It is becoming common for TPPs to provide PSUs, using a desktop browser, with a way to authenticate using their ASPSP mobile app. This is a variant of a decoupled redirection flow where a TPP presents the PSU a QR code as an identifier.
Other pages in this section Browser Based Redirection – AIS Browser Based Redirection – PIS App Based Redirection – AIS App Based Redirection – PIS App-to-Browser Redirection Redirection with TPP Generated QR code Decoupled Model A: Static PSU Identifier Decoupled Model B: ASPSP Generated Identifier Decoupled Model C: TPP Generated Identifier Decoupled Model D: PSU with a TPP Account ASPSP applies an available exemption Using an Available Exemption with a Customer Identifier
This content is best viewed on a desktop browser. 1 CEG Checklist Requirements 1For this step, please refer Section Single Domestic Payments – a/c selection @ PISP), step 1 & step 2. 2 CX Considerations 2If PISPs support this model then they must display QR code generated in the browser to the PSU and information on how the PSU can scan the QR code on another device. 3 CX Considerations 3PSUs should be able to easily use the QR code presented by the PISP application (e.g. scan the code on their mobile device from the Desktop in this instance) without much friction (e.g manually entering an alphanumeric code). 4 CEG Checklist Requirements 4After the PSU scans the QR code on their mobile device, the PSU must be automatically redirected to their ASPSP mobile app to authenticate and complete the journey. ASPSPs performs SCA. The ASPSP app-based authentication must have no more than the number of steps that the PSU would experience when directly accessing the ASPSP mobile app (biometric, passcode, credentials). 5 CEG Checklist Requirements 5Additional Parameters ASPSPs must allow PSUs to select the payment account to complete the payment order for execution. It is up to ASPSP to consider relevant obligations relating to the FCA’s High-Cost Credit Review: Overdrafts consultation paper and policy statement (CP18/42) & (PS19/16)”. The ASPSP must display the payment request and clearly mention the amount and the payee and payment account. 6 CX Considerations 6:ASPSPs should inform PSUs about their “point of no return” for making the payment and that their payment will be made after pressing the Proceed button. Example wording: “Press Proceed to make payment“. 7 PISP Confirmation:As per Single Domestic Payments – a/c selection @ PISP, item #10. Select to scroll left Select to scroll right
CEG Checklist Requirements & CX Considerations 1 For this step, please refer Section Single Domestic Payments – a/c selection @ PISP), step 1 & step 2. 22 & 24 2 If PISPs support this model then they must display QR code generated in the browser to the PSU and information on how the PSU can scan the QR code on another device. 3 PSUs should be able to easily use the QR code presented by the PISP application (e.g. scan the code on their mobile device from the Desktop in this instance) without much friction (e.g manually entering an alphanumeric code). 4 After the PSU scans the QR code on their mobile device, the PSU must be automatically redirected to their ASPSP mobile app to authenticate and complete the journey. ASPSPs performs SCA. The ASPSP app-based authentication must have no more than the number of steps that the PSU would experience when directly accessing the ASPSP mobile app (biometric, passcode, credentials). 1 5 Additional Parameters ASPSPs must allow PSUs to select the payment account to complete the payment order for execution. It is up to ASPSP to consider relevant obligations relating to the FCA’s High-Cost Credit Review: Overdrafts consultation paper and policy statement (CP18/42) & (PS19/16)”. The ASPSP must display the payment request and clearly mention the amount and the payee and payment account. 23 6 ASPSPs should inform PSUs about their “point of no return” for making the payment and that their payment will be made after pressing the Proceed button. Example wording: “Press Proceed to make payment“. 7 PISP Confirmation: As per Single Domestic Payments – a/c selection @ PISP, item #10. 25 & 26
App-to-Browser Redirection Previous Related articles Please select API specifications Decoupled Model A: Static PSU Identifier Next