[webpayments] SEPA SDD one-off e-mandate Version 01 28 2016 (#74) from fredMeignien on 2016-01-28 (public-payments-wg@w3.org from January 2016)

From: fredMeignien <notifications@github.com>
Date: Thu, 28 Jan 2016 05:24:35 -0800
To: w3c/webpayments <webpayments@noreply.github.com>
Message-ID: <w3c/webpayments/pull/74@github.com>
I took the opportunity of restyling to introduce more precisions (especially interaction between Debtor Browser and Creditor Website) in order to be as close as possible to the description done in the EPC book: EPC208-08-e-Operating-Model-Detailed-Specification-v1.2-Approved (Cf. page 22 3.6.1 Single Authorization Message Flow)

Regarding restyling :

- used the diagram « WebInitiatedSEPACreditTransfer-Current.pml » as a reference for style harmonization (the other SCT diagrams are much less detailed and not applicable for this task, I guess)
- introduced the skinparam «!includeurl https://raw.githubusercontent.com/w3c/webpayments/gh-pages/PaymentFlows/skin.ipml »
- reorganized the order of actors and participants to obtain the same order as in reference diagram
- Regarding the separation between the Actor and his Website or Browser the idea was to highlight the fact that there is a pre requisite of initial agreements between the actors :
o (Cf. • The Debtor’s Bank and the Debtor must have an agreement on the conditions for using the means of authentication; • The Creditor and the Creditor’s Bank must have an agreement on the conditions for using the Routing Service(s) providers; ref: EPC208-08-e-Operating-Model-Detailed-Specification-v1.2-Approved page: 16)
o But this is not necessary in such a diagram, so I eliminate this phase in order to have only browser interacting with website.
Other : 
- the SDD flows requires the presence of 2 specific participants : the Directory Service providers and the EPC Approved Certification Authorities
- EPC Book EPC208-08-e-Operating-Model-Detailed-Specification-v1.2-Approved provides useful definitions (page 15 3.3 e-Operating Model Parties)
“The execution of the e-Mandate service, complementing the SEPA Direct Debit Scheme, involves the following main parties: 
• Debtor: “gives the Mandate to the Creditor to initiate Collections. The Debtor’s bank account is debited in accordance with the Collections initiated by the Creditor. By definition, the Debtor is always the holder of the account to be debited” [2] 
• Creditor: “receives the Mandate from the Debtor to initiate Collections, which are instructions to receive Funds from the Debtor Bank by debiting the account of the Debtor. On the basis of this Mandate, the Creditor collects the direct debits” [2] 
• Creditor Bank: “is the bank where the Creditor's account is held and which has concluded an agreement with the Creditor about the rules and conditions of a product based on the Scheme. On the basis of this agreement, it receives and executes instructions from the Creditor to initiate the Direct Debit Transaction by forwarding the Collection to the Debtor Bank in accordance with the Rulebook.” [2] 
• Debtor Bank: “is the bank where the account to be debited is held and which has concluded an agreement with the Debtor about the rules and conditions of a product based on the Scheme. On the basis of this agreement, it executes each Collection of the direct debit originated by the Creditor by debiting the Debtor’s account, in accordance with the Rulebook.” [2] 
• Routing Service: “Providers offer this service, in agreement with and on behalf of Creditor Banks, for giving access, by Creditors, to validation services made available by Debtor Banks for the validation of e-Mandates initiated by Debtors through the electronic channels of Creditors. Creditor Banks may provide these routing services themselves.” [3] 
• Validation Service: “Providers offer this service in agreement with and on behalf of Debtor Banks for validation of e-Mandate proposals initiated by Debtors through the electronic channels of Creditors and the routing services offered by Creditor Banks. Debtor Banks may provide these validation services themselves.” [3] 

In order for the e-Operating Model to fulfil the reachability and security requirements, it is necessary to consider two new parties: the Directory Service providers and the EPC Approved Certification Authorities. 
• Directory Service: Providers offer this service in agreement with a Routing Service Provider to enable reachability to all participant Banks with the role of Debtor Bank. The directory must have an update list of all participant Debtor Banks’ operational BICs and the correspondent Validation Service URLs. 
• Approved Certification Authorities: PKI Certification Authorities (CAs) that issue certificates for Validation Service providers and Routing Service providers, with extensions that qualify the entities as legitimate Validation Service providers or Routing Service providers. These CAs must present a “Declaration of Compliance” to the EPC.”
You can view, comment on, or merge this pull request online at:

  https://github.com/w3c/webpayments/pull/74

-- Commit Summary --

  * SEPA SDD one-off e-mandate Version 01 28 2016

-- File Changes --

    A PaymentFlows/DirectDebit/SEPA SDD one-off e-mandate Version 01 28 2016 (180)

-- Patch Links --

https://github.com/w3c/webpayments/pull/74.patch
https://github.com/w3c/webpayments/pull/74.diff

---
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments/pull/74
Received on Thursday, 28 January 2016 13:25:44 UTC