Welcome to the Open Banking Standard

 

The Standard is designed to assist any European account providers in meeting their PSD2 and RTS requirements as well as supporting their application for an exemption from the contingency mechanism. This market-enabling Standard is built in an optional modular format to most effectively meet consumer and market needs.

BETA: This new website format has been designed to make it easier for users to read and implement the Standard. Over the coming months, additional components will be added to this new format. If you have any feedback please let us know via the Service Desk.

The Standard goes beyond the API Specifications to include Customer Experience Guidelines and Operational Guidelines. The Standard is open to all account providers (ASPSPs) and has been implemented across 90% of the UK payments account market. It is designed to enable a well-functioning, successful ecosystem, where there are no barriers to the provision of products and services by TPPs.

The Standard covers all online payment accounts and includes the following core components:

API Specifications

These specifications consist of technical documentation, usage examples and swagger files for:

  • Read/Write API Specifications
  • Open Banking API Specifications
  • Directory Specifications
  • Dynamic Client Registration (DCR) Specifications
  • MI Reporting Specifications

Security Profiles

These profiles have been developed together with the Open ID Foundation and cover third party on-boarding, re-direct and decoupled flows:

  • Open Banking Security Profile
  • Financial-Grade API (FAPI) Profile
  • Client Initiated Backchannel Authentication (CIBA) Profile

Customer Experience Guidelines

These guidelines bring together regulatory requirements and extensive customer research to help third party providers and account providers deliver a great customer experience and avoid any unnecessary delay or friction as required under PSD2.

Previous versions in pdf format:

Operational Guidelines

These guidelines support account providers implementing effective and high-performing dedicated interfaces while assisting them in fulfilling their regulatory obligations relating to performance and availability, design and testing, problem resolution, and management information.

Previous versions in pdf format:

Guidance when implementing the Standard

This guidance explains the categorisation of requirements for account providers and third party providers implementing any part of the Standard. This covers the API Specifications, Security Profiles, Customer Experience Guidelines and Checklist, and Operational Guidelines and Checklist. This guidance should be read before referencing the Standards documents.

Conformance and Certification

The conformance tools help account providers and third party providers test they have implemented each of the above elements of the Standard correctly.

The certification service can be used by account providers as evidence of conformance to the Standard when they request an exemption from the contingency mechanism with their competent authority.