Conformance Test Suite for Data Recipients

Conformance Test Suite process 

The Australian Competition and Consumer Commission (ACCC) manages the Conformance Test Suite, which is a key part of the Consumer Data Right on-boarding process. 

The Consumer Data Right Conformance Test Suite confirms the technical conformance of your production-ready software using a range of test scenarios targeting specific areas.

The Conformance Test Suite has two modes allowing for either provider (also known as participant) type, data holder and data recipient, to perform relevant tests. If you are a data recipient, the tests provide a simulated data holder and a simulated Register to support the test scenarios. You test in isolation against the simulated providers and the simulated Consumer Data Right Register, so you don’t interact with live consumer data.

The diagram below shows how data recipients each interact with the Conformance Test Suite. 

The Conformance Test Suite is not a testing tool to assist you during the development of your software. Rather, it is available to you during on-boarding, once you are accredited as a data recipient before you become activated on the Register.

The Conformance Test Suite tests your conformance with the Consumer Data Standards before entering into the Consumer Data Right system. You should have a production-ready software product before undertaking the Conformance Test Suite.

Completing the Conformance Test Suite

The Conformance Test Suite is an automated testing suite and can be completed within a short period (for example, within an hour) providing all provider configuration is completed correctly and no errors are encountered. So, it is important for you to ensure your solution has been adequately tested before executing the Conformance Test Suite to minimise the test completion period.

The completion period can be lengthy (for example, days or weeks) if issues are encountered, as errors need to be diagnosed and resolved, and your solution made ready for retesting.

Conformance Test Suite tests for data recipients

There are 4 key tests included in the Conformance Test Suite for accredited data recipients.

• Dynamic client registration tests whether the data recipient can successfully obtain an access token, a list of data holder brands, and a Software Statement Assertion (SSA) from the Register for dynamic client registration, and could register its software product with the Conformance Test Suite data holder.
• Consent test tests for request authorisation for once-off data sharing request and data sharing request with duration.
• Consent withdrawal test tests for initiating withdrawal of consent to data sharing, notifying a data holder and receiving withdrawal of consent (or authorisation for data holders) notifications from a data holder. It also tests for initiating withdrawal of consent arrangement and receiving withdrawal of consent arrangement from a data holder.
• API tests for initiating calls to key application programming interface (APIs).

Except for the dynamic client registration test, all tests can be run multiple times during the test run. The result of the last testing attempt will be included in the test run report for the Conformance Test Suite outcome assessment.

More information about the test cases will be made available to providers who have begun on-boarding with the ACCC.