What is Client Initiated Backchannel Authentication (CIBA)?

CIBA is another type of authentication framework that extends Application Programming Interface (<a href="/glossarycollection/application-programming-interface" style="color:#48277C;" target="_blank" title="Application Programming Interface"><u>API</u></a>) capabilities by allowing for 'decoupled' authorisation and authentication journeys. This means that a client (e.g. a vending machine or an IOT device) can submit an Open Banking request over a secure 'back-channel' to the bank's authentication servers that can be authorised / authenticated on a separate device such as the user's mobile phone. Another example is when a call-centre agent is authorised to access a customer account via a mobile phone.

Previous