Decoupled Model A: Static PSU Identifier
PSU provides a static identifier to the TPP (AISP/PISP/CBPII) which is passed to ASPSP to identify the PSU
A decoupled authentication flow, where the PSU provides a static identifier to the TPP (AISP/PISP/CBPII) which is used by the ASPSP to notify the PSU, such that the PSU can authenticate using the ASPSP app on a separate device.
This enables the PSU to use the same app based authentication method with the ASPSP they use when accessing the ASPSP mobile app directly.
This model is best suited to TPP apps with good user input options (e.g. website on PC/laptop) but also where POS terminals can scan debit card numbers and automatically resolve the ASPSP if these are used as a customer identifier.
The exact type of identifier supported by the ASPSP must be published by the ASPSP.
WireframesTo demonstrate a Model A based decoupled journey, we have used one variation of PIS journey (Single Domestic Payments – a/c selection @ PISP) as an example where the ASPSP receives all the details of the payment order from the TPP. This flow applies to other variations of PIS journeys covered in detail under section Payment Initiation Services (PIS)), AISP journeys covered under Section Account Information Services (AIS) and CBPII journeys covered under Section Card Based Payment Instrument Issuers (CBPIIs).
CEG Checklist Requirements 1
PSU payment Account Selection PISPs must provide PSUs at least one of the following options: Enter their Payer's payment Account Identification details. Select their Account Identification details (this assumes they have been saved previously).
CX Considerations 2
PISPs should present the PSU with the authentication options supported by the ASPSP which in turn can be supported by the TPP device/channel (for e.g. A TPP kiosk that can only support authentication by ASPSP mobile app).
CX Considerations 3
If PISPs and ASPSPs support Model A, then the TPP should request from the PSU the identifier which is supported by their ASPSP.
CX Considerations 4
The PISP should make the PSU aware about how this identifier will be used.
CEG Checklist Requirements 5
After the PSU enters the specified identifier, if the PSU has an ASPSP app then the ASPSP must notify the PSU through the ASPSP app for authentication purposes, without introducing any additional screens. The notification must clearly mention the payment request with the amount and the payee.
CEG Checklist Requirements 6
The ASPSP app based authentication must have no more than the number of steps that the PSU would experience when directly accessing the ASPSP mobile app (biometric, passcode, credentials).
CX Considerations 7
If the PSU is logged off from the ASPSP app, the ASPSP must make the PSU aware that they have been logged off and notify them to check back on the originating TPP app.
CEG Checklist Requirements 8
The PISP must confirm successful confirmation of payment initiation.
CEG Checklist Requirements & CX Considerations
- Enter their Payer’s payment Account Identification details.
- Select their Account Identification details (this assumes they have been saved previously).