Our most frequently asked questions about Open Banking
Frequently asked questions
What is ICA Banken Open Banking?
Open Banking allows developers to build applications and services around banks based on Open APIs. ICA Banken Open Banking pages and Developer Portal invites developers and companies to innovate and build services together with us, creating the next generation of digital services for ICA Banken’s customers through the use of Open APIs
What is an API?
API stands for application programming interface and is a technique for sharing information between online services and applications.
What are the effects for ICA Banken's customers?
Open Banking allows customers to use services built by other companies and give permission to those services to access customer’s bank data, if the customer has agreed to share it. It also gives the possibilities for ICA Banken customers to initiate payments from their payment accounts at ICA Banken through third party applications.
Services built on the ICA Banken Open Banking APIs will never get access to a customer's data without the customer specifically giving his/her consent to that application.
Is Open Banking safe?
Open Banking Customer safety is our first priority. Open Banking is built on EU PSD2 regulation guidelines and puts the customer rights and security in focus.
Open banking relies on secure date-sharing practices using proven, secure technology such as programming interfaces (API:s) and encryption in order to ensure that all customer data is protected. Furthermore, regulation requires all third party providers to undergo strict security assessments and comply with strict privacy and data protection standards.
What is PSD2 and how does it relate to Open Banking?
PSD2 (Payment Services Directive 2) is an EU Directive regulating payment services. Among other things, PSD2 regulates access from Account Information Service Providers (AISP) and Payment Initiation Service Provider (PISP) to payment accounts held at Account Servicing Payment Service Providers (ASPSPs).
EU has issued the PSD2 regulation that strives to make payments safer, increase consumer protection, foster innovation and competition while ensuring an equal playing field for all market players.
PSD2 stipulates that:
- The customer can grant third-party service providers access to the customers payment account information at the customers’ bank
- The customer can grant third-party service providers permission to initiate payments from the customers ICA Banken bank accounts
- Authentication processes related to payment account information and payment transactions must adhere to updated rules on strong customer authentication.
ICA Banken makes this possible by having open APIs that allow 3rd parties to integrate their services with ICA Banken and by extension, allowing customers to use 3rd party services
Open APIs enables Open Banking which is a broader term covering access via open APIs to banks services in general, while PSD2 concerns only access to payment accounts.
Where can I get more information about Open Banking?
You can send a message to our open banking support and ask your question and we will try to help you out.
Go to our Help Center.
How do I become an AISP or PISP?
To become an AISP (Account Information Service Provider) you need to apply and register at your local National Competent Authority (Finansinspektionen in Sweden) to obtain a license for your company. You also need a technical certificate from a QTSP (Qualified Trusted Services Provider).
To become a PISP (Payment Initiation Service Provider) you will need, in addition to the certificate, authorization from your National Competent Authority to conduct payment related activities. Please note that you must comply with any and all national rules pertaining to financial markets that are not your local market.
I have problems with my username and password
Check your browser settings to make sure the "allow cookies" option is enabled.
If the problem persists you can reset your password here.
Still having problems? Go to Help Center and contact us.
How do I delete my developer account?
If you want to delete your developer account you need go to our Help Center and contact us, and we will help you with this.
Which APIs are available in ICA Banken API Store?
You can find our available APIs in our APIs.
What is ICA Banken's Terms of Use?
Please read ICA Bankens terms of use here.
What is Berlin Group standard?
ICA Banken is following the Berlin Group standard for our APIs. Read more about Berlin Group Standard here.
Which browser does ICA Banken's Open Banking support?
We support these browsers today and we recommend that you use the lastest version:
- Chrome
- Safari
- Edge
- Internet Explorer
- Samsung Internet
What are the requirements when SignIN registration?
Username need to be less than 21 characters. We recommend using only lowercase and no special characters.
Verification for Sandbox APIs - though it gives the same response
The current version of the Sandbox APIs returns the same data response for a request, independent of the parameters which are sent in the request. We are providing you with different test cases to access different test user’s data.
For more information on how to do your testing in Sandbox environment please log in to developer portal, select Sandbox API you’re interested in and follow instruction provided in “Documentation” tab on API store page.
Can I generate own certificate for testing locally?
What certificate is approved by ICA Bankens production APIs?
To be able to use the production APIs your organization needs to have a license from a Financial Supervisory Authority (FSA) within the EU and a valid eIDAs certificate of the type QWAC, issued by a Qualified Trusted Service Provider (QTSP).
Can I use several valid QWAC certificates?
We trust only Production certificate currently. You can register with production certificate and callback to localhost during development. You can later on ask ICA Banken by sending a request via Help Center to change the call back.
Can I add multiple callbackUri to the existing application?
Yes, multiple callback Uri´s are supported. More information is available when sign in on Developer Portal under Register Certificate Tab.
Can I update my certificate?
Yes, you can update/renew your certificate. We have published new REST API for update/renew your PSD2 certificate. Please find more details on how to in “Register Certificate Production” tab in your developer account or in “Documentation” tab, on API store page.
Can I delete my certificate and register a new one?
You need to contact us via our Help Center and request to delete certificate. When you receive confirmation from ICA Banken support team than you will be able to register a new certificate by following steps below:
Step 1. Login to Developer Portal
Step 2. Upload the certificate in API store and get OID
Step 3. Make request towards mTLs-register Rest API
Step 4. Call authorization code rest API and get the code
Step 5. Get the access token.
How many applications can I add to my account?
There is no maximum limit but if you add more than 7 applications to your account in the Developer Portal you need to zoom out your screen resolution to 90 % to be able to select application you wish to use and continue to the next step, which is to subscribe and register your certificate. Work continues to improve this functionality in our future releases.
We recommend deleting application that you no longer use.
Can I delete my application?
Yes, you can delete your application when singIN on Developer Portal and then select ‘Application’ tab.
Can I see and update details about my client?
Yes, you can see registered details and do callbackURI update by using new REST API published on API store. Please find more details on how to in “Register Certificate Production” tab in your developer account. We have enabled functionality for you to change your callback URI when needed. It is in our development plan, to offer more features that can improve the user experience as it is important to us.
Back to startpage för Open Banking