Consumer Data Standards (Australia CDR)

The Consumer Data Standards are developed and maintained by the Data Standards Body (DSB), hosted by CSIRO's Data61, as part of Australia's Consumer Data Right (CDR) framework. The CDR is a world-first cross-sector data sharing framework established by the Treasury Laws Amendment (Consumer Data Right) Act 2019.

The standards define RESTful API specifications for product reference data, account data, transaction data, direct debits, scheduled payments, and payees across the banking sector. They have been extended to cover energy data (including National Electricity Market usage and distributed energy resources) and are being developed for telecommunications.

The security model is built on the CDR Information Security Profile, which extends OAuth 2.0 with Proof Key for Code Exchange (PKCE), mutual TLS, and pushed authorisation requests. The consent model is highly granular, allowing consumers to specify data clusters, purposes, and sharing duration.

Version 1.29.0 includes non-bank lending data standards, enhanced energy data, and action initiation capabilities. The standards are developed through an open consultation process with regular decision proposals and maintenance iterations published on GitHub.