BackText onlyPrint

You need the Flash plugin.

Download Macromedia Flash Player



Location: Central Bank of Bahrain Volume 2—Islamic Banks > Part A > High Level Standards > GR General Requirements > GR-6 Open Banking > GR-6.2 Communication Interface for PISPs and AISPs > GR-6.2.4
  • GR-6.2 Communication Interface for PISPs and AISPs

    • GR-6.2.1

      Islamic retail bank licenseesG that offer to a payer a customer account that is accessible online must have in place at least one interface which meets each of the following requirements:

      (a) AISPs and PISPs must identify themselves in sessions with Islamic retail bank licenseesG ;
      (b) AISPs and PISPs must communicate securely to request and receive information on one or more designated payment accounts and associated payment transactions; and
      (c) PISPs must communicate securely to initiate a payment order from the payer's payment account and receive information on the initiation and the execution of payment transactions.
      Added: April 2019

    • GR-6.2.2

      Islamic retail bank licenseesG must establish the interface(s) referred to in Paragraph GR-6.2.1 by means of a dedicated interface.

      Added: April 2019

    • GR-6.2.3

      For the purposes of authentication of the customer, the interfaces referred to in paragraph GR-6.2.1 must allow AISPs and PISPs to rely on the authentication procedures provided by the Islamic retail bank licenseeG to the payment service user. In particular, the interface must meet all of the following requirements:

      (a) process for instructing and authentication by the Islamic retail bank licenseeG ;
      (b) establishing and maintaining authentication of communication sessions between the Islamic retail bank licenseeG , the AISP, the PISP and the payment service user(s); and
      (c) ensuring the integrity and confidentiality of the personalised security credentials and of authentication codes transmitted by or through the AISP or the PISP.
      Added: April 2019

    • GR-6.2.4

      Islamic retail bank licenseesG must ensure that their interface(s) follows standards of communication which are agreed by the CBB and that the protocols are technology neutral. They must ensure that the technical specifications of the interface are documented and are made available to AISPs and PISPs when requested.

      Added: April 2019

    • GR-6.2.5

      Islamic retail bank licenseesG must establish and make available a testing facility, including support, for connection and functional testing by authorised AISPs and PISPs that have applied for the relevant authorisation, to test their software and applications used for offering an information/payment service to users. No sensitive information must be shared through the testing facility.

      Added: April 2019

    • GR-6.2.6

      Islamic retail bank licenseesG must ensure that the dedicated interface established for the AISPs and PISPs offers the same level of availability and performance, including support, as well as the same level of contingency measures, as the interface made available to the payment service user for directly accessing its payment account online.

      Added: April 2019

    • GR-6.2.7

      For the purposes of GR-6.2.6, the following requirements apply:

      (a) Islamic retail bank licenseesG must monitor the availability and performance of the dedicated interface and make the resulting statistics available to the CBB upon their request;
      (b) where the dedicated interface does not operate at the same level of availability and performance as the interface made available to the Islamic retail bank licensee'sG customer when accessing the payment account online, the bank must report it to the CBB and must restore the level of service for the dedicated interface without undue delay and take the necessary action to avoid its reoccurrence.
      (c) The report referred to in (b) above must include the causes of the deficiency and the measures adopted to re-establish the required level of service; and
      (d) AISPs and PISPs making use of the dedicated interface offered by Islamic retail bank licenseesG must also report to the CBB any deficiency in the level of availability and performance required of the dedicated interface.
      Added: April 2019

    • GR-6.2.8

      Islamic retail bank licenseesG must include in the design of dedicated interface, a strategy and plans for contingency measures in the event of an unplanned unavailability of the interface and systems breakdown. The strategy must include communication plan to inform the relevant AISP/PISP making use of the dedicated interface in the case of breakdown, measures to bring the system back to 'business as usual' and a description of alternative options AISPs and PISPs may make use of during the unplanned downtime.

      Added: April 2019

Back to top