Customer Experience Guidelines
Account Information Service Providers (AISPs) can access account information from online payment accounts held at Account Service Payment Service Providers (ASPSPs), in order to provide account information services to a Payment Service User (PSU).
Other pages in this section
The Open Banking Read/Write API specifications support Account Information Services (AIS). They enable an Account Information Service Provider (AISP) to access account information from online payment accounts held at Account Service Payment Service Providers (ASPSPs), in order to provide account information services to a Payment Service User (PSU), provided they have obtained the PSU’s explicit consent.
This section describes the core journeys that support the set-up and management of AIS. The key components are:
This section describes the core
Note: This section does not include guidance around scenarios when more than one TPP is involved in the delivery of a service – sometimes referred to as “Onward Provisioning”. This subject will be addressed as part of the on-going OBIE evaluations of eIDAS and Consent/Access Dashboards.
AIS Core Journeys
In this journey the AISP presents to the PSU a description of the data that it requires in order to support its service proposition.
This version was published 2 Years & 4 Months ago
21 Oct 2021
PSUs, with delegated user authority on behalf of corporates who are authorised to receive corporate account information via AISPs, will be able to provide consent to the AISPs using the standard AIS journey shown in section Account Information Consent.
The PSRs require Strong Customer Authentication (SCA) to be performed each time the PSU accesses its online payment account, either directly or using the services of an AISP. The frequency of authentication can be reduced if an ASPSP applies the exemption relevant to account information access.
Permissions In the Open Banking API design, data elements are logically grouped together into “permissions”. It is at this level that AISPs request data access. If they request access to a specific permission they will have access to all the data elements in the permission. This provides a pragmatic approach, allowing AISPs to be selective…
Using an Available Exemption with a Customer Identifier Previous
Account Information Consent Next