The status provided to an organisation that has met the requirements to be considered an Accredited Data Recipient (ADR). The Australian Competition and Consumer Commission (ACCC) is responsible for accreditation, and for the accreditation requirements.
Authorised Deposit-taking Institution
This has the meaning specified in the Banking Act 1959.
Accredited Data Recipient
See accreditation. The Australian Competition and Consumer Commission (ACCC) maintains a CDR register of ADRs and Data Holders.
Application Programming Interface
Consumer Data Right
The Australian Competition and Consumer Commission (ACCC) maintains a CDR register of Accredited Data Recipients (ADRs) and Data Holders (DHs). Visit the CDR Register Github site to engage in the consultation process. UK Open Banking uses the term Directory.
Consumer Data Standards
These Standards have been developed as part of the Australian Government's introduction of the Consumer Data Right legislation to give Australians greater control over their data.
Cross-Origin Resource Sharing
Customer Reference Number
The consumer experience for end users (consumers) interacting with the Consent Model and the CDR ecosystem. For CX Standards and CX Guidelines, search for
CX Standards and
CX Guidelines on the Consumer Data Standards web site.
A data cluster is a grouping of data, as specified in the Data Language Standards of the Consumer Experience Guidelines. The CX Guidelines provide advice on use of data clusters. For a full discussion of data clusters and data cluster language, search for
CX Guidelines on the Consumer Data Standards web site. In the latest CX Guidelines document, search for
Data Language Standards.
Dynamic Client Registration
The organisation that holds the information and supplies it at the request of the ADR or consumer. The Australian Competition and Consumer Commission (ACCC) maintains a CDR register of Accredited Data Recipients (ADRs) and Data Holders (DHs). Visit the CDR Register Github site to engage in the consultation process.
Data Loss Prevention
DLP is an information industry term referring to a comprehensive strategy for information security, including the protection of data in use, data at rest, and data in motion.
Data Standards Body
The Data Standards Body assists the Data Standards Chair in making and reviewing the data standards. CSIRO is currently designated as the DSB.
Data Standards Chair
The DSC is the authority that makes and reviews the CDR Data Standards. Mr Andrew Stevens is the inaugural Data Standards Chair.
A designated sector means a sector of the Australian economy that is to adopt the CDR. The minister designates sectors via legislative instrument.
Duration of consent
A notice sent to a consumer related to a data sharing arrangement.
Typically MFA requires two authenticators: a password, and a code that has been sent to the consumer separately, for example by SMS, by a phone app or by email.
mutual Transport Layer Security
OpenID Connect Discovery
One Time Password
A single-use password generated by a Data Holder and used by a consumer to authenticate. One time passwords can be provided to the consumer by various means such as SMS message, app notification, or email.
Outsourced Service Provider
Product Data Specification
A collection of data that describes a product. The details are specified in the Consumer Data Standards, Get Products section.
The specific data in an authorisation scope is referred to as a permission. Permissions are grouped by data cluster.
Primary Account Number
A unique number with a varying length assigned to the primary account. The Primary Account Number is also known as the unique identifier of the embossed card number designated to payment cards.
Pushed Authorisation Request
Personally Identifiable Information
Personally identifiable information (PII) is data that might identify an individual. Transmitting PII without adequate protection is a threat to privacy and security, and may provide the opportunity for identity theft.
Product Reference Data
PRD is the generic description of a product offering provided to consumers as part of a Product Data Specification. It does not include any personal customer information. A PRD must be provided to the public for every banking product. The DSB has a Banking Products comparator demo.
Permission given by a consumer for a sharing arrangement to continue (for an agreed period) beyond the expiry date of the current sharing arrangement.
REpresentational State Transfer
An architecture for web services. Services using this architecture are described as RESTful.
Withdrawing consent or authorisation. This occurs when a consumer stops sharing or cancels a sharing arrangement.