Getting Started

The magic world of Open Banking is full of concepts, strange words and abbreviations!

We tried to give some definitions and explanations to help you understand. We also encourage you to have some readings on the web to understand what's all about.

Create an account

Go to https://developer.bankingsdk.com, register yourself and your company.

Create an application

Create an application, get the application key and secret.
Store the secret in a safe place.

Fetch the company key

Send us (support at exthand.com) your application key and company key, NOT THE SECRET and we will provide you back a temporary license key.

In order to get a definitive license key, the full KYC/KYB process must have been done. To get this done, please contact [email protected].

You can then configure your Docker container.

Gateway vs Direct mode vs Premium

BankingSDK's Docker container is able to run in two different modes which target two different kind of customers.

The Gateway mode for non regulated companies (software editors, app builders, software integrators, etc). BankingSDK connects to Exthand's gateway to transfer data to banks.

The Direct mode for regulated companies (AISP/PISP) who have their own eIDAS certificates. In that mode, BankingSDK connects directly to the banks, no data are transmitted into Exthand's data center.

Direct mode

This mode is activated when your company is an official TPP/AISP/PISP, meaning you are using your own eIDAS (QWAC/QSEALC) certificates to connect to PSD2 APIs of the banks.

Once BankingSDK is correctly setup in that mode, it will directly connect to the bank APIs. Data are exchanged between your BankingSDK container(s) running in your infrastructure and the banks without any intermediary (Exthand).

This is the most secure way of using an aggregation platform. Your PSU data are managed and secured by you and only you.

Gateway mode

If you are not a registered PISP, you can still use BankingSDK solution using Exthand:Gateway. This is commonly called the Gateway mode (versus Direct mode). The only requirement is to request us a specific Gateway license key and use it in your docker config file.

When connecting directly to Premium APIs (non PSD2) for which you have the access keys, you should use a 2nd instance of BankingSDK (docker container) with the "Gateway Mode" disabled.

Being in Gateway mode has some impacts:

1. Your users (PSU) have to be registered on our side. We have to store a consent from their
   part confirming they agree to share their banking data with your app.
2. Your users (PSU) have to agree with our "Terms and Conditions" and "Privacy Notice" as
   they use our system to connect to the banks.

Once user is registered, you can use the Docker through the Gateway the same way as it would be
done in Direct mode.

a) Technically speaking, you have some new endpoints to manage:For the Terms & Conditions +
Privacy Notice, you have to call the following endpoints:

• /ob/gw/tc/latest to get the latest version of the texts of the TC + Privacy that you
  have to display to the user (PSU). You also get a version number. Please call regularly
  to check if a newer version does exist.
• /ob/gw/users/{id}/tc/latest to get the latest version number of the TC+P agreed by the
  PSU. If that version differ from the version you received when calling
  /ob/gw/tc/latest, you have to ask the consent to the new TC+P.

b) For PSU registration, you have to use POST /ob/gw/users instead of POST
/ob/users. That call should receive the mandatory data we need to perform a
correct KYC and also the version number of the TC+P the user agreed on (Register your internal user).

c) BankSettings in this mode are not required. If you include them in the body of your calls, they
will be ignored.

To test Gateway mode in sandbox you can use connector with the Id = 1. There you simulate full AIS
and PIS flow.

❗️

RESPONSABILITY

It’s your responsibility to ensure that all users agreed our TC+P. We have to be able to check how
you process this and it’s our obligation to stop providing the service if we detect any fault regarding
KYC process.

Premium

Premium APIs interface are not open banking/PSD2 APIs. It's an interface to access out of PSD2 specific APIs offered by banks.

The access to those bank APIs is not regulated, the access relies on the bank's API implementation. PSD2 QWAC and QSEALC are not relevant for this access. As a rule of thumb, you need a contract between you, the bank and the customer whom you want to access the bank account.

By using this Premium interface, you will be able, at the time of writing, to get rid of differences between the banks' API end points to get the balances and the transactions.

Sandbox Usage

To use BankingSDK Docker in your sandbox or production environment, you'll need to:

• Download and read the documentation, see download link on this page.
• Download and install the BankingSDK Docker image, see link below.
• In the developer portal, create an Application in the Settings, keep the secret for you.
• Get a License Key from us: send email to [email protected] with your company key and your application key
• Configure the Docker Image in your Cloud environment.
• Provide an access to a shared drive for your Docker container.

🚧

if you are a PISP!

If you own valid QSEAL/QWAC certificates, configuration of the BankingSDK docker must include paths to the certificates files.

Responsibilities

BankingSDK is trademark of EXTHAND bvba/sprl. All rights reserved.
EXTHAND bvba/sprl shall not in any circumstances be liable, whether in contract or tort, for any
damages or any consequential or indirect loss or damage, howsoever arising and of whatsoever nature,
resulting from the use of this document or derived documents.
This document may be subject to change without notice. EXTHAND bvba/sprl shall not in any
circumstances be liable for any damages or any consequential or indirect loss or damage, arising as a
result of such a change.
EXTHAND bvba/sprl, 28, rue Fosty, B1470 Baisy-Thy, BELGIUM, VAT BE0701961581