PSD2 - Open Banking for Third Party Providers
The second EU Payment Services Directive (PSD2) introduces some changes to payment services within the European Union. The objective of PSD2 is to create a more uniform, transparent and open EU payment market and bring innovation, competition and security to all the market players.
If you are a third-party service provider seeking access to N26 PSD2 interfaces, you must be licensed by a national regulatory authority. In Germany, this is the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) in Bonn. You’ll also need a qualified certificate (QWAC). Such certificates can be obtained from Qualified Trusted Service Providers (QTSP (new tab)).
Our dedicated interface is the REST API which conforms to Berlin Group Implementation Guidelines version 1.3.6 (new tab).
Authorisation protocol: oAuth 2.0 (new tab).
Note: A valid QWAC Certificate is required to access the Berlin Group API. The official list of QTSP is available on the European Commission eIDAS Trusted List (new tab). For the N26 PSD2 Dedicated Interface API, the QWAC Certificate must be issued from a production certificate authority.
As part of its legal obligations under PSD2, N26 has implemented a contingency mechanism, which provides the following:
- Reliable identification of a TPP via possession of a valid Qualified Website Authentication Certificate (QWAC);
- Secure and authorised access to an account
TPPs may access our contingency mechanism via the following URLs:
Access to the above URL and establishing the TLS connection requires implementation of a qualified certificate.
Please find the detailed technical documentation for the fallback interface below:
TPPs may contact N26 by using this form (new tab).
Interface Availability and Performance Data
The reports below compare the availability and performance of our PSD2 dedicated interface with the N26 user interface:
- Feb 3, 2021 token.io interface (deprecated from Nov 4, 2020) will be fully disabled from Mar 1st, 2021
- Nov 4, 2020 The N26 PSD2 PISP Open Banking API has been released (Berlin Group 1.3.6 conformity). Token.io interface is deprecated.
- Oct 22, 2020 We’ve just released the brand-new version of our PSD2 AISP Open Banking API, compliant with the Berlin Group 1.3.6 specification.