PSD2 - Open Banking for Third Party Providers
The second EU Payment Services Directive (PSD2) introduces some changes to payment services within the European Union. The objective of PSD2 is to create a more uniform, transparent and open EU payment market and bring innovation, competition and security to all the market players.
If you are a third-party service provider seeking access to N26 PSD2 interfaces, you must be licensed by a national regulatory authority. In Germany, this is the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) in Bonn. You’ll also need a qualified certificate (QWAC). Such certificates can be obtained from Qualified Trusted Service Providers (QTSP (new tab)).
Our dedicated interface is the REST API which conforms to Berlin Group Implementation Guidelines version 1.3.6 (new tab) and we also provide a testing environment called Sandbox, with the same specification for testing purposes.
Authorisation protocol: oAuth 2.0 (new tab).
Note: A valid QWAC Certificate is required to access the Berlin Group API. The official list of QTSP is available on the European Commission eIDAS Trusted List (new tab). For the N26 PSD2 Dedicated Interface API, the QWAC Certificate must be issued from a production certificate authority.
As part of its legal obligations under PSD2, N26 has implemented a contingency mechanism, which provides the following:
- Reliable identification of a TPP via possession of a valid Qualified Website Authentication Certificate (QWAC);
- Secure and authorised access to an account
TPPs may access our contingency mechanism via the following URLs:
Access to the above URL and establishing the TLS connection requires implementation of a qualified certificate.
TPPs can find the following documentation in N26’s public GitHub repository (new tab):
- AISP & PISP documentation for the Dedicated Interface
- Access documentation for Sandbox
- AISP & PISP documentation for the Fallback Interface
- Open API & Sandbox postman collection
We advise that TPPs refer to the repository for the latest information regarding technical documentation and specification.
For inquiries and support related to N26 Open Banking, please use this form (new tab).
Interface Availability and Performance Data
The reports below compare the availability and performance of our PSD2 dedicated interface with the fallback interface:
- Dec 13, 2021 transactions previously classified as “pending” will be classified as “booked” transactions, in the Dedicated Interface, from Mar 14th, 2022.We are making this change in order to be more consistent with what customers see in the N26 app, and to prevent old transactions remaining in “pending” indefinitely. TPPs will still be able to see all relevant transactions which are consistent with the customer’s balance.Please refer to the AISP documentation for the Dedicated Interface for more details, and kindly make any required changes ahead of Mar 14th, 2022 in order to avoid any disruptions to your use of our interface.
- Nov 17, 2021 /api/v2/spaces endpoint in AIS Fallback Interface disabled.Please note that all Spaces account information is still accessible through the /api/spaces endpoint, which is included in our AISP documentation for the Fallback Interface.
- Feb 3, 2021 token.io interface (deprecated from Nov 4, 2020) will be fully disabled from Mar 1st, 2021
- Nov 4, 2020 The N26 PSD2 PISP Open Banking API has been released (Berlin Group 1.3.6 conformity). Token.io interface is deprecated.
- Oct 22, 2020 We’ve just released the brand-new version of our PSD2 AISP Open Banking API, compliant with the Berlin Group 1.3.6 specification.