The following is a summary of Noting Paper 255.
The central question in NP255 is whether the DSB should amend its guiding principles to accommodate the Telecommunications sector.
NP255 suggests an additional principle might be added:
Principle 5: APIs are consistent across sectors
This principle states in part that the DSB "will strive for consistency in patterns, structure, security mechanisms and consumer experience across sectors..."
The noting paper goes on to provide a detailed rationale for this principle.
The paper discusses whether there is a case for the Telco standards to diverge from Banking and Energy standards. It lists possibly valid reasons for divergence, and considers some invalid reasons.
NP255 then describes the formal process of consultation, to which the informal feedback process of this paper might eventually lead.
It then asks a number of more specific questions, related to potential differences between Telco and other sectors:
- What credentials will customers use to authenticate?
- What drivers exist for the consent model for Telco to diverge?
- What drivers exist for the security profile for Telco to diverge?
- What is the API end point structure?
- What are the data payloads?
If you have an interest in these questions and topics, read NP255 for additional detail.
To provide your input in response to these questions, add your comments to NP255.