Find out what information is required and when, for SafeConnect branding.
To create the best user experience, it's critical that the interplay between the TPP and the ASPSP is as seamless as possible. In particular it is essential that the PSU is clearly informed about the consent they are providing and the service they are receiving. The EBA RTS sets out key aspects that need be followed, and in the UK, the Open Banking Implementation Entity (OBIE) have also created a set of UX guidelines that TPPs regulated within the UK should follow:
Yapily suggests that all customers become familiar with the OBIE guidelines for their particular use case. The following guidelines are the suggested layouts, content and flow for SafeConnect customers and most notably, the authorisation overview that is presented to the PSU before they are redirected to their bank. This screen must give adequate details of SafeConnect, as this is the legal entity that the PSU will agree for the bank to give consent to on behalf of the TPP:
The guidance offered here does not constitute legal advice. While guidance has been created with regard to relevant regulatory provisions and best practice, they are not a complete list of the regulatory or legal obligations that apply to participants. Although intended to be consistent with regulations and laws in the event of any conflict with such regulations and laws, those regulations and laws will take priority. Participants are responsible for their own compliance with all regulations and laws that apply to them, including without limitation, PSD2, GDPR, consumer protection laws and anti-money laundering regulations.