Bigbank Open Banking
Welcome to Bigbank's Open Banking Experience
Embracing the Future of Banking
At Bigbank, we believe in empowering our customers with innovative financial solutions. As part of our commitment to transparency and security, we embrace the European Union's Revised Payment Services Directive (PSD2). This regulation allows third-party providers to offer services that enhance your banking experience, while ensuring your data is handled securely and with your consent.
What is PSD2?
The Revised Payment Services Directive (PSD2) is a European regulation that aims to increase competition and innovation in the financial sector. It allows consumers to share their banking data with authorized third-party providers (TPPs), enabling new services and enhanced functionality.
Access and Usage
With our comprehensive suite of offerings, you can leverage the Account Information Service (AIS) to gain insights into customer accounts and initiate transactions effortlessly through our Payment Initiation Service (PIS). Dive in to explore how our APIs can enhance your applications and drive innovation in the banking sector!
Registration
Here are the onboarding steps for Third Party Providers (TPPs) accessing Bigbank's Open Banking services:
- Initiate Integration Request: TPPs should send an email to [email protected].
- Include Required Information: Provide necessary certificates and mandatory data in your email.
- Certificate Validation: Bigbank will validate the submitted certificates and inform you of the next steps.
- Receive TLS Certificate: Once validated, Bigbank will forward its TLS certificate to you via email.
- Access Notification: You will be notified if access is granted.
Please Note: At this time, we do not have a Sandbox environment available for testing. Thank you for your understanding!
Terminology
- PSD2 (Payment Services Directive 2) is the European regulation that mandates enhanced consumer protection and fosters competition in the payment services market
- Account Information Service (AIS) refers to the ability to access and aggregate customer account data from various banks.
- Payment Initiation Service (PIS) allows third-party providers to initiate payments directly from a customer's bank account, enhancing the payment experience.
Familiarity with these terms will help you navigate our API documentation effectively.
Access Certificates
Our API is using the PSD2 compliant eIDAS QWAC transport layer certificate for identifying and verifying the TPP. eIDAS QSEAL certificate is not required or supported for now. No other methods or certificate types are supported currently.
Bigbank PSD2 API supports identification of the TPP at the transport layer.
At the transport layer, the TPP is identified by means of the client authentication which is part of the TLS-connection setup between the TPP and the Bigbank PSD2 API. For this identification the TPP needs a qualified certificate for website authentication according to section 8 of eIDAS. This certificate has to be compliant with the additional requirements defined by RTS. The profile of these certificates (QWAC profile) is specified by the technical specification TS 119 495 of ETSI.
Some key principles about certificates and validation:
- It's supported using multiple valid certificates in parallel. This is especially important when any existing certificate is going to expire soon and TPP wants to start using a new one. Then it is possible to use both during their validity for testing purposes and backup - on the condition that the PSD2 ID is the same.
- When TPP starts using new public certificate then the new certificate shall be registered with Bigbank.