One of the primary objectives of the Customer Experience Guidelines is to provide simplification and consistency across all Open Banking implementations. As such, we have defined a core set of authentication methods that can and should be used, subject to the scope and flexibility of any payment initiation and/or account information services provided by TPPs.
Other pages in this section Get Started Authentication Methods Account Information Services Payment Initiation Services Card Based Payment Instrument Issuers (CBPIIs) Checklist Appendices Change Log
Browser Based Redirection – AIS User Journey PSU Authentication with the ASPSP using browser based redirection from an AISP for an AIS request. This enables a PSU to authenticate with their ASPSP while using an AISP for an AIS service, using the same web based authentication method which the PSU uses when accessing the ASPSP web channel directly. This… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020 Browser Based Redirection – PIS User Journey PSU Authentication with the ASPSP using browser based redirection for a PIS request. This enables a PSU to authenticate with their ASPSP while using a TPP for the PIS service, using the same web based authentication method which they use when accessing the ASPSP web channel directly. This model works when the… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020 App Based Redirection – AIS User Journey PSU authentication with the ASPSP using the ASPSP mobile app installed on the same device on which the PSU is consuming the AISP service. This enables the PSU to authenticate with the ASPSP while using an AISP for an AIS service using the same ASPSP app based authentication method which they use… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020 App Based Redirection – PIS User Journey PSU authentication, with the ASPSP using the ASPSP mobile app installed on the same device on which the PSU is consuming the PISP service. This enables the PSU to authenticate with the ASPSP while using a PISP for a PIS service using the same ASPSP app based authentication method that they… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020 App to Browser Redirection App-to-browser redirection – AIS It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP’s… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020 App-to-browser redirection – AIS App-to-browser redirection – AIS It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP’s… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020 Browser-to-app redirection App-to-browser redirection – AIS It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP’s… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020 Effective use of redirection screens App-to-browser redirection – AIS It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP’s… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
Browser Based Redirection – AIS User Journey PSU Authentication with the ASPSP using browser based redirection from an AISP for an AIS request. This enables a PSU to authenticate with their ASPSP while using an AISP for an AIS service, using the same web based authentication method which the PSU uses when accessing the ASPSP web channel directly. This… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
Browser Based Redirection – PIS User Journey PSU Authentication with the ASPSP using browser based redirection for a PIS request. This enables a PSU to authenticate with their ASPSP while using a TPP for the PIS service, using the same web based authentication method which they use when accessing the ASPSP web channel directly. This model works when the… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
App Based Redirection – AIS User Journey PSU authentication with the ASPSP using the ASPSP mobile app installed on the same device on which the PSU is consuming the AISP service. This enables the PSU to authenticate with the ASPSP while using an AISP for an AIS service using the same ASPSP app based authentication method which they use… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
App Based Redirection – PIS User Journey PSU authentication, with the ASPSP using the ASPSP mobile app installed on the same device on which the PSU is consuming the PISP service. This enables the PSU to authenticate with the ASPSP while using a PISP for a PIS service using the same ASPSP app based authentication method that they… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
App to Browser Redirection App-to-browser redirection – AIS It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP’s… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
App-to-browser redirection – AIS App-to-browser redirection – AIS It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP’s… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
Browser-to-app redirection App-to-browser redirection – AIS It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP’s… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
Effective use of redirection screens App-to-browser redirection – AIS It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP’s… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
Decoupled Model A: Static PSU Identifier PSU provides a static identifier to the TPP (AISP/PISP/CBPII) which is passed to ASPSP to identify the PSU User Journey A decoupled authentication flow, where the PSU provides a static identifier to the TPP (AISP/PISP/CBPII) which is used by the ASPSP to notify the PSU, such that the PSU can authenticate using the… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020 Decoupled Model B: ASPSP Generated Identifier PSU provides an ASPSP generated unique identifier to the TPP (AISP/PISP/CBPII) which is then passed back to ASPSP to identify the PSU User Journey Demo journey A decoupled authentication flow where the PSU provides a dynamic identifier generated with their ASPSP to the TPP (AISP/PISP/CBPII) which is then used by the ASPSP to… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020 Decoupled Model C: TPP Generated Identifier PSU provides a TPP (AISP/PISP/CBPII) generated unique identifier to the ASPSP to identify the request from the TPP User Journey A decoupled authentication flow where the PSU provides a dynamic identifier generated with their ASPSP to the TPP (AISP/PISP/CBPII), which is then used by the ASPSP to identify the PSU through the… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020 Decoupled Model D: PSU with a TPP Account TPP (AISP/PISP/CBPII) passes the PSU’s stored unique identifier to the ASPSP to identify the PSU User Journey A decoupled authentication flow where the TPP (AISP/PISP/CBPII) provides the ASPSP a stored PSU identifier, generated by the ASPSP from a previous PSU transaction. This is used by the ASPSP to notify the PSU such that the PSU can… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
Decoupled Model A: Static PSU Identifier PSU provides a static identifier to the TPP (AISP/PISP/CBPII) which is passed to ASPSP to identify the PSU User Journey A decoupled authentication flow, where the PSU provides a static identifier to the TPP (AISP/PISP/CBPII) which is used by the ASPSP to notify the PSU, such that the PSU can authenticate using the… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
Decoupled Model B: ASPSP Generated Identifier PSU provides an ASPSP generated unique identifier to the TPP (AISP/PISP/CBPII) which is then passed back to ASPSP to identify the PSU User Journey Demo journey A decoupled authentication flow where the PSU provides a dynamic identifier generated with their ASPSP to the TPP (AISP/PISP/CBPII) which is then used by the ASPSP to… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
Decoupled Model C: TPP Generated Identifier PSU provides a TPP (AISP/PISP/CBPII) generated unique identifier to the ASPSP to identify the request from the TPP User Journey A decoupled authentication flow where the PSU provides a dynamic identifier generated with their ASPSP to the TPP (AISP/PISP/CBPII), which is then used by the ASPSP to identify the PSU through the… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
Decoupled Model D: PSU with a TPP Account TPP (AISP/PISP/CBPII) passes the PSU’s stored unique identifier to the ASPSP to identify the PSU User Journey A decoupled authentication flow where the TPP (AISP/PISP/CBPII) provides the ASPSP a stored PSU identifier, generated by the ASPSP from a previous PSU transaction. This is used by the ASPSP to notify the PSU such that the PSU can… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
ASPSP applies an available exemption User Journey SCA- RTS includes a number of available exemptions which permit an ASPSP not to apply SCA based on the availability of certain criteria, which consider factors such the amount, the beneficiary and the risk analysis of the transaction. When the ASPSP determines that an available exemption is applicable to the payment… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020 Using an Available Exemption with a Customer Identifier User Journey After the PSU has successfully initiated a payment initiation through a PISP, and details were held for future use (as per Single Domestic Payments – a/c selection @ PISP, item #11), this Journey can be used for initiating subsequent transactions. The PISP will provide to the ASPSP in all subsequent transactions a hint… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
ASPSP applies an available exemption User Journey SCA- RTS includes a number of available exemptions which permit an ASPSP not to apply SCA based on the availability of certain criteria, which consider factors such the amount, the beneficiary and the risk analysis of the transaction. When the ASPSP determines that an available exemption is applicable to the payment… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020
Using an Available Exemption with a Customer Identifier User Journey After the PSU has successfully initiated a payment initiation through a PISP, and details were held for future use (as per Single Domestic Payments – a/c selection @ PISP, item #11), this Journey can be used for initiating subsequent transactions. The PISP will provide to the ASPSP in all subsequent transactions a hint… View journey This version was published 4 Years & 8 Months ago 31 Mar 2020