Customer Experience Guidelines

Card Based Payment Instrument Issuers (CBPIIs)

This version is:

Published 4 years ago 25 Jun 2020
Overview One of the primary ambitions of these guidelines is to provide simplification and consistency…

Other pages in this section

Overview

One of the primary ambitions of these guidelines is to provide simplification and consistency throughout each stage of the Open Banking implementation.
As such, we have defined a core set of PSU journeys for CBPIIs.

Regulation 68 of the PSRs provides a mechanism whereby payment service providers (PSPs) issue a card based instrument which is linked to an account or accounts held at one or more different ASPSPs (provided those accounts are accessible online) and request a confirmation on the availability of funds. The payment service provider that issues the payment instrument is known as a Card-Based Payment Instrument Issuer or CBPII.

When the PSU uses the card-based payment instrument to initiate a payment transaction, the CBPII is entitled to request a confirmation from the PSUs ASPSP to which the account is linked, to confirm whether there are sufficient funds available for the transaction amount. The ASPSP is obliged to respond with an immediate ‘yes/no’ answer, provided the relevant regulatory requirements are met.

Customer benefits

There may be several reasons for the customer to use the CBPII card and this will mainly depend on the actual CBPII proposition. Example benefits may include the following:

  • Loyalty scheme with benefits for using the CBPII card (points, air miles, cash back etc).
  • The customer has a single instrument to make payments from multiple accounts, with no need to carry a card wallet full of cards.
  • The customer only has to manage one card relationship, for example:
  • Remember the details for one card.
  • Store the details of one card with a retailer.
  • The customer will only have a single combined transaction list and statement for all their purchases.
  • Single proxy for multiple accounts for all card usages.
  • Less probability to have a purchase transaction declined as multiple funding accounts may be used without having to try several different cards.
  • Less need to handle expiring cards from various bank accounts.

Please note that the Confirmation of Funds (CoF) mechanism does not guarantee to the CBPII that they will receive the funds from the PSUs account, as CoF is only a snapshot which confirms whether the funds are available at the time of the request. The ASPSP does not block funds on the PSU’s account for the CBPII card payment.

Moreover, please note that the CoF API made available to CBPIIs is for funds checking only and does not facilitate settlement of the transaction (i.e. the transfer of the funds from the PSU funding account to the CBPII). This is in the CBPII competitive space and could be fulfilled using various means such as Direct Debit, PISP push payment etc.

Finally, PSRs and RTS do not appear to place limitation into the number of payment accounts that can be linked into a single CBPII issued card. This is in the competitive space of the CBPIIs. Furthermore, PSRs and RTS do not specify which card types can be linked with the payment account, for example physical cards only or also tokenised virtual cards. Again, this is in the competitive space of the CBPIIs.

CBPII Core Journeys

Open Banking API specifications support CoF services for Card Based Payment Instrument Issuers (CBPIIs). These services allow PSUs to provide explicit consent to an ASPSP, so that they can respond to confirmation of funds requests from CBPIIs, limited to a Y/N. CBPIIs can subsequently submit confirmation of funds requests to the ASPSP provided that the PSU has also provided their explicit consent to the CBPII and has initiated a payment transaction with the payment instrument for the amount in question.

This section describes how each of the Participants (CBPIIs and ASPSPs) in the delivery of these services can optimise the customer experience for these. Furthermore, it provides some clarifications to these Participants on the usage of the APIs, which are not covered by the technical specifications and some best practice guidelines for implementation of the customer journeys.

Please note that unlike AIS journeys, the consent given to ASPSPs and CBPIIs can be “until further notice” and does not expire after 90 days. Thus, authentication does not need to occur after the initial set up for the specific CBPII has been completed. The consent to CBPIIs access will generally be ongoing or setup for a set period of time, after which PSUs will need to renew it.

Consent for Confirmation of Funds (CoF)

Regulation 68(3)(a) of the PSRs, requires that the CBPIIs must have the explicit consent of the PSU prior to making Confirmation of Funds requests to the PSUs ASPSPs.

This version was published 4 Years & 5 Months ago 25 Jun 2020

CBPII Access Dashboard & Revocation

Regulation 68(6) PSRs states that if the PSU so requests, the ASPSP must inform the PSU of the CBPII which has made previous CoF and the answer given to that CBPII.

This version was published 4 Years & 5 Months ago 25 Jun 2020

Confirmation of Funds – Y/N Response

As per PSD2 regulations, any authorised PSP, be it a bank or a payment institution, can issue payment instruments. Payment instruments not only cover payment cards such as debit and credit cards, but any personalised device or set of rules agreed between the issuer and the user that is used to initiate a payment.

This version was published 4 Years & 5 Months ago 25 Jun 2020

CBPII Revocation of Consent

CBPIIs must provide PSUs with a facility to view and revoke consents that they have given to that CBPII. PSUs may have consented to CoF access to several accounts from one or more ASPSPs.

This version was published 4 Years & 5 Months ago 25 Jun 2020

Re-Authentication of CoF Access at the ASPSP

We note that generally ASPSPs may not require re-authentication of PSUs once PSUs have given their explicit consent to ASPSPs to provide Confirmation of Funds responses to requests from a specific CBPII, prior to the first request.

This version was published 4 Years & 5 Months ago 25 Jun 2020