I'd like to have something like this for Germany. I am willing to pay 10€/month for a simple API access to my bank account. I need neither hosted code nor push. Just give me remote access for my scripts.
Probably I'm asking for the impossible because of the heavy regulation in Germany but just wanted to put it out there.
N26 has got a quite decent REST API if you are willing to use your dev tools for a bit :)
Edit: Most banks also seem to support FinTS [0], but it seems a bit of a PITA.
Edit 2: figo might be worth a try as well, though I don't know their pricing.
Edit 3: bunq is quite nice as well. I implemented a few basic calls in node when they launched the API. Not the easiest API to work with, but acceptable.
If you watch to the end of the talk, you discover that N26 acted courteously and responsibly to the report, and all the security issues have been dealt with.
It is quite good, but it's not perfect. The apps look non-native and the UI has many issues (e.g. entering 10 international characters quickly in the "transfer note" box pops up 10 "only latin characters" notifications), the login UI looks weird on Firefox, and http://my.n26.com/ causes an infinite loop that I reported weeks ago.
Other than that, I'm very satisfied with the service, and I use them as my bank bank, but I use Revolut (revolut.com) for my everyday transactions, just because it "feels" nicer. The transparent N26 card definitely turns heads, though, cashiers are always asking me about that.
Thanks, nice list. Do you know of any aggregators in Germany that can provide a (read only) API for popular German online stock brokerage or pension fund accounts?
There used to be (still is?) an API called HBCI, but to my knowlegdge that required a smartcard (maybe not to bad an idea) and was mostly read-only. I think in the early 2000s you could use things like Quicken and MS Money to do homebanking (is this why some people in Germany still have the impression that it is dangerous and complicated?)
I think what "Sofortüberweisung.com" initially did was just to scrape the websites of all major banks, and use the HTML as an API. Then the banks found out they could not do much against it legally (and also fearing backlash because they had no good website-payment solution themselves), and they made some agreements.
It still is though it's recently called FinTS. Most german banks implement it and it's read/write usually.
Every bank has some specialities (even sometimes some bank branches have specialities) so it's usually not _that_ easy to implement if you want support for all banks.
"All" banks in Germany are run by less than 10 data centers. The second biggest, Fiducia, operates about 600 banks. This is one API for 600 banks.
For the API - almost all business accounts support HBCI or EBICS. For example my tax accountant and tax software have full access to my business account.
You can simulate a browser and act as if you're a normal, browser using customer. Encapsulate it and you've got an "API"; though it'll be a bit painful as a lot of banks' web backends are fucked up and you'll need to keep up to date with their changes, but still. I did it for my French bank account at one point (get balance + submit transfer).
Apparently, some used this technique for actual commercial services, which was partly motivation (they called it "screen scraping") for the European Commission's recent directive to require banks to allow authorized third-party access to customer account data.
A friend of mine did this but after two times web access being disabled for his account because "suspicious activity" he stopped. Second time he actually tried very hard to simulate a human with delays, user-agent, browser capabilities and so on but didn't help.
This is getting harder and harder. Chrome allows you to do a .click but it also sends a tainted flag. I'm not sure if headless browses also send non-tainted events.
Probably I'm asking for the impossible because of the heavy regulation in Germany but just wanted to put it out there.