Open banking using a standardized XS2A API

Under the Second Payment Services Directive 2 (PSD2), banks are required to allow a third party provider (TPP) authorized by the consumer to view account information and/or carry out certain actions, such as making a payment. This is done via banking APIs. Licensed service providers may also use these interfaces – with the permission of and on behalf of the respective bank customer – to access account data and analyze it in order to offer financial services products. By using the finAPI Access-to-Account (XS2A) interface, you do not need to worry about compliance with the PSD2 payment services directive. We have already done all the hard work for you.

How banks benefit from the finAPI PSD2-compliant XS2A interface

With its XS2A interface (Access-to-Account API), finAPI provides a proven technical solution for banks that makes it easy to comply with PSD2. Our PSD2 interface is based on the Berlin Group Standard, can be easily integrated into existing banking systems and is already being used successfully by many banks and financial service providers.


Focus on what you do best

Open Banking

Functions of the finAPI XS2A interface for banks

With the finAPI PSD2 XS2A interface, there are a range of different functions that can be purchased individually and in any combination.

TPP authentication and authorization

finAPI takes care of authorizing the access requests of third party providers (TPP), e.g. by cross-checking with relevant authorities. Requests are only forwarded to internal bank systems after successful verification.

XS2A API interface and documentation

finAPI provides a REST API for TPPs to retrieve account data including detailed documentation. Our Banking API includes a standardized REST interface and detailed documentation. Standard extensions (in the Berlin Group Standard) can be included on request.

Developer portal

finAPI provides a comprehensive developer portal to help TPP connect to the XS2A API for account access. The portal includes help articles as well as answers to the most frequently asked questions.

Test environment with test data

finAPI provides a sandbox including demo data for testing the XS2A interface for banks.

Developer support

Banks are obliged to provide technical support to requesting TPPs when using the XS2A API. If requested, finAPI will provide support for technical requests from TPPs.

Rights management - TPP listing and blocking

Simple services provide release lists and allow your customers to block TPP access after the fact.

Strong customer authentication (SCA)

finAPI supports all common methods of strong customer authentication – whether embedded or decoupled, Push-TAN or SMS-TAN.

Connection to internal systems and project support

finAPI supports a range of common standards for the connection to banking systems. Experienced finAPI employees are on hand to support you during implementation and when your project is up and running.

Reporting and monitoring

finAPI offers comprehensive services for internal and external reporting, as well as for monitoring of systems. Our monitoring is sufficient for you to apply to BaFin for an exemption from carrying out your own monitoring.