As we all know and hear all the time, Open Banking is a new, secure way for customers to take control of their financial data and share it with organisations other than their banks.
For Open Banking to work, the banks should not only provide APIs for third parties to use but also enable a friction-free customer journey for consent authorisation by end-users — both on their website and mobile applications. This is to ensure their user journeys do not contain unnecessary steps that create a barrier to adoption by third-parties and ultimately end-users.
Hence the Open Banking Implementation Entity (OBIE) — the organisation responsible for ensuring banks comply with the relevant regulations — has presented a number of recommendations for banks included in the Customer Experience Guidelines for delivery on the 14th March 2019. These include:
- Improving the existing redirection journeys from banks to third-parties, and vice versa
- Tailoring such journeys for different customer situations
- Requiring app-to-app redirection in mobile app-originated journeys
- Developing a 2-step consent model in addition to a 3-step consent model
In this blog, we’ll be talking about app-to-app Redirection in mobile app-originated journeys.
So, what is app-to-app redirection? 🔄
App-to-App Payment Journey Mockup | Source: Open Banking UK
When the user chooses a third-party app for accessing bank data or making payments which use the Open Banking API standard for redirection, the end-user will be re-directed twice:
- From the third-party application to the bank application (to log in and provide consent)
- Back from the bank application to the third-party application to complete the journey.
For mobile-originated journeys, where the end-user uses third-party apps as well as banking apps, the app-to-app redirection provides a seamless journey for the end-user. The flow bypasses the built-in browser (e.g. Chrome/ Safari) on their mobile device and redirects them to their installed bank-app for simpler, friction-free and faster open banking consent. If the user doesn’t have any bank-app installed, then the user is directed to a mobile-friendly banking site instead.
How is app-to-app redirection beneficial for customers?
Consumers are becoming digitally native, and increasingly use mobile apps for everyday banking, payments, managing finance or e-commerce checkouts, and prefer biometrics for convenient authentication. Consumer research data by Open Banking show most users prefer app-based journeys using biometric security elements such as fingerprints and face-ID. This will help:
- smoothen the user consent journey to connect to banks, increasing conversion ratios;
- enhance user experience and strengthen engagement more generally with the thirty party app; and,
- improve uptake of Open Banking and make it the best option for payments and data retrieval for mobile-originated journeys
Who should implement this, and how?
Both banks and third-parties should implement deep linking for app-to-app redirection functionality for Open Banking journeys to work. The guidance for the widely-used mobile operating systems are below:
- iOS: https://developer.apple.com/ios/universal-links/ (covers over 99% of all iOS users, who are on iOS 9 or later).
- Android: https://developer.android.com/training/app-links/index.html (covers 70% of all Android users, who are on Android 6.0 or later).
When is this functionality getting released by banks?
All the 9 biggest banks were given the deadline to implement it for the version 3 release of Open Banking standards on 14th March 2019.
This requires the banks to support app-to-app user journeys for:
- All individual banking brands, as per the CMA order
- The PSD2 in-scope product lines — Business as well as Retail Products
- Open Banking use cases — Account Information Services (AIS) and Payment Initiation Services (PIS)
- Any device ecosystems supporting deep linking — iOS, Android
Great! How many banks support app-to-app redirection right now?
Currently, the banks supporting app-to-app journeys in production are indicated below — with the breakdown of product lines, brands, OB journey and device support:
Availability of CMA-9 App2App functionality | Yapily Presentation
The UK Competitions and Markets Authority (CMA) on the 1st of April issued directions to 5 banks that have not delivered all aspects of their app-to-app functionality by the date set out in the Agreed Timetable and Project Plan. These Directions specify actions that the banks concerned must take including, for those not delivering this functionality until several months after the deadline, the employment of external professional resources to validate their plans and monitor their progress.
What’s the app-to-app delivery timeline for other banks?
Between now and September’s PSD2 RTS deadline, the rest of the CMA order banks are releasing app-to-app functionality as agreed with the OBIE and the regulator. Below are the timelines for Bank of Ireland, Danske Bank, LBG, Santander, HSBC brands for business and retail accounts (covering both Account Information and Payment Initiation):
Release Timeline for the CMA-9 App2App functionality | Yapily Presentation
Now that Open Banking journeys are mobile-friendly and fit for almost any retail or business end-user, why not begin exploring just how quickly you can migrate your bank feeds or payments channels to open banking?
With Yapily, access all the banks offering open banking services via a single API. No interference, just seamless middleware configuration for businesses big and small!🚀