| Table of Contents | ||||
|---|---|---|---|---|
|
...
Single domestic payment allows the User/Customer to post his/her consent to the PISPs to make a one-time payment for a specific amount to a specific payee immediately, wherein the PISP provides this instruction to the customer’s ASPSPs (banks). This use case details out the customer experience guidelines and technical API specifications that are required to be developed and followed by both ASPSPs (Banks) and PISPs. This use case is applicable to both retail and corporate customers. Depending on few decision points (as explained in the End to End user flow), three variations of the user journey has been mapped and explained in detail in the section below.
Few sample domestic payments may include account to account transfers, loan re-payment, university/exam fee payments, merchant payments (including bill payments for electricity, water, telephone, cab, and ticket), restaurant/hotel payments, E-commerce payment, wallet payments, Invoice and other corporate payments.
This section describes how each of the Participants (PISPs and ASPSPs) involved in the delivery of these services can optimise the customer experience for these services. Furthermore, it provides clarifications to participants on the usage of the APIs, and best practice guidelines for implementation of the customer journeys.
End to End User flow:
...
2. CX Guidelines
2.1 Single Domestic Payments – A/C Selection @PISP
2.1.1 User Journey
User/Customers can initiate, by providing their consent to PISPs, an instruction to their ASPSPs (Banks) to make a onetime payment for a specific amount to a specific payee where all information for a complete payment order (including the User/Customers’ account details) is passed from PISPs to ASPSPs (Banks). Once User/Customers have been authenticated in ASPSPs (Banks) domain, User/Customers must be directed back to the PISP domain.
...
2.1.2 Customer Experience Checklist and CX Considerations
...
S.No.
...
Requirements and Considerations
...
Participant
...
Implementation Requirements
...
1
...
Minimum Set of Parameters
PISPs must either allow User/Customers to specify the below minimum set of parameters or pre-populate them for the User/Customers:
Payment Amount and Currency (BHD for Bahrain implementations)
Payee Account Name
Payee Account Identification details (e.g. IBAN)
Payment Reference
...
PISP
...
Required
...
2
...
PSU payment Account Selection
PISPs must provide User/Customers at least one of the following options:
Enter their Payer's payment Account Identification details
Select their Account Identification details (this assumes they have been saved previously)
...
PISP
...
Required
...
3
PSU Consent to PISP
PISPs must request for the User/Customers' consent to the payment in a clear and specific manner. PISPs must display the following information in the consent screen:
...
Payment Amount and Currency (BHD for Bahrain implementations)
...
Payee Account Name
...
User/Customer payment Account Identification
Note 1: if User/Customer payment Account identification is selected in item #2, PISPs should mask the User/Customer payment Account details on the consent screen. Otherwise, if the User/Customer payment Account identification has been input by User/Customers in item #2, PISPs should not mask these details to allow User/Customers to check and verify correctness
Note 2: if User/Customer payment Account identification is provided by User/Customers in item #2, PISPs may use this to identify and display the ASPSP (Bank) without having to ask User/Customer
For Payee Account Identification details (e.g. account number and full IBAN):
If this has been provided by User/Customers in item #1, then PISPs must also display this in the consent screen to allow User/Customers to check and verify correctness
If this has been pre-populated by PISPs (e.g. in an e-commerce payment scenario) PISPs may choose whether to display this information or not
CX consideration:
PISPs should provide messaging to inform PSUs that they will be taken to their ASPSPs (Banks) to complete the payment. Example wording: "You will be securely transferred to YOUR ASPSP (Banks) to authenticate and make the payment"
Generic PISP to ASPSP (Bank) redirection screen and message
...
PISP
...
Required
...
4
...
SCA-Strong Customer Authentication
SCA (including dynamic linking) must be the only action required at the ASPSPs (Banks) (unless supplementary information required). The ASPSP (Bank) authentication must have no more than the number of steps that the User/Customer would experience when directly accessing the ASPSP (Bank) channel.
CX consideration:
If SCA as described in this section cannot occur on the same screen as displaying the amount and the payee (e.g. for some biometric authentications methods), then ASPSPs (Banks) should offer User/Customers options to proceed or cancel the payment with "equal prominence”
...
ASPSP
...
Required
...
5
...
ASPSP (Bank) displaying transaction summary
ASPSPs (Banks) must display as minimum the Payment Amount, Currency and the Payee Account Name to make the User/Customer aware of these details (unless an SCA exemption is being applied). These details must be displayed as part of the authentication journey on at least one of the following screens without introducing additional confirmation screens (unless supplementary information is required):
ASPSPs’ (Banks’) Authentication screen
ASPSP (Bank) to PISP redirection screen
Note: Displaying the balance in this instance need not require any additional strong customer authentication
CX consideration:
ASPSPs (Banks) should inform User/Customers about their “point of no return” for making the payment and that their payment will be made after authentication occurs. Example wording: “Authenticate to make payment”
Generic ASPSP (Bank) to PISP redirection screen and message
...
ASPSP
...
Required
...
6
...
PISP Confirmation
If received from ASPSPs, PISPs must display the information received from the ASPSP. This information may include:
The unique identifier assigned to the payment instruction by ASPSPs
The payment status (and status update date & time) - Confirmation of successful payment initiation
The expected payment execution date & time
The expected settlement date & time (i.e. the value date of the payment)
The ASPSP (Bank) charges (where applicable)
CX consideration:
If User/Customers provide their payment account identification details (as per item #2 options), the PISP may, with the consent of the User/Customer, save the account details for future transactions (such as making further payments or initiating refunds back to User/Customers) where this is part of the payment initiation service explicitly requested by the User/Customer. For example, a merchant, upon request from the User/Customer, may initiate a refund back to the User/Customer, by instructing the same PISP that initiated the initial User/Customer transaction to use the saved User/Customer payment account identification details as the beneficiary details for the refund. This will be dependent on the same PISP being used by both the User/Customer and the merchant, their specific contractual terms and the existing regulations.
PISP
Required
...
7
...
Further Payment Status Update
PISPs must follow up with ASPSPs (Banks) in order to check and update the User/Customers with the most updated information that can be received by ASPSPs (Banks) in relation to the execution of the payment.
...
PISP
...
Required
2.2 Single Domestic Payments – A/C Selection @ASPSP
2.2.1 User Journey
There may be cases where the payment order submitted by PISPs to ASPSPs (Banks) is incomplete, such as where User/Customer account selection has not yet occurred. In these scenarios, Open banking guideline considers that SCA only needs to be obtained once, as part of the initial interaction between the ASPSP (Bank) and User/Customer. The fact that the User/Customer has to then carry out account selection or provide other information does not invalidate the SCA just performed by the ASPSP.
Equally, the display of the account balance by the ASPSP (Bank) as part of the account selection process in the payment initiation journey should not require an additional application of SCA.
...
2.2.2 Customer Experience Checklist and CX Considerations
...
S. No.
...
Requirements and Considerations
...
Participant
...
Implementation Requirements
...
1
Minimum Set of Parameters
...
| Table of Contents | ||||
|---|---|---|---|---|
|
1. Version Control
Version | Date | Description of Changes |
Bahrain OBF v1.0.0 | 25th Aug 2020 | Initial Release |
2. Introduction
Single domestic payment allows the user/customer to post his/her consent to the PISPs to make a onetime payment for a specific amount to a specific payee immediately, wherein the PISP provides this instruction to the customer’s ASPSPs. This use case details out the customer experience guidelines and technical API specifications that are required to be developed and followed by both ASPSPs and PISPs. This use case is applicable to both retail and corporate customers. Depending on a few decision points (as explained in the End to End user flow), three variations of the user journey have been mapped and explained in detail in the section below.
A Few sample domestic payments may include account to account transfers, loan re-payment, university/exam fee payments, merchant payments (including bill payments for electricity, water, telephone, cab, and ticket), credit card payments, restaurant/hotel payments, E-commerce payment, wallet payments, Invoice and other corporate payments.
This section describes how each of the Participants (PISPs and ASPSPs) involved in the delivery of these services can optimise the customer experience for these services. Furthermore, it provides clarifications to participants on the usage of the APIs, and best practice guidelines for implementation of the customer journeys.
End to End User flow:
...
3. Customer Experience Guidelines
3.1 Single Domestic Payments – A/C Selection @PISP
3.1.1 Customer Experience Journey
Users/Customers can initiate, by providing their consent to PISPs, an instruction to their ASPSPs to make a onetime payment for a specific amount to a specific payee where all information for a complete payment order (including the users/customers account details) is passed from PISPs to ASPSPs. Once users/customers have been authenticated in ASPSPs domain, users/customers must be directed back to the PISP domain.
...
3.1.2 Customer Experience Checklist and Customer Experience Considerations
S.No. | Customer Experience Checklist and Customer Experience Considerations | Participant | Implementation Requirements |
1 | Minimum Set of Parameters PISPs must either allow users/customers to specify the below minimum set of parameters or pre-populate them for the users/customers:
|
PISP |
Required |
2 | User/Customer payment Account Selection PISPs must provide users/customers at least one of the following options:
|
PISP |
Required |
3 | User/Customer Consent to PISP PISPs must request for the users'/customers' consent to the payment in a clear and specific manner. PISPs must display the following information in the consent screen:
o Note 1: if user/customer payment Account identification is selected in S.No. 2, PISPs should mask the user/customer payment Account details on the consent screen. Otherwise, or if the user/customer payment Account identification has been input by users/customers in S.No. 2, PISPs should not mask these details to allow users/customers to check and verify correctness For Payee Account Identification details (e.g. IBAN, PAN):
|
PISP |
Required
|
4 | CX consideration:
SCA-Strong Customer Authentication SCA must be the only action required at the ASPSPs (unless supplementary information required). The ASPSP authentication must have no more than the number of steps that the user/customer would experience when directly accessing the ASPSP channel. CX consideration:
|
ASPSP |
Required |
5 | ASPSPs must display as minimum as the Payment Amount, Currency and the Payee Account Name to make the user/customer aware of these details (unless an SCA exemption is being applied). These details must be displayed as part of the authentication journey on at least one of the following screens without introducing additional confirmation screens (unless supplementary information is required):
Note: Displaying the balance in this instance need not require any additional strong customer authentication CX consideration:
|
ASPSP |
Required |
6 | PISP Confirmation PISPs must display the information received from the ASPSP. This information may include:
If received from ASPSP, PISPs must display the following additional information:
In case of payment cancellation, CX consideration:
|
PISP
|
Required
|
7 | Further Payment Status Update PISPs mustfollow up with ASPSPs in order to check and update the users/customers with the most updated information that can be received by ASPSPs in relation to the execution of the payment. |
PISP |
Required |
3.2 Single Domestic Payments – A/C Selection @ASPSP
3.2.1 Customer Experience Journey
There may be cases where the payment order submitted by PISPs to ASPSPs is incomplete, such as where user/customer account selection has not yet occurred. In these scenarios, Open Banking guideline considers that SCA only needs to be obtained once, as part of the initial interaction between the ASPSP and user/customer. The fact that the user/customer has to then carry out account selection or provide other information does not invalidate the SCA just performed by the ASPSP.
Equally, the display of the account balance by the ASPSP as part of the account selection process in the payment initiation journey should not require an additional application of SCA.
...
3.2.2 Customer Experience Checklist and Customer Experience Considerations
S.No. | Customer Experience Checklist and Customer Experience Considerations | Participant | Implementation Requirements |
1 | Minimum Set of Parameters PISPs must either allow users/customers to specify the below minimum set of parameters or pre-populate them for the users/customers:
|
PISP |
Required |
2 | User/Customer payment ASPSP Selection PISPs must provide users/customers with the following options:
|
PISP |
Required |
3 | User/Customer Consent to PISP PISPs must request for the users'/customers' consent to the payment initiation in a clear and specific manner. PISPs must display the following information in the consent screen:
For Payee Account Identification details (e.g. IBAN, PAN):
|
PISP |
Required |
4 | CX consideration:
SCA-Strong Customer Authentication ASPSPs must apply SCA unless an exemption applies. The ASPSP authentication must have no more than the number of steps that the user/customer would experience when directly accessing the ASPSP channel. |
ASPSP |
Required |
5 | User/Customer payment Account Selection ASPSPs must allow user/customers to select the payment account to complete the payment order for execution. Once the user/customer has selected their account, the ASPSPs must display the following information to the user/customer: | ||
S. No. | Requirements and Considerations | Participant | Implementation Requirements |
1 | Minimum Set of Parameters PISPs must either allow User/Customers to specify the below minimum set of parameters or pre-populate them for the User/Customers:
| PISP | Required |
2 | User/Customer payment Account Selection PISPs must provide User/Customers at least one of the following options:
| PISP | Required |
3 | PSU Consent to PISP PISPs must request for the User/Customers' consent to the payment initiation in a clear and specific manner. PISPs must display the following information in the consent screen:
For Payee Account Identification details (e.g. IBAN):
CX consideration:
| PISP | Required |
4 | SCA-Strong Customer Authentication ASPSPs (Banks) must apply SCA including dynamic linking, unless an exemption applies. The ASPSP (Bank) authentication must have no more than the number of steps that the User/Customer would experience when directly accessing the ASPSP (Bank) channel. | ASPSP | Required |
5 | Additional Supplementary Information ASPSPs (Banks) must be able to introduce a step as part of the authentication journey to display supplementary information associated with that payment if required. If the supplementary information screen is displayed ASPSPs (Banks) must display as minimum the Payment Amount, Currency and the Payee Account Name to make the User/Customer aware of these details. CX consideration:
| ASPSP | Required |
6 | PISP Confirmation PISPs must display the information received from the ASPSP. This information may include:
If received by ASPSPs, PISPs must display any of the following information regarding initiation and execution of the payment:
CX consideration: If PSUs provide their payment account identification details (as per item #2 options), the PISP could, with the consent of the PSU
| PISP | Required |
2 | User/Customer payment Bank Selection PISPs must provide User/Customers the following options:
| PISP | Required |
3 | User/Customer Consent to PISP PISPs must request for the User/Customers' consent to the payment initiation in a clear and specific manner. PISPs must display the following information in the consent screen:
For Payee Account Identification details (e.g. IBAN):
CX consideration:
| PISP | Required |
4 | SCA-Strong Customer Authentication ASPSPs (Banks) must apply SCA including dynamic linking, unless an exemption applies. The ASPSP (Bank) authentication must have no more than the number of steps that the User/Customer would experience when directly accessing the ASPSP (Bank) channel. | ASPSP | Required |
5 | User/Customer payment Account Selection ASPSPs (Banks) must allow User/Customers to select the payment account to complete the payment order for execution CX consideration:
| ASPSP | Required | 6 | PISP Confirmation If received by ASPSPs, PISPs must display the information received from the ASPSP. This information may include:
CX consideration:
|
7 | Further Payment Status Update PISPs must follow up with ASPSPs (Banks) in order to check and update the User/Customers with the most updated information that can be received by ASPSPs (Banks) in relation to the execution of the payment. | PISP | Required |
2.3 Single Domestic Payments – A/C Selection @PISP (Supplementary Information)
2.3.1 User Journey
In some scenarios, an additional step in ASPSPs’ (Banks’) journeys may be required to display supplementary information to User/Customers. ASPSPs (Banks) should determine the situations where this supplementary information is required, having regard to the principle that parity should be maintained between Open Banking journeys and ASPSPs’ (Banks’) online channel journeys, such that if supplementary information is not provided within the ASPSPs’ (Banks’) online channels directly to User/Customers, then it must not be provided during an Open Banking PIS journey. ASPSPs (Banks) should also ensure that this information does not constitute an obstacle or additional check on the consent provided by the User/Customer to the PISP.
...
2.3.2 Customer Experience Checklist and CX Considerations
ASPSPs must allow users/customers to review as a part of the authentication process the information described above. The user/customer can either proceed with the payment or cancel it, on the same screen, using options with "equal prominence". CX consideration:
|
ASPSP |
Required
| |
6 | PISP Confirmation PISPs must display the information received from the ASPSP. This information may include:
If received from ASPSP, PISPs must display the following additional information:
In case of payment cancellation, CX consideration:
| PISP
| Required
|
7 | Further Payment Status Update PISPs must follow up with ASPSPs in order to check and update the users/customers with the most updated information that can be received by ASPSPs in relation to the execution of the payment. | PISP | Required |
3.3 Single Domestic Payments – A/C Selection @PISP/ASPSP (Supplementary Information)
3.3.1 Customer Experience Journey
In some scenarios, an additional step in ASPSPs' journeys may be required to display supplementary information to users/customers. ASPSPs should determine the situations where this supplementary information is required, having regard to the principle that parity should be maintained between Open Banking journeys and ASPSPs’ online channel journeys, such that if supplementary information is not provided within the ASPSPs' online channels directly to users/customers, then it must not be provided during an Open Banking Payment Initiation Service journey. ASPSPs should also ensure that this information does not constitute an obstacle or additional check on the consent provided by the user/customer to the PISP.
Note: The user/customer journey shown below is for a/c selection @PISP and similar variation will also apply in the a/c selection @ASPSP.
...
3.3.2 Customer Experience Checklist and Customer Experience Considerations
S.No. | Customer Experience Checklist and Customer Experience Considerations | Participant | Implementation Requirements |
1 | Minimum Set of Parameters PISPs must either allow users/customers to specify the below minimum set of parameters or pre-populate them for the users/customers:
|
PISP |
Required |
2 | User/Customer payment Account Selection PISPs must provide users/customers at least one of the following options:
|
PISP |
Required |
3 | User/Customer Consent to PISP PISPs must request for the users'/customers' consent to the payment initiation in a clear and specific manner. PISPs must display the following information in the consent screen:
o Note 1: if user/customer payment Account identification is selected in S.No. 2, PISPs should mask the user/customer payment Account details on the consent screen. Otherwise, or if the user/customer payment Account identification has been input by users/customers in S.No. 2, PISPs should not mask these details to allow users/customers to check and verify correctness For Payee Account Identification details (e.g. IBAN, PAN):
|
PISP |
Required
|
4 | CX consideration:
SCA-Strong Customer Authentication ASPSPs must apply SCA unless an exemption applies. The ASPSP authentication must have no more than the number of steps that the user/customer would experience when directly accessing the ASPSP channel. |
ASPSP |
Required |
5 | Additional Supplementary Information ASPSPs must be able to introduce a step as part of the authentication journey to display supplementary information associated with that payment if required. ASPSPs must display to users/customers all the payment instruction information received from PISPs together with the supplementary information. This information may include the following:
ASPSPs must allow users/customers to review as a part of the authentication process any supplementary Information. The user/customer can either proceed with the payment or cancel it on the same screen with supplementary information details, using options with "equal prominence“ CX consideration:
|
ASPSP |
Required |
6 | PISP Confirmation PISPs must display the information received from the ASPSP. This information may include:
If received from ASPSP, PISPs must display the following additional information:
In case of payment cancellation, CX consideration:
|
PISP
|
Required
|
7 | Further Payment Status Update PISPs must follow up with ASPSPs in order to check and update the PSUs the users/customers with the most updated information that can be received by ASPSPs in relation to the execution of the payment. For more details on Payment Status, please also refer to section Payment Status. |
PISP |
Required |
...
3.3.3 List of Supplementary Information:
ASPSPs ASPSPs mustdetermine the situations where Supplementary Information is required to be shown to the PSUuser/customer, having regard to the principle that parity should be maintained between Open Banking journeys and ASPSP direct online channel journeys. Supplementary Information may be required:
...
Where fees, charges or Forex apply
...
Where interest rates apply
...
To facilitate confirmation of payee (for Bahrain implementations, where ASPSPs applied COP validation and found inconsistency between payee account name and payee account details)
...
be required (illustrative):
Where fees, charges or Forex apply
Where interest rates apply
To display a user/customer warning that the relevant payment account will become overdrawn/exceed an overdraft limit as a result of the intended payment
If the relevant payment submission cut-off time has time has elapsed and the ASPSP wishes to offer an execution date/time
Where the PSU user/customer has been identified by the ASPSPs as a vulnerable customer (who therefore receives tailored journeys and messages in ASPSP’s own online platforms)
To show value-add information based on functionality implemented by ASPSPs in competitive space which provides positive customer outcome (e.g. cash flow prediction engine)
For high-value transactions using a different payment scheme
Where the payments may be duplicated by the customer in a short period (e.g. ASPSP may display a warning that payment appears to be duplicated)
...
4. API specification: Brief Description
...
4.1 Domestic
...
Payment Consents
...
This API Specification document page details out the domestic payments consent -payment-consents resource that is used by a PISP to register an intent to initiate a Domestic Payment.
...
4.2 Domestic Payments
...
This API Specification document page details out the domestic-payments resource that is used by a PISP to initiate a Domestic Payment.
CENTRAL BANK OF BAHRAIN © 2020