6.2 Redirect SCA sequence diagram
The Redirect SCA can be used within two different situations:
- To authorize a Payment transaction after the PSU-ID has been communicated to CBI Globe (either by TPP or through a one-factor authentication);
- To authorize a Consent request transaction, even if the PSU-ID has not been communicated to CBI Globe.
Below it is depicted the sequence diagram related to redirect SCA:
The following steps are the main ones included in the above depicted sequence diagram:
- CBI Globe evaluates the SCA method to be used within a specific transaction and it finds that a redirect SCA is required;
- CBI Globe invokes a dedicated API exposed by the ASPSP, to allow the ASPSP to prepare a SCA transaction. The ASPSP provides CBI Globe with the URI to be forwarded to the TPP, which includes the tppRedirectUri as query parameter;
- CBI Globe updates the status of the transaction;
- CBI Globe informs the TPP that it is required to let the PSU interact with the Bank to execute a redirect SCA. CBI Globe provides the TPP with the URI received from the ASPSP. Details of that URI are described in section 4.4;
- The TPP executes a redirection of PSU application towards the ASPSP, providing the ASPSP with the tppRedirectUri, which is the URI of the TPP where the ASPSP has to redirect the PSU after the SCA execution;
- The ASPSP redirect SCA web pages are displayed to the PSU;
- The PSU enters her/his first and second factors into the ASPSP web pages to complete SCA process;
- After PSU has completed SCA process the ASPSP executes two different actions:
- It performs a redirection of PSU application towards the TPP, using the tppRedirectUri;
- It invokes proper call-back API to inform CBI Globe about the result of SCA process executed by the PSU.