According to the Berlin Group Implementation guidelines, there can be different methods for the PSU to carry out its strong authentication. comdirect is supporting the following one(s):
The PSU is redirected from the TPP interface to a web browser in order to perform her/his SCA.
The PSU is redirected according to her/his usual/preferred authentication mechanisms. In this approach, the PSU will receive a message from comdirect through the TPP interface inviting her/him to finalize her/his authentication through her/his mobile banking application or any other authentication mechanism offered by comdirect. Additionally, comdirect might use other notification channels to inform the PSU (PUSH notifications on her/his mobile device, email, SMS, phone call…).
To carry out its strong authentication on the ASPSP side, the PSU will be redirected from the TPP APP through several pages within the workflow described below.
Before being redirected to the TPP App, the PSU will access a redirection screen with some context related to the given authorisation. This screen is slightly different for AIS and PIS.
- 1a.) Push notification that there is a new TAN challenge waiting
- 1b.) TAN challenge cue where PSU jump into after tapping the push notification. The cue is constantly updating.
- 2.) Once a TAN challenge is tapped, PSU get the details of the order. Swipe „freigeben“ for confirmation.
- 3.) Order confirmed.