Version

Date

Description of Changes

Bahrain OBF v1.0.0

25th Aug 2020

Initial Release

S.No.

Customer Experience Checklist and Customer Experience Considerations 

 Participant

Implementation Requirements

1

Minimum Set of Parameters

PISPs must either allow users/customers to specify the below minimum set of parameters or pre-populate them for the users/customers:

• Payment Amount and Currency (BHD for Bahrain implementations)

• Payee Account Name

• Payee Account Identification details (e.g. IBAN, PAN)

• Payment Reference (optional)

PISP

Required

2

User/Customer payment Account Selection

PISPs must provide users/customers at least one of the following options:

• Enter their Payer's payment Account Identification details

• Select their Account Identification details (this assumes they have been saved previously and a user/customer is required to verify/authorize the account identification details in a PISP before storing it in PISP)

 PISP

 Required

3

User/Customer Consent to PISP

PISPs must request for the users'/customers' consent to the payment in a clear and specific manner. PISPs must display the following information in the consent screen:

• Payment Amount and Currency (BHD for Bahrain implementations)

• Payee Account Name

• Payment Reference, ifit has been entered by users/customers or prepopulated by PISPs in S.No. 1

• User/Customer payment Account Identification

o   Note 1: if user/customer payment Account identification is selected in S.No. 2, PISPs should mask the user/customer payment Account details on the consent screen. Otherwise, or if the user/customer payment Account identification has been input by users/customers in S.No. 2, PISPs should not mask these details to allow users/customers to check and verify correctness
o   Note 2: if user/customer payment Account identification is provided by users/customers in S.No. 2, PISPs may use this to identify and display the ASPSP without having to ask user/customer

For Payee Account Identification details (e.g. IBAN, PAN)

PISP

Required

2

User/Customer payment Account Selection

PISPs must provide User/Customers at least one of the following options:

• Enter their Payer's payment Account Identification details

• Select their Account Identification details (this assumes they have been saved previously)

PISP

Required

3

PISP

Required

4

SCA-Strong Customer Authentication

SCA (including dynamic linking) must be the only action required at the ASPSPs (Banks) (unless supplementary information required). The ASPSP (Bank) authentication must have no more than the number of steps that the User/Customer would experience when directly accessing the ASPSP (Bank) channel.

 CX consideration:

• If SCA as described in this section cannot occur on the same screen as displaying the amount and the payee (e.g. for some biometric authentications methods), then ASPSPs (Banks) should offer User/Customers options to proceed or cancel the payment with "equal prominence”

ASPSP

Required

5

ASPSP (Bank) displaying transaction summary

ASPSPs (Banks) must display as minimum the Payment Amount, Currency and the Payee Account Name to make the User/Customer aware of these details (unless an SCA exemption is being applied). These details must be displayed as part of the authentication journey on at least one of the following screens without introducing additional confirmation screens (unless supplementary information is required):

• ASPSPs’ (Banks’) Authentication screen

• ASPSP (Bank) to PISP redirection screen
  Note: Displaying the balance in this instance need not require any additional strong customer authentication

CX consideration:

• ASPSPs (Banks) should inform User/Customers about their “point of no return” for making the payment and that their payment will be made after authentication occurs. Example wording: “Authenticate to make payment”

• Generic ASPSP (Bank) to PISP redirection screen and message

ASPSP

Required

6

PISP Confirmation

If received from ASPSPs, PISPs must display the information received from the ASPSP. This information may include:

• The unique identifier assigned to the payment instruction by ASPSPs

• The payment status (and status update date & time) - Confirmation of successful payment initiation

• The expected payment execution date & time

• The expected settlement date & time (i.e. the value date of the payment)

• The ASPSP (Bank) charges (where applicable) 

  CX consideration:

   

  If User/Customers provide their payment account identification details (as per item #2 options), the PISP may, with the consent of the User/Customer, save the account details for future transactions (such as making further payments or initiating refunds back to User/Customers) where this is part of the payment initiation service explicitly requested by the User/Customer. For example, a merchant, upon request from the User/Customer, may initiate a refund back to the User/Customer, by instructing the same PISP that initiated the initial User/Customer transaction to use the saved User/Customer payment account identification details as the beneficiary details for the refund. This will be dependent on the same PISP being used by both the User/Customer and the merchant, their specific contractual terms and the existing regulations.

7

Further Payment Status Update

PISPs must follow up with ASPSPs (Banks) in order to check and update the User/Customers with the most updated information that can be received by ASPSPs (Banks) in relation to the execution of the payment.

PISP

Required

S. No.

Requirements and Considerations

 Participant

Implementation Requirements

1

Minimum Set of Parameters

PISPs must either allow User/Customers to specify the below minimum set of parameters or pre-populate them for the User/Customers:

• Payment Amount and Currency (BHD for Bahrain implementations)

• Payee Account Name

• Payee Account Identification details (e.g. account number and full IBAN)

• Payment Reference

 PISP

Required

2

User/Customer payment Bank Selection

PISPs must provide User/Customers the following options:

• Select their ASPSP (Bank) in order to select their User/Customer payment Account from there later on in the journey

 PISP

Required

3

User/Customer Consent to PISP

PISPs must request for the User/Customers' consent to the payment initiation in a clear and specific manner. PISPs must display the following information in the consent screen:

• Payment Amount and Currency (BHD for Bahrain implementations)

• Payee Account Name

• Payment Reference, if it has been entered by User/Customers or prepopulated by PISPs in item #1

• Selected ASPSP (Bank) (based on item #2 options)

For Payee Account Identification details (e.g. IBAN):

• If this has been provided by User/Customers in item #1, then PISPs must also display this in the consent screen to allow User/Customers to check and verify correctness

• If this has been pre-populated by PISPs (e.g. in an e-commerce payment scenario) PISPs may choose whether to display this information or not

CX consideration:

• PISPs should provide messaging to inform User/Customers that they will be taken to their ASPSPs (Banks) to complete the payment. Example wording: "You will be securely transferred to your ASPSP (Bank) to authenticate and make the payment"

• Generic PISP to ASPSP (Bank) redirection screen and message

 PISP

Required

4

SCA-Strong Customer Authentication

ASPSPs (Banks) must apply SCA including dynamic linking, unless an exemption applies. The ASPSP (Bank) authentication must have no more than the number of steps that the User/Customer would experience when directly accessing the ASPSP (Bank) channel.

 ASPSP

 Required

5

User/Customer Payment Account Selection

ASPSPs (Banks) must allow User/Customers to select the payment account to complete the payment order for execution

CX consideration:

• Once the User/Customer has selected their account, the ASPSPs (Banks) should display the following information to the User/Customer:

  • Payment Amount and Currency (BHD for Bahrain implementations)

  • Payee Account Name

  • Payment Reference, if it has been entered by User/Customers or prepopulated by PISPs in item #1

  • The account selected by the User/Customer for payment

  • Payee Account Identification details (e.g. IBAN)

• ASPSPs (Banks) should inform User/Customers about their “point of no return” for making the payment and that their payment will be made after pressing the Proceed button. Example wording: “Press Proceed to make payment"

• ASPSPs (Banks) must allow User/Customers to review as a part of the authentication process the information described above in #5. The User/Customer can either proceed with the payment or cancel it, on the same screen, using options with "equal prominence"

• Generic ASPSP (Bank) to PISP redirection screen and message

 ASPSP

 Required

6

PISP Confirmation   

If received by ASPSPs, PISPs must display the information received from the ASPSP. This information may include:

• The unique identifier assigned to the payment instruction by ASPSPs

• The payment status (and status update date & time) - Confirmation of successful payment initiation

• The expected payment execution date & time

• The expected settlement date & time (i.e. the value date of the payment)

• The ASPSP (Bank) charges (where applicable)

CX consideration:

:

• If this has been provided by users/customers in S.No. 1, then PISPs must also display this in the consent screen to allow users/customers to check and verify correctness

• If this has been pre-populated by PISPs (e.g. in an E-commerce payment scenario) PISPs may choose whether to display this information or not

• PISPs must provide messaging to inform users/customers that they will be taken to their ASPSPs to complete the payment. Example wording: "You will be securely transferred to your ASPSP to authenticate and make the payment"

PISP

Required

4

CX consideration:

• Generic PISP to ASPSP redirection screen and message

SCA-Strong Customer Authentication

SCA must be the only action required at the ASPSPs (unless supplementary information required). The ASPSP authentication must have no more than the number of steps that the user/customer would experience when directly accessing the ASPSP channel.

CX consideration:

• If SCA as described above cannot occur on the same screen as displaying the amount and the payee (e.g. for some biometric authentications methods), then ASPSPs should offer users/customers options to proceed or cancel the payment with "equal prominence”

ASPSP

Required

5

ASPSPs must display as minimum as the Payment Amount, Currency and the Payee Account Name to make the user/customer aware of these details (unless an SCA exemption is being applied). These details must be displayed as part of the authentication journey on at least one of the following screens without introducing additional confirmation screens (unless supplementary information is required):

• ASPSPs’ Authentication screen

• ASPSP to PISP redirection screen

Note: Displaying the balance in this instance need not require any additional strong customer authentication

CX consideration:

• ASPSPs should inform users/customers about their “point of no return” for making the payment and that their payment will be made after authentication occurs. Example wording: “Authenticate to make payment”

• Generic ASPSP to PISP redirection screen and message

ASPSP

Required

6

PISP Confirmation

PISPs must display the information received from the ASPSP. This information may include:

• The unique identifier assigned to the payment instruction by ASPSPs

• The payment status (and status update date & time) - Confirmation of successful payment initiation

If received from ASPSP, PISPs must display the following additional information:

• The expected payment execution date & time

• The expected settlement date & time (i.e. the value date of the payment)

• The ASPSP charges (where applicable)

In case of payment cancellation,
If received by ASPSP, PISP must update the user/customer with the reason for payment cancellation. The payment cancellation might be due to technical or non-technical scenarios. The messaging format for technical scenarios may be simplified to make it easy for users/customers to understand. Non-technical reasons such as fund availability, incorrect payee information, etc. may be detailed out.

 CX consideration:

• If users/customers provide their payment account identification details (as per S.No. 2 options), the PISP may, with the consent of the user/customer, save the account details for future transactions (such as making further payments or initiating refunds back to users/customers) where this is part of the payment initiation service explicitly requested by the user/customer. For example, a merchant, upon request from the user/customer, may initiate a refund back to the user/customer, by instructing the same PISP that initiated the initial user/customer transaction to use the saved user/customer payment account identification details as the beneficiary details for the refund. This will be dependent on the same PISP being used by both the user/customer and the merchant, their specific contractual terms and the existing regulations

PISP

Required

7

Further Payment Status Update

PISPs mustfollow up with ASPSPs in order to check and update the users/customers with the most updated information that can be received by ASPSPs in relation to the execution of the payment.

PISP

Required

S.No.

Customer Experience Checklist and Customer Experience Considerations 

 Participant

Implementation Requirements

1

Minimum Set of Parameters

PISPs must either allow users/customers to specify the below minimum set of parameters or pre-populate them for the users/customers:

• Payment Amount and Currency (BHD for Bahrain implementations)

• Payee Account Name

• Payee Account Identification details (e.g. IBAN, PAN)

• Payment Reference (optional)

 PISP

 Required

2

User/Customer payment ASPSP Selection

PISPs must provide users/customers with the following options:

• Select their ASPSP in order to select their user/customer payment Account from there later on in the journey

 PISP

Required

3

User/Customer Consent to PISP

PISPs must request for the users'/customers' consent to the payment initiation in a clear and specific manner. PISPs must display the following information in the consent screen:

• Payment Amount and Currency (BHD for Bahrain implementations)

• Payee Account Name

• Payment Reference, if it has been entered by users/customers or prepopulated by PISPs in S.No. 1

• Selected ASPSP (based on S.No. 2 options)

For Payee Account Identification details (e.g. IBAN, PAN):

• If this has been provided by users/customers in S.No. 1, then PISPs must also display this in the consent screen to allow users/customers to check and verify correctness

• If this has been pre-populated by PISPs (e.g. in an E-commerce payment scenario) PISPs may choose whether to display this information or not

• PISPs must provide messaging to inform users/customers that they will be taken to their ASPSPs to complete the payment. Example wording: "You will be securely transferred to your ASPSP to authenticate and make the payment"

PISP

 Required

4

CX consideration:

• Generic PISP to ASPSP redirection screen and message

SCA-Strong Customer Authentication

ASPSPs must apply SCA unless an exemption applies. The ASPSP authentication must have no more than the number of steps that the user/customer would experience when directly accessing the ASPSP channel.

ASPSP

Required

5

User/Customer payment Account Selection

ASPSPs must allow user/customers to select the payment account to complete the payment order for execution.

Once the user/customer has selected their account, the ASPSPs must display the following information to the user/customer:

• Payment Amount and Currency (BHD for Bahrain implementations)

• Payee Account Name

• Payment Reference, if it has been entered by users/customers or prepopulated by PISPs in S.No. 1

• The account selected by the user/customer for payment

ASPSPs must allow users/customers to review as a part of the authentication process the information described above. The user/customer can either proceed with the payment or cancel it, on the same screen, using options with "equal prominence".

CX consideration:

• ASPSPs should inform users/customers about their “point of no return” for making the payment and that their payment will be made after pressing the Proceed button. Example wording: “Press Proceed to make payment"

• Generic ASPSP to PISP redirection screen and message

ASPSP

Required

6

PISP Confirmation

PISPs must display the information received from the ASPSP. This information may include:

• The unique identifier assigned to the payment instruction by ASPSPs

• The payment status (and status update date & time) - Confirmation of successful payment initiation

If received from ASPSP, PISPs must display the following additional information:

• The expected payment execution date & time

• The expected settlement date & time (i.e. the value date of the payment)

• The ASPSP charges (where applicable)

In case of payment cancellation,
If received by ASPSP, PISP must update the user/customer with the reason for payment cancellation. The payment cancellation might be due to technical or non-technical scenarios. The messaging format for technical scenarios may be simplified to make it easy for users/customers to understand. Non-technical reasons such as fund availability, incorrect payee information, etc. may be detailed out.

CX consideration:

• If users/customers provide their payment account identification details (as per S.No. 5 options), PISPs may save the account details for future transactions, where this is part of the payment initiation service explicitly requested by the Useruser/Customer.customer

PISP

Required

7

Further Payment Status Update

PISPs must follow up with ASPSPs (Banks) in order to check and update the Userusers/Customers customers with the most updated information that can be received by ASPSPs (Banks) in relation to the execution of the payment.

PISP

Required

S.No.

Customer Experience Checklist and Customer Experience Considerations 

 Participant

Implementation Requirements

1

Minimum Set of Parameters

PISPs must either allow Userusers/Customers customers to specify the below minimum set of parameters or pre-populate them for the Userusers/Customerscustomers:

• Payment Amount and Currency (BHD for Bahrain implementations)

• Payee Account Name

• Payee Account Identification details (e.g. IBAN)

• Payment Reference

PISP

• IBAN, PAN)

• Payment Reference (optional)

 PISP

 Required

2

User/Customer Payment payment Account Selection

PISPs must provide Userusers/Customers customers at least one of the following options:

• Enter their Payer's payment Account Identification details

• Select their Account Identification details (this assumes they have been saved previously)

PISP

Required:

• Enter their Payer's payment Account Identification details

• Select their Account Identification details (this assumes they have been saved previously and a user/customer is required to verify/authorize the account identification details in a PISP before storing it in PISP)

 PISP

 Required

3

User/Customer Consent to PISP

PISPs must request for the Userusers'/Customerscustomers' consent to the payment initiation in a clear and specific manner. PISPs must display the following information in the consent screen:

• Payment Amount and Currency (BHD for Bahrain  implementationsimplementations)

• Payee Account Name

• Payment Reference, if it has been entered by Userusers/Customers customers or prepopulated by PISPs in item #1S.No. 1

• User/Customer payment Account Identification

o   Note 1: if

user/

customer payment Account identification is selected in

S.No. 2, PISPs should mask the

user/

customer payment Account details on the consent screen. Otherwise, or if the

user/

customer payment Account identification has been input by

users/

customers in S.No. 2, PISPs should not mask these details to allow

users/

customers to check and verify correctness

o   Note 2: if

user/

customer payment Account identification is provided by

users/

customers in S.No. 2, PISPs may use this to identify and display the ASPSP

without having to ask

user/

customer

For Payee Account Identification details (e.g. IBAN, PAN):

• If this has been provided by Useruser/Customers in item #1customers in S.No. 1, then PISPs must also display this in the consent screen to allow Userusers/Customers customers to check and verify correctness

• If this has been pre-populated by PISPs (e.g. in an eE-commerce payment scenario) PISPs may choose whether to display this information or not 

• not

• PISPs should must provide messaging to inform Userusers/Customers customers that they will be taken to their ASPSPs (Banks) to complete the paymentto complete the payment

PISP

Required

4

CX consideration:

 6

PISP Confirmation

If received from ASPSPs, PISPs must display the information received from the ASPSP. This information may include:

• The unique identifier assigned to the payment instruction by ASPSPs

• The payment status (and status update date & time) - Confirmation of successful payment initiation

• The expected payment execution date & time

• The expected settlement date & time (i.e. the value date of the payment)

• The ASPSP (Bank) charges (where applicable)

 CX consideration:

• Generic PISP to ASPSP redirection screen and message. Example wording: "You will be securely transferred to your ASPSP (Bank) to authenticate and make the payment"

• Generic PISP to ASPSP (Bank) redirection screen and message

PISP

Required

4

SCA-Strong Customer Authentication

ASPSPs (Banks) must apply SCA including dynamic linking, unless an exemption applies. The ASPSP (Bank) authentication must have no more than the number of steps that the User/Customer would experience when directly accessing the ASPSP (Bank) channel.

ASPSP

Required

5

Additional Supplementary Information

ASPSPs (Banks) must be able to introduce a step as part of the authentication journey to display supplementary information associated with that payment if required. If the supplementary information screen is displayed ASPSPs (Banks) must display as minimum the Payment Amount, Currency and the Payee Account Name to make the User/Customer aware of these details.

CX consideration:

• ASPSPs (Banks) should display to User/Customers all the payment instruction information received from PISPs together with the supplementary information. This information may include the following:

  • Payment Amount and Currency (BHD for Bahrain implementations)

  • Payee Account Name

  • Payment Reference, if it has been entered by User/Customers or prepopulated by PISPs in item #1

  • User/Customer payment Account Identification

  • Payee Account Identification details (e.g. IBAN)

• ASPSPs (Banks) should inform User/Customers about their “point of no return” for making the payment and that their payment will be made after pressing the Proceed button. Example wording: “Press Proceed to make payment"

• ASPSPs (Banks) must allow User/Customers to review as a part of the authentication process any supplementary Information. The User/Customer can either proceed with the payment or cancel it on the same screen with supplementary information details, using options with "equal prominence“

• Generic ASPSP (Bank) to PISP redirection screen and message

ASPSP

Required

SCA-Strong Customer Authentication

ASPSPs must apply SCA unless an exemption applies. The ASPSP authentication must have no more than the number of steps that the user/customer would experience when directly accessing the ASPSP channel.

 ASPSP

Required

5

Additional Supplementary Information

ASPSPs must be able to introduce a step as part of the authentication journey to display supplementary information associated with that payment if required.

ASPSPs must display to users/customers all the payment instruction information received from PISPs together with the supplementary information. This information may include the following:

• Payment Amount and Currency (BHD for Bahrain implementations)

• Payee Account Name

• Payment Reference, if it has been entered by users/customers or prepopulated by PISPs in S.No. 1

• User/Customer payment Account Identification

ASPSPs must allow users/customers to review as a part of the authentication process any supplementary Information. The user/customer can either proceed with the payment or cancel it on the same screen with supplementary information details, using options with "equal prominence“

CX consideration:

• ASPSPs should inform users/customers about their “point of no return” for making the payment and that their payment will be made after pressing the Proceed button. Example wording: “Press Proceed to make payment"

• Generic ASPSP to PISP redirection screen and message

ASPSP

Required

6

PISP Confirmation

PISPs must display the information received from the ASPSP. This information may include:

• The unique identifier assigned to the payment instruction by ASPSPs

• The payment status (and status update date & time) - Confirmation of successful payment initiation

If received from ASPSP, PISPs must display the following additional information:

• The expected payment execution date & time

• The expected settlement date & time (i.e. the value date of the payment)

• The ASPSP charges (where applicable)

In case of payment cancellation,
If received by ASPSP, PISP must update the user/customer with the reason for payment cancellation. The payment cancellation might be due to technical or non-technical scenarios. The messaging format for technical scenarios may be simplified to make it easy for users/customers to understand. Non-technical reasons such as fund availability, incorrect payee information, etc. may be detailed out.

CX consideration:

• If users/customers provide their payment account identification details (as per

• S.No. 2 options), the PISP may, with the consent of the

• user/

• customer, save the account details for future transactions (such as making further payments or initiating refunds back to

• users/

• customers) where this is part of the payment initiation service explicitly requested by the

• user/

• customer. For example, a merchant, upon request from the

• user/

• customer, may initiate a refund back to the

• user/

• customer, by instructing the same PISP that initiated the initial

• user/

• customer transaction to use the saved

• user/

• customer payment account identification details as the beneficiary details for the refund. This will be dependent on the same PISP being used by both the

• user/

• customer and the merchant, their specific contractual terms and the existing regulations

PISP

Required

7

Further Payment Status Update

PISPs must follow up with ASPSPs (Banks) in order to check and update the Userusers/Customers customers with the most updated information that can be received by ASPSPs (Banks) ASPSPs in relation to the execution of the payment.

PISP

Required