About these guidelinesLibrary items are designed to accelerate content creation, maintain consistency, and facilitate sitewide updates. This page lists out library items for viewing and editing. Producers should familiarise themselves with these items to avoid unnecessary work.
Dialog dark blue outline
This guidance explains the categorisation of requirements for account providers and third party providers implementing any part of the Standard. This covers the API Specifications, Security Profiles, Customer Experience Guidelines and Checklist, and Operational Guidelines and Checklist. This guidance should be read before referencing the Standards documents.
Journey + wireframe
PSU Authentication with the ASPSP using browser based redirection from an AISP for an AIS request.
This enables a PSU to authenticate with their ASPSP while using an AISP for an AIS service, using the same web based authentication method which the PSU uses when accessing the ASPSP web channel directly.
This model works when the PSU is consuming the AISP service on a device that does not have the ASPSP app, or the PSU does not have the ASPSP mobile app.
To demonstrate the web based redirection part of the journey, we have used an AISP initial setup (Sec 3.1.1) as one example.
The redirection flow applies to other AIS journeys covered in detail under Section 3.
CEG Checklist Requirements 1
AISPs must initially ask the PSU to identify the ASPSP so that the consent request can be constructed in line with the ASPSP's data clusters.
CX Considerations 2
AISP should make the PSU aware on the inbound redirection screen that they will be taken to their ASPSP for authentication for account access.
CEG Checklist Requirements 3
The redirection must take the PSU to the ASPSP web page (desktop/mobile) for authentication purposes only without introducing any additional screens. The web based authentication must have no more than the number of steps that the PSU would experience when directly accessing the web based ASPSP channel (desktop/mobile).
CX Considerations 4
ASPSP should make the PSU aware that the PSU login details will not be visible to the AISP.
CEG Checklist Requirements 5
PSUs must be able to confirm the account(s) which they would like the AISP to have access to without having to go through any further unnecessary screens.
CX Considerations 6
SPSP should have an outbound redirection screen which indicates the status of the request and informs the PSU that they will be automatically taken back to the AISP.
CEG Checklist Requirements 7
ASPSP should inform the PSU on the outbound redirection screen that their session with the ASPSP is closed.
CEG Checklist Requirements 8
AISPs should confirm the successful completion of an account information data request.
Related API + research panel
Domestic Payment Usage Examples
What the research says
“Research amongst consumers has shown that 29% of participants actively prefer a browser based PIS journey for a single domestic payment, whilst 32% prefer an app based journey. Those preferring a browser based journey refer to security and ease to explain their choice. Those preferring the app based alternative select it because they deem it easier than the web based experience, with fewer mentioning security.”
Click for Customer Research