SCA Update

On the 14th September, we implemented Strong Customer Authentication on both our API and Web channels. Third parties utilising screen scraping should move over to our API channel as soon as possible to avoid inadvertently triggering SCA calls and impacting customers.

8th September Release

OBIE v3.1 APIs are now available, please see APIs for more details.

16th August Release

· Registration API is now compliant with Open Banking dynamic client registration v3.1.

· As part of Waiver W007, we are not validating the x-jws-signature header field passed in the input of Payment API during the period of the waiver.

· We now support Code ID-Token for authorisation response types.

· We support the following certificate types for identification:

  • OBWAC – Open Banking QWAC-like certificates
  • OBSEAL – Open Banking QSEAL-like certificates

We do not currently accept eIDAS (QWACs and QSEALs) certificates directly; however, the above certificates can be obtained by following the instructions to enrol with Open Banking on the Getting Started page.