Versions Compared

Version Old Version 48 New Version Current
Changes made by

CBB Admin

CBB Admin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
maxLevel1
stylenone

1. Version Control

Version

Date

Description of Changes

Bahrain OBF v1.0.0

25th Aug 2020

Initial Release

2.  Introduction 

Single domestic payment allows the Useruser/Customer customer to post his/her consent to the PISPs to make a one-time onetime payment for a specific amount to a specific payee immediately, wherein the PISP provides this instruction to the customer’s ASPSPs. This use case details out the customer experience guidelines and technical API specifications that are required to be developed and followed by both ASPSPs and PISPs. This use case is applicable to both retail and corporate customers. Depending on a few decision points (as explained in the End to End user flow), three variations of the user journey has have been mapped and explained in detail in the section below.

A Few sample domestic payments may include account to account transfers, loan re-payment, university/exam fee payments, merchant payments (including bill payments for electricity, water, telephone, cab, and ticket), credit card payments, restaurant/hotel payments, E-commerce payment, wallet payments, Invoice and other corporate payments.

This section describes how each of the Participants (PISPs and ASPSPs) involved in the delivery of these services can optimise the customer experience for these services. Furthermore, it provides clarifications to participants on the usage of the APIs, and best practice guidelines for implementation of the customer journeys.

End to End User flow:

...

3.  Customer Experience Guidelines

3.1 Single Domestic Payments – A/C Selection @PISP

3.1.1 Customer Experience Journey

UserUsers/Customers can initiate, by providing their consent to PISPs, an instruction to their ASPSPs to make a onetime payment for a specific amount to a specific payee where all information for a complete payment order (including the Userusers/Customers’ customers account details) is passed from PISPs to ASPSPs. Once Userusers/Customers customers have been authenticated in ASPSPs domain, Userusers/Customers customers must be directed back to the PISP domain.

...

3.1.2 Customer Experience Checklist and Customer Experience Considerations 

Requirements and Considerations

S.No.

Customer Experience Checklist and Customer Experience Considerations 

 Participant

Implementation Requirements

 

 

1

Minimum Set of Parameters

PISPs must either allow Userusers/Customers customers to specify the below minimum set of parameters or or pre-populate them for the Userusers/Customerscustomers:

  • Payment Amount and Currency (BHD for Bahrain implementations)

  • Payee Account Name

  • Payee Account Identification details (e.g. IBAN, PAN)

  • Payment Reference (optional)

 

 

PISP

 

 

Required

 

2

User/Customer payment Account Selection

PISPs must provide Userusers/Customers customers at least one of the following options:

  • Enter their Payer's payment Account Identification details

  • Select their Account Identification details (this assumes they have been saved previously and a user/customer is required to verify/authorize the account identification details in a PISP before storing it in PISP)

 

 

PISP PISP

  

 Required

Required

 

 

 

 

3

User/Customer Consent to PISP

PISPs must request for the Userusers'/Customerscustomers' consent to the payment in a clear and specific manner. PISPs must display the following information in the consent screen:

  • Payment Amount and Currency (BHD for Bahrain implementations)

  • Payee Account Name

  • Payment Reference, ifit has been entered by Userusers/Customers customers or prepopulated by PISPs in item #1S.No. 1

  • User/Customer payment Account Identification

o   Note 1: if Useruser/Customer customer payment Account identification is selected in item #2S.No. 2, PISPs should mask the Useruser/Customer customer payment Account details on the consent screen. Otherwise, or if the Useruser/Customer customer payment Account identification has been input by Userusers/Customers in item #2customers in S.No. 2, PISPs should not mask these details to allow Userusers/Customers customers to check and verify correctness
o   Note 2: if Useruser/Customer customer payment Account identification is provided by Userusers/Customers in item #2customers in S.No. 2, PISPs may use this to identify and display the ASPSP without having to ask Useruser/Customercustomer

For Payee Account Identification details (e.g. IBAN, PAN):

  • If this has been provided by Userusers/Customers in item #1customers in S.No. 1, then PISPs must also display this in the consent screen to allow Userusers/Customers customers to check and verify correctness

  • If this has been pre-populated by PISPs (e.g. in an eE-commerce payment scenario) PISPs may choose whether to display this information or not

  • PISPs must provide messaging to inform Userusers/Customers customers that they will be taken to their ASPSPs to complete the payment. Example wording: "You will be securely transferred to your ASPSP to authenticate and make the payment"

 

 

 

 

 

 

PISP

 

 

 

 

 

 

Required

 

 

 

 

4

CX consideration:

  • Generic PISP to ASPSP redirection screen and message

SCA-Strong Customer Authentication

SCA must be the only action required at the ASPSPs (unless supplementary information required). The ASPSP authentication must have no more than the number of steps that the Useruser/Customer customer would experience when directly accessing the ASPSP channel.

CX consideration:

  • If SCA as described in this section above cannot occur on the same screen as displaying the amount and the payee (e.g. for some biometric authentications methods), then ASPSPs should offer Userusers/Customers customers options to proceed or cancel the payment with "equal prominence”

 

 

 

   

ASPSP

 

  

  

 

Required

 

 

 

 

5

ASPSPs must display as minimum as the Payment Amount, Currency and the Payee Account Name to make the Useruser/Customer customer aware of these details (unless an SCA exemption is being applied). These details must be displayed as part of the authentication journey on at least one of the following screens without introducing additional confirmation screens (unless supplementary information is required):

  • ASPSPs’ Authentication screen

  • ASPSP to PISP redirection screen

Note: Displaying the balance in this instance need not require any additional strong customer authentication

CX consideration:

  • ASPSPs should inform Userusers/Customers customers about their “point of no return” for making the payment and that their payment will be made after authentication occurs. Example wording: “Authenticate to make payment”

  • Generic ASPSP to PISP redirection screen and message

 

 

ASPSP

 

 

Required

 

6

PISP Confirmation

PISPs must display the information received from the ASPSP. This information may include:

  • The unique identifier assigned to the payment instruction by ASPSPs

  • The payment status (and status update date & time) - Confirmation of successful payment initiation

If received from ASPSP, PISPs must display the following additional information:

  • The expected payment execution date & time

  • The expected settlement date & time (i.e. the value date of the payment)

  • The ASPSP charges (where applicable)

In case of payment cancellation,
If received by ASPSP, PISP may must update the Useruser/Customer customer with the reason for payment cancellation. The payment cancellation might be due to technical or non-technical scenarios. The messaging format for technical scenario scenarios may be simplified to make it easy for Userusers/Customer customers to understand. Non-technical reasons such as fund availability, incorrect payee information, etc. may be detailed out.

 

CX  CX consideration:

  • If Userusers/Customers customers provide their payment account identification details (as per item #2 S.No. 2 options), the PISP may, with the consent of the Useruser/Customercustomer, save the account details for future transactions (such as making further payments or initiating refunds back to Userusers/Customerscustomers) where this is part of the payment initiation service explicitly requested by the Useruser/Customercustomer. For example, a merchant, upon request from the Useruser/Customercustomer, may initiate a refund back to the Useruser/Customercustomer, by instructing the same PISP that initiated the initial Useruser/Customer customer transaction to use the saved Useruser/Customer customer payment account identification details as the beneficiary details for the refund. This will be dependent on the same PISP being used by both the Useruser/Customer customer and the merchant, their specific contractual terms and the existing regulations

 

 

 

 

PISP

 

 

 

 

 

 

 

Required

 

 

 

7

Further Payment Status Update

PISPs mustfollow up with ASPSPs in order to check and update the Userusers/Customers customers with the most updated information that can be received by ASPSPs in relation to the execution of the payment.

 

PISP

 

Required

3.2 Single Domestic Payments – A/C Selection @ASPSP

3.2.1 Customer Experience Journey

There may be cases where the payment order submitted by PISPs to ASPSPs is incomplete, such as where Useruser/Customer customer account selection has not yet occurred. In these scenarios, Open banking Banking guideline considers that SCA only needs to be obtained once, as part of the initial interaction between the ASPSP and Useruser/Customercustomer. The fact that the Useruser/Customer customer has to then carry out account selection or provide other information does not invalidate the SCA just performed by the ASPSP.

Equally, the display of the account balance by the ASPSP as part of the account selection process in the payment initiation journey should not require an additional application of SCA.

...

3.2.2 Customer Experience Checklist and Customer Experience Considerations

 

 Participant

S.No.

Requirements and Considerations

Customer Experience Checklist and Customer Experience Considerations 

 Participant

Implementation Requirements

 

 

1

Minimum Set of Parameters

PISPs must either allow Userusers/Customers customers to specify the below minimum set of parameters or pre-populate them for the Userusers/Customerscustomers:

  • Payment Amount and Currency (BHD for Bahrain implementations)

  • Payee Account Name

  • Payee Account Identification details (e.g. IBAN, PAN)

  • Payment Reference (optional)

 

 

 

PISP PISP

 

 

 

Required Required

 

2

User/Customer payment ASPSP Selection

PISPs must provide Userusers/Customers customers with the following options:

  • Select their ASPSP in order to select their Useruser/Customer customer payment Account from there later on in the journey

 

 

PISP

  PISP

 

Required

 

 

 

 

3

User/Customer Consent to PISP

PISPs must request for the Userusers'/Customerscustomers' consent to the payment initiation in a clear and specific manner. PISPs must display the following information in the consent screen:

  • Payment Amount and Currency (BHD for Bahrain implementations)

  • Payee Account Name

  • Payment Reference, if it has been entered by Userusers/Customers customers or prepopulated by PISPs in item #1 S.No. 1

  • Selected ASPSP (based on item #2 S.No. 2 options)

For Payee Account Identification details (e.g. IBAN, PAN):

  • If this has been provided by Userusers/Customers in item #1customers in S.No. 1, then PISPs must also display this in the consent screen to allow Userusers/Customers customers to check and verify correctness

  • If this has been pre-populated by PISPs (e.g. in an eE-commerce payment scenario) PISPs may choose whether to display this information or not

  • PISPs must provide messaging to inform Userusers/Customers customers that they will be taken to their ASPSPs to complete the payment. Example wording: "You will be securely transferred to your ASPSP to authenticate and make the payment"

 

 

 

 

 

 

 

PISP

 

 

 

 

 

 

 

Required Required

4

CX consideration:

  • Generic PISP to ASPSP redirection screen and message

SCA-Strong Customer Authentication

ASPSPs must apply SCA , unless an exemption applies. The ASPSP authentication must have no more than the number of steps that the Useruser/Customer customer would experience when directly accessing the ASPSP channel.

 

 

   

 

ASPSP

 

 

 

 

Required

 

 

 

 

5

User/Customer payment Account Selection

ASPSPs must allow Useruser/Customers customers to select the payment account to complete the payment order for execution.

Once the Useruser/Customer customer has selected their account, the ASPSPs must display the following information to the Useruser/Customercustomer:

  • Payment Amount and Currency (BHD for Bahrain implementations)

  • Payee Account Name

  • Payment Reference, if it has been entered by Userusers/Customers customers or prepopulated by PISPs in item #1S.No. 1

  • The account selected by the Useruser/Customer customer for payment

ASPSPs must allow Userusers/Customers customers to review as a part of the authentication process the information described above in #5. The Useruser/Customer customer can either proceed with the payment or cancel it, on the same screen, using options with "equal prominence".

CX consideration:

  • ASPSPs should inform Userusers/Customers customers about their “point of no return” for making the payment and that their payment will be made after pressing the Proceed button. Example wording: “Press Proceed to make payment"

  • Generic ASPSP to PISP redirection screen and message

 

 

ASPSP

 

 

Required

 

 

 

  

Required

 

 

 

 

 

 

6

PISP Confirmation

PISPs must display the information received from the ASPSP. This information may include:

  • The unique identifier assigned to the payment instruction by ASPSPs

  • The payment status (and status update date & time) - Confirmation of successful payment initiation

If received from ASPSP, PISPs must display the following additional information:

  • The expected payment execution date & time

  • The expected settlement date & time (i.e. the value date of the payment)

  • The ASPSP charges (where applicable)

In case of payment cancellation,
If received by ASPSP, PISP may must update the Useruser/Customer customer with the reason for payment cancellation. The payment cancellation might be due to technical or non-technical scenarios. The messaging format for technical scenario scenarios may be simplified to make it easy for Userusers/Customer customers to understand. Non-technical reasons such as fund availability, incorrect payee information, etc. may be detailed out.

CX consideration:

  • If Userusers/Customers customers provide their payment account identification details (as per item #5 S.No. 5 options), PISPs may save the account details for future transactions, where this is part of the payment initiation service explicitly requested by the Useruser/Customercustomer

PISP

 

 

Required

 

 

7

Further Payment Status Update

PISPs must follow up with ASPSPs in order to check and update the Userusers/Customers customers with the most updated information that can be received by ASPSPs in relation to the execution of the payment.

PISP

Required

 

3.3 Single Domestic Payments – A/C Selection @PISP/ASPSP (Supplementary Information)

 3.3.1 Customer Experience Journey

In some scenarios, an additional step in ASPSPs' journeys may be required to display supplementary information to Userusers/Customerscustomers. ASPSPs should determine the situations where this supplementary information is required, having regard to the principle that parity should be maintained between Open Banking journeys and ASPSPs’ online channel journeys, such that if supplementary information is not provided within the ASPSPs' online channels directly to Userusers/Customerscustomers, then it must not be provided during an Open Banking PIS Payment Initiation Service journey. ASPSPs should also ensure that this information does not constitute an obstacle or additional check on the consent provided by the Useruser/Customer customer to the PISP.

Note: The user/customer journey shown below is for a/c selection @PISP and similar variation will also apply in the a/c selection @ASPSP.

...

3.3.2 Customer Experience Checklist and Customer Experience Considerations

S.No.

Requirements and Considerations

Customer Experience Checklist and Customer Experience Considerations 

 Participant

Implementation Requirements

 

 

1

Minimum Set of Parameters

PISPs must either allow Userusers/Customers customers to specify the below minimum set of parameters or pre-populate them for the Userusers/Customerscustomers:

  • Payment Amount and Currency (BHD for Bahrain implementations)

  • Payee Account Name

  • Payee Account Identification details (e.g. IBAN, PAN)

  • Payment Reference (optional)

 

 

 PISP

 

 

 Required

 

2

User/Customer payment Account Selection

PISPs must provide Userusers/Customers customers at least one of the following options:

  • Enter their Payer's payment Account Identification details

  • Select their Account Identification details (this assumes they have been saved previously and a user/customer is required to verify/authorize the account identification details in a PISP before storing it in PISP)

 

 PISP

 

 Required

 

 

 

 

3

User/Customer Consent to PISP

PISPs must request for the Userusers'/Customerscustomers' consent to the payment initiation in a clear and specific manner. PISPs must display the following information in the consent screen:

  • Payment Amount and Currency (BHD for Bahrain  implementationsimplementations)

  • Payee Account Name

  • Payment Reference, if it has been entered by Userusers/Customers customers or prepopulated by PISPs in item #1S.No. 1

  • User/Customer payment Account Identification

o   Note 1: if Useruser/Customer customer payment Account identification is selected in item #2S.No. 2, PISPs should mask the Useruser/Customer customer payment Account details on the consent screen. Otherwise, or if the Useruser/Customer customer payment Account identification has been input by Userusers/Customers in item #2customers in S.No. 2, PISPs should not mask these details to allow Userusers/Customers customers to check and verify correctness
o   Note 2: if Useruser/Customer customer payment Account identification is provided by Userusers/Customers in item #2customers in S.No. 2, PISPs may use this to identify and display the ASPSP without having to ask Useruser/Customercustomer

For Payee Account Identification details (e.g. IBAN, PAN):

  • If this has been provided by Useruser/Customers in item #1customers in S.No. 1, then PISPs must also display this in the consent screen to allow Userusers/Customers customers to check and verify correctness

  • If this has been pre-populated by PISPs (e.g. in an eE-commerce payment scenario) PISPs may choose whether to display this information or not

  • PISPs must provide messaging to inform Userusers/Customers customers that they will be taken to their ASPSPs to complete the payment

Example wording: "You will be securely transferred to your ASPSP to authenticate and make

  • the payment

"

 

 

 

 

 

 

 

PISP

 

 

 

 

 

 

 

Required

 

 

 

 

 

 

 

4

CX consideration:

  • Generic PISP to ASPSP redirection screen and messagescreen and message. Example wording: "You will be securely transferred to your ASPSP to authenticate and make the payment"

SCA-Strong Customer Authentication

ASPSPs must apply SCA , unless an exemption applies. The ASPSP authentication must have no more than the number of steps that the Useruser/Customer customer would experience when directly accessing the ASPSP channel.

 

  

 ASPSP

 

ASPSP

 

 

 

 

  

Required

 

 

 

 

5

Additional Supplementary Information

ASPSPs must be able to introduce a step as part of the authentication journey to display supplementary information associated with that payment if required.

ASPSPs must display to Userusers/Customers customers all the payment instruction information received from PISPs together with the supplementary information. This information may include the following:

  • Payment Amount and Currency (BHD for Bahrain implementations)

  • Payee Account Name

  • Payment Reference, if it has been entered by Userusers/Customers customers or prepopulated by PISPs in item #1S.No. 1

  • User/Customer payment Account Identification

ASPSPs must allow Userusers/Customers customers to review as a part of the authentication process any supplementary Information. The Useruser/Customer customer can either proceed with the payment or cancel it on the same screen with supplementary information details, using options with "equal prominence“

CX consideration:

  • ASPSPs should inform Userusers/Customers customers about their “point of no return” for making the payment and that their payment will be made after pressing the Proceed button. Example wording: “Press Proceed to make payment"

  • Generic ASPSP to PISP redirection screen and message

 

 

ASPSP

 

 

Required

 

 

 

 

 

 

 

6

PISP Confirmation

PISPs must display the information received from the ASPSP. This information may include:

  • The unique identifier assigned to the payment instruction by ASPSPs

  • The payment status (and status update date & time) - Confirmation of successful payment initiation

If received from ASPSP, PISPs must display the following additional information:

  • The expected payment execution date & time

  • The expected settlement date & time (i.e. the value date of the payment)

  • The ASPSP charges (where applicable)

In case of payment cancellation,
If received by ASPSP, PISP may must update the Useruser/Customer customer with the reason for payment cancellation. The payment cancellation might be due to technical or non-technical scenarios. The messaging format for technical scenario scenarios may be simplified to make it easy for Userusers/Customer customers to understand. Non-technical reasons such as fund availability, incorrect payee information, etc. may be detailed out.

CX consideration:

  • If

User

  • users/

Customers

  • customers provide their payment account identification details (as per

item #2

  • S.No. 2 options), the PISP may, with the consent of the

User

  • user/

Customer

  • customer, save the account details for future transactions (such as making further payments or initiating refunds back to

User

  • users/

Customers

  • customers) where this is part of the payment initiation service explicitly requested by the

User

  • user/

Customer

  • customer. For example, a merchant, upon request from the

User

  • user/

Customer

  • customer, may initiate a refund back to the

User

  • user/

Customer

  • customer, by instructing the same PISP that initiated the initial

User

  • user/

Customer

  • customer transaction to use the saved

User

  • user/

Customer

  • customer payment account identification details as the beneficiary details for the refund. This will be dependent on the same PISP being used by both the

User

  • user/

Customer

  • customer and the merchant, their specific contractual terms and the existing regulations

 

 

 

 

PISP

 

 

 

 

 

 

 

Required

 

 

 

 

7

Further Payment Status Update

PISPs must follow up with ASPSPs in order to check and update the Userusers/Customers customers with the most updated information that can be received by ASPSPs in relation to the execution of the payment.

 

PISP

 

Required

3.3.3 List of Supplementary Information:

ASPSPs mustdetermine the situations where Supplementary Information is required to be shown to the Useruser/Customercustomer, having regard to the principle that parity should be maintained between Open Banking journeys and ASPSP direct online channel journeys. Supplementary Information may be required (illustrative):

  • Where fees, charges or Forex apply

  • Where interest rates apply

  • To display a Useruser/Customer customer warning that the relevant payment account will become overdrawn/exceed an overdraft limit as a result of the intended payment

  • If the relevant payment submission cut-off time  has elapsed and the ASPSP wishes to offer an execution date/time

  • Where the Useruser/Customer customer has been identified by the ASPSPs as a vulnerable customer (who therefore receives tailored journeys and messages in ASPSP’s own online platforms)

  • To show value-add information based on functionality implemented by ASPSPs in competitive space which provides positive customer outcome (e.g. cash flow prediction engine)

  • For high-value transactions using a different payment scheme

  • Where the payments may be duplicated by the customer in a short period (e.g. ASPSP may display a warning that payment appears to be duplicated)

4.  API specification: Brief Description

4.1 Domestic Payment Consents

This API Specification document page details out the domestic-payment-consents resource that is used by a PISP to register an intent to initiate a Domestic Payment.

4.2 Domestic Payments

This API Specification document page details out the domestic-payments resource that is used by a PISP to initiate a Domestic Payment.

CENTRAL BANK OF BAHRAIN © 2020