Strong Authentication through Connexis Cash

With Connexis Cash APIs, there are 2 Strong Contumer Authentications (SCA) required from the user:

  • When the user authenticates himself to access Connexis Cash environment through the Redirect approach in the OAuth token generation
  • When the user wants to authorize a payment.

 

 

SCA screen during OAuth token generation

This authentication process must be performed by the client for any service he wants to use: AISP, PISP and PIISP. It allows him to access the Connexis Cash environment.  

1. After the client is redirected to Connexis Cash log in page, the client connects  the same way as today : He enters his Authentication ID and his 6-digit password (OTP).

Connexis PSD2 Login

 

 

 

 

 

 

 

 

 

 

 

 

2. If the user has access to several entities, he is redirected to a page to choose the one he wants to work in

Branch2

 

PISP SCA screen

When the client initiates a payment, at the final stage, he needs to authorize/sign it. This must be done through SCA.

The PISP redirects the user to Connexis Cash, where this one was previously authenticated.

Payment

The challenge code (OTP) requested from the user includes a dynamic link as defined under Article 5 of the RTS. After finalizing the strong authentication, Connexis Cash redirects the user to the TPP interface.

 

ONE TIME PASSWORD (OTP)

The customer obtains his OTP, allowing him to log in or to authorize a payment,  through his physical token or his Connexis Pass application (screen of mobile application) :

OTP

 

 

 

About us

BNP Paribas CIB is a leading global financial services firm, offering you solutions in capital markets, securities services, advisory, finance and treasury

 

group2

Contact

Corporate and Institutional Banking at a glance