The diagram below depicts an overview of the flow, taking place during the creation of consent, including who plays what role. BEC's responsibility is limited to the actions happening between the TPP and ASPSP. All parts of the flow except the SCA, which has been depicted below.
The SCA processes are confined to the general national authentication solutions; MitID and NemID.
NemID is in the process of being phased out as a general national authentication solution.
MitID - SCA authentication flows
In relation to MitID implementation please refer to the following document describing the full MitID SCA authentication flows:
Documentation of MitID SCA authentication flows for PSD2 API.
NemID - SCA authentication flows
In relation to consents, the SCA process is confined to the NemId process and is implemented as 2-factor authentication. The NemID applet is implemented to be customizable. Upon completion the SCA process, the PSU will be redirected to the TPP-Redirect-URI if an error occurred, however, the user will be redirected to the TPP-Nok-Redirect-URI.
SCA flow based on app switch
For granting consent via app switch to the mobile bank app, the SCA process consists of authentication with mobile code. Upon completion of the SCA process, the PSU will be redirected to the TPP Success URL or Error URL depending on the outcome. For Android the links to be used are Android app links and for iOS the links are universal links.
App switch is supported from version 6.7.0 of the iOS mobile bank app and from version 6.9.X-23 of the Android mobile bank app.