Issued: 31st March 2023 | TB-031023
Token.io is improving the experience for customers using Token.io's hosted pages (Token.io Hosted Pages) to handle the capture of embedded authorization-related fields.
Token.io will replace the existing set of basic pages with customizable and localized pages to improve UX and ensure improved compatibility with different types of embedded authentication. Customization options include:
Logo
CSS (font color, choice of font family from a predefined list, and more)
The default customization uses the Token.io logo and Token.io CSS settings.
The new set of Token.io hosted pages supports recently added banks with different types of embedded authentication.
In addition, this change will improve the user experience and therefore improve the overall success rates when a Payment Initiation Service (PIS) or Account Information Service (AIS) request is initiated.
This change applies to both Token.io’s Account Information Service (AIS) and Payment Initiation Service (PIS).
These are the affected banks to date:
Deutsche Bank Aktiengesellschaft, Branch Vienna (DB AG (Austria))
Volksbank Niederösterreich
Volksbank Tirol
Österreichische Ärzte- und Apothekerbank
Volksbank Oberösterreich
Volksbank Vorarlberg
Schoellerbank
Volksbank Salzburg
Volksbank Wien
CBC Bank
Deutsche Bank (FR)
DKB (Deutsche Kreditbank Aktiengesellschaft)
Norisbank GmbH
Postbank
Volksbank
CIB Bank Lakossági
K&H Bank
Raiffeisen Bank
CIB Bank Vállalati
OTP Bank
UniCredit Bank Hungary
Deutsche Bank Aktiengesellschaft,Branch Budapest (DB AG (Hungary))
Banca Adria Colli Euganei
BCC Cherasco
CR Alta Vallagarina
Banca di Bologna
BCC Circeo
CR Alta Valsugana
Banca Monte dei Paschi di Siena Spa
BCC Conversano
CR Alto Garda
Banca Nazionale del Lavoro Spa
BCC Credito Etneo
CR Dolomiti
Banca Patrimoni Sella & C.
BCC Felsinea
CR Ledro
Banca Sella
BCC Flumeri
CR Novella e Alta Anaunia
BancaTer Credito Cooperativo FVG
BCC La Riscossa di Regalbuto
CR Renon
Banco Marchigiano Credito Cooperativo
BCC Laudense-Lodi
CR Rotaliana e Giovo
BancoBPM
BCC Lazio Nord
CR San Martino in Passiria
BCC Alberobello e Sammichele
BCC Locorotondo
CR Trento
BCC Alta Murgia
BCC Malatestiana
CR Val di Fiemme
BCC Alto Tirreno
BCC Monte Pruno
CR Val di Non
BCC Aquara
BCC Pianfei e Rocca de Baldi
CR Vallagarina
BCC Barlassina
BCC Prealpi
CR Valsugana e Tesino
BCC Bene Vagienna
BCC Romagna Occidentale
CRA Borgo S. Giacomo
BCC Brescia
BCC S. Marzano di S. Giuseppe
CRA Boves
BCC Caraglio-Cuneese-Riviera dei Fiori
BCC Sangro Teatina
Credit Agricole Italia
BCC Casalgrasso e S. Albano Stura
BCC Sarsina
Friulovest Banca
BCC Cassano delle Murge
BCC Territorio Lombardo
Hello Bank!
BCC Castagneto Carducci
BCC Valdostana
Iccrea Banca
BCC Castelli e Iblei
BNL Corporate
Illimity
BCC Castelli Romani
BPER Banca
Paytipper
BCC Centro Calabria
CartaLis
Poste Italiane S.p.A.– Patrimonio BancoPosta
BCC Centro Emilia
Cassa Padana
PrimaCassa Credito Cooperativo FVG
BCC Centro Lazio
Cassa Rurale FVG
RomagnaBanca
Medicinos Bankas
Šiaulių bankas
Deutsche Bank
Raiffeisen Bank
Länsförsäkringar Bank
To determine whether this change affects you, perform both of the following checks.
You're affected if you are using either of the following endpoints to retrieve the authorization url:
POST /banks/{bankId}/token-requests/{tokenRequestId}/urls
POST /banks/{bankId}/token-requests/{tokenRequestId}
You're affected if you are using the newer endpoint:
POST /token-requests/{tokenRequestId}/authorization
AND are not handling credential fields yourself*
AND are not setting the following flag in the payload
"useWebappCredentialsFlow": "true"
* An example of handling credential fields yourself is if you call:
POST /token-requests/{tokenRequestId}/authorization
with a sample payload of:
{
"credentials": {
"psuId": "johnsmith",
"password": "secretpassword123"
}
}
If you wish to move to this improved experience, you'll need to make the following changes:
- Log in to the Dashboard and customize your logo and CSS text if you wish to override the default settings.
See Creating custom Hosted Pages in the Token.io Developer Documentation for more details.
- Set the flag
"useWebappCredentialsFlow": "true"when making the
POST /token-requests/{tokenRequestId}/authorization endpoint.
(This is only required if you want to use the new experience before the change is implemented by default on the 25th May 2023.
Token.io will deprecate the existing set of pages and introduce the new experience on June 29th 2023.
Token.io will apply default customization on this day if you haven’t used the Token.io Dashboard to customize the user experience.
For assistance with the above and other operational aspects of the Token.io Account-to-Account Infrastructure, please contact Token.io Support.