Bank Alert: Breaking Change Notification – SCA Errors – for Monzo Bank

Date: 9 March 2021 | TB-030921

This notification relays important information from a Token-connected bank (Monzo Bank).

Monzo 90-day breaking change notice: SCA errors

Currently, if a TPP makes a request outside the window to the bank's transactions endpoint with a fromTime parameter that is earlier than 90 days before the time of the request, Monzo's API will return a successful response whilst cropping the results to transactions dated within 90 days of the request. Transactions that pre-date the request by more than 90 days are not included. This response behaviour is incorrect.

Going forward from the 8th of June, Monzo's API will correctly return a 400 Bad Request response with error code bad_request.outside_sca for all requests made outside the SCA time limit.

Impact

Because requests made outside of the 90-day SCA time limit will now correctly return an error rather than an abridged list of results, TPPs must ensure that all AIS transaction requests are made within the SCA time limit to avoid an error response.

Remember, in accordance with the CEG Checklist, the user must re-authenticate consent for account information sharing with the if more than 90 days have elapsed since the last time the accessed the information and SCA was applied.

Timing

The changes described in this bulletin will become effective 8 June 2021.

* * * *

For assistance with the foregoing and other operational aspects of the Token Open Banking solution, please contact support@token.io. Follow us on Twitter @token_tech.

Bank Alert: Breaking Change Notification – SCA Errors – for Monzo Bank

Date: 9 March 2021 | TB-030921

This notification relays important information from a Token-connected bank (Monzo Bank).

Monzo 90-day breaking change notice: SCA errors

Currently, if a TPP makes a request outside the window to the bank's transactions endpoint with a fromTime parameter that is earlier than 90 days before the time of the request, Monzo's API will return a successful response whilst cropping the results to transactions dated within 90 days of the request. Transactions that pre-date the request by more than 90 days are not included. This response behaviour is incorrect.

Going forward from the 8th of June, Monzo's API will correctly return a 400 Bad Request response with error code bad_request.outside_sca for all requests made outside the SCA time limit.

Impact

Because requests made outside of the 90-day SCA time limit will now correctly return an error rather than an abridged list of results, TPPs must ensure that all AIS transaction requests are made within the SCA time limit to avoid an error response.

Remember, in accordance with the CEG Checklist, the user must re-authenticate consent for account information sharing with the if more than 90 days have elapsed since the last time the accessed the information and SCA was applied.

Timing

The changes described in this bulletin will become effective 8 June 2021.

* * * *

For assistance with the foregoing and other operational aspects of the Token Open Banking solution, please contact support@token.io. Follow us on Twitter @token_tech.

Bank Alert: Breaking Change Notification – SCA Errors – for Monzo Bank

Date: 9 March 2021 | TB-030921

This notification relays important information from a Token-connected bank (Monzo Bank).

Monzo 90-day breaking change notice: SCA errors

Currently, if a TPP makes a request outside the window to the bank's transactions endpoint with a fromTime parameter that is earlier than 90 days before the time of the request, Monzo's API will return a successful response whilst cropping the results to transactions dated within 90 days of the request. Transactions that pre-date the request by more than 90 days are not included. This response behaviour is incorrect.

Going forward from the 8th of June, Monzo's API will correctly return a 400 Bad Request response with error code bad_request.outside_sca for all requests made outside the SCA time limit.

Impact

Because requests made outside of the 90-day SCA time limit will now correctly return an error rather than an abridged list of results, TPPs must ensure that all AIS transaction requests are made within the SCA time limit to avoid an error response.

Remember, in accordance with the CEG Checklist, the user must re-authenticate consent for account information sharing with the if more than 90 days have elapsed since the last time the accessed the information and SCA was applied.

Timing

The changes described in this bulletin will become effective 8 June 2021.

* * * *

For assistance with the foregoing and other operational aspects of the Token Open Banking solution, please contact support@token.io. Follow us on Twitter @token_tech.