Support

FAQ

Where to find legal information about PSD2?

Here some links to official EU texts:

PSD2 directive: English and French

PSD2 RTS: English and French

 

 

Are there several APIs responding to PSD2?

Yes, the main PSD2 API initiatives are:

-STET API  (launched by the French banks)

-Berlin Group API

-Open Banking UK API

-And it exists other initiatives...

There are some works in progress between some of these organizations with the objective to converge to a common API. Stay tuned...

PSD2 API checklist

If you want to use the PSD2 API, here are some points to check:
  • create your developer account
  • check if the bank you target has an open PSD2 interface or only a PSD2 fallback interface: more info here
  • create a developer application for each bank you want to connect to
  • this developer application must contain at least:
    • the eIDAS identifier (something like PSD2FR-ACPR-12345678)
    • the QWAC certificate chain, including the certificate itself and the CA certificates
    • the QSealC certificate chain, including the certificate itself and the CA certificates
    • some other parameters are mandatory (name, commercial name, targeted bank)
  • test the connection thanks to the sandbox (see explanations in the sandbox page)
  • develop the sign of the API requests as explained in contingency measures
  • test this signature thanks to the sandbox
  • very well, you are ready now to use the PSD2 API.

PSD2 fallback interface checklist

If you want to use the PSD2 fallback interface, here are some points to check:
  • create your developer account
  • request connection documentation of fallback connection, that explains which URL must be signed
  • create a developer application for each bank you want to connect with
  • this developer application must contain at least:
    • the eIDAS identifier (something like PSD2FR-ACPR-12345678)
    • the QSealC certificate chain: including the certificate itself and the CA certificates
    • some other parameters are mandatory (name, commercial name, targeted bank)
  • develop the sign of the login request as explained in contingency measures
  • test your development thanks to the fallback interface sandbox (see explanations in a previous link)
  • very well, you are ready now to use the fallback interface.

What is eIDAS?

eIDAS is originally a European directive. A presentation of eIDAS by European commission is available here. The technical application has been normalized by ETSI (introduction).

eIDAS certificates are delivered by a QTSP (list).

TPP must use eIDAS certificates for connection (named QWAC) and for message signing (QSealC). There is an eiDAS extension to QWAC for PSD2 context: text.