Versions Compared

Version Old Version 58 New Version 59
Changes made by

CBB Admin

CBB Admin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The API endpoint allows the PISP to ask an ASPSP to create a new domestic-payment-consent consents resource.

  • The POST action indicates to the ASPSP that a domestic-payment-consents has been staged. At this point, the user/customer may not have been identified by the ASPSP, and the request payload may not contain any information of the account that should be debited

  • The endpoint allows the PISP to send a copy of the consent (between user/customer and PISP) to the ASPSP for the user/customer to authorise

  • The ASPSP creates the domestic-payment-consent consents resource and responds with a unique ConsentId to refer to the resource

...

The default Status is "AwaitingAuthorisation" immediately after the domestic-payment-consent consents has been created.

 S.No.

Status

Status Definition

1

AwaitingAuthorisation

The consent resource is awaiting user/customer authorisation

...

  • Once the user/customer authorises the payment-consent resource - the status of the payment-consent resource will be updated with "Authorised"

  • If the user/customer rejects the consent or the domestic-payment-consent consents has failed some other ASPSP validation, the status will be set to "Rejected"

  • Once a domestic-payment has been successfully created using the domestic-payment-consentconsents, the status of the domestic-payment-consent consents will be set to "Consumed"

...

The default Status is "AwaitingAuthorisation" immediately after the domestic-payment-consent consents has been created.

 S.No.

Status

Status Definition

1

AwaitingAuthorisation

The consent resource is awaiting user/customer authorisation

2

Rejected

The consent resource has been rejected

3

Authorised

The consent resource has been successfully authorised

4

Consumed

The consented action has been successfully completed. This does not reflect the status of the consented action

...

The API endpoint allows the PISP to ask an ASPSP to confirm funds on a domestic-payment-consent consents resource.

  • If the domestic-payment-consent consents resource has an Authorised status the ASPSP must respond to a funds confirmation request (yes/No). If the status is not Authorised, an ASPSP must respond with a 400 (Bad Request) and a BH.OBF.Resource.InvalidConsentStatus error code

  • Confirmation of funds requests do not affect the status of the domestic-payment-consent consents resource

3.4 State Model

3.4.1 Payment Order Consent

The state model for the domestic-payment-consent consents resource follows the generic consent state model. However, does not use the Revoked status, as the consent for a domestic-payment is not a long-lived consent.

...

This section describes the OBDomesticPaymentInitiation class which is reused as the Initiation object in the domestic-payment-consent consents resource

4.1.1 UML Diagram

...

  • All elements in the Initiation payload that are specified by the PISP must not be changed via the ASPSP, as this is part of formal consent from the user/customer

  • If the ASPSP is able to establish a problem with payload or any contextual error during the API call, the ASPSP must reject the domestic-payment-consent consents request immediately

  • If the ASPSP establishes a problem with the domestic-payment-consent consents after the API call, the ASPSP must set the status of the domestic-payment-consent consents resource to Rejected

  • DebtorAccount is optional, as the PISP may not know the account identification details for the user/customer

  • If the DebtorAccount is specified by the PISP and is invalid for the user/customer, then the domestic-payment-consent consents will be set to reject after user/customer authentication

  • Account Identification field usage:

...

  • Neither the InstructionIdentification nor EndToEndIdentification will be used as the domestic-payment-consent consents resource identifier (ConsentId) as the ConsentId must be uniquely generated by the ASPSP

  • LocalInstrument is the requested payment scheme for execution

...

4.3.2 Notes

The domestic-payment-consent consents response contains the full original payload from the domestic-payment-consent consents request, with the additional elements below:

  • ConsentId

  • CreationDateTime the domestic-payment-consent consents resource was created

  • Status and StatusUpdateDateTime of the domestic-payment-consent consents resource

  • CutOffDateTime Behaviour is explained in Payment Initiation API Profile, Section - Payment Restrictions -> CutOffDateTime Behaviour

  • ExpectedExecutionDateTime for the domestic-payment resource if created before CutOffDateTime - the expected DateTime the payment is executed against the Debtor Account. If populated, the ASPSP must update the value with any changes (e.g., after user/customer authorisation)

  • ExpectedSettlementDateTime for the domestic-payment resource if created before CutOffDateTime - the expected DateTime the payment will be received at the Creditor Account. If populated, the ASPSP must update the value with any changes (e.g., after user/customer authorisation)

  • Charges array for the breakdown of applicable ASPSP charges

  • Post successful user/customer Authentication, an ASPSP may provide Debtor/Name in the payment-order-consent Response, even when the Payer didn't provide the Debtor Account via PISP

...