Authentication Methods

Browser Based Redirection / AIS

This version is:

This is the latest version Published 4 months ago 04 Apr 2022

PSU Authentication with the ASPSP using browser based redirection from an AISP for an AIS request.

Other Journeys in ‘Authentication Methods’.

 

User Journey

Main content image

 

PSU Authentication with the ASPSP using browser based redirection from an AISP for an AIS request.

This enables a PSU to authenticate with their ASPSP while using an AISP for an AIS service, using the same web based authentication method which the PSU uses when accessing the ASPSP web channel directly.

This model works when the PSU is consuming the AISP service on a device that does not have the ASPSP app, or the PSU does not have the ASPSP mobile app.

Wireframes

To demonstrate the web based redirection part of the journey, we have used an AISP initial setup (Sec Account Information Consent) as one example.

The redirection flow applies to other AIS journeys covered in detail under section Account Information Services (AIS).

This content is best viewed on a desktop browser.

1

CEG Checklist Requirements 1
AISPs must initially ask the PSU to identify the ASPSP so that the consent request can be constructed in line with the ASPSP’s data clusters.

3

CEG Checklist Requirements 3
The redirection must take the PSU to the ASPSP web page (desktop/mobile) for authentication purposes only without introducing any additional screens. The web based authentication must have no more than the number of steps that the PSU would experience when directly accessing the web based ASPSP channel (desktop/mobile).

5

CEG Checklist Requirements 5
PSUs must be able to confirm the account(s) which they would like the AISP to have access to without having to go through any further unnecessary screens.

8

CEG Checklist Requirements 8
AISPs should confirm the successful completion of an account information data request.

CEG Checklist Requirements & CX Considerations
CEG Checklist Reference

1

AISPs must initially ask the PSU to identify the ASPSP so that the consent request can be constructed in line with the ASPSP’s data clusters.

8

AISP should make the PSU aware on the inbound redirection screen that they will be taken to their ASPSP for authentication for account access.

3

The redirection must take the PSU to the ASPSP web page (desktop/mobile) for authentication purposes only without introducing any additional screens. The web based authentication must have no more than the number of steps that the PSU would experience when directly accessing the web based ASPSP channel (desktop/mobile).

1

ASPSP should make the PSU aware that the PSU login details will not be visible to the AISP.

5

PSUs must be able to confirm the account(s) which they would like theAISP to have access to without having to go through any further unnecessary screens.

1

ASPSP should have an outbound redirection screen which indicates the status of the request and informs the PSU that they will be automatically taken back to the AISP.

ASPSP should inform the PSU on the outbound redirection screen that their session with the ASPSP is closed.

8

AISPs should confirm the successful completion of an account information data request.

18

What the research says

 

Click for customer research