Functional Certification — Domestic Payments 4 min read
Functional Certification proves that your TPP initiates domestic payments through the API Hub correctly. You tick the payment types you offer, and for each one provide the two objects your TPP is responsible for constructing — the Consent (authorization_details) you send at PAR and the Risk (AERisk) object you send for fraud scoring. You then evidence each type by making a payment against it on the sandbox Model Bank and attaching the Postman screenshot. This page explains the evidence; the portal then builds your submission for you.
Evidence that your payment initiation is correct
Unlike the LFI side — which certifies one payment type per ticket — the TPP side is a single Domestic Payments submission covering every type you offer. All 8 UAE Open Finance domestic payment types are available: Single Instant Payment, the six Multi-Payment variants, and Delegated SCA. You are the party that constructs the consent and the risk signals, so certification is about those two objects and a payment made against them — all evidenced from the AlTareq Model Bank sandbox using the Postman collection.
For each payment type you offer
- Consent object — the
authorization_details(RAR) entry you send at/par, edited in a schema-validated JSON editor. Each type is pre-seeded with a valid consent shape you adapt to your proposition. - Risk object — the
AERiskobject you send for fraud scoring, also edited against the schema. - A payment against that consent — a Postman screenshot of a
POST /paymentsmade against a consent of that type on the Model Bank.
If you certify Delegated SCA (IsDelegatedAuthentication: true), you perform the customer authentication yourself before each payment. You additionally upload a screenshot of that authentication and describe how it populates the Authentication section of the Risk object — Risk.DebtorIndicators.Authentication (the factors used, the ChallengeOutcome, and the AuthenticationFlow).
A payment consent can also carry account and balance reads and a refund-account read. If your proposition uses them, tick the matching capability and evidence a balance read before the payment and a refund read after it, each with a Postman screenshot.
Your organisation and name are taken from your Sandbox Trust Framework sign-in — you do not type them in. Sign in when the portal prompts you so your submission is attributed to your TPP.
One ZIP to attach to your ticket
When you have selected your types and attached your evidence, the portal generates a single ZIP containing a summary document, the Consent and Risk JSON for each type, and every screenshot. Attach that ZIP to a Service DeskTPP Functional Certification Evidence ticket. Nothing is sent anywhere until you attach it — the submission is built entirely in your browser.
