1. Ecosystem: components
Pensions dashboards are what individuals will use to access their pensions information online, securely and all in one place. Dashboards will provide clear and simple information about an individual’s multiple pension savings, including their state pension.
The scope of dashboards will enable anyone who has a UK pension not in payment (not currently paying out, annuitised or in drawdown) to be able to view some key details of their pension information.
Dashboards will present information from UK-based pension providers, regulated by UK regulators, including the State Pension. The legislation assumes that all UK pensions will be included – the government has left open the possibility of exempting some micro schemes, but further work is needed to understand the impact.
Dashboards will be available online for users to access 24 hours a day, seven days a week.
Pension finder service
The pension finder service is a piece of technology that sends out an instruction to all data providers to search for a user’s pensions. It has no user interface and receives data from the consent and authorisation service, before sending it out to data providers.
Data providers’ find interfaces will acknowledge each find request.
Further technical information about the pension finder service is available in the Architecture brief for suppliers.
Consent and authorisation service
The consent and authorisation service initiates user authentication and manages user consents and permissions. It also allows users to give and manage delegated access to view their pensions information via dashboards to others, such as financial advisers and MaPS guidance specialists.
It has a user interface, where users will enter their details and permission to search for pensions, which the consent and authorisation service then passes to the pension finder service to send out to data providers.
If data providers find a matching pension, their find interface (software) interacts with the consent and authorisation service to check permissions before returning a token to the user’s chosen dashboard, which allows that dashboard to access and temporarily display the user’s pensions information. No pensions information is held anywhere within the ecosystem.
Further technical information about the consent and authorisation service is available in the Architecture brief for suppliers.
The identity service allows users to prove they are who they say they are, so that they can access other elements of the ecosystem. It provides the verification required to assure data providers that they are returning data to the correct user and no one else.
Before the user can find their pension entitlements, the identity service will prove their identity to a standard acceptable to the ecosystem as a whole.
The user will consent to an identity provider validating their identity and confirming their:
- first name
- family name
- date of birth
Users may provide additional information, such as address history, National Insurance Number, email, telephone number and so on but these elements will not necessarily be validated by the identity service.
The governance register is a technical service that provides assurances that the different elements of the ecosystem operate correctly and securely. It will also enable compliance and monitoring of the system as a whole.
The governance register will monitor all the software elements within the ecosystem and log specified ways that they are used. Dashboard and data provider monitoring feeds will include information that makes it possible to:
- trace transactions from end to end
- measure the volume of reporting from each ecosystem participant
- measure the success rates of finding pensions per pension provider
- monitor each component and its patterns of use for security purposes
Further technical information about the governance register is available in the Architecture brief for suppliers.
Data providers will have find and view interfaces to the ecosystem. The find interface is the device, software, system or process via which data providers receive requests to find pensions from dashboard users. The view interface is where providers will receive view requests from users at dashboards, check their authorisation at the consent and authorisation service, and if authorised return view data to dashboards.
See more detail about how the find and view interfaces function below.
What does the pension provider find interface do?
The find interface is the connecting software, which communicates with the data provider on behalf of the ecosystem’s pension finder service.
The pension finder service will send out a find request, initiated by a user at a dashboard. The data provider find interface will receive the find data set with the user’s name, address, NINO etc, plus the consents that the user has granted to search for the pension.
The find interface will send a digital acknowledgement back to the pension finder service, to indicate it has received the request. (This does not mean a pension has been found).
If the pension finder service does not receive this digital acknowledgement, it will try again until it receives a response, in case the find interface is down or busy.
The data provider undertakes internal matching operations, using the find data to search for matching pensions.
If the data provider finds a matching pension, the find interface will create a pension identifier token (PeI) and register it with the consent and authorisation service which then, with the user’s consent, returns the token to the dashboard where the user started.
What does the data provider view interface do?
The data provider view interface is the software that interacts with the dashboard ecosystem to present the pension information to the user’s dashboard.
When a find operation is successful, a PeI token is registered against a found pension, then the user at a dashboard can request to view the pension information.
The user’s dashboard requests the view data by direct call (using the PeI token as well as access control tokens) to the data provider’s view interface, which then checks the request against the consent and authorisation service. If the view request is accompanied by current and valid consent and authorisation tokens, the view interface then retrieves the user’s pension information (view data) from internal systems and returns it to their dashboard for temporary display.