App Based Redirection – AIS
This enables the PSU to authenticate with the ASPSP while using an AISP for an AIS service using the same ASPSP app based authentication method which they use when accessing the ASPSP mobile channel directly.
AISP service could be web based or app based. The redirection must directly invoke the ASPSP app to enable the PSU to authenticate and must not require the PSU to provide any PSU identifier or other credentials to the AISP.
CEG Checklist Requirements 1
AISPs must initially ask PSU to identify ASPSP so that the consent request can be constructed in line with the ASPSP's data cluster capabilities.
CX Considerations 2
AISPs should make the PSU aware on the inbound redirection screen that they will be taken to their ASPSP for authentication for account access.
CEG Checklist Requirements 3
If the PSU has an ASPSP app installed on the same device the redirection must invoke the ASPSP app for authentication purposes only without introducing any additional screens. The ASPSP app based authentication must have no more than the number of steps that the PSU would experience when directly accessing the ASPSP mobile app(biometric, passcode, credentials) and offer the same authentication method(s) available to the PSU when authenticating in their ASPSP’s direct channels.
CEG Checklist Requirements 4
After authentication the PSU must be deep linked within the app to confirm the account(s) which they would like the AISP to have access to without having to go through any further mandatory screens.
For details on deep linking see Appendix 7.3.
CX Considerations 5
ASPSPs should have an outbound redirection screen which indicates the status of the request and informing the PSU that they will be automatically taken back to the AISP.
CX Considerations 6
ASPSPs should inform the PSU on the outbound redirection screen that their session with the ASPSP is closed.
CEG Checklist Requirements 7
AISPs should confirm the successful completion of the account information request.
CEG Checklist Requirements & CX Considerations
For details on deep linking see Appendix Deep Linking for App-to-App redirection.