openid / fapi / issues / #467 - Can FAPI specs support ecosystems where smart phones aren't common, e.g. by using USSD — Bitbucket

Issue #467 resolved

Dave Tonge created an issue 2022-01-19

We have received this request from an OpenBanking entity in Nigeria.

For context re USSD: https://encyclopedia.kaspersky.com/glossary/ussd-unstructured-supplementary-service-data/

Comments (4)

Dave Tonge reporter
From my perspective, I think that CIBA could utilize USSD, i.e.

Prerequisite
1. User registers for USSD services from their bank (e.g. https://www.firstbanknigeria.com/personal/ways-to-bank/ussd/)
Payments
1. User enters phone number and selects bank at RP (at physical terminal or website)
2. RP starts CIBA flow with bank using the phone number as a login_hint
3. Bank uses USSD to send a notification to user to approve payment
4. Optional: User compares binding_code received via USSD and shown at RP
5. User approves payment (maybe using pin)
6. Bank issues access token to RP (either via poll or ping)
‌

‌
- 2022-01-19T15:49:51+00:00
Bjorn Hjelm
For additional information, a presentation by T-Mobile Poland and GSMA on USSD provided at the MODRNA WG call on July 19 is available at https://openid.net/wordpress-content/uploads/2022/07/USSD-Authenticator-Overview-MODRNA-meeting-FINAL.pdf
- 2022-07-19T18:31:26+00:00
Tom Jones
Is it wise to use a comms protocol where financial messages are not stored on users device like they are on sms?
- 2022-07-19T19:00:10+00:00
Dave Tonge reporter
- changed status to resolved
Resolving this as no recent updates from OB Nigeria
- 2023-05-24T14:03:09+00:00
Log in to comment

Assignee: –

Type: proposal

Priority: minor

Status: resolved

Component: Others

Milestone: –

Votes: 0

Watchers: 3

Jira: the preferred issue tracker for Bitbucket. Join the team!