Versions Compared

Version Old Version 16 New Version 17
Changes made by

CBB Admin

CBB Admin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleASPSP (Account Servicing Payment Service Provider)

Account Servicing Payment Service Providers (ASPSP) or ‘ASPSP’ refers to the CBB licensees (include conventional retail bank licensees and Islamic retail bank licensees) who provide and maintain a payment account for a user/customer and, in the context of the Open Banking Ecosystem are entities that publish Read/Write APIs to permit, with customer consent, payments initiated by third party providers and/or make their customers’ account transaction data available to third party providers via their API endpoints.

...

Expand
titlePISP (Payment Initiation Service Provider)

Payment Initiation Service Provider (PISP) or ‘PISP’ refers to a person licensed by the CBB to initiate payment or credit transfers for the customer from an account held with an ASPSP. The role of a PISP is restricted to providing the technology or other means in order to initiate a payment order and the handling of communication or electronic documents between the customer and the licensees should the terms of the offer include such services. PISPs must not receive or otherwise handle customer funds in the course of providing payment initiation services.

Expand
titleAISP (Account Information Services Provider)

Account Information Services Provider (AISP) or ‘AISP’ refers to a person licensed by the CBB to provide account information services using an online portal, mobile or smartphone application, device or other electronic media which a consenting customer can use to obtain aggregate or consolidated information about his/her account balances with ASPSP. The role of an AISP is restricted to providing the technology or other means in order to provide account information to the customer and the handling of communication or electronic documents between the customer and the licensees should the terms of the offer include such services. AISPs must not receive or otherwise handle customer funds in the course of providing account information services.

...

Expand
titlePDPL (Personal Data Protection Law)

The PDPL Personal Data Protection Law or ‘PDPL’ is the data protection law of Bahrain that applies to any entity processing personal data wholly or partly by automated means – as well as the manual processing of personal data as part of an organized filing system.

...

Expand
titleOptional

Functionality and endpoints marked as Optional are not necessarily required for regulatory compliance but may be implemented to enable desired customer outcomes.

For functionalities and endpoints:

  • An ASPSP may implement an Optional endpoint

  • An ASPSP may implement Optional functionality

For fields:

  • There are no Optional fields

For any endpoints which are implemented by an ASPSP, the fields are either Mandatory or Conditional.

Expand
titleCDCVM (Consumer Device Cardholder Verification Method)

Consumer Device Cardholder Verification Method (CDCVM) or ‘CDCVM’ is a card network supported verification process performed by the customer.  CDCVM is applicable while the customer assessing transactions originating from mobile devices and help evaluate/identify the legitimate owner of the payment instrument.

Expand
JSON
titleJSON (JavaScript Object Notation)

JavaScript Object Notation or ‘JSON’ is a lightweight data-interchange format. It is easy for humans to read and write. It is easy for machines to parse and generate. JSON is a text format that is completely language independent but uses conventions that are familiar to programmers of the C-family of languages, including C, C++, C#, Java, JavaScript, Perl, Python, and many others.

Expand
titleUML (Unified Modeling Language)

The Unified Modeling Language™ (UML®) or ‘UML®’ is a standard visual modeling language intended to be used for:

  • modeling business and similar processes,

  • analysis, design, and implementation of software-based systems

UML is a common language for business analysts, software architects and developers used to describe, specify, design, and document existing or new business processes, structure and behavior of artifacts of software systems.

Expand
titleYAML

YAML - Ain’t Markup Language (abbreviated YAML) Ain’t Markup Language or ‘YAML’ is a human friendly, cross language, unicode based data serialization language designed around the common native structures of agile programming languages. It is broadly useful for programming needs ranging from configuration files to Internet messaging to object persistence to data auditing.

...

Expand
titleHTTP Status Codes

Kindly refer to https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml for the HTTP response codes for different HTTP methods, across all Read/Write API endpoints.

Expand
titleCIBA (Client Initiated Backchannel Authentication)

Client Initiated Backchannel Authentication (CIBA) or ‘CIBA’ is an authentication flow in which AISPs/PISPs, that can obtain a valid identifier for the user they want to authenticate, will be able to initiate an interaction flow to authenticate their users without having end-user interaction from the consumption device. The flow involves direct communication from the Client to the ASPSPs without redirection through the user's browser (consumption device).

...