CAMARA Consent Management Process #101
psidana1983
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi Team ,
I am working on securing the CAMARA certification for SIM Swap API and as per the input I have received it is mandatory to implement 3 Legged authorization , which requires CIBA flow . I have below questions regarding this flow :
Who should give this consent, is it by the customer to a telecom operator ( flow is end user -> bank -> Teleco operator) or the end user whos information is getting shared. As per our understanding , the consent should be done between the end user and bank , not between end user and teleco operator.
When should we take this consent , is it while onboarding the customer or before providing the access to an API.
What should be the frequency of this consent
For how long this consent should be valid
What is basis on which CAMARA has decided to implement CIBA flow for SIM Swap . Is there any data privacy guidelines or policies getting followed , like GDPR .
Regards
Prashant Sidana
Beta Was this translation helpful? Give feedback.
All reactions