Lowest – 3.1.9 Highest – 3.1.10 (September 2022) |
| Which date are you planning to implement your latest CEG version? | September 2022 (v3.1.10) | |
| Redirection Model |
|
|
| Options on 90-day re-authentication? | 90 Day Re-Authentication changes related to Article 10 were implemented on the 8th September 2022. |
|---|
| -Which Directory are you using as your Trust Framework? | The Open Banking Directory | |
|---|---|---|
| Are you caching the Directory? | The static data such as client IDs are cashed, but not certificates and keys. | |
| Transaction IDs Supported | Transaction IDs are supported, please refer to: 3.1.6 Transaction Endpoint Documentation - Bank of APIs | |
Are you enrolled to Dispute Management System? |
| Yes, v2.0 |
Are you Seeking Fallback Exemption? |
| No, already received exemption. |
| Article 10 - Maximum time period after authentication | NWG is adopting Article 10 Exemption for 90-day re-authentication, no further restrictions are being applied under Article 10. | |
| Article 10 - Endpoints exempt of SCA | Options to implement the FCA guidance on “exception circumstances” SCA are currently being evaluated. | |
| Major Milestones | Exited MRO 21st Sept 2022 | |
| Brand(s) | NatWest, Ulster Bank Northern Ireland, RBS |
Location of Well Known Endpoints | Consent Confirmation Support – Authorisation Servers Explained – Bank of APIs | |
|---|---|---|
Modified Customer Interface URL (if applicable) | n/a | |
| Dev Portal URL | https://www.bankofapis.com/ | |
| Test Facility URL | ||
| Brand Landing Pages URL | https://www.bankofapis.com/ -Bottom of the page for the logos. Images attached here for ease | Logos
|
ASPSP Support Desk Email or Phone Number (including queries about consent success rates) | https://rbsgroupapiservicedesk.spectrumhosting.net/plugins/servlet/desk/portal/1 |
High Cost Credit | RBS - HCC.xlsx | Delivered in 2020 |
|---|