4.2.3 "updatePeriodicPaymentResource" interface: Difference between revisions

From CBI GLOBE Wiki
(Creata pagina con "4.1.4 “updatePeriodicPaymentResource” This API manage two different payment scenarios: - To Process PSU identification, PSU authentication and explicit authorisation of t...")
 
No edit summary
Line 10: Line 10:
! style="text-align:left;width:30%" | Attribute
! style="text-align:left;width:30%" | Attribute
! style="text-align:left;" | Description
! style="text-align:left;" | Description
|-
|'''psu-id'''
|The ID of the PSU in the ASPSP client interface. Mandatory if “psu-corporate-id” is valorized.
|-
|'''psu-id-type'''
|Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
|-
|'''psu-corporate-id-type'''
|Identification of a Corporate, only used in a corporate context.
|-
|'''operation-name'''
|Operation to execute. Accepted values are:
- updatePsuData <br>
- transactionAuthorisation
|-
|-
|'''tpp-signature-certificate'''
|'''tpp-signature-certificate'''
Line 16: Line 30:
This certificate is in PEM format without the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----".
This certificate is in PEM format without the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----".
Must be contained if a signature is contained, see above.
Must be contained if a signature is contained, see above.
|-
|'''tpp-registration-number'''
|A unique registration number for TPP identification
|-
|-
|'''signature'''
|'''signature'''
Line 24: Line 35:
|-
|-
|'''digest'''
|'''digest'''
|Is contained if and only if the “Signature” element is contained in the header of the request.
|Is contained if and only if the “Signature” element is contained in the header of the
request.
The “digest” Header contains a Hash of the message body. The only hash algorithms that may be used to calculate the digest within the context of this specification are SHA-256 and SHA-512.
The “digest” Header contains a Hash of the message body. The only hash algorithms that may be used to calculate the digest within the context of this specification are SHA-256 and SHA-512.
|-
|-
Line 34: Line 46:
|-
|-
|'''aspsp-code'''
|'''aspsp-code'''
|The account servicing payment service provider code.
|The account servicing payment service provider code
|-
|-
|'''payment-product'''
|'''payment-product'''
|The addressed payment product endpoint.
|The addressed payment product endpoint.
The value list of products supported is:
The value list of products supported is:
- sepa-credit-transfers
- sepa-credit-transfers<br>
- instant-sepa-credit-transfers
- instant-sepa-credit-transfers<br>
- target-2-payments
- target-2-payments<br>
- cross-border-credit-transfers
- cross-border-credit-transfers
|-
|-
|'''payment-id'''
|'''payment-id'''
|Resource Identification of the related payment.
|Resource Identification of the related payment initiation.
|-
|'''psuCredentials'''
|PSU Credentials on the ASPSP system
This is mandatory if the operation to perform is an "updatePsuData" and the request is an “Update psu data for authentication”.
If this field is filled the “authenticationMethodId” must be empty.
|-
|'''authenticationMethodId'''
|The authentication method ID as provided by the ASPSP.
This field is mandatory if the operationto perform is an "updatePsuData" and the request is an Update psu data for select authentication.
If this field is filled the psuCredentials field must be empty.
|-
|'''scaAuthenticationData'''
|SCA authentication data, depending on the chosen authentication method. If the data is binary, then it is base64 encoded.
The field is mandatory if the selected operation to perform is a transactionAuthorisation.
|}
|}


'''Output parameters'''
'''Output parameters'''
{|class="wikitable"
{|class="wikitable"
! style="text-align:left;width:30%" | Attribute
! style="text-align:left;width:30%" | Attribute
Line 59: Line 84:
|'''Error Management'''
|'''Error Management'''
|Description of the type of error obtained in the event that the outcome is negative.
|Description of the type of error obtained in the event that the outcome is negative.
|-
|'''psu-id'''
|The Payment Service User identifier.
|-
|'''psu-id-type'''
|The Payment Service User identifier type.
|-
|'''psuCorporateIdType'''
|The Payment Service User corporate identifier. Might be mandated by the ASPSP in addition if the PSU-Corporate-ID is contained.
|-
|'''chosenScaMethod'''
|This data element is only contained in the response if the APSPS has chosen the
Embedded SCA Approach, if the PSU is already identified.
|-
|'''scaMethods'''
|Might be contained, if several authentication methods are available. (name, type).
|-
|-
|'''transactionStatus'''
|'''transactionStatus'''
Line 72: Line 113:
- RJCT<br>
- RJCT<br>
|-
|-
|'''scaStatus'''
|'''psuCredentials'''
|This data element is containing information about the status of the SCA method applied.
|The Payment Service User credentials on the ASPSP system
This is free text but might be coded in a future version of the specification.
|-
|-
|'''chosenScaMethod'''
|'''transactionFees'''
|This data element is only contained in the response if the APSPS has chosen the Embedded SCA Approach, if the PSU is already identified.
|Can be used by the ASPSP to transport transaction fees relevant for the underlying payments.
|-
|-
|'''scaMethods'''
|'''transactionFeeIndicator'''
|Might be contained, if several authentication methods are available. (name, type).
|If The value is ‘true’ the transaction will involve specific transaction cost as shown by the ASPSP in their public price list or as agreed between ASPSP and PSU.
Otherwise if it is ‘false’ the transaction will not involve additional specific transaction costs to the PSU.
|}
|}

Revision as of 10:26, 28 February 2019

4.1.4 “updatePeriodicPaymentResource”

This API manage two different payment scenarios: - To Process PSU identification, PSU authentication and explicit authorisation of transactions by using SCA, very similar in PIS and AIS services. - To transfer data for SCA checks by the ASPSP only in case of an Embedded SCA Approach.

Input parameters

Attribute Description
psu-id The ID of the PSU in the ASPSP client interface. Mandatory if “psu-corporate-id” is valorized.
psu-id-type Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
psu-corporate-id-type Identification of a Corporate, only used in a corporate context.
operation-name Operation to execute. Accepted values are:

- updatePsuData
- transactionAuthorisation

tpp-signature-certificate This is a X509 certificate that the TPP uses for signing the request, in base64

encoding. This certificate is in PEM format without the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----". Must be contained if a signature is contained, see above.

signature A signature of the request by the TPP on application level. This might be mandated by the account servicing payment service provider.
digest Is contained if and only if the “Signature” element is contained in the header of the

request. The “digest” Header contains a Hash of the message body. The only hash algorithms that may be used to calculate the digest within the context of this specification are SHA-256 and SHA-512.

tpp-role The third party payment service provider can have one or more of the following roles:

AISP (Account Information Service Provider) PISP (Payment Initiation Service Provider) PIISP (Payment Instrument Issuing Service Provider)

aspsp-code The account servicing payment service provider code
payment-product The addressed payment product endpoint.

The value list of products supported is: - sepa-credit-transfers
- instant-sepa-credit-transfers
- target-2-payments
- cross-border-credit-transfers

payment-id Resource Identification of the related payment initiation.
psuCredentials PSU Credentials on the ASPSP system

This is mandatory if the operation to perform is an "updatePsuData" and the request is an “Update psu data for authentication”. If this field is filled the “authenticationMethodId” must be empty.

authenticationMethodId The authentication method ID as provided by the ASPSP.

This field is mandatory if the operationto perform is an "updatePsuData" and the request is an Update psu data for select authentication. If this field is filled the psuCredentials field must be empty.

scaAuthenticationData SCA authentication data, depending on the chosen authentication method. If the data is binary, then it is base64 encoded.

The field is mandatory if the selected operation to perform is a transactionAuthorisation.

Output parameters

Attribute Description
Result Code Result of the payment initiation request.
Error Management Description of the type of error obtained in the event that the outcome is negative.
psu-id The Payment Service User identifier.
psu-id-type The Payment Service User identifier type.
psuCorporateIdType The Payment Service User corporate identifier. Might be mandated by the ASPSP in addition if the PSU-Corporate-ID is contained.
chosenScaMethod This data element is only contained in the response if the APSPS has chosen the

Embedded SCA Approach, if the PSU is already identified.

scaMethods Might be contained, if several authentication methods are available. (name, type).
transactionStatus Accepted values:

- ACCP
- ACSC
- ACSP
- ACTC
- ACWC
- ACWP
- RCVD
- PDNG
- RJCT

psuCredentials The Payment Service User credentials on the ASPSP system
transactionFees Can be used by the ASPSP to transport transaction fees relevant for the underlying payments.
transactionFeeIndicator If The value is ‘true’ the transaction will involve specific transaction cost as shown by the ASPSP in their public price list or as agreed between ASPSP and PSU.

Otherwise if it is ‘false’ the transaction will not involve additional specific transaction costs to the PSU.