Account Aggregator (AA) shall provide services to a customer based on the customer’s explicit consent. The consent is electronically sought from the customer and AA creates two different Consent Artefacts for an information request from a single FIP account. One Consent Artefact authorizes the FIU/Customer to request aggregated information from the AA. The other Consent Artefact authorizes the AA to obtain information from the FIP.
Note : Consent is just a digital agreement wherein a user chooses to either accept or reject at the AA application or any interface provided by AA at FIU.
Data Access: It comprises fields describing the type of information that can be accessed and the permissions associated with it. It also gives the information of the consent given by the customer is active..
Entity Details: It contains all the details of the entities that are involved in the transaction which includes the financial information providers providing the information, financial information users accessing the information, account aggregators and customers. It also has the account details of the customer and the reference numbers (such as account reference no,Link reference number) provided by the FIP while the customer is connecting to their accounts.
Data Filters: It contains the filters that are associated with the information that is requested. i.e., duration for which information is requested, duration of storage, frequency of access, along with a set of pre-processing filters that can be used to further customize the information that is retrieved.
Purpose: This includes information about the purpose of the consent that has been requested by the FIU/customer. It contains information such as purpose code and a purpose category which are provided during initiating a consent request.
Consent Digital Signature: The Details of the consent is digitally signed by AA and attached to the Consent Artefact. The receivers who are the FIP and FIU have to confirm the integrity of the Consent Artefact by generating a signature from the received consent detail section and validate it with the digital signature attached to the Consent Artefact.
Consent Artefact Entity