Handelsbanken PSD2 APIs
Our PSD2 APIs enable easy integration and accessibility so Third Party Providers can provide innovative financial apps to our mutual customers.
PSD2 in brief
The second EU Payment Services Directive (EU 2015/2366), PSD2, regulates payment services and payment service providers throughout the European Union and European Economic Area. The Directive's purpose is to increase competition and participation in the payments industry, strengthen consumer protection and clarify the rights and obligations for payment providers.
Amongst other things, it means that Third Party Providers (TPPs) must be allowed to access payment accounts, initiate payments and get confirmation of funds, on behalf of the customers, in their own infrastructure by using the banks' APIs.
The main objectives of the regulation are:
• to increase competition
• have a more integrated and efficient European market for payments
• to improve and create the same conditions for all new and existing payment providers
• to increase security for online payments and access to accounts within the EU and EEA to strengthen consumer protection.
About our PSD2 APIs
Our APIs follow PSD2 regulations and in order to use them, you have to be an authorised TPP. You must be registered as either a Payment Initiation Service Provider (PISP), an Account Information Service Provider (AISP) or a Card Based Payment Instrument Issuer (CBPII), authorised by the competent authority in your country.
We have modelled our API structure to the Berlin Group Technical Standard but made some deviations to better fit our markets. You can test the APIs in our Sandbox or by using a Postman environment, but first we recommend that you read the Technical Guidelines.
All PSD2 APIs have REST-endpoints and HTTP-verbs GET, POST and PUT are used. The endpoints will consume and respond with JSON-structures with UTF-8 encoding.
The PSD2 APIs have mandatory HTTP-headers. Please note that our APIs might also have additional specific headers.
Our APIs have major and minor versions, a major version represents a breaking change in the API, such as removing a field in the JSON response of an endpoint or a major new feature of the API. A minor version represents a non-breaking change, such as adding a non-mandatory field. There is also a patch version used for documentation changes that shall not affect the service endpoint communication.
Accounts Information API v1.1.0
The release of a new minor version of an API will override the implementation of the previous one (within the same major version). Example: when version 1.2.0 is released, 1.1.0 of that API will have the same implementation as the new one. The plan is to support two parallel major versions of an API in the Live environment; one current and one deprecated. When a new major version is released the previous deprecated one will be removed.
Before you start testing our APIs, please read our guidelines where you can find all the technical details you'll need. It will provide you with an overview of requests and responses to all endpoints for the AISP, PISP and CBPII flows.
We have developed a service that works in real time which allows you (as an authorised TPP) to self-onboard once you're ready to connect to our Live Data.
Before accessing our Live Data, please ensure you have completed the necessary steps below:
1. Contact your Local Competent Authority and apply to become an authorised Third Party Provider (TPP). You must receive authorisation to act as a Payment Initiation Service Provider (PISP), an Account Information Service Provider (AISP) or a Card Based Payment Instrument Issuer (CBPII).
2. Contact a Qualified Trust Service Provider (QTSP) to receive an eIDAS certificate (QWAC).
When you're ready to access our Live data, please check out the below link for further guidance.
Please visit the link below for more information about our contingency mechanism.
PSD2 API Performance Statistics
Here you'll find statistics on how our API and online channels are performing on a daily basis. Statistics will be published the month after every quarter (i.e. data from October to December will be published in January).