What is COF
The purpose of the COF API is it gives a TPP the possibility to check if the necessary funds are available on the payment account of the payer (eg. before execution a payment initiation). The bank has to respond with Y/N upon request from TPP whether there are sufficient funds on IBAN. Before using the service, the customer needs to give the explicit consent before it can be deployed.
API endpoints
Link | Resource | Endpoints |
---|---|---|
Funds Confirmation Consent | funds-confirmation-consent | POST /funds-confirmation-consents |
Funds Confirmation |
funds-confirmation | POST /funds-confirmations |
How does it work?
KBC/CBC has decided to develop its APIs according to the Berlin standards. Terminology used is therefore via this standard.
- This process begins with a PSU committing to give consent, to their ASPSP (KBC/CBC) to respond to confirmation of funds requests from the CBPII
- The CBPII connects to KBC/CBC’s API Gateway and creates a funds-confirmation-consent resource
- This informs KBC that one of its PSUs would like to grant access to confirm the availability of funds to a CBPII
- KBC responds with an identifier for the resource, the ConsentId, which is the intent identifier
- This step is carried out by making a POST request to the /funds-confirmation-consents endpoint, under a client credentials grant
- The setup payload will include these fields:
- Debtor Account - mandatory debtor account details to capture the account from which the availability of funds will be confirmed
- Expiration Date Time - an optional expiration for when the CBPII will no longer have access to confirm funds on a PSU's account
- The CBPII request KBC/CBC to confirm whether an amount necessary for the execution of a payment transaction is available
- The CBPII redirects the PSU to KBC/CBC where the PSU shall give its consent to KBC/CBC before confirming the availability of funds to the CBPII
- The redirect includes the ConsentId generated in the previous step
- This allows KBC/CBC to identify the funds-confirmation-consent that was setup
- KBC/CBC authenticates the PSU
- The PSU gives explicit consent to KBC/CBC to respond to confirmation of funds requests from the CBPII
- KBC/CBC updates the state of the funds-confirmation-consent resource internally to indicate that the resource has been authorised
- Once the consent has been authorised, the PSU is redirected back to the CBPII
- The CBPII connects to KBC/CBC’s API Gateway and creates a funds-confirmation resource
- This informs KBC/CBC that the CBPII would like to receive confirmation of the availability of funds for the designated payment account
- KBC/CBC responds with a simple ‘yes’ (true) or ‘no’ (false) answer and not with a statement of the account balance
- This step is carried out by making a POST request to the /funds-confirmations endpoint, under an authorization code grant
- The setup payload will include these fields - which describe the data that the PSU has consented with the CBPII:
- Amount - the amount to be confirmed available
- ConsentId - an Id that relates the request to a funds-confirmation-consent, and specific account with the ASPSP. This Id must match the intent identifier