Versions Compared

Version Old Version 26 New Version 27
Changes made by

CBB Admin

CBB Admin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
maxLevel2

General

What is Bahrain Open Banking Framework (Bahrain OBF)?

...

  • Read access allows the data recipient to obtain copies of customers’ financial data and use it for such activities as data aggregation (for example – AIS - account aggregations services).

  • Write access allows data recipient to initiate payments on behalf of the user/customer (for example – PIS - payment initiation services).

Security and Privacy

Is Bahrain Open Banking safe?

...

Strong Customer Authentication or ‘SCA’ is authentication based on the use of three elements categorized as knowledge (something only the user knows [for example, a password]), possession (something only the user possesses [for example, particular cell phone and number]) and inherence (something the user is [or has, for example, a fingerprint or iris pattern]) that are independent, so the breach of one does not compromise the others, and is designed in such a way as to protect the confidentiality of the authentication data. For further information on elements of SCA or related exemptions, kindly refer to relevant Open Banking sections of the Rulebook.

Accreditation

Why should anyone apply for accreditation?

...

  • If the licensee fails to satisfy any of the license conditions;

  • If the licensee violates the terms of the CBB Rulebook;

  • If the licensee fails to start a business within six months from the date of the license;

  • If the licensee ceases to carry out the licensed activity in the Kingdom;

  • The legitimate interests of the customers or creditors of a licensee required such amendment or cancellation.

API Specification

What is the use of Unique Identifiers (Id Fields)?

...

An ASPSP must use the same participant-path-prefix and host name hostname for all its resources.

Examples:

  • https://xyz.com/apis/open-banking/v1.1/pisp/domestic-payments

  • https://xyz.com/apis/open-banking/v1.1/aisp/account-access-consents

  • https://xyz.com/apis/open-banking/v3.1/aisp/accounts

  • https://xyz.com/apis/open-banking/v3.1/aisp/accounts/1234

  • https://xyz.com/apis/open-banking/v3.1/aisp/accounts/1234/transactions

What are request headers?

...

Flow fails to succeed due to the USER/CUSTOMER providing invalid credentials to the ASPSP, resulting in no Authorisation Code being generated.

Further Information

How can I stay informed on new Open Banking updates or news?

...