Czech Standard for Open Banking (V 3.0)

Czech Standard for Open Banking (V 3.0)

Banking Activities Standards Standard ČBA Czech Standard for Open Banking Version 3.0 Public from: 1.4. 2019 Valid from: 1.1. 2020 1 Changes Date Note Author 15.11.2017 Basic document v.01 ČS Petr Michalík 27.7.2018 Document version 1.2 - Correction of typing errors, new error codes, new ČS Petr Michalík chart visualizations, coupled payment type codes in response to initiation of payment (Chapter 4.24.2.1) and general element descriptions added / specified. 9.4.2018 Document v.02.0 -- An extension to initiate Instant Payment has been ČS Petr Michalík added to the standard. Any further processing of such initiated payment is done according to the rules of this scheme. Chapter 3.2.4, 4.24.1 and 4.25 18.5.2018 Added new request header parameters for original TPP identification ČS Petr Michalík 19.9.2018 Extended description of the use of certificates in chaper 1.4.8 ČS Petr Michalík 2.10.2018 New request body element “redirectUrl”. Address in this element ČS Petr Michalík is used by the federated bank authorization to redirect back to the TPP application after authorization is complete. Chapter 3.2.10.1 and example in chapter 5.11.1 2.10.2018 Error response extension for NO_PART error code during ČS Petr Michalík payment initiation. Chapter 3.2.4 and new example in chapter 5.5.6 1.12.2018 Specification the use of the character set for each resource. ČS Petr Michalík Chapter 1.2.5, 3.1.1, 3.2.1, 3.3.1, 3.2.3, 3.2.4 – 11, 3.3.3 21.12.2018 Final public document COBS 2.0 ČS Petr Michalik 3.1.2019 New version document – v.03 ČS Petr Michalík 4.1.2019 Standing order resource for PIS services ČS Petr Michalík Chapters 3.2.12 – 3.2.18 4.1.2019 For each source, information on the implementation obligation has been ČS Petr Michalík added (see resource parameter Mandatory: yes/no) 5.1.2019 Consent management resources (POST and DELETE) ČS Petr Michalík See Chapter 1.6.x 12.1.2019 Common header parameters ČS Petr Michalík See Chapter 1.5 and changes in the header parameters specifications of the all defined resources. 13.1.2019 Description of resource elements for standing orders. ČS Petr Michalík See Chapter 4.30.x 18.1.2019 Standing order elements structure change ČS Petr Michalík See Chapters 4.30.x and 3.2.12 2 Czech Standard for Open Banking 30.1.2019 New optional standing order resources DELETE and PUT in PIServices ČS Petr Michalík See Chapters 3.2.16 and 3.2.17 30.1.2019 New optional standing order resources for GET List an GET Detail in ČS Petr Michalík AIServices See Chapters 3.1.6 and 3.1.7 30.1.2019 New resources for batch paymets RB Petr Zelenka See Chapters 3.2.21 to 3.2.27 2.2.2019 Batch payments – added element name of instruction to POST request ČS Petr Michalík and optional query parameter DELETE See Chapters 3.2.22 and 3.2.23 22.2.2019 New co-signing resource in PISP ČS Petr Michalík See Chapter 3.2.28 25.2.2019 Correction of typing errors ČS Petr Michalík 3 Czech Standard for Open Banking Table of Contents TABLE OF CONTENTS .................................................................................................................................................. 4 1 COBS CONTENT ..................................................................................................................................................13 1.1 A GENERAL DESCRIPTION OF STANDARD CONTENT ....................................................................................................... 13 1.2 TECHNICAL DESCRIPTION ......................................................................................................................................... 13 1.2.1 Transport protocol .................................................................................................................................... 13 1.2.2 Interface architecture ............................................................................................................................... 13 1.2.3 Data entry format ..................................................................................................................................... 13 1.2.4 Type of transmission media ...................................................................................................................... 13 1.2.5 Coding ....................................................................................................................................................... 14 1.2.6 Localization ............................................................................................................................................... 14 1.2.7 HTTP methods used in API and their specifications .................................................................................. 15 1.2.8 Use of filtering, sorting and pagination of API elements .......................................................................... 15 1.2.9 Versioning of API ....................................................................................................................................... 19 1.2.10 HTTP status codes used and addressing errors in API ............................................................................... 19 1.2.11 Authentication and Request Authorization (OAuth2) ............................................................................... 21 1.2.12 Security standard ...................................................................................................................................... 22 1.3 FLOW IN THE PROCESS OF CLIENT ENROLMENT TO THE TPP APPLICATION......................................................................... 23 1.3.1 Individual flow steps ................................................................................................................................. 23 1.4 AN OVERVIEW OF RESOURCES TO ENSURE SECURITY FLOW STANDARD ............................................................................ 27 1.4.1 Optional registration resource issued by the Bank ................................................................................... 27 1.4.2 Authentication resource issued by the Bank ............................................................................................. 39 1.4.3 1. Authentication resource ........................................................................................................................ 39 1.4.4 2.a Get token resource .............................................................................................................................. 42 1.4.5 2.b Renewal of access token ..................................................................................................................... 44 1.4.6 3. Token invalidation ................................................................................................................................. 45 1.4.7 Error codes used in the enrolment ............................................................................................................ 46 1.4.8 TPP authentication .................................................................................................................................... 48 1.4.9 Communication security ........................................................................................................................... 48 1.5 COMMON HTTP HEADERS ........................................................................................................................................ 48 1.5.1 Request headers ........................................................................................................................................ 48 1.5.2 Response headers ..................................................................................................................................... 51 1.6 CONSENT MANAGEMENT ........................................................................................................................................ 52 1.6.1 Get list of consents (GET /my/consents) ................................................................................................... 52 1.6.2 Consent delete (DELETE /my/consents/{consentId}) ................................................................................. 54 1.7 NOMENCLATURE AND BASIC CONCEPTS IDENTICAL ACROSS COBS.................................................................................... 55 2 STANDARD GOVERNANCE ..................................................................................................................................56 4 Czech Standard for Open Banking 3 SERVICES DEFINED WITHIN THE STANDARD .......................................................................................................56 3.1 API ACCOUNT INFORMATION ................................................................................................................................... 56 3.1.1 How to read API account information....................................................................................................... 56 3.1.2 List of API resources Account Information ................................................................................................ 58 3.1.3 List of client payment accounts (GET /my/accounts{?size,page,sort,order}) ........................................... 58 3.1.4 Account balance (GET /my/accounts/{id}/balance{?currency})................................................................ 61 3.1.5 Overview of transactions (GET /my/accounts/{id}/transactions{?fromDate,toDate,currency,size,page,sort,order}) ..............................................

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    400 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us