The Open Banking Read/Write API Specifications enable Account Servicing Payment Service Providers (ASPSPs, e.g. Banks and Building Societies) to develop API endpoints to an agreed standard so that Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs) can build web and mobile applications for Payment Service Users (PSUs, e.g. personal and business banking customers).
These specifications are now in the public domain which means that any developer can access them to build their end points and applications. However, use of these in a production environment is limited to approved/authorised ASPSPs, AISPs and PISPs. Approval and authorisation is managed by the Financial Conduct Authority in the UK (FCA, see https://www.fca.org.uk/) and other relevant competent authorities across the EU.
Approved/authorised organisations should then enrol to use the Open Banking Directory. This will provide digital identities and certificates which enable organisations to securely connect and communicate via the Open Banking Security Profile in a standard manner and to best protect all parties. Further details regarding the Open Banking Directory and enrolment process are available below.
The Consent Model Guidelines Part 1: Implementation document describes how participants (ASPSPs and TPP) should implement the Consent Model in the context of the Read/Write API specifications.
The Consent Model Guidelines Part 2: User Experience document describes the steps participants can take to optimise the user experience for customer adoption. It provides guidance and examples of customer journeys which have been informed by an extensive programme of customer research carried out by Open Banking.
The Open Banking Language Research document describes the customer research undertaken on behalf of the Open Banking Implementation Entity (OBIE) that underpins the Consent Model Guidelines Part 2: User Experience document. Participants should read this document for guidance purposes only.