Consent Artefact

Account Aggregator (AA) shall provide services to a customer based on the customer’s explicit consent. The consent is electronically sought from the customer and AA creates two different Consent Artefacts for an information request from a single FIP account. One Consent Artefact authorizes the FIU/Customer to request aggregated information from the AA. The other Consent Artefact authorizes the AA to obtain information from the FIP.

Note : Consent is just a digital agreement wherein a user chooses to either accept or reject at the AA application or any interface provided by AA at FIU.

Consent Details

Data Access: It comprises fields describing the type of information that can be accessed and the permissions associated with it. It also gives the information of the consent given by the customer is active..

Entity Details: It contains all the details of the entities that are involved in the transaction which includes the financial information providers providing the information, financial information users accessing the information, account aggregators and customers. It also has the account details of the customer and the reference numbers (such as account reference no,Link reference number) provided by the FIP while the customer is connecting to their accounts.

Data Filters: It contains the filters that are associated with the information that is requested. i.e., duration for which information is requested, duration of storage, frequency of access, along with a set of pre-processing filters that can be used to further customize the information that is retrieved.

Purpose: This includes information about the purpose of the consent that has been requested by the FIU/customer. It contains information such as purpose code and a purpose category which are provided during initiating a consent request.

Consent Digital Signature: The Details of the consent is digitally signed by AA and attached to the Consent Artefact. The receivers who are the FIP and FIU have to confirm the integrity of the Consent Artefact by generating a signature from the received consent detail section and validate it with the digital signature attached to the Consent Artefact.

Consent Artefact Entity

Parameter Name
Data type
Description
Ver
string
The version of the API
txnid
string
The unique transaction identifier used for providing an end to end traceability.
Consent Id
string
The unique ID of the consent artefact.
status
string
Current Status of the Consent, Could be ACTIVE, PAUSED, REVOKED or EXPIRED
createtimestamp
string($date-time)
Creation time of the consent artefact
ConsentDetail
Specify the financial information types that customer wants to access
consentStart
string($date-time)
Start date-time of the consent. This field would allow for Post-Dated consent.
consentExpiry
string($date-time)
Expiry date-time for the consent
consentMode
string
Consent Mode as defined in the AA technical Standards. Could be VIEW, STORE, QUERY or STREAM
fetchType
string
FI Fetch type. Could be ONETIME or PERIODIC
consentTypes
string
Type of information for which consent is required. Could be Profile, Summary(Account summary) or Transactions.
fiTypes
string
List of FITypes used in the Consent. FITypes names should be as defined in the AA Technical Standards. Could be DEPOSIT, TERM-DEPOSIT, RECURRING_DEPOSIT, SIP, CP, GOVT_SECURITIES, EQUITIES, BONDS, DEBENTURES, MUTUAL_FUNDS, ETF, IDR, CIS, AIF, INSURANCE_POLICIES, NPS, INVIT, REIT, OTHER
DataConsumer
Consent between FIP&AA, Dataconsumer would be AA whereas for consent between FIU/AA Application & AA, Data consumer would be FIU/AA Application.
id
string
The identifier of the FIU
type
string
Type of DataConsumer
DataProvider
Consent between FIP & AA, DataProvider would be FIP whereas for consent between FIU/AA Application & AA, DataProvider would be AA.
id
string
DataProvider ID
type
string
Type of Data Provider eg. AA, FIP
Customer
id
string
The identifier of the Customer can be generated during the registration with AA
Accounts
List of accounts which the consent would fetch FI from.
fiType
string
Type of Financial Information.
fipId
string
FIP ID.
accType
string
Type of Account.
linkRefNumber
string
FIP’s linkRefNumber as shared by the FIP after linking.
maskedAccNumber
string
Masked account number.
Purpose
Purpose of the consent (Defined in AA Technical Standards)
code
string
Purpose Code as defined in the AA Technical Standards
refUri
string
URL where the purpose is further defined
text
string
Textual Description
Category
type
string
Category name of the Purpose code
FIDataRange
Specify the datetime range for querying the financial information
from
string($date-time)
Selects the starting date-time from where the financial information is to be start
to
string($date-time)
Selects the starting date-time from where the financial information is to be end
DataLife
How long consumer is allowed to store data
unit
string
A unit of how long a consumer can store the data. Could be MONTH, YEAR, DATE, INF
value
string
Define the value of unit of how long can consumer store the data
Frequency
Frequency information for periodic information access
unit
string
A unit of the frequency to access the financial information. Could be MONTH, YEAR, DATE or INF
value
integer
Define how many times consumer can access the financial information
DataFilter
Rules that will be utilized by FIP to filter the data
type
string
The condition to filter the data on. Could be TRANSACTIONTYPE or TRANSACTIONAMOUNT
operator
string
Operator to filter data by. Could be =, !=, <,>, <=,>=
value
string
Value to filter data
consentDetailDigitalSignature
string($byte)
Digital Signature of the Consent Detail Section after generation. The receiver has to verify the given signature by generating signature from the received Consent Detail section.
ConsentUse
Section defining the parameters for consent tracking.
logUri
string
Logging; logUri can be any valid URI including an email address.
Count
Number
Number of times the consent has been used.
lastUseDateTime
string ($date-time)
Consent Last Used Date time.