Alpha FX
- Adam Pretlove (Unlicensed)
- Praveen Ponnumony
- Former user (Deleted)
- Rytis Dobranskis
This Section applies to ASPSPs that have implemented OB Standards
-Have you Implemented OB Standards? |
| |
---|---|---|
Open Data - Which version have you Implemented? |
| |
Read/Write API Specification Implemented or planning to implement (Lowest version = Current, Highest version = Planned) |
| |
Read/Write API - Which date are you planning to implement your latest version? | ||
Have you implemented v4.0 information flows, if not date planned to Implement? |
| |
Dynamic Client Registration - Which version have you Implemented or planning to implement? (Lowest version = Current, Highest version = Planned) |
| |
DCR - Which date are you planning to implement your latest version? | ||
Have you implemented Trusted beneficiaries, if not date planned to Implement? |
| |
Have you implemented Reverse Payments, if not date planned to Implement? |
| |
Have you implemented ECA Standard? |
| |
ECA Implementation details | Contact: [enter contact details for the relevant person(s) at your organisation] [You can use this space to provide your status with respect to the Standard] | |
Have you implemented Bulk/File Payments? |
| |
Have you implemented VRP – Sweeping, if not date planned to Implement? |
| |
Have you implemented VRP non-Sweeping, if not date planned to Implement? |
| Contact: [enter contact details for the relevant person(s) at your organisation] [You can use this space to provide implementation details relevant to VRP] |
PISP - Single Payment Limit | £ | |
PISP - Daily Payment Limit | £ | |
How many months of transaction do you provide? | ||
Have you implemented TRIs (Transactional Risk Indicators), if not, date planned to Implement? | ||
What is your approach to Implementing TRIs? |
|
Which date are you planning on implementing the SCA reauthentication exemption? | 28th September 2022 | 28th September 2022 |
---|---|---|
What is your approach to token management to enable application of the reauthentication exemption? (see link to FCA guidance) | Alpha FX will issue a long-lived refresh token during one final SCA, with refresh token rotation implemented. | Issue a long-lived refresh token during one final SCA, with refresh token rotation implemented. |
Article 10A - Endpoints exempt of SCA-RTS |
| |
Article 10A - Endpoints not exempt of SCA-RTS |
| |
Article 10A - Maximum time period after authentication | Please specify the time period in minutes | |
SCA-RTS implementation status (updated by OBL PS team only) | IMPLEMENTED |
-Which Security profile have you Implemented or planning to implement? (Lowest version = Current, Highest version = Planned) |
| |
---|---|---|
Security Profile - Next Planned Version Implementation Date | ||
CIBA Profile - Implemented or planning to implement (Lowest version = Current, Highest version = Planned) |
| |
CIBA Profile - Next Planned Version Implementation Date | ||
Security Profile Certification date? | ||
Token Endpoint Authentication Methods Supported |
| |
Planned date to Cease support for client id and client secret token endpoint authentication | No Plans | Alpha FX suggests TPPs to use Private Key JWT but won’t stop the support for client id and secret |
POST-BREXIT POST TRANSITION - Certificates Accepted (from 1st Jul 2021) |
| eIDAS QWAC and eIDAS QSealC will only be accepted for NON-UK based TPP's. |
-What is your approach to Implementing OBL Customer Experience Guidelines (CEG)? (tick all that apply) |
| |
---|---|---|
Which version have you implemented or planning to implement? (Lowest version = Current, Highest version = Planned) |
| |
Which date are you planning to implement your latest CEG version? | ||
Redirection Model |
|
-Which Directory are you using as your Trust Framework? | Open Banking | |
---|---|---|
Are you caching the Directory? | No | |
Transaction IDs Supported | Yes | Alpha FX provides a unique and immutable transaction IDs |
Are you Seeking Fallback Exemption? |
| |
Article 10 - Maximum time period after authentication | Authorization grant type access token for account access consent must be refreshed at least once every 90 days. | |
Article 10 - Endpoints exempt of SCA | Once authentication is completed, the PSU will be able to access the following AISP endpoints without further SCA: GET /Accounts GET /accounts/{AccountId} GET /accounts/{AccountId}/balances GET /accounts/{AccountId}/transactions | |
Major Milestones | Releasing at Version 3.1, no plans for subsequent versions as of yet. | |
Brand(s) |
Location of Well Known Endpoints | Dev Portal | |
---|---|---|
Modified Customer Interface URL (if applicable) | ||
Dev Portal URL | https://docs.alphagroup.com/reference/overview-1 | |
Test Facility URL | ||
Brand Landing Pages URL | [You can use this space to explain your guidance on using Brand logos] | |
ASPSP Support Desk Email or Phone Number (including queries about consent success rates) | clientservices@alphafx.co.uk. |