About this list
This page provides brief explanations of commonly used terms in the Consumer Data Right. Many of the terms used on the performance dashboard are also explained on this page.
| Term | Explanation |
|---|---|
| Accredited Data Recipient (ADR) |
A legal entity that can receive a consumer’s data under the Consumer Data Right and use that data to provide the consumer with goods and services with the consumer’s consent. ADRs must meet strict criteria to be accredited by the ACCC. |
| Application Programming Interface (API) |
A common interface or intermediary that enables two or more software applications to communicate with each other and exchange data. APIs are a structured way to represent data stored in a database. The Data Standards specify the APIs through which data holders offer consumer data to ADRs. |
| API Endpoint |
A virtual gateway, URL or web address that allows different software applications to communicate and exchange data with each other. Data holders implement API end points to allow ADRs to access consumer data. |
| API Invocation |
A request or ‘call’ by one software application for specific information from another application using an API. ADRs use API invocations to request consumer data from data holders. The ‘API Invocation’ metric measures the total number of API calls made by ADRs to data holders in each performance tier over time. |
| API Tier | The data sharing API endpoints are classified into tiers with corresponding response time thresholds specified in the Consumer Data Standards non-functional requirements. The endpoints either require authentication or can be accessed without authentication. The API endpoints are categorised into the high priority, low priority, unattended, large payload, secondary request, large secondary request and unauthenticated tiers. For more information, refer to the Consumer Data Standards. |
| Authorisation | An authorisation is provided by a consumer to a data holder to disclose their CDR data with an accredited data recipient. For more information, refer to the Consumer Data Standards. |
| Availability Rate | A metric that measures how frequently a data holder’s API end points are available to service consumer data requests from ADRs and deliver consistent and reliable access to consumer data in response. |
| Average Response Time |
A metric that measures how long it takes for a data holder’s API end point to respond to an API invocation from an ADR. Factors such as data latency and timeouts can impact the accuracy of this metric. This time is measured in seconds, at millisecond resolution, at each performance tier. |
| Brand | CDR brand refers to the brand name of a data holder registered in the CDR Register. Brands help to identify the different products offered by data holders within the same sector (e.g. business banking products and retail banking products) and across different sectors (e.g. banking products and energy products). |
| Term | Explanation |
|---|---|
| Consumer Data Right Rules | These rules are part of the regulatory framework which governs the CDR. This framework includes the Consumer Data Standards and Part IVD of the Competition and Consumer Act (2010). The rules are available here: Competition and Consumer (Consumer Data Right) Rules 2020 (Cth) |
| Consent | A consent is provided by a consumer to an accredited data recipient to collect, use or disclose their CDR data. For more information, refer to the Consumer Data Standards. |
| Consumer Data Standards | The Consumer Data Standards are standards that data holders and ADRs must follow. They are available at consumerdatastandardsaustralia.github.io/standards |
| Data Holder (DH) |
A legal entity that holds a consumer’s data – for example, a financial institution, such as a bank, that holds a consumer’s account information, or a utility company that holds a consumer's energy usage data. Data holders are subject to data sharing obligations under the CDR Rules. |
| Error |
An ADR may encounter an error response when calling an API offered by a data holder. Errors include client-side problems, server-side problems and authentication issues. Errors typically arise where an ADR uses incorrect syntax to request customer information. An error response can include an HTTP status code, such as “500 Internal Server Error”, which indicates that the relevant server was unable to process the request due to an internal server error. |
| Term | Explanation |
|---|---|
| Legal Entity | A legal person (an individual, company, other incorporated body or government entity). |
| Term | Explanation |
|---|---|
| Primary Data Holder | Under the CDR system, a primary data holder in the energy sector is generally the energy retailer that contracts with the CDR consumer. |
| Secondary Data Holder | In the context of energy sector, the Australian Energy Market Operator (AEMO) is a secondary data holder. AEMO does not have a direct relationship with consumers, however, it possesses important consumer data not held by the consumer's energy retailer. |
| Session | A session is defined as the life span of a unique Access Token. Multiple API requests made with a single, valid, Access Token during its life span are considered part of a single session. |
| Software Product | A software product is registered by an ADR and is the means through which the ADR identifies itself to data holders to facilitate the sharing of consumer data and the management of consents. |
| Transactions Per Second (TPS) | A performance metric that measures the number of concurrent API transactions each second. |