The Standards support both redirection and decoupled authentication to allow a PSU to use the same authentication mechanisms, whether using an AISP or PISP, as they do accessing their ASPSP directly.
Other pages in this section Get Started Authentication Methods Account Information Services Payment Initiation Services CBPIIs / Card Based Payment Instrument Issuers Dashboards Customer Experience Checklist Appendices Change Log
Browser Based Redirection – AIS PSU Authentication with the ASPSP using browser based redirection from an AISP for an AIS request. This enables a PSU to authenticate with their ASPSP while using an AISP for an AIS service, using the same web based authentication method which the PSU uses when accessing the ASPSP web channel directly. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021 Browser Based Redirection – PIS PSU Authentication with the ASPSP using browser based redirection for a PIS request. This enables a PSU to authenticate with their ASPSP while using a TPP for the PIS service, using the same web based authentication method which they use when accessing the ASPSP web channel directly. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021 App Based Redirection – AIS PSU authentication with the ASPSP using the ASPSP mobile app installed on the same device on which the PSU is consuming the AISP service. This enables the PSU to authenticate with the ASPSP while using an AISP for an AIS service using the same ASPSP app based authentication method which they use when accessing the ASPSP mobile channel directly. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021 App Based Redirection – PIS PSU authentication, with the ASPSP using the ASPSP mobile app installed on the same device on which the PSU is consuming the PISP service. This enables the PSU to authenticate with the ASPSP while using a PISP for a PIS service using the same ASPSP app based authentication method that they use when accessing the ASPSP mobile channel directly. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021 App-to-Browser Redirection It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP's web channel to authenticate. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021 Browser-to-app redirection It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP's web channel to authenticate. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021 Redirection with TPP Generated QR code It is becoming common for TPPs to provide PSUs, using a desktop browser, with a way to authenticate using their ASPSP mobile app. This is a variant of a decoupled redirection flow where a TPP presents the PSU a QR code as an identifier. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021 Effective use of redirection screens It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP's web channel to authenticate. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
Browser Based Redirection – AIS PSU Authentication with the ASPSP using browser based redirection from an AISP for an AIS request. This enables a PSU to authenticate with their ASPSP while using an AISP for an AIS service, using the same web based authentication method which the PSU uses when accessing the ASPSP web channel directly. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
Browser Based Redirection – PIS PSU Authentication with the ASPSP using browser based redirection for a PIS request. This enables a PSU to authenticate with their ASPSP while using a TPP for the PIS service, using the same web based authentication method which they use when accessing the ASPSP web channel directly. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
App Based Redirection – AIS PSU authentication with the ASPSP using the ASPSP mobile app installed on the same device on which the PSU is consuming the AISP service. This enables the PSU to authenticate with the ASPSP while using an AISP for an AIS service using the same ASPSP app based authentication method which they use when accessing the ASPSP mobile channel directly. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
App Based Redirection – PIS PSU authentication, with the ASPSP using the ASPSP mobile app installed on the same device on which the PSU is consuming the PISP service. This enables the PSU to authenticate with the ASPSP while using a PISP for a PIS service using the same ASPSP app based authentication method that they use when accessing the ASPSP mobile channel directly. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
App-to-Browser Redirection It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP's web channel to authenticate. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
Browser-to-app redirection It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP's web channel to authenticate. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
Redirection with TPP Generated QR code It is becoming common for TPPs to provide PSUs, using a desktop browser, with a way to authenticate using their ASPSP mobile app. This is a variant of a decoupled redirection flow where a TPP presents the PSU a QR code as an identifier. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
Effective use of redirection screens It is possible that a PSU using a mobile device does not have their ASPSP mobile app installed, or their ASPSP does not provide an app at all. In these instances, the TPP app will need to launch the native mobile browser in order to present the PSU with their ASPSP's web channel to authenticate. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
Decoupled Model A: Static PSU Identifier A decoupled authentication flow, where the PSU provides a static identifier to the TPP (AISP/PISP/CBPII) which is used by the ASPSP to notify the PSU, such that the PSU can authenticate using the ASPSP app on a separate device. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021 Decoupled Model B: ASPSP Generated Identifier A decoupled authentication flow where the PSU provides a dynamic identifier generated with their ASPSP to the TPP (AISP/PISP/CBPII) which is then used by the ASPSP to identify the PSU through the ASPSP app to authenticate and action the TPP request. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021 Decoupled Model C: TPP Generated Identifier PSU provides a TPP (AISP/PISP/CBPII) generated unique identifier to the ASPSP to identify the request from the TPP User Journey A decoupled authentication flow where the PSU provides a dynamic identifier generated by the TPP (AISP/PISP/CBPII), which is then used by the ASPSP to identify the PSU through the ASPSP app to authenticate and action… View journey This version was published 3 Years & 2 Months ago 21 Oct 2021 Decoupled Model D: PSU with a TPP Account TPP (AISP/PISP/CBPII) passes the PSU’s stored unique identifier to the ASPSP to identify the PSU User Journey A decoupled authentication flow where the TPP (AISP/PISP/CBPII) provides the ASPSP a stored PSU identifier, generated by the ASPSP from a previous PSU transaction. This is used by the ASPSP to notify the PSU such that the PSU… View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
Decoupled Model A: Static PSU Identifier A decoupled authentication flow, where the PSU provides a static identifier to the TPP (AISP/PISP/CBPII) which is used by the ASPSP to notify the PSU, such that the PSU can authenticate using the ASPSP app on a separate device. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
Decoupled Model B: ASPSP Generated Identifier A decoupled authentication flow where the PSU provides a dynamic identifier generated with their ASPSP to the TPP (AISP/PISP/CBPII) which is then used by the ASPSP to identify the PSU through the ASPSP app to authenticate and action the TPP request. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
Decoupled Model C: TPP Generated Identifier PSU provides a TPP (AISP/PISP/CBPII) generated unique identifier to the ASPSP to identify the request from the TPP User Journey A decoupled authentication flow where the PSU provides a dynamic identifier generated by the TPP (AISP/PISP/CBPII), which is then used by the ASPSP to identify the PSU through the ASPSP app to authenticate and action… View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
Decoupled Model D: PSU with a TPP Account TPP (AISP/PISP/CBPII) passes the PSU’s stored unique identifier to the ASPSP to identify the PSU User Journey A decoupled authentication flow where the TPP (AISP/PISP/CBPII) provides the ASPSP a stored PSU identifier, generated by the ASPSP from a previous PSU transaction. This is used by the ASPSP to notify the PSU such that the PSU… View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
ASPSP applies an available exemption SCA- RTS includes a number of available exemptions which permit an ASPSP not to apply SCA based on the availability of certain criteria, which consider factors such the amount, the beneficiary and the risk analysis of the transaction. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021 Using an Available Exemption with a Customer Identifier User Journey After the PSU has successfully initiated a payment initiation through a PISP, and details were held for future use (as per Single Domestic Payments – a/c selection @ PISP, item #11), this Journey can be used for initiating subsequent transactions. The PISP will provide to the ASPSP in all subsequent transactions a hint… View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
ASPSP applies an available exemption SCA- RTS includes a number of available exemptions which permit an ASPSP not to apply SCA based on the availability of certain criteria, which consider factors such the amount, the beneficiary and the risk analysis of the transaction. View journey This version was published 3 Years & 2 Months ago 21 Oct 2021
Using an Available Exemption with a Customer Identifier User Journey After the PSU has successfully initiated a payment initiation through a PISP, and details were held for future use (as per Single Domestic Payments – a/c selection @ PISP, item #11), this Journey can be used for initiating subsequent transactions. The PISP will provide to the ASPSP in all subsequent transactions a hint… View journey This version was published 3 Years & 2 Months ago 21 Oct 2021