CBPII Process(ex PIISP)

This process describes the CBPII case implementation with the description of every step, since the token retrieval until the Funds availability request.

Step 1 – Prerequisite

• You must enroll on 89C3 API and when you suscribe to live with CBPII role,you have to provide QWAC and QSEAL certificates. Your CBPII role will be checked on the basis of informations get in the REGAFI.

Step 2 – Access authorization as a CBPII wich is provided by our connected customer

• For every of our customers, you should get an initial access token worth for 90 days :

a) After asking our connected customer on your application in wich Banque Populaire his accounts are based, you must ssubmit an access token retrieval request for this customer (see use case "Retrieve your access token")

b) Our customer is redirected to a mobile interface of this Banque Populaire in order to identifiy himself

c) Our customer processes a strong authentication in this mobile interface  wich generates an access token

d) You get the initial access token for this customer

Step 3 – Funds availability request

• When our customer needs to process to a purchase with his private card, you check the customer account solvency with the POST /funds-confirmations method by providing your access token for this customer (see use case "Use and check funds availability")

Step 4 – If the 90 days token has expired, you must ask a token refresh for the customer

a) With our connected customer on your application, you submit a refresh request for this customer token (see use case "Refresh your access token")

b) Our customer is redirected to a mobile interface of his Banque Populaire andt processes a strong authentication in this mobile interface, wich reactivates the access token

c) You get the refresh token for this customer