OBIE would like to ensure all Participants looking to operate within the OBIE Ecosystems do so in a supported manner. This includes supporting TPPs with the ability to test their products and services (both at initial launch and also through subsequent changes) by providing a number of key tools and infrastructure to ensure that their products have been sufficiently tested prior to go-live. This helps continue to promote the culture of openness that was developed during the initial Managed Roll-Out period from January to March 2018.
This is known as Launch Support.
The purpose of this Section is to provide a brief overview of the Testing approach and act as a ‘hub’ from which participants can access relevant support documentation.
The recommended approach is based on OBIE’s published Launch Support testing document. It is designed to ensure that your TPP service operates effectively within the OBIE Ecosystem, supporting your journey from participating in the ‘test ecosystem’ to operating in the ‘production ecosystem’.
We suggest participation in OBIE test phases, as appropriate:
- Integration testing – Testing against Model Bank APIs in the Directory Sandbox
- Ecosystem testing* – Sandbox only.
- First Occurrence Validation (FOV) – via coordination of voluntary buddy relationships with ASPSPs.
These phases are also covered further in the Launch Support document. Testing requirements vary – therefore TPPs are encouraged to work with their designated OBIE representative to agree the most effective approach based on adapting the general approach described here.
The Service Desk supports participants through enrollment and provides level 1 support for participant tickets. If you have a query and wish to contact the Service Desk to ask how to maintain your entity in the Directory, it is worth consulting the following guide first which is likely to contain the answer:
The OBIE Participant On-Boarding Team provides technical support relating to issues raised, Directory integration, integration/dynamic registration with Model Banks, running of Conformance Tool, etc. Questions can be raised by creating a Jira ticket, the guide for which is below.
Launch Support is an enduring activity designed to provide support to Participants during their testing journey and on to go-live, where applicable. During Launch Support, OBIE will assist in the coordination of TPP / ASPSP voluntary buddying. Participants will also get access to an assigned central test team representative to assist and guide them through the appropriate testing process. They will also be invited to Testing Working Groups (TWG) where current challenges and hot topics are discussed as a community. A link to the TWG Confluence page for all participants is below.
Test Phase Engagement
OBIE will maintain an open inclusive dialogue with all participants. OBIE will actively encourage all participants to engage in testing for the benefit of the individual participants in the ecosystem as a whole. Depending on the ecosystem maturity of the participants, OBIE will guide participants to the appropriate testing ‘entry point’ for them and support them through testing.
The Open Banking ecosystem consists of a large number of separate organisations collaborating to provide a unified experience to the customer (PSU). To facilitate this the Central Test team will encourage information sharing and coordination while ensuring these principles are maintained:
- No surprises. All Participants who may be impacted by a change or are involved in its delivery should be aware of the plan, insufficient time for necessary action. OBIE can facilitate this communication.
- Constant communication. Many changes happen gradually, over time e.g. traffic growth. These too can impact the ecosystem performance, so sharing of information on volumes and other behaviour is vital to inform predictions of future growth and the ecosystem adjustments required.
- Respect confidentiality. All information will be treated with consideration in relation to confidentiality.
Preparation for service launch
- Where a new participant is planning to release a new offering into the market the Central Test team will coordinate and liaise with the ecosystem around any significant uplift in expected volumes of traffic on the specific APIs utilised by the new offering.
Participant Roles and Responsibilities
Participant can enter the OBIE Ecosystem with a variety of roles. This section is a brief guide for TPP Participants to the appropriate style of testing required by their role, as outlined in the Launch Support document (see also the table of URLs at the end of this Section). The actual approach applicable to the participant’s circumstances shall be agreed with your OBIE representative.
TPPs within the OBIE Ecosystem operate in one or more roles on the basis of their permissions granted by the FCA/ NCA:
The roles granted by the NCA are:
- AISP – An Account Information Service provides account information services as an online service to provide consolidated information on one or more payment accounts held by a payment service user with one or more payment service provider(s).
- PISP – A Payment Initiation Services Provider provides an online service to initiate a payment order at the request of the payment service user with respect to a payment account held at another payment service provider.
- CBPII – A Card-Based Payment Instrument Issuer is a payment services provider that issues card-based payment instruments that can be used to initiate a payment transaction from a payment account held with another payment service provider.
UK entities should use the FCA website for applications.
To register with the FCA, use their Connect system.
In addition to the three types of permissions granted by the FCA/NCA, there is also a class of participant who does not provide information directly to customers – Technical Service Providers (TSP) provide technical support to ASPSP, AISP, PISP and CBPII participants. This can include providing an API gateway which consolidates interfaces from all ASPSPs through to the provision of customer-facing systems for use by participants.
All links correct at time of publishing. OBIE takes no responsibility for any errors or omissions in the information hosted by third parties.
Software Statement Assertions and Consent Dashboards
The various roles, and their interaction with other Participants, can impact on:
- Who owns the Software Statement Assertion (SSA) and the appropriate entry (if any) in the ‘on behalf of’ field of the SSA, in the Directory.
- The identity of Participants displayed In the ASPSP access dashboard visible to the PSU.
These topics continue to evolve, therefore you must check with either your Central Testing team contact or by raising a Jira ticket contact the OBIE Standards team.
Further information can be found in the below links:
eIDAS Certificate Management
Following the conclusion of the FCA adjustment period on 14 March 2020, TPPs must identify themselves to ASPSPs using an eIDAS certificate. ASPSPs must be able to accept an eIDAS certificate from the TPP directly. Additionally, TPPs may use an alternative identification certificate issued by OBIE, provided that those TPPs have registered their eIDAS certificate with OBIE and OBIE continues to perform checks of the status of the eIDAS certificate.
When a TPP technically onboards with an ASPSP, they will usually be asked to share some basic contact details to facilitate future communications. TPPs are encouraged to include this information to make ensure that they can be easily contacted and be kept informed of any updates that may be important.
The four activities associated with obtaining and utilising an eIDAS certificate are outlined below:
Procuring eIDAS Certificates
OBIE Software Statements cannot be created without a valid eIDAS certificate uploaded to the OB Directory. It is therefore essential that acquire one.
A guide to purchasing an eIDAS certificate is available here.
Identification using your eIDAS Certificates:
TPPs can identify themselves to Open Banking by ‘uploading’ their eIDAS certificate to the OB Directory or by registering with Open Banking via an API.
- The process of uploading certificates is available here
- API specifications are available here.
- TPPs can also identify themselves directly with the ASPSPs.
Loading and Associating your eIDAS Certificates
Any eIDAS certificate, for it to be used within open banking, must be uploaded to the Directory. A general guide to this process is available here.
Managing your eIDAS Certificates
eIDAS certificates expire after a period of time, usually 2 years. It is essential that a replacement certificate is acquired and uploaded to the OBIE Directory before the existing certificate expires. Not having a valid certificate in place could result in the inability to create new OBIE Certificates and loss of service.