CIBA uses the concept of a login_hint_token.
There is a mobile specific definition of this here: https://openid.net/specs/openid-connect-modrna-authentication-1_0.html#rfc.section.6
But we need a more generic definition - that can work in a banking context.
As Brian mentioned there is existing work in this area in the SECEVENTS working group at IETF: https://tools.ietf.org/html/draft-ietf-secevent-subject-identifiers-00
Perhaps we could utilise the above draft?
I'm opening this issue so that discussion can start while the core CIBA spec is being worked on.