Frequently Asked Questions

UAE Open Finance is a regulatory framework supervised by the Central Bank of the UAE (CBUAE) that enables secure, standardized sharing of financial data between banks and authorized third-party providers. It allows consumers to share their financial information with apps and services they trust, enabling innovation in financial services.

Participation is open to banks (ASPSPs), licensed third-party providers (TPPs), and technology providers. TPPs include Banking Data Service Providers (BDSPs), Banking Service Initiation Providers (BSIPs), and Information Service Providers (ISPs). All participants must be registered on the Al Tareq platform.

Registration is done through the Al Tareq portal at altareq.openfinance.ae. You will need to create an account, submit required documentation, and await approval from Nebras, the scheme operator. The process varies depending on whether you are registering as a TPP or an ASPSP.

Al Tareq is the official UAE Open Finance platform operated by Nebras. It provides the central directory, sandbox environment, and production infrastructure for the ecosystem. All participants must register and be approved on Al Tareq to operate in the UAE Open Finance ecosystem.

TPPs must obtain a license from CBUAE and complete conformance testing on the Al Tareq platform. Requirements include FAPI 2.0 compliance, security assessments, and successful sandbox testing. Specific requirements vary based on your TPP type (BDSP, BSIP, or ISP).

The timeline varies depending on your preparation and the complexity of your application. Sandbox access can typically be obtained within a few weeks of registration. Production approval requires completing all conformance testing and regulatory requirements.

Available APIs include Account Information (balances, transactions, standing orders), Payment Initiation (domestic payments), Confirmation of Payee, and Product Information. Access depends on your TPP type and the permissions you have been granted.

Al Tareq provides a sandbox environment for testing. You will receive sandbox credentials after registration approval. The sandbox includes mock bank data and allows you to test all API flows including authentication, consent, and data retrieval.

Banks must expose standardized APIs for account information and payment initiation, implement customer consent management, register on Al Tareq, maintain 99.5% API availability, and support the security requirements including FAPI 2.0 compliance.

Banks must implement Account Information APIs (accounts, balances, transactions), Payment Initiation APIs, Confirmation of Payee, and public Product Information APIs. All APIs must conform to the specifications published by Al Tareq.

Compliance involves registering on Al Tareq, implementing the required APIs according to specifications, passing conformance testing, completing security assessments, and maintaining ongoing compliance with performance and availability requirements.

UAE Open Finance uses OAuth 2.0 with OpenID Connect and FAPI 2.0 security profiles. TPPs authenticate using client credentials and mTLS. Customer authentication is handled by the bank using redirect or decoupled flows.

DCR allows TPPs to register their applications with banks programmatically using signed JWTs. The TPP creates a software statement on Al Tareq, which is then used to register with each ASPSP automatically.

The customer initiates a request through the TPP, which creates a consent request. The customer is redirected to their bank to authenticate and authorize the consent. Upon approval, the TPP receives tokens to access the authorized data.

All participants must implement FAPI 2.0 security profiles, mTLS for transport security, signed and encrypted JWTs, and comply with the security guidelines published by Al Tareq and CBUAE.

No. OpenFinance-OS is a community-driven initiative. We are not affiliated with CBUAE, Al Tareq, Nebras, or any bank. We aggregate publicly available information and provide community resources. For official information, always refer to the Al Tareq portal and CBUAE.

We welcome contributions! You can submit content (articles, events), contribute code improvements, or provide feedback through our GitHub repository. Visit our Community page to learn more about how to get involved.

For community discussions, visit our GitHub Discussions. For official technical questions, use the Al Tareq support channels. For regulatory questions, contact CBUAE directly.