3. TPP onboarding
This document is addressed to the Third-Party Payment Service Providers (TPP) and it is aimed to describe the needed onboarding procedures to the CBI Globe.
Thereafter, the necessary steps are shown in detail.
- 1. Upload of the eIDAS certificate
- In this first phase there is the upload of the eIDAS certificate, required for the connection to the CBI Globe.
- The first screen shown to the TPP user is the one that allows to upload the certificate, previously obtained from the TPP from a Qualified Trusted Service Provider (QTSP) authorized to release eIDAS certificates.
- The procedure will start clicking on the “Upload” button, as shown in the picture 1:
- 2. Search of the eIDAS certificate
- The process proceeds searching and picking the certificate from the own device, as shown in the picture 2:
- Clicking on the “next” button, the system verifies the validity of the shown certificate. If it results not valid, an error message will appear, and it will be needed to get in contact with the designated organization for the certificate release.
- It could also be employed an eIDAS test-certificate, released from an accredited QTSP. The CBI Globe will verify the presence of a started validation process through the National Competent Authority (NCA).
- 3. VAT number input
- If the certificate has been uploaded successfully, the procedure proceeds with the TPP’s VAT number. Clicking on “Next” in the screen shown in picture 3, the system verifies if the inserted VAT number is already registered in the CBI Globe database as an ASPSP. The VAT number’s maximum length is 11 digits. It is not possible to insert values of an upper length.
- These are the cases that can arise:
- A) Not registered TPP and VAT number not linked to a participant ASPSP
- If the VAT number is not linked to an ASPSP connected to the Gateway, once clicked on the “next” button, the procedure proceeds showing the screen of personal data input, from the TPP willing to onboard to the CBI Globe service.
- The online form will be partially pre-filled: the fields already pre-filled (picture 4) are the parameters that have been extracted from the certificate (if it is valid, refer to the 2) step).
- The following parameters will be pre-filled and not editable:
- The following fields must be filled instead, therefore they will be editable and mandatory:
- Eventually, the remaining fields that need to be inserted are the TPP personal data, the contact person personal data and the product group. They are all mandatory fields.
- Once that all the information has been inserted properly, after having clicked on “Register TPP”, the undertaking screen is shown. (Picture 5)
- B) Not registered TPP and VAT number linked to an ASPSP already connected to the CBI Globe
- If the VAT number is linked to an ASPSP connected to the CBI Globe, the TPP that is already known as ASPSP will see a screen in which all the data are already pre-filled and not editable (Fig.6), except for the following mandatory fields:
- After having filled the missing fields, it will be needed to click on the “Register TPP” button and complete the registration.
- 4. Conclusion of the TPP onboarding
- The procedure of the TPP onboarding conclusion follows the personal data input both in case of registered or not registered TPP. The TPP onboarding request is processed and then the TPP provisioning process on the CBI Globe system will start.
- If there will not arise any error, the TPP onboarding will be concluded in short time. In case of a needed manual intervention, to fix issues (e.g. eIDAS test-certificate management), the first feedback will be provided by the TPP within 48 hours from the registration request.
- The TPP will receive an e-mail to the address specified in the “Contact person mail” field, that will include the user credentials to access to the API Portal. If the TPP receives the email within the established time, the procedure is successfully ended and the TPP could start to enter to the API Portal.
- Regarding the application credentials, to enter in the API Gateway (in server-to-server mode), the TPP will have to register its own application to the API Portal, after having received the needed credentials. In case of a missing reception of the credentials, it is recommended to contact the service support contact of the CBI Globe service.