Guideline No. | SD001 |
Purpose | To clarify the difference between “Data Life” and “Data Storage” for an FIU |
Description | Data Life – as defined in the open API specification of the electronic consent artefact, refers to the time window declared by an FIU for “processing” or “using” the data shared by a citizen, for the purpose declared.E.g. a lender may declare a data life of 24 hours, to process the data shared by a borrower and underwrite the loan application.FIUs are expected to “delete” the data, after the Data Life time-window expires.However, the term “delete” is to be interpreted as a “Soft delete”, since it cannot contravene existing regulatory directives regarding long-term archival of data collected by the FIU.
Thus, an FIU is expected to continue adhering to existing regulatory norms with respect to “storage of data”, where it is understood that such stored data is not meant to be “processed” or “used” in any manner, other than dictated by existing regulatory norms. |
Stage | Finalised |
Guideline No. | SD002 |
Purpose | To clarify if an AA stores financial data in its servers |
Description | AAs may operate in a “Store-and-forward” mode, i.e. in order to serve a data fetch request from an FIU (or from the citizen herself), the AA may fetch data from an FIP, store in its servers and notify the FIU to pick such data up.All data stored on the AAs servers is encrypted by the FIP using the ECDH algorithm, using key material generated by the FIU. ThIs prevents the AA from being able to decrypt any data stored on its servers.Further, a maximum period of 6 hours has been codified as a best practice by the AA community, for any such store-and-forward mechanism employed by the AA.This implies that if an FIU is not able to pick the data up within 6 hours of the AA notifying it, the AA is expected to delete all data stored. Such a “Delete” is expected to be a hard-delete and not a “soft-delete”, i.e. the data is not expected to be “archived” in a separate area by the AA.
If the FIU picks the data up within 6 hours, the AA is expected to delete the data immediately after that. |
Stage | Finalised |