Customer Experience Guidelines

Card Based Payment Instrument Issuers (CBPIIs)

This version is:

Published 3 years ago 31 Mar 2021

One of the primary ambitions of these guidelines is to provide simplification and consistency throughout each stage of the Open Banking implementation. As such, we have defined a core set of PSU journeys for CBPIIs.

Other pages in this section

Regulation 68 of the PSRs provides a mechanism whereby payment service providers (PSPs) issue a card based instrument which is linked to an account or accounts held at one or more different ASPSPs (provided those accounts are accessible online) and request a confirmation on the availability of funds. The payment service provider that issues the payment instrument is known as a Card-Based Payment Instrument Issuer or CBPII.

When the PSU uses the card-based payment instrument to initiate a payment transaction, the CBPII is entitled to request a confirmation from the PSUs ASPSP to which the account is linked, to confirm whether there are sufficient funds available for the transaction amount. The ASPSP is obliged to respond with an immediate ‘yes/no’ answer, provided the relevant regulatory requirements are met.

CBPII Core Journeys

Open Banking API specifications support CoF services for Card Based Payment Instrument Issuers (CBPIIs). These services allow PSUs to provide explicit consent to an ASPSP, so that they can respond to confirmation of funds requests from CBPIIs, limited to a Y/N. CBPIIs can subsequently submit confirmation of funds requests to the ASPSP provided that the PSU has also provided their explicit consent to the CBPII and has initiated a payment transaction with the payment instrument for the amount in question.

This section describes how each of the Participants (CBPIIs and ASPSPs) in the delivery of these services can optimise the customer experience for these. Furthermore, it provides some clarifications to these Participants on the usage of the APIs, which are not covered by the technical specifications and some best practice guidelines for implementation of the customer journeys.

Please note that unlike AIS journeys, the consent given to ASPSPs and CBPIIs can be “until further notice” and does not expire after 90 days. Thus, authentication does not need to occur after the initial set up for the specific CBPII has been completed. The consent to CBPIIs access will generally be ongoing or setup for a set period of time, after which PSUs will need to renew it.

Consent for Confirmation of Funds (CoF)

User Journey     Regulation 68(3)(a) of the PSRs, requires that the CBPIIs must have the explicit consent of the PSU prior to making Confirmation of Funds requests to the PSUs ASPSPs. Regulation 68(5)(b) of the PSRs requires that the ASPSPs must have the explicit consent of the PSU prior to responding to the first CBPII Confirmation of Funds…

This version was published 3 Years & 7 Months ago 31 Mar 2021

CBPII Access Dashboard & Revocation

User Journey     Regulation 68(6) PSRs states that if the PSU so requests, the ASPSP must inform the PSU of the CBPII which has made previous CoF and the answer given to that CBPII. As part of enabling this, ASPSPs mustprovide PSUs with a facility to view and revoke CoF access that they have…

This version was published 3 Years & 7 Months ago 31 Mar 2021

Confirmation of Funds – Y/N Response

User Journey Payments networks primarily operate under two different business models that can apply to CBPIIs. 1.Open-loop payments networks, such as Visa and MasterCard that are multi-party and operate through a scheme that connects two financial institutions. 2.Closed-loop networks which issue cards directly to consumers and serve merchants directly. As per PSD2 regulations, any authorised…

This version was published 3 Years & 7 Months ago 31 Mar 2021

CBPII Revocation of Consent

User Journey CBPIIs must provide PSUs with a facility to view and revoke consents that they have given to that CBPII. PSUs may have consented to CoF access to several accounts from one or more ASPSPs. This section describes how these consents should be displayed and how the customer journey to revoke them should be constructed….

This version was published 3 Years & 7 Months ago 31 Mar 2021

Re-Authentication of CoF Access at the ASPSP

User Journey     We note that generally ASPSPs may not require re-authentication of PSUs once PSUs have given their explicit consent to ASPSPs to provide Confirmation of Funds responses to requests from a specific CBPII, prior to the first request (as shown in journey Consent for Confirmation of Funds (CoF). However, there may be instances…

This version was published 3 Years & 7 Months ago 31 Mar 2021

Customer benefits

There may be several reasons for the customer to use the CBPII card and this will mainly depend on the actual CBPII proposition. Example benefits may include the following:

  • Loyalty scheme with benefits for using the CBPII card (points, air miles, cash back etc).
  • The customer has a single instrument to make payments from multiple accounts, with no need to carry a card wallet full of cards.
  • The customer only has to manage one card relationship, for example:
  • Remember the details for one card.
  • Store the details of one card with a retailer.
  • The customer will only have a single combined transaction list and statement for all their purchases.
  • Single proxy for multiple accounts for all card usages.
  • Less probability to have a purchase transaction declined as multiple funding accounts may be used without having to try several different cards.
  • Less need to handle expiring cards from various bank accounts.

Please note that the Confirmation of Funds (CoF) mechanism does not guarantee to the CBPII that they will receive the funds from the PSUs account, as CoF is only a snapshot which confirms whether the funds are available at the time of the request. The ASPSP does not block funds on the PSU’s account for the CBPII card payment.

Moreover, please note that the CoF API made available to CBPIIs is for funds checking only and does not facilitate settlement of the transaction (i.e. the transfer of the funds from the PSU funding account to the CBPII). This is in the CBPII competitive space and could be fulfilled using various means such as Direct Debit, PISP push payment etc.

Finally, PSRs and RTS do not appear to place limitation into the number of payment accounts that can be linked into a single CBPII issued card. This is in the competitive space of the CBPIIs. Furthermore, PSRs and RTS do not specify which card types can be linked with the payment account, for example physical cards only or also tokenised virtual cards. Again, this is in the competitive space of the CBPIIs.