Fallback solution (SE, GB, NL, LU)
A simple guide to help you understand our PSD2 fallback solution available to Third Party Providers.
General information
This page describes the authorization model and process of Handelsbanken's fallback solution. The authorization model and process are similar to the one used with our PSD2 APIs.
Our contingency mechanism consists of adding TLS Mutual Authentication (TLS MA) using Qualified Web Authentication Certificates (QWAC) to the interface dedicated for PSUs. By doing so, TPPs can be identified when making calls via the interface, thereby fulfilling the identification demand. The TPP will address the PSU service using an alternate fully qualified domain name (FQDN). The service requires a valid QWAC when establishing TLS MA.
Before using our fallback solution, the TPP is required to enroll to gain access to our PSD2 Live Data. Subscription to PSD2 APIs is not needed however. Information about how to enroll can be found here:
Important info: If you would like to test or use our Fallback solution, please contact us first.
Contingency mechanism
- Country & Customer type Entrypoints
- SE Individuals
https://psd2- fallback.handelsbanken.com/bb/glss/entrypoints/web/seprivpsd2/1.0
- SE Corporates
https://psd2- fallback.handelsbanken.com/bb/glss/entrypoints/web/secorppsd2/1.0
- GB Individuals
https://psd2- fallback.handelsbanken.com/bb/glss/entrypoints/web/gbprivpsd2/1.0
- GB Corporates
https://psd2- fallback.handelsbanken.com/bb/glss/entrypoints/web/gbcorppsd2/1.0
- NL Individuals
https://psd2- fallback.handelsbanken.com/bb/glss/entrypoints/web/nlprivpsd2/1.0
- NL Corporates
https://psd2- fallback.handelsbanken.com/bb/glss/entrypoints/web/nlcorppsd2/1.0
- LU Individuals
https://psd2- fallback.handelsbanken.com/bb/glss/entrypoints/web/luprivpsd2/1.0
- LU Corporates
https://psd2- fallback.handelsbanken.com/bb/glss/entrypoints/web/xggolpsd2/1.0
Step 1. Select initial entrypoint
Access PSU applicable entrypoint. Response includes available SCA Approaches.
Step 2. Follow selected SCA Approach directions
SCA Responses are self-sustained. Follow directions and paths accordingly.
Step 3. Authorized PSU next step
Authorized PSU response contains session cookies and application entry point to follow.