Scope

This document explains the process flow and implementation of interaction between FIU and AA on the user’s device. As this interaction between FIU and AA is taking place on the user’s device, it is considered insecure. Hence the data needs to be structured and encrypted in a standard way. This will enable seamless integration and interoperability between AAs and FIUs. This document does not cover any server to server interaction between the AA and FIU. All server to server communication between FIU and AA will need to adhere to the ReBIT API specifications, which is further clarified through the new user redirection rfc. It is therefore recommended that this document be read in conjunction with the ‘AA_community_20210119-new-user-redirection-rfc’ document.