Our APIs follow the NextGen PSD2 Berlin Group standard for PSD2 XS2A.
The Berlin Group-standard covers:
- Services (AIS, PIS and PIIS)
- Technical specifications such as transport- and applicative protocols
- Authorization protocols and data formats
- Security features such as TPP identification with eIDAS certificates, data encryption etc
Read more about Berlin Group at https://www.berlin-group.org/
Exposure of APIs is performed using RESTful services.
Note: the Developer Portal is currently not available.
The Developer Portal in the test environment will be open for anyone to register. Signing up is free and is easily done. Go to the “Sign up” page in the Developer Portal and create an account by providing name, e-mail, organization and a password. We will send an activation link for you to complete your registration.
The best ways to stay informed about our Open Banking solutions is to register in the Portal, when it is open, as well as reading the information on this site and checking back here periodically. The Portal for the production environment will also be open later this year.
The Portal also contains a sandbox making it possible for consumers to get to know and test our APIs. The content of the sandbox will grow over time and potentially also change from the early versions which may result in breaking backward compatibility.
The sandbox will support some tests with mocked static data for the AIS. The PIS and PIIS will be available later. You can call the mocked services without the Portal, please view our technical documentation for details.
The AIS offers the following services:
- A list of available accounts for a given customer ID
- Transaction list for a given account
- Balances of a given account
- Account detail
- Transaction detail
In the Portal you can register your client application, which is needed to call our APIs. You can name it and later get statistics when using it. To call an API, you will need the client id and client secret which is provided by us upon registration. Keep the secret in a safe place.
Open Banking vs PSD2
Open Banking is a term used when a bank is exposing its data and functionality via APIs for others to build new services and customer experiences. PSD2 is an EU-regulation and a subset of Open Banking where payment accounts are exposed via API. TPPs can, with customer consent, fetch account statements and balances, as well as initiate payments – this is often referred to as Account Information Services (AIS) and Payment Inititiation Services (PIS). TPPs must apply and receive a permit at a local NCA (Finansinspektionen in Sweden) as an AISP or PISP to act as a TPP. A TPP must always have a customer consent before acting on behalf of the customer, signed with an SCA. SCA in Skandiabanken is the Swedish Bank ID. Banks are generally allowed to act as a TPP themselves as they are already regulated.
PSD2 is regulated and free of charge for TPPs while Open Banking is a business deal between the bank and an external partner.
If you, as an external partner TPP, are interested in Open Banking, please contact us.
Access to production environments
To access the APIs in the production environment, a TPP will need an eIDAS certificate which is issued by Qualified Trust Service Providers (QTSPs). Production environments will be available in June 2019.