[taler-docs] branch master updated: banking protocol docs

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-docs] branch master updated: banking protocol docs

From:	gnunet
Subject:	[taler-docs] branch master updated: banking protocol docs
Date:	Tue, 09 Jun 2020 10:26:20 +0200

This is an automated email from the git hooks/post-receive script.

dold pushed a commit to branch master
in repository docs.

The following commit(s) were added to refs/heads/master by this push:
     new 8c94d12  banking protocol docs
8c94d12 is described below

commit 8c94d1268d3523663941813e53e939d6e43fb010
Author: Florian Dold <florian.dold@gmail.com>
AuthorDate: Tue Jun 9 13:56:08 2020 +0530

    banking protocol docs
---
 libeufin/banking-protocols.rst | 84 ++++++++++++++++++++++++++++++++++++++++++
 libeufin/index.rst             |  1 +
 2 files changed, 85 insertions(+)

diff --git a/libeufin/banking-protocols.rst b/libeufin/banking-protocols.rst
new file mode 100644
index 0000000..91c0f59
--- /dev/null
+++ b/libeufin/banking-protocols.rst
@@ -0,0 +1,84 @@
+Banking Protocols
+#################
+
+This page collects information we have about banking protocols available around
+the world.
+
+
+Open Financial Exchange (OFX) Direct Connect
+============================================
+
+`OFX <https://www.ofx.net/>`__ is widely used in the US.  It defines a 
completely
+custom protocol (based on HTTP) and data formats (**not** based on ISO20022) 
for banking.
+
+
+Electronic Banking Internet Communication Standard (EBICS)
+==========================================================
+
+EBICS is used primarily in Germany, France and Switzerland.  Some banks (such 
as BNPParibas
+with their `Global Ebics 
<https://cashmanagement.bnpparibas.com/our-solutions/solution/global-ebics> 
offering`__)
+also allow EBICS access to accounts in other countries.
+
+EBICS is just a transfer layer for communicating with banks.  Banks define what
+messages they support.  In practice, EBICS is very often used to transfer
+ISO20022 messages.
+
+German banks that are part of the German Banking Industry Committee all must 
offer EBICS access.
+Thus this protocol is a good choice for the German market.
+
+
+FinTS / HBCI
+============
+
+German home-banking standard.  Only some banks allow authentication based on 
key pairs.
+Due to different interpretation of PSD2, other banks now only allow 
authentication
+methods that require interaction from the customer (SCA / Strong Customer 
Authentication).
+
+Payloads these days can be ISO20022 messages.
+
+
+PSD2
+====
+
+PSD2 is not a technical standard, but high-level legal requirements on 
(amongst other things) APIs
+that banks have to offer.
+
+There are many implementations of PSD2 APIs.  The `Berlin Group 
<https://www.berlin-group.org/>`__
+provides a framework that somewhat standardizes technical details, but the use 
of this standard
+is by no means necessary.
+
+Unfortunately, it focuses on *other* parties accessing *your* bank account.  It
+does not give customers access to their own bank account.  Customers can manage
+third party access they give to their bank account in their online banking
+system.  That mechanism is conceptually similar to OAuth2.  In fact, some
+implementations of PSD2 even use OAuth2 directly.
+
+PSD2 requires two main services to be available via an API:
+
+* AIS (Account Information Service).
+* PIS (Payment Initiation Service).
+
+Together, they're often called XS2A ("access to account").
+
+An entity that wants to use AIS has to be registered with the financial
+oversight authority in its country (BAFIN in Germany).  PIS has even stronger
+legal prerequisites.
+
+On a technical level, using PSD2 APIs usually requires having an `EIDAS
+<https://en.wikipedia.org/wiki/EIDAS>`__ certificate.
+
+
+Bank-Proprietary APIs
+=====================
+
+Some banks offer completely custom APIs to access services of the bank.  These 
often include services
+not available via more standardized APIs, such as account creation.
+
+Often banks frame PSD2 as just another API available in their portfolio of API 
offerings.
+
+Examples:
+
+* `Deutsche Bank <https://developer.db.com/products>`__
+* `ING Group <https://developer.ing.com/api-marketplace/marketplace>`__
+
+
diff --git a/libeufin/index.rst b/libeufin/index.rst
index a6d9162..a54d294 100644
--- a/libeufin/index.rst
+++ b/libeufin/index.rst
@@ -13,3 +13,4 @@ LibEuFin is a project providing free software tooling for 
European FinTech.
   ebics
   sepa
   iso20022
+  banking-protocols

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[taler-docs] branch master updated: banking protocol docs, gnunet <=

Prev by Date: [taler-deployment] branch master updated: added weblatetest.sh and weblatetest buildslave (hopefully) to master.cfg
Next by Date: [taler-docs] branch master updated: protocols: some more information
Previous by thread: [taler-deployment] branch master updated: added weblatetest.sh and weblatetest buildslave (hopefully) to master.cfg
Next by thread: [taler-docs] branch master updated: protocols: some more information
Index(es):
- Date
- Thread