Consent Management
bLink offers two ways to integrate the consent module:
Consent Management 2.0
Service User securely stores tokens
Consent Management 2.0 with CaaS
a standardized token store service that is provided by SIX
To start with the integration the postman collection gives a great toolbox to try out the initial flow. The detailed documentation of the consent module is available here.
Comparison of Consent Management Approaches
In general, the difference in the consent flow with or without CaaS is not visible to the end customer. Instead, the CaaS-handling allows the Service User to rely on the security expertise of SIX, which increases the security of the integration while lowering the amount of corresponding admission criteria and audit requirements to connect to the bLink platform.
Find out how CaaS connects to the admission criteria you have to fulfill in order to onboard to bLink.
As CaaS is a service provided by SIX independently from bLink, it also includes a separate contract. You can view it in the chapter Contracts.
Depending on the setup of the Service User, both options can be beneficial. You can find out more about this in our chapter Architectural Decisions for Service Users. The following table summarizes the main differences between the Consent Management 2.0 requirements with and without CaaS:
Consent Management 2.0 | Consent Management 2.0 with CaaS | |
---|---|---|
Authentication Method | Tokens | Permissions |
Difference in authentication method | The token allows direct access to the service provider | Permission allows access to tokens |
Token storage | Service User securely stores tokens | Tokens are stored by SIX |
Role of SIX in authentication flow | - | Token handling for Service User and serves as an additional instance to verify requests |
Consequence for Service User | Yearly external audit required according to the admission criteria without CaaS | Yearly review of admission criteria with CaaS |
Admission Criteria | Annex 1: Admission Criteria of bLink Platform Participation Contract Annex 1: Admission Criteria of Consent-as-a-Service (CaaS) |