Authentication Methods

Browser Based Redirection – PIS

This version is:

Published 4 years ago 25 Jun 2020

PSU Authentication with the ASPSP using browser based redirection for a PIS request. This enables a PSU to authenticate with their ASPSP while using a TPP for the PIS service, using the same web based authentication method which they use when accessing the ASPSP web channel directly.

Other pages in this section

User Journey

 

Main content image

 

PSU Authentication with the ASPSP using browser based redirection for a PIS request.

This enables a PSU to authenticate with their ASPSP while using a TPP for the PIS service, using the same web based authentication method which they use when accessing the ASPSP web channel directly.

This model works when the PSU is consuming the PIS service on a device that does not have the ASPSP app, or the PSU does not have the ASPSP mobile app.

Wireframes

To demonstrate web based redirection we have used one variation of PIS journey (Sec  Single Domestic Payments – a/c selection @ PISP) as an example, where the ASPSP receives all the details of the payment order from the PISP.

This redirection flow applies to other variations of PIS journeys covered in detail under section  Payment Initiation Services (PIS).

This content is best viewed on a desktop browser.

1

CEG Checklist Requirements 1
PSU payment Account Selection PISPs must provide PSUs at least one of the following options: Enter their Payer’s payment Account Identification details. Select their Account Identification details (this assumes they have been saved previously).

2

CEG Checklist Requirements 2
PISPs must communicate information clearly to the PSU when obtaining consent in order to initiate the payment order.

4

CEG Checklist Requirements 4
The redirection must take the PSU to an ASPSP web page (desktop/mobile) for authentication purposes only without introducing any additional screens. The web based authentication must have no more than the number of steps that the PSU would experience when directly accessing the web based ASPSP channel (desktop/mobile).

5

CEG Checklist Requirements 5
ASPSPs must display, as minimum, the Payment Amount, Currency and the Payee Account Name to make the PSU aware of these details (unless an SCA exemption is being applied). These details must be displayed as part of the authentication journey on at least one of the following screens without introducing additional confirmation screens (unless supplementary information is required, refer to section Single Domestic Payments – Supplementary info): 1. Authentication screen (recommended). 2. ASPSP to PISP redirection screen.

6

CEG Checklist Requirements 5
ASPSPs must display, as minimum, the Payment Amount, Currency and the Payee Account Name to make the PSU aware of these details (unless an SCA exemption is being applied). These details must be displayed as part of the authentication journey on at least one of the following screens without introducing additional confirmation screens (unless supplementary information is required, refer to section 4.1.2): 1. Authentication screen (recommended). 2. ASPSP to PISP redirection screen.

7

CEG Checklist Requirements 6
ASPSPs web based authentication must have no more than the number of steps that the PSU would experience when making a payment directly through the ASPSP web based channel (desktop/mobile).

10

CEG Checklist Requirements 9
PSUs must be redirected straight back to the PISP website/app on the same device where PISP displays confirmation of successful initiation.

CEG Checklist Requirements & CX Considerations

1

PSU payment Account Selection PISPs must provide PSUs at least one of the following options:

  • Enter their Payer’s payment Account Identification details.
  • Select their Account Identification details (this assumes they have been saved previously).

24

2

PISPs must communicate information clearly to the PSU when obtaining consent in order to initiate the payment order.

8

PISPs should make the PSU aware through an inbound redirection screen that they are being taken to their ASPSP for authentication to complete the payment. PISP should display in the Redirection screen the Payment Amount, Currency and the Payee Account Name to make the PSU aware of these details.

4

The redirection must take the PSU to an ASPSP web page (desktop/mobile) for authentication purposes only without introducing any additional screens.  The web based authentication must have no more than the number of steps that the PSU would experience when directly accessing the web based ASPSP channel (desktop/mobile).

1

5

ASPSPs must display, as minimum, the Payment Amount, Currency and the Payee Account Name to make the PSU aware of these details (unless an SCA exemption is being applied). These details must be displayed as part of the authentication journey on at least one of the following screens without introducing additional confirmation screens (unless supplementary information is required, refer to section Single Domestic Payments – Supplementary info):

  1. Authentication screen (recommended).
  2. ASPSP to PISP redirection screen.

28

6

ASPSPs web based authentication must have no more than the number of steps that the PSU would experience when making a payment directly through the ASPSP web based channel (desktop/mobile).

1

ASPSPs should have an outbound redirection screen which indicates the status of the request and informs the PSU that they will be automatically taken back to the PISP.

PSUs must be redirected straight back to the PISP website/app on the same device where PISP displays confirmation of successful initiation.

9

PSU must be redirected straight back to the PISP website/app on the same device where PISP displays confirmation of successful initiation.

26

What the research says

“Research amongst consumers has shown that 29% of participants actively prefer a browser based PIS journey for a single domestic payment, whilst 32% prefer an app based journey. Those preferring a browser based journey refer to security and ease to explain their choice. Those preferring the app based alternative select it because they deem it easier than the web based experience, with fewer mentioning security.”  

Click for customer research