Barclays Bank UK Plc
- Adam Pretlove (Unlicensed)
- Jason Bown
- matthew.wilson@barclays.com
This Section applies to ASPSPs that have implemented OB Standards
-Have you Implemented OB Standards? |
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Open Data - Which version have you Implemented? |
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Read/Write API Specification Implemented or planning to implement (Lowest version = Current, Highest version = Planned) |
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Read/Write API - Which date are you planning to implement your latest version? | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Have you implemented v4.0 information flows, if not date planned to Implement? |
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Dynamic Client Registration - Which version have you Implemented or planning to implement? (Lowest version = Current, Highest version = Planned) |
| We have not implemented DCR for Open Banking, but rather we have implemented DCR for COP onboarding to v3.2 specification. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
DCR - Which date are you planning to implement your latest version? | TBC | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Have you implemented Trusted beneficiaries, if not date planned to Implement? |
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Have you implemented Reverse Payments, if not date planned to Implement? |
| Implemented for domestic and international payments. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Have you implemented ECA Standard? |
| Implementation plans under assessment, timeline tbc | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
ECA Implementation details | N/A | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Have you implemented Bulk/File Payments? |
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Have you implemented VRP – Sweeping, if not date planned to Implement? |
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Have you implemented VRP non-Sweeping, if not date planned to Implement? |
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PISP - Single Payment Limit | £ |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
How many months of transaction do you provide? | (Account and Product dependent) Detail available in FAQ's and Barclays Developer Portal | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Have you implemented TRIs (Transactional Risk Indicators), if not, date planned to Implement? | Implemented in September 2022. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
What is your approach to Implementing TRIs? |
|
Which date are you planning on implementing the SCA reauthentication exemption? | Completed September 2022 | |
---|---|---|
What is your approach to token management to enable application of the reauthentication exemption? (see link to FCA guidance) | see notes |
|
Article 10A - Endpoints exempt of SCA-RTS |
| |
Article 10A - Endpoints not exempt of SCA-RTS |
| |
Article 10A - Maximum time period after authentication | Please specify the time period in minutes | |
SCA-RTS implementation status (updated by OBL PS team only) | IMPLEMENTED |
-Which Security profile have you Implemented or planning to implement? (Lowest version = Current, Highest version = Planned) |
| |
---|---|---|
Security Profile - Next Planned Version Implementation Date | ||
CIBA Profile - Implemented or planning to implement (Lowest version = Current, Highest version = Planned) |
| Plans to be confirmed |
CIBA Profile - Next Planned Version Implementation Date | TBC | |
Security Profile Certification date? | November 2022 | |
Token Endpoint Authentication Methods Supported |
| |
Planned date to Cease support for client id and client secret token endpoint authentication | Client secret authentication is not supported TPPs must align their Open Banking implementations to the following security best practices recommended under FAPI 1.0 Advanced
| |
POST-BREXIT POST TRANSITION - Certificates Accepted (from 1st Jul 2021) |
|
|
-What is your approach to Implementing OBL Customer Experience Guidelines (CEG)? (tick all that apply) |
| |
---|---|---|
Which version have you implemented or planning to implement? (Lowest version = Current, Highest version = Planned) |
| |
Which date are you planning to implement your latest CEG version? | TBC | |
Redirection Model |
|
-Which Directory are you using as your Trust Framework? | Open Banking | |
---|---|---|
Are you caching the Directory? | Yes | |
Transaction IDs Supported | March 2019 - Option 3 Supported | |
Are you Seeking Fallback Exemption? |
| |
Article 10 - Maximum time period after authentication | No restrictions applied other than SCA at Auth and Re-Auth | |
Article 10 - Endpoints exempt of SCA | None | |
Major Milestones | Relevant AIS / PIS / CoF journeys supported for following payment account types:
| See https://developer.barclays.com/ for additional information relating to end point coverage Note that Account Holder Name for PCA / BCA customers is available through PARTIES end point and through ACCOUNTS end point for Barclaycard UK, Barclaycard Commercial Payment and Barclays Corporate customers IMPORTANT INFORMATION In order to complete Open Banking journeys, you will need to establish the Identity Provider (IDP) authentication method for your implementation. An IDP is a system to authenticate and gain permission from an end user - such as a customer, to access their resources e.g. their account data. For Open Banking, this is used to authenticate the customer providing the consent to the Third Party. Examples of an IDP in Open Banking includes Barclays app (Personal and Business Banking customers) and iPortal (Barclays Corporate clients), but we have a number of methods depending on the customer type and digital channel that they use. This needs to be considered in your development. The latest OpenID configuration (OIDC) URLs available are shown below TPPs are reminded that latest URLS MUST be used and where a legacy URL is still being used then TPP MUST migrate to URLs below
Note - some Business Banking clients will require the Corporate Banking IDP as they use Corporate Banking services to fulfil their business requirements and some Corporate clients will require the Business Banking IDP as they use Business Banking services to fulfil their business requirements |
Brand guidance |
|
Location of Well Known Endpoints | https://developer.barclays.com/open-banking | |
---|---|---|
Modified Customer Interface URL (if applicable) | ||
Dev Portal URL | https://developer.barclays.com/open-banking | |
Test Facility URL | https://sandbox.api.barclays:443/open-banking/v3.1/sandbox/aisp https://sandbox.api.barclays:443/open-banking/v3.1/sandbox/cbpii https://sandbox.api.barclays:443/open-banking/v3.1/sandbox/pisp | |
Brand Landing Pages URL | Please see above 'Brand Guidance' | |
ASPSP Support Desk Email or Phone Number (including queries about consent success rates) | BarclaysOpenBankingQueries@barclayscorp.com |
High Cost Credit | Barclays - HCC.xlsx |
---|