Functional Certification — Delegated SCA 3 min read
Delegated SCA is the delegated-authentication overlay on a payment consent, certified after Single Instant Payment. The consent carries IsDelegatedAuthentication: true with an empty ConsentSchedule — the TPP defines and manages the payment controls — so there is nothing to evidence about ControlParameters. Instead you evidence the payment limit you enforce, your Creditor / Risk handling, and one authorised consent for each beneficiary model. This page explains the evidence; the portal then builds your submission.
Evidence for delegated authentication
Under Delegated SCA the customer authorises a consent that hands control of the payments to the TPP: IsDelegatedAuthentication is true and the ConsentSchedule is empty. Because the TPP sets and manages the controls, your LFI has no ControlParameters to store, display, or enforce — so unlike the six Multi-Payment types there are no control-parameter scenarios. See the Delegated SCA API guide for the delegated-authentication model.
Payment limit, Creditor & Risk, and beneficiary models
Delegated SCA certification collects three things:
- Payment limit — the maximum AED a single Delegated SCA payment can take on your LFI. The TPP manages the consent controls, but your own institutional limit still applies.
- Creditor validation & Risk handling — the Creditor arrives inside the encrypted
PersonalIdentifiableInformation, so you evidence decrypting it and validating the creditor, and that the cleartextRiskobject (AERisk) is used in your screening. This is the same evidence as Single Instant Payment, re-captured because it may differ slightly under delegation. - Beneficiary models — one authorised pre-production consent for each of Single (one creditor), Multiple (2–10 fixed creditors) and Open (no creditor fixed at consent; supplied at
POST /payments), each with theConsentIdand the authorization screen the customer saw.
Delegated SCA builds on Single Instant Payment. You will be asked for the JIRA ticket of your completed Single Instant Payment certification, so have it to hand.
To accept the Multiple and Open beneficiary models you must advertise support for each on your Trust Framework authorisation-server entry. The portal shows a reference decrypted PII for each model. See the Creditor PII page for the model definitions.
One ZIP to attach to your ticket
When you have filled in the form and attached your screenshots, the portal generates a single ZIP containing a summary document and every screenshot. Attach it to a Service Desk certification-evidence ticket. Nothing is sent anywhere until you attach it — the submission is built entirely in your browser.
