Skip to main content
Custom print
Download Original PDF

Article 99

Date(g): 13/6/2023 | Date(h): 24/11/1444 Status: In-Force

Translated Document

Effective from Jun 13 2023 - Jun 12 2023
To view other versions open the versions tab on the right

  1. The payments account information service provider shall obtain authorization from the payment service user before providing the service.
  2. Without prejudice to the relevant laws, regulations and instructions, the payments account information service provider shall delete the relevant data and information of the payment service user after withdrawing or cancelling the authorization.
  3. The payments account information service provider shall ensure that the personal security data of the payment service user is confidential and transmitted through secure and efficient channels and is only accessible to the user and provider of the personal security features.
  4. The payments account information service provider shall communicate securely with the payments account information service provider and identify the same during each communication.
  5. The payments account information service provider shall limit access to information from designated payments accounts and for the purpose of related payments transactions.
  6. The payments account information service provider may not request sensitive data associated with payments accounts that could be used to carry out fraudulent transactions.
  7. The payments account information service provider may not use, access or store any data for purposes other than performing the service requested by the payment service user.