PSD2 is the name of a European regulation that tries to achieve a better banking experience for bank clients. One of the focus points is ‘open banking’. Banks must open up their systems to third parties. This will allow bank clients to bank through non-bank organizations. With consent of the client a third party can retrieve information and initiate money transfers.
All European banks need to be compliant in September 2019. With 2019 just around the corner, it is interesting to check out the current state of the implementations. Luckily I was able to attend a tech talk by Mark Wanders and learn all about it, from a developer’s perspective.
The conclusion is that most of the big banks still have some work to do. But the small and young Bunq bank is in the lead.
The Bunq API is available since March 2017 in both sandbox and production environment. They offer the full functionality and cater more towards developers. This means it is easy to onboard: just request an API key from the app for access to your own accounts. For access to other accounts, use OAuth2. It is also is to build with, use the SDK for your preferred language (Java, C#, Python, PHP). All the certificate management, header signing etc. is taken care of for you!
Not all banks offer all functionality yet, or make it difficult to access (OAuth2, mutual TLS and HTTP header signing –
very secure, but potentially a hassle to implement and debug).
Another interesting finding is Payment Requests are being implemented by several banks.
Now try for yourself:
Me at Bunq, when they hosted a DevOps Amsterdam meetup 🙂