Other pages in this section Consent for Confirmation of Funds (CoF) CBPII Access Dashboard & Revocation Confirmation of Funds – Y/N Response CBPII Revocation of Consent Re-Authentication of CoF Access at the ASPSP
This content is best viewed on a desktop browser. 1 CEG Checklist Requirements 1Consent Dashboard The CBPII Consent Dashboard must display all Confirmation of Funds access consents provided to the CBPII. Thus, for each PSU account, there must be a consent entry granting CoF access to the account for CoF purposes by the PSU. The Consent Dashboard should also describe for each consent: The ASPSP. The ongoing nature of the consent and when the consent for CoF access to the account will expire. The date the CoF consent was granted by the PSU. In addition, the CBPII Consent Dashboard could also include details on the purpose for which the funds checks is used (including whether any other parties will have access to the information) and clear and reassuring messages about what information is made available from the ASPSPs, as per the examples described in 5.1.1, item #2. 2 CEG Checklist Requirements 2For each ASPSP account granted CoF access, CBPIIs should display the PSU payment account identification (such as account name, sort code and account number) and expiration date and time. Note: PSU account number should be masked. 3 CEG Checklist Requirements 3CBPIIs must allow PSUs to revoke the CoF consent for each specific ASPSP account. 4 CEG Checklist Requirements 4Cancellation Request CBPIIs must allow PSUs to confirm that they want to cancel CoF consent of their account to the CBPII. CBPIIs should inform PSUs that once CoF consent is revoked, the CBPII will no longer be able to check the availability of funds in their account. CBPIIs should inform PSUs of the exact consequences of cancelling their consent, for example it may cause their CBPII transactions to be declined or they will no longer be able to receive the specific services from the CBPIIs etc. CBPIIs should give equal prominence to the choices of continuing or cancelling the CBPII CoF consent. 5 CEG Checklist Requirements 5CBPIIs must inform ASPSPs that PSUs have withdrawn their consent by making call to the DELETE API endpoint as soon as practically possible (as described in Version 3 of the Read/Write API specifications). This will ensure that no further CoF account access will be accepted by ASPSPs. Note1: ASPSPs must support the Delete process as described in the Version 3 Read/Write API specifications. Note 2: This activity is not visible to PSUs as it takes place in the background, however it will ensure no further CoF responses are provided by ASPSPs to CBPIIs). 6 CX Consideration 6For each ASPSP account granted CoF access, CBPIIs should display the PSU payment account identification (such as account name, sort code and account number) and expiration date and time. Note: PSU account number should be masked. Select to scroll left Select to scroll right
CEG Checklist Requirements & Customer Experience Considerations 1 Consent Dashboard The CBPII Consent Dashboard must display all Confirmation of Funds access consents provided to the CBPII. Thus, for each PSU account, there must be a consent entry granting CoF access to the account for CoF purposes by the PSU. The Consent Dashboard should also describe for each consent: •The ASPSP. •The ongoing nature of the consent and when the consent for CoF access to the account will expire. •The date the CoF consent was granted by the PSU. In addition, the CBPII Consent Dashboard could also include details on the purpose for which the funds checks is used (including whether any other parties will have access to the information) and clear and reassuring messages about what information is made available from the ASPSPs, as per the examples described in Single Domestic Payments – a/c selection @ PISP, item #2. 9 2 For each ASPSP account granted CoF access, CBPIIs should display the PSU payment account identification (such as account name, sort code and account number) and expiration date and time. Note: PSU account number should be masked. 3 CBPIIs must allow PSUs to revoke the CoF consent for each specific ASPSP account. 9 4 Cancellation Request CBPIIs must allow PSUs to confirm that they want to cancel CoF consent of their account to the CBPII. CBPIIs should inform PSUs that once CoF consent is revoked, the CBPII will no longer be able to check the availability of funds in their account. CBPIIs should inform PSUs of the exact consequences of cancelling their consent, for example it may cause their CBPII transactions to be declined or they will no longer be able to receive the specific services from the CBPIIs etc. CBPIIs should give equal prominence to the choices of continuing or cancelling the CBPII CoF consent. 9 5 CBPIIs must inform ASPSPs that PSUs have withdrawn their consent by making call to the DELETE API endpoint as soon as practically possible (as described in Version 3 of the Read/Write API specifications). This will ensure that no further CoF account access will be accepted by ASPSPs. Note1: ASPSPs must support the Delete process as described in the Version 3 Read/Write API specifications. Note 2: This activity is not visible to PSUs as it takes place in the background, however it will ensure no further CoF responses are provided by ASPSPs to CBPIIs). 9 6 CBPII ConfirmationCBPIIs should confirm to PSUs that CoF consent to their account has been cancelled.
Confirmation of Funds – Y/N Response Previous Related articles Please select API specifications Consent Revocation DELETE funds-confirmation-consents Re-Authentication of CoF Access at the ASPSP Next