Handelsbanken PSD2 APIs
Here you'll find a brief overview about the PSD2 regulation, the PSD2 APIs we offer, which SCA methods are supported, our Contingency Mechanism and our PSD2 API Performance statistics.
EU Directive
Overview
- StepsDescription
- PSD2 in briefA quick overview of the PSD2 regulation and what it means.
- What is an APIBriefly the concept of APIs.
- How using our APIs can benefit your servicesShortly about the benefits of using our APIs.
- About our APIsA summary of our PSD2 APIs and the standard we use for them.
- SCA MethodsThe SCA Methods and Handelsbanken Authentication Methods applicable to each country.
- Contingency MechanismHere you'll find links to our contingency mechanism / fallback solution.
- PSD2 Performance StatisticsHere you'll find statistics comparing our APIs with our online channels.
PSD2 in brief
The second EU Payment Services Directive (EU 2015/2366), PSD2, regulates payment services and payment service providers throughout the European Union and European Economic Area. The Directive's purpose is to increase competition and participation in the payments industry, strengthen consumer protection and clarify the rights and obligations for payment providers.
Amongst other things, it means that Third Party Providers (TPPs) must be allowed to access payment accounts, initiate payments and get confirmation of funds, on behalf of the customers, in their own infrastructure by using the banks' APIs.
The main objectives of the regulation are:
• to increase competition
• have a more integrated and efficient European market for payments
• to improve and create the same conditions for all new and existing payment providers
• to increase security for online payments and access to accounts within the EU and EEA to strengthen consumer protection.
What is an API?
The term API is an acronym for Application Programming Interface and is a widely used software intermediary that allows applications to talk to each other so that information can be shared over a network. You can think of APIs as digital building blocks that receive requests and send responses, allowing data to be transferred safely and securely.
Due to PSD2 (the revised Payment Services Directive 2), Open Banking APIs now open up a world of possibilities for our customers and the financial services available to them via Third Party Providers (TPPs).
Whilst APIs are not new in the world of tech, they are new in terms of banking and thanks to the Open Banking ecosystem, they are now widely offered across banks.
How using our APIs can benefit your services
For those TPPs (Third Party Providers) who offer financial services, we know it's important that you offer reliable, helpful, innovative and trustworthy services to customers. By using our APIs, you will be able to safely and securely retrieve account information, initiate payments and perform fund checks for millions of Handelsbanken customers.
Our aim is to provide you with the tools so that you can get creative, offer new financial services and allow our mutual customers the possibility of new customer experiences. When you have the right tools, the possibilities and opportunities will be endless!
About our APIs
Our APIs follow PSD2 regulations and in order to use them, you have to be an authorised TPP. You must be registered as either a Payment Initiation Service Provider (PISP), an Account Information Service Provider (AISP) or a Card Based Payment Instrument Issuer (CBPII), authorised by your Local Competent Authority.
We have modelled our API structure to the Berlin Group Technical Standard but made some deviations to better fit our markets. We recommend that you read our Technical Guidelines and our Country specific documentation for each API then test our APIs in our Sandbox and then, when you're ready to go live, check out our guide for Live Data Enrollment.
All PSD2 APIs have REST-endpoints and HTTP-verbs GET, POST and PUT are used. The endpoints will consume and respond with JSON-structures with UTF-8 encoding.
The PSD2 APIs have mandatory HTTP-headers. Please note that our APIs might also have additional specific headers.
SCA Methods
Strong customer authentication (SCA) is a requirement from the PSD2 regulations which ensures that customers can safely and securely access their account information and make payments via Third Party Providers (TPPs).
As we operate in multiple countries, please see below for which SCA Methods and Handelsbanken Authentication Methods are supported for each country.
| Country | Supported SCA Method | Supported Authentication Method |
|---|---|---|
| Sweden | Redirect and Decoupled |
- Card reader and log-on card, with / without cable (Redirect)* - Mobile BankID (Decoupled) |
| Great Britain | Redirect |
- Digital ID - Card reader and log-on card, with / without cable |
| Finland | Redirect |
- Security key card (Nyckelkodkort, Avaintunnuskortti) - Code application (Bekräfta-appen, Vahvista-sovellus) |
| The Netherlands | Redirect | - Card reader and log-on card, with / without cable |
| Luxembourg | Redirect | - Card reader and log-on card, with / without cable |
| Norway | Managed by an external partner | - Click the link for more information. |
*Please note that for Swedish customers, the customer is required to use the signing method "Card reader and log-on card with cable" to initiate a cross-border payment.
Contingency Mechanism
Please visit the links below for more information about our contingency mechanisms for all the countries we support.
Fallback solution (SE, GB, NL, LU)
Fallback solution (Finland only)
PSD2 API Performance Statistics
Here you'll find statistics on how our API and online channels are performing on a daily basis. Statistics will be published the month after every quarter (i.e. data from October to December will be published in January).