COBS overview of changes
Version | Note |
---|---|
7.0 | Added structured technical definition in OpenAPI 7.0 (swagger) format - see |
7.0 | New authorization_redirect_uris element in the dynamic application registration API. |
7.0 | New error code in authorization flow when entering an unregistered redirect_uri. |
7.0 | New types of callback error states for better assessment of failed logins. |
7.0 | New element in the overview of accounts, determining if the authenticated person is the owner of the account. |
7.0 | Domestic Direct Debits Consent. |
7.0 | New API version for payment initiation with one SCA. |
7.0 | The new division of scopes for restricting access to services. |
7.0 | Recommendations for the use of universal and app links in bank mobile authentication applications. See specification in PDF. |
On 16 November 2015, the European Banking Authority issued the Revised Payment Service Directive (hereinafter: PSD2). As of 13th January 2018, PSD2 will replace former Directive on Payment Services in the Internal Market. A need for this substation was caused by rapid development of IT, by the birth of brand new types of payment services and by a number of overall changes. Thanks to PSD2 new subjects will be regulated in the field of electronic payments, subjects, which were not in the scope of the previous Directive. Among other things, new legislation opens banking for the so-called third parties.
PSD 2 should be accompanied by a number of norms: on one hand, certain regulatory technical standards (RTS) have to be adopted, on the other hand, guidelines describing rules, which have to be followed in specific situations have to be issued by the EBA (European Banking Authority) too. Unfortunately, during the preparation of these documents both the EBA and the European Commission caused some delays, therefore it was necessary to work only with drafts of these papers. Especially missing RTS on Strong Authentication and Secure Communication (RTS on SCA) caused troubles to all stakeholders.
The PSD 2 was implemented into the Czech legislation by the brand new No 370/2018 Coll., Act on Payment Systems, which will come into force on 13th January 2018. Suspended are only those paragraphs of that Act, which refer to the RTS on SCA.
In order to maintain equal competition between all stakeholders, the EBA seeks to maintain neutrality and defines basic rules of functioning in PSD2 at a general level. Despite the specification of open banking rules to third parties, the implementation across particular banks may vary. This versatility implies a more complex, and more expensive integration of third parties to become payment service providers keeping accounts. In order to support the European PSD2 directive and its proper implementation, the banks in the Czech market have decided to standardize their solutions.
The aim of the Czech Standard for Open Banking is to lay down rules for communication, mainly for services defined by the PSD2: Account Information Service Provider (AISP), Payment Initiation Service Provider (PISP), Card Issuing Service Provider (PISP)
The standard is designed and developed to maintain a high degree of versatility. The standard is voluntary, and it is up to each bank to consider joining the standard. With respect to the fact that systems and their operations differ across all payment service providers, standard participants may deviate from the standard at certain points, within the scope of their specific information systems. Since each payment service provider is obliged to document its solution according to PSD2, a large number of fields for optional information is defined in the Czech Open Banking Standard.
The main benefits of the Czech Standard are the easier integration of TPP into systems which banks are offering, including without any other intermediaries, ensuring a uniform interpretation of the PSD2 in the Czech market, compliance with the content of the transmitted data and security elements in communication with banks, support for the unified functioning of services for clients across banks, timely readiness for the implementation of PSD2.
- Czech Standard for Open Banking v.7.0 [EN]
- Czech Standard for Open Banking v.3.0 [EN]
- Czech Standard for Open Banking v.2.0 [EN]
- Czech Standard for Open Banking v.1.2 [EN] [CZ]
- Czech Standard for Open Banking v.1.0 [EN] [CZ]
Here you will find an overview of the requests and responses examples for each API resource contained in the standard
- Examples of API Account Information
- Examples of API Payment Initiation
- Examples of API Balance Check
- Examples of Common API resources
The Czech Standard for Open Banking consists of these parts:
- Introduction and common features
- Technical description
- Security standard
- Definition of API Account Information
- Definition of API Payment Initiation
- Definition of API Balance Check
- Examples of requests and response of particular API resources in JSON format
You found a bug, have a question? For such cases, you can enter a problem or question in the issue tracker here. Here are some notes on how to proceed in this case.
- First of all, check with what version of the standard you are working on.
- Before you start typing a problem or query, make sure your question is no longer solved.
- To enter a problem or query, you need to know which areas of the standard it concerns. Areas described by the standard are listed above.
- Include all this information in a new issue on our Issue Tracker