ACCC & DSB | CDR Implementation Call Agenda & Minutes | 28 August 2025
Sign up: Sign Up
When: Fortnightly on Thursday's at 3pm-4:30pm (Canberra time)
Location: Microsoft Teams (dial in details are below)
Join on your computer, mobile app or room device
Click here to join the meeting
Meeting ID: 426 030 545 881 4
Passcode: 5d7Kp73X
Download Teams | Join on the web
Dial in by phone
+61 2 9161 1229,,538826932# Australia, Sydney
Find a local number
Phone conference ID: 538 826 932#
Join on a video conferencing device
Tenant key: teams@vc.treasury.gov.au
Video ID: 135 792 992 7
- 5 min will be allowed for participants to join the call.
- This call is jointly facilitated by the ACCC and the DSB, and we welcome observers from APRA, OAIC and the Treasury.
We acknowledge the Traditional Custodians of the various lands on which we meet today and pay our respects to their Elders past and present.
The Consumer Data Right Implementation Calls are recorded for note taking purposes only. Recordings and transcripts are kept securely. No identifying material is provided without the participant's consent. Participants may email contact@dsb.gov.au with any questions or a request to have material redacted from the record.
By participating in the Consumer Data Right Implementation Call you agree to the Community Guidelines. These guidelines intend to provide a safe and constructive space for members to discuss implementation topics with other participants and members of the ACCC and Data Standards Body.
Provides a weekly update on the activities of each CDR stream and their work.
| Organisation | Stream | Member | Minutes |
|---|---|---|---|
| DSB | Consumer Experience | Michael | Provided an update on some of the CX guidelines out for consultation, there are few people in the CX team who will be departing over the next couple of days and months so there will be a bit of an increase in the output of the CX guidelines to close some things off before people wrap up.
|
| DSB | Energy Experiment | Hemang | The energy switching experiment that has been progressing for a while had its last session of the participants yesterday. The experiment looked at understanding how energy switching could be enabled through the CDR framework and also identify areas of improvements and opportunities that lie within the framework to make that switching experience better or viable. Over the course of the experiment journey, we've had tremendous contribution from all the members of participants who were elected to be part of this, it started off with exploring the current state, which was looking at how it could be done using the existing framework as is. Using it as an opportunity to identify pain points or opportunities that could be explored or improved further. Having targeted sessions discussing each of those opportunities in a bit more detail, trying to understand the pros, cons, cost, benefits and so on. There was also a CX research done as part of the experiment where a prototype was shared with real consumers to get their insights and feedback. The next steps would be for the DSB and Treasury teams will collate the experiment along with participants input to produce and publish a report which will outline the journey, the analysis of the findings and form recommendations. |
| ACCC | CDR Register Certificate transition | Christian | The ACCC released today the register certificate transition. This release will install new DC1 trust chain and service certificates. When a participant renews or it's a new certificate, they'll require DC1 based certificates and we'll be able to keep communications with the register secured. The ACCC have updated several guides relating to this, located here. There are still some more to be updated which will be updated in due time. |
⭐ indicates change from last week.
| Type | Updated | Links |
|---|---|---|
| Standards | Version 1.35.0 Note: The DSB are progressing and in the final stages of getting approval to publish consultation for Maintenance Iteration 23 (MI23) that concluded. Consultation will be published either by the end of the week or early next week pending the internal review and the Chair's approval. This will allow for further consultation of 28 days on the changes that have been proposed as part of MI23. |
Published: 29 July 2025 Change log |
| Maintenance ⭐ |
Maintenance Iteration 24 The next call will be held on 3 September 2025. You can stay up to date on the discussion by checking out the meeting notes in Consultation Draft 373. |
|
| DSB Newsletter ⭐ | The DSB Newsletter is published fortnightly, the next edition will be published on September 5 2025 |
None this week.
Questions will be received by the community via Microsoft Teams chat before the questions are opened to the floor. Participants can submit questions outside of the CDR Implementation Call to the CDR Support Portal.
In regards to topics for questions, we ask the participants on the call to consider the Community Guidelines when posing questions to the subject matter experts.
| Ticket # | Question | Answer |
|---|---|---|
| 2574 |
App2App Authentication Requirements Could links be shared on the finalised approach for App2App authentication requirement in terms of the credential level required to be met for CDR access |
Below are the sections of the standards you can read to understand the requirements for enabling redirect to app (R2A) based authentication/authorisation:
|
| Verbal Question 1 |
Change in the signer to DigiCert1 I just wanted to be clear about the changes a data holder needs to make. My interpretation of the changes that we have to make is that we just package the server side certificates up as we normally would with the root ACCC certificate and the DigiCert1 intermediate certificate and the actual certificate that is for the server side. Is this a correct understanding? |
Yes, that's correct as long as you are using both certificate trust chains now. So for client connections coming in when a data data recipient is connecting to the data holder and they're presenting their client certificate, they might present a certificate from the old platform, the MPKI 8 platform or the DC1 platform. So you need to trust two trust chains. So when accepting certificates when accepting client certificates, we need to be able to accept both those chains. But on the server side, it's one chain or the other. So you only need one service certificate. So either you have your existing certificate from the existing platform or after October and you renew your certificate, you'd get one from DC1 and you only have to support one service certificate at a time. |
Announcement:
We held the participant journey mapping workshops over the last few weeks. We got quite a lot of insights and are still going through the analysis phase. Some insights relevant about the implementation calls is the Q&A table which has been useful for people to refer back to. However the feedback was that it's a bit difficult to search from because it's only inside the agenda, making it hard to refer back to previous months. Going forward, relevant Q&A's will be added into the CDR support portal within a single page, to make it easier to search. This will occur by the next call in two weeks and contain backdated Q&A's from 2025.
Feedback was also received that Implementation Call minutes will be useful. Going forward, any verbal updates, discussions and questions will be captured and added to the agenda post call. The agenda will become a mix of agenda and minutes for people to refer back to.
Attendees are invited to raise topics related to the Consumer Data Right that would benefit from the DSB and ACCCs' consideration.
Community Announcement:
Coles Financial Services and Qantas Premier Credit Cards data holder brands will be unavailable between 5-8 September 2025, due to a major technology migration. Specific outage timeframe and details will be published on the Get Outages endpoint. If you have a registered client with the brand, this may impact your CDR application and active data sharing arrangements.
Please reach out to wlps.openbanking@nab.com.au if you have any questions.
Thursday, 3:00pm (Canberra Time)
View a number of informative and useful links in the Consumer Data Standards Guide on Information Links.
| Data Standards Body | Consumer Data Right | Digital ID | Contact & Media |
| Chair | Standards | Accreditation Standards | Website |
| News | Maintenance Iteration | AGDIS Standards | |
| Advisory Committee | CX Guidelines | Calendar | |
| Support Portal | |||
| YouTube | |||
| GitHub | |||
| Newsletter |