[GNC-dev] Is PSD2 / Open Banking API / XS2A usable for GnuCash?

Frank H. Ellenberger frank.h.ellenberger at gmail.com
Thu Apr 27 10:47:14 EDT 2023 

Hi Cristian,

Am 26.04.23 um 23:01 schrieb Cristian Klein:
> Hello,
> 
> TL;DR: Given infinite development bandwidth, can one even dream of using
> PSD2 for Online Banking with GnuCash?
> 
> I wanted to improve visibility into my spendings (what do you know, it's
> 2023 😀) and wanted to try using GnuCash again ... after a 10-year break.
> 
> However, my life situation changed, and I no longer have the time (nor
> patience) to manually enter all transactions into GnuCash. Therefore,
> hearing about all the hype around PSD2, I thought maybe GnuCash already
> supports pulling all transactions from my bank (Nordea, Sweden, EU).
> 
> Why don't I just hack a PSD2 backend for AqBanking?

that is the right place. So the discussion should finally happen on
aqbanking-user at mailman.aqbanking.de

Some clarification:

PSD2 is no standard, but the second version of an EU directive.
https://en.wikipedia.org/wiki/Payment_Services_Directive.

The existing european Aqbanking backends FinTS and EBICS were adjusted 
for it. But they implemet direct connections between bank and client.

One question: Do you really want to share your financial data with third 
parties aka "FinTechs"?

I would ask my banks if they offer direct client access and which 
standards they folloow.

Regards
Frank

> So ... I read up on PSD2 and here is what I understood:
> 
>     - It introduces a heck of a lot of acronyms.
>     - It essentially mandates an open API for access to my transaction
>     information.
>     - TPP = "Third Party Provider", i.e., the entity who -- upon my consent
>     -- gets access to my transaction info.
>     - XS2A = "Access to Account" is an API to essentially retrieve
>     transaction information.
>     - TPP needs to onboard at two levels:
>        - First, the TPP needs to get some kind of certificate ("QSealC eIDAS
>        Public certificate" -- in case anyone Googles this message) from the
>        National Financial Authority, e.g., BaFin in Germany,
> Finansinspektionen in
>        Sweden, etc.
>        - Second, the TPP needs to get onboarded with each bank.
> 
> I learned these by reading the following documents:
> 
>     -
>     https://medium.com/@mpn123/building-an-open-banking-access-to-account-xs2a-api-as-a-bank-or-aspsp-479f26b91a43
>     -
>     https://www.openbankingeurope.eu/media/1176/preta-obe-mg-001-002-psd2-xs2a-tpp-user-management-guide.pdf
>     - https://developer.nordeaopenbanking.com/pitching-form/compliance
> 
> Does this essentially mean that PSD2 and XS2A is only usable for accounting
> software delivered as SaaS and useless for accounting software delivered as
> desktop applications like GnuCash?
> 
> Any insight is appreciated.
> 
> Best,
>

More information about the gnucash-devel mailing list