Ask HN: EU Bank with Good API?
I am working on a service that connects buyers and sellers and will be doing plenty of pay-outs. The company is based in EU and EUR has been chosen as settling currency. I am therefore looking for an EU-base bank with good API to automate the necessary processes. So far, local banks are very bad in this regard. I looked at Wise and Revolut but they won't give me access to the sandbox environment to test and evaluate their APIs without signing up for paid business plan straight away, which is simply a no-go. Can you therefore recommend a bank with good API? By good I mean that it at least has a concept of idempotency and nonce and webhooks. I really don't need that much but the state of things is rotten.
71 comments
[ 3.1 ms ] story [ 132 ms ] threadI haven't used it, but they are a tech bank.
I have not used the API, but I looked at it at some point and it seemed capable of doing what you could do in the official app.
When I see a webpage like this, I immediately close the tab and get away. No business with them.
F*k them and the wagon they rolled in on, I want life on hard mode. (/s)
Disclaimer: I'm a bunq customer, both for business and for private purposes. Smoothest experience I have ever had with a financial organization. Stuff "just works" and is hassle free.
Maybe https://tink.com/ has a product you can use?
Highjacking this topic: is anyone aware of a bank whose APIs I can use as a private customer? I just want to automatically pull in my transfers and balance and analyse it using jupyter notebooks. Would actually love to be able to use a CLI to transfer money, but that's even farther out. My banking app sucks.
After a quick search I found this list of banks, though no idea on how current or complete that list is: https://subsembly.com/banken.html
You can try looking for a bank that lets you export OFX / QFX files. Those can be imported into gnucash, or processed any other way.
ofxget is a tool to download OFXes from a bunch of banks registered in their database, though it's volunteer-driven, so your bank might be in there but not actually work. Even if your bank does have an OFX endpoint, it might require you to a) use your actual bank creds instead of being able to create an automation token, and b) not have 2FA, for the same reason.
QFX in particular will probably be available if the bank supports Quicken's built-in feature for downloading that file from the desktop client, so you can use it to get the file directly instead.
E.g. https://developers.erstegroup.com/docs/apis/bank.eboe
When I try to register as developer with Erste, there is an option to say that I want access to the APIs for personal projects. https://developers.erstegroup.com/register
Yes, that's my understanding – banks are only required to grant access to certified entities. As a regular customer (which includes regular businesses, too, not just just natural persons), you're then supposed to make use of one of those certified entities as a middleman for accessing the APIs.
Maybe some banks extend API access to regular customers, too, but that's entirely voluntarily and not mandated by PSD2.
https://developer.ing.com/openbanking/home
https://www.dnb.nl/en/innovations-in-payments-and-banking/fi...
There are several companies who have build PSD2 api's and have contracts with all banks. For example in the Netherlands: https://bizcuit.nl/wat-is-psd2/
You could also register with a bank itself to connect to their PSD2 API. However I don't know the costs to obtain a license.
Unfortunately, PSD2 is built on the model that only (expensively) certified middlemen are supposed to directly make use of the APIs provided by banks (definitively not for direct access by actual bank customers), so no, they don't…
[1]: https://support.n26.com/en-eu/security/open-banking-psd2/psd...
[2]: https://github.com/n26/psd2-tpp-docs/blob/main/doc/sandbox.m...
At one point they literally lost some of my money and then said it was returned but I wouldn't be able to see a transaction for it because there wasn't one. That is probably the worst but other times have seen me on the phone arguing about stuff that really shouldn't need arguing about.
1. https://www.nordea.fi/en/business/our-services/mobile-online...
2. https://developer.nordeaopenbanking.com/
1. https://op-developer.fi/
For this you should use stripe connect, adyen marketplace or payaut.
Yes you can resell but reselling is different than a marketplace. A food delivery service like Deliveroo is not selling the food, so they can't collect money on behalf of the restaurant. In theory same with amazon 3rd party seller, in this case amazon has a licensed.
Yes everyone has suppliers but in a marketplace the seller is not a supplier of the platform. They are a supplier of the buyer. The marketplace is only facilitating the transaction.
For instance, this does not seem to be an e-money activity. I know Stripe's pitch for Connect says that they have an e-money license (and money transmitter licenses in the US but let's focus on Europe), but to me that does not imply that an e-money license is required for a marketplace.
Edit: Ah, the licensing requirements seem to stem from PSD2.
The problem with Stripe Connect is that unless you have volumes to negotiate the standard fees are very high. And of course those regulations effectively mean that they own your business...
but probably it's not going to be cheap.
You need a partner who is PSD2 compliant. Nordigen is the easiest to work with, but their API might not have all of the features you need.
If you only want to access your own accounts (not your clients accounts) then the rules might be different.
You can get more information from your local financial authority.
To talk to a bank's PSD2 API you often need /both/ a QWAC and a QSEALC cert. A QWAC cert is basically a normal TLS (client) cert with some PSD2 specific OIDs like the QC Statement (0.4.0.1862) [2] that a bank can use to identify who you are and which authority gave you a license (for AISP / PISP activities). The QSEALC is typically used to sign the http requests at the application level in the form of an extra http header (X-Signature or something similar).
The above is all moot though, if you just want to do payouts I recommend you stay far away from PSD2
[0] Account Information Service Provider = AISP; Payment Initiation Service Provider = PISP
[1] https://www.entrust.com/-/media/documentation/datasheets/qua...
[2] see 5.1 in here https://www.etsi.org/deliver/etsi_ts/119400_119499/119495/01...
This means any issue with rollout and access is not on legislators, but on banking businesses who simply don't care about partners and customers, because they feel untouchable.
A few months ago there was an EU consultation on the impact of PSD2, precisely to address lags in implementations and possible improvements to the directive.
https://www.fio.cz/bank-services/internetbanking-api
If you want more detail I can give you an overview of what you need to know - sounds like we might be able to help here at Payable.
https://www.moderntreasury.com/products/payments