Santander UK PLC
- Adam Pretlove (Unlicensed)
- Rebecca Taylor
- Rachael Jansen
This Section applies to ASPSPs that have implemented OB Standards
-Have you Implemented OB Standards? |
| |
---|---|---|
Open Data - Which version have you Implemented? |
| |
Read/Write API Specification Implemented or planning to implement (Lowest version = Current, Highest version = Planned) |
| Plan to deploy v4 mandatory changes by 31st Aug 2025. |
Read/Write API - Which date are you planning to implement your latest version? | PIS V3.1.10 Now live 21st March 2023 | |
Have you implemented v4.0 information flows, if not date planned to Implement? |
| Not planning to implement optional items in V4 currently. |
Dynamic Client Registration - Which version have you Implemented or planning to implement? (Lowest version = Current, Highest version = Planned) |
| Dynamic registration implementation is in progress. Date TBC |
DCR - Which date are you planning to implement your latest version? | TBC | |
Have you implemented Trusted beneficiaries, if not date planned to Implement? |
| |
Have you implemented Reverse Payments, if not date planned to Implement? |
| |
Have you implemented ECA Standard? |
| |
ECA Implementation details | N/A | Contact: [enter contact details for the relevant person(s) at your organisation] [You can use this space to provide your status with respect to the Standard] |
Have you implemented Bulk/File Payments? |
| |
Have you implemented VRP – Sweeping, if not date planned to Implement? |
| Sweeping MRO now complete and exit criteria met. PIS v3.1.9 which includes Sweeping now open to all TPPs to subscribe |
Have you implemented VRP non-Sweeping, if not date planned to Implement? |
| Plans still to be determined on VRP post Sweeping go live and 3.1.10 90 day changes - will be subject to individual TPP/ASPSP contracts |
PISP - Single Payment Limit | £25,000 Retail £100,000 Business £250,000 Corporate | Standard FP limits can be found here - https://www.fasterpayments.org.uk/about-us/personal-transaction |
PISP - Daily Payment Limit | £100,000 Retail Business & Corp - No Limit | Standard FP limits can be found here - https://www.fasterpayments.org.uk/about-us/personal-transaction |
How many months of transaction do you provide? | 24 months | |
Have you implemented TRIs (Transactional Risk Indicators), if not, date planned to Implement? | Yes - 23rd March 2023 | Now Live |
What is your approach to Implementing TRIs? |
|
Which date are you planning on implementing the SCA reauthentication exemption? | As of 23/06 our refresh token will have a 2 year expiry and we will not enforce re-auth from this point. | |
---|---|---|
What is your approach to token management to enable application of the reauthentication exemption? (see link to FCA guidance) | We have recently published our approach to supporting the 90 day Re-auth RTS Changes and FAQ's to guide TPP's preparations | Santander| Approach to 90 Day Re-auth realignment under 3.1.10
From 13th June, you will now effectively be in charge of Re-authorisations for Santander customers, and whether you need to redirect customers to Santander for an SCA or not. Santander will not enforce the Re-auth journey from this point onwards and we are extending the application of the re-auth exemption for an extended period up to 30th September to allow you time to make your changes. (In the cases where a customer has revoked consent via our consent dashboard and wishes to re-authorise the original consent – that journey will remain unchanged.)
|
Article 10A - Endpoints exempt of SCA-RTS |
| |
Article 10A - Endpoints not exempt of SCA-RTS |
| |
Article 10A - Maximum time period after authentication | Access Token - 10 mins Refresh Token - 2 years currently, will move to long-lived once platform transition complete in 2023 | Please specify the time period in minutes |
SCA-RTS implementation status (updated by OBL PS team only) | IMPLEMENTED |
-Which Security profile have you Implemented or planning to implement? (Lowest version = Current, Highest version = Planned) |
| Planning to move to FAPI 1 advanced by 11th December 24. |
---|---|---|
Security Profile - Next Planned Version Implementation Date | FAPI - August 2021 | |
CIBA Profile - Implemented or planning to implement (Lowest version = Current, Highest version = Planned) |
| |
CIBA Profile - Next Planned Version Implementation Date | N/A | |
Security Profile Certification date? | N/A | |
Token Endpoint Authentication Methods Supported |
| To support tls_client_auth when once FAPI compliant (August 2021). |
Planned date to Cease support for client id and client secret token endpoint authentication | August 2021 | |
POST-BREXIT POST TRANSITION - Certificates Accepted (from 1st Jul 2021) |
|
-What is your approach to Implementing OBL Customer Experience Guidelines (CEG)? (tick all that apply) |
| Santander designs are looking to adhere to CEG but are also accounting for other regulatory commitments that fit outside of the CEG |
---|---|---|
Which version have you implemented or planning to implement? (Lowest version = Current, Highest version = Planned) |
| Plan to deploy v4 mandatory changes by 31st Aug 2025. |
Which date are you planning to implement your latest CEG version? | TBC | |
Redirection Model |
|
-Which Directory are you using as your Trust Framework? | Open Banking | |
---|---|---|
Are you caching the Directory? | Yes | |
Transaction IDs Supported | Option 1 Supported ALL Accounts (including Credit Cards) - Live | ASPSPs provide a Unique, Immutable TransactionID from their core system |
Are you Seeking Fallback Exemption? |
| |
Article 10 - Maximum time period after authentication | 90 days | See above for details of the transition plans for the recent FCA changes to the RTS/Article10 and what TPP's need to do to prepare. |
Article 10 - Endpoints exempt of SCA | Accounts, Balances, Transactions, Beneficiaries, Direct Debits, Standing Orders, Products, Offers, Parties, | We are continuing to allow Customer non present access to these data endpoints as long as a valid consent token exists. |
Major Milestones | ||
Brand(s) | Santander Cahoot |
Location of Well Known Endpoints | OB Technical Directory | |
---|---|---|
Modified Customer Interface URL (if applicable) | ||
Dev Portal URL | ||
Test Facility URL | https://sandbox-developer.santander.co.uk/sanuk/external-sandbox/ | |
Brand Landing Pages URL | https://www.figma.com/proto/UvZ9dvaT4mwDHAwfLcAkOB/Master?type=design&node-id=83-6389&t=wNbTE64aS8soLWdA-1&scaling=scale-down&page-id=0%3A1&starting-point-node-id=83%3A6389&mode=design |
|
ASPSP Support Desk Email or Phone Number (including queries about consent success rates) | Business/Technical: openbankingAPI@santander.co.uk |
Error Codes | ||
High Cost Credit | Santander - HCC.xlsx | The customer balance including the overdraft will be sent in the JSON file as type 'InterimAvailable'.The remaining overdraft will be returned to TPPs in the JSON file as a creditline item and mapped as follows: OBCreditLine1 OBReadBalance1/Data/Balance/CreditLine/Included - this item will be set to "false". OBReadBalance1/Data/Balance/CreditLine/Type - set to "Available" OBReadBalance1/Data/Balance/CreditLine/Amount/Amount - set to the amount of the Overdraft Remaining OBReadBalance1/Data/Balance/CreditLine/Amount/Currency - set to the currency code of the account balance The creditline items for Pre-Agreed will remain as is but the item OBReadBalance1/Data/Balance/CreditLine/Included will be set to "false" |
---|