BankSCA meets the PSD2 requirement for an Account Servicing Payments Services Provider (ASPSP i.e. a bank) to issue a dedicated (single purpose) app to its customers in order to capture SCA. BankSCA supports PSD2 APIs (incl. Berlin Group, UK Open Banking) as well as bank direct channels (e.g. SWIFT, host-to-host).

Multiple flavours of SCA are supported (incl. Embedded, Decoupled and App-to-app Redirection) This enables an ASPSP to operate a single common SCA procedure with the same smartphone app and the same set of shared user credentials.

BankSCA supports multiple retail and corporate banking use cases, including:-
- Signing an instant payment request (Embedded SCA) at a merchant's online checkout or a physical point of sale (PoS) terminal.
- Review and approve (Decoupled SCA) a payment request containing individual or bulk payments with a mix of currencies and payment types.
- Multi-user approvals (Decoupled SCA).

Users can review summary information and optionally drill into the detail. They can approve or cancel orders and also monitor the ongoing status of their payments. Payment status is categorised with Red/Amber/Green colour coding. All rejects are clearly flagged, with reason information.

The user SCA credentials are represented by an asymmetric (public/private) key pair, backed by a bank issued X.509 certificate. The private key element resides within and never leaves the Secure Element of the smartphone. The private key is unlocked via the use of either the device’s biometric sensor and/or a PIN. The user’s biometric data also never leaves the smartphone. The SCA proof is represented by an Advanced Electronic Signature (AdES). The SCA proof is dynamically linked to the payment/consent data, plus audit trail and device attestation information. It is verifiable by and sharable between the ASPSP, Third Party Providers (TPP), Personal Services Users (PSU) and a Court of Law.

The following payment formats are fully supported:-
- PAIN.001 v3 - Credit Transfer
- PAIN.008 v2 - Direct Debit
- PAIN.002 v3 - Payment Status
- ACMT.007 v1 - Account Opening
- PAIN.009 v1 - E-Mandate
- Berlin Group NextGenPSD2 JSON formats

BankSCA is intended to form part of a bank's future Federated BankID infrastructure.

PSD2 = DIRECTIVE (EU) 2015/2366 on payment services in the internal market
GDPR = REGULATION (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data
eIDAS = REGULATION (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market.
Read more

What's New

Further extensions to support Embedded SCA at a merchant point of sale.
Read more

Additional Information

September 29, 2020
Current Version
Requires Android
6.0 and up
Content Rating
Offered By
Quali-Sign Ltd
Alderley Edge Cheshire United Kingdom
©2020 GoogleSite Terms of ServicePrivacyDevelopersAbout Google|Location: United StatesLanguage: English (United States)
By purchasing this item, you are transacting with Google Payments and agreeing to the Google Payments Terms of Service and Privacy Notice.