PSU authentication, with the ASPSP using the ASPSP mobile app installed on the same device on which the PSU is consuming the PISP service.
Other pages in this section Browser Based Redirection – AIS Browser Based Redirection – PIS App Based Redirection – AIS App Based Redirection – PIS App to Browser Redirection Decoupled Model A: Static PSU Identifier Decoupled Model B: ASPSP Generated Identifier Decoupled Model C: TPP Generated Identifier Decoupled Model D: PSU with a TPP Account ASPSP applies an available exemption Using an Available Exemption with a Customer Identifier
This content is best viewed on a desktop browser. 1 CEG Checklist Requirements 1PISPs must allow the PSU to either enter the account details or select the account with their ASPSP 2 CEG Checklist Requirements 2PISPs must communicate information clearly to the PSU when obtaining consent in order to initiate the payment order 3 CX Considerations 3PISPs should provide messaging on their inbound redirection screen to inform PSU that they will be taken to their ASPSP to authenticate to complete the payment. PISP should display in the Redirection screen the Payment Amount, Currency and the Payee Account Name to make the PSU aware of these details. 4 CEG Checklist Requirements 4If the PSU has an ASPSP app installed on the same device the redirection must invoke the ASPSP app for authentication purposes only without introducing any additional screens and offer the same authentication method(s) available to the PSU when authenticating in their ASPSP’s direct channels. 5 CEG Checklist Requirements 5ASPSPs must display as minimum the Payment Amount, Currency and the Payee Account Name on to make the PSU aware of these details (unless an SCA exemption is being applied). These details must be displayed as part of the authentication journey on at least one of the following screens without introducing additional confirmation screens (unless supplementary information is required, refer to section 4.1.2): 1. Authentication screen; 2. ASPSP to PISP outbound redirection screen. 6 CEG Checklist Requirements 6ASPSPs app based authentication must have no more than the number of steps that the PSU would experience when directly accessing the ASPSP mobile app (biometric, passcode, credentials). 7 CX Considerations 7ASPSPs should have outbound redirection screen which indicates the status of the request and informs the PSU that they will be automatically taken back to the PISP. 8 CX Considerations 8ASPSPs should inform the PSU on the outbound redirection screen that their session with the ASPSP is closed. 9 CEG Checklist Requirements 9PSU must be redirected straight back to the PISP website/app on the same device where PISP displays confirmation of successful initiation. Select to scroll left Select to scroll right
CEG Checklist Requirements & CX Considerations 1 AISPs must initially ask the PSU to identify the ASPSP so that the consent request can be constructed in line with the ASPSP’s data clusters. 24 2 PISPs must communicate information clearly to the PSU when obtaining consent in order to initiate the payment order. 8 3 PISPs should provide messaging on their inbound redirection screen to inform PSU that they will be taken to their ASPSP to authenticate to complete the payment. PISP should display in the Redirection screen the Payment Amount, Currency and the Payee Account Name to make the PSU aware of these details. 4 If the PSU has an ASPSP app installed on the same device the redirection must invoke the ASPSP app for authentication purposes only without introducing any additional screens and offer the same authentication method(s) available to the PSU when authenticating in their ASPSP’s direct channels. 5a 5 ASPSPs must display as minimum the Payment Amount, Currency and the Payee Account Name on to make the PSU aware of these details (unless an SCA exemption is being applied). These details must be displayed as part of the authentication journey on at least one of the following screens without introducing additional confirmation screens (unless supplementary information is required, refer to section Single Domestic Payments – Supplementary info): Authentication screen; ASPSP to PISP outbound redirection screen. 28 6 ASPSPs app based authentication must have no more than the number of steps that the PSU would experience when directly accessing the ASPSP mobile app (biometric, passcode, credentials). 1 7 ASPSPs should have outbound redirection screen which indicates the status of the request and informs the PSU that they will be automatically taken back to the PISP. 8 ASPSPs should inform the PSU on the outbound redirection screen that their session with the ASPSP is closed. 9 PSU must be redirected straight back to the PISP website/app on the same device where PISP displays confirmation of successful initiation. 26
App Based Redirection – AIS Previous Related articles Please select API specifications App to Browser Redirection Next