Introduction to Multibanking

Connectivity via the finX API

The finX API provides connectivity to several countries and offers access to a variety of account types, enabling you to access a wide range of financial data. Here's a breakdown of the supported countries and available account types:

Supported Countries:

  • Germany
  • Austria
  • Spain
  • Portugal
  • Romania

Available Account Types:

📘

Please note that the availability of account types may vary by country.

Payment Accounts: These are standard current or checking accounts used for day-to-day financial transactions.

(Daily) Savings Accounts: These accounts offer a safe place to save money and often provide interest on the deposited amount.

Depot Accounts: Depot or investment accounts are used for managing securities and investments, allowing you to track and manage your holdings.

Credit Cards: Access credit card account information, including balances, transaction history, and credit limits.

Loans: Retrieve information about loans, including outstanding balances, repayment schedules, and interest rates.

Insurances: Access data related to insurance policies, providing valuable insights into coverage and premiums.

How it Works

You can find a step-by-step description in the Implementation Guide.

Data-Access Types

Ongoing Account Access

Ongoing account access is normally used whenever customers want to access information over a period of time.

In case of ongoing account access, Qwist automatically adds new connected bank accounts to a background service that runs an automatic synchronization process (“autosync”) up to 4 times a day until the Consent of the user expires (usually after 180 days). This allows the customer to fetch updated financial data for its users up to 4 times a day from Qwist’s database without any interaction their side. After max. 180 days the consent of the user expires and they need to renew the consent by providing a Second Factor for Strong Customer Authentication (SCA), e.g. a TAN.

In order to activate the autosync, the users must save their credentials during the login process. This is done via a checkbox on the Widgets UI or by setting the save_secrets parameter to true in the Ongoing access API call. The credentials are stored in an encrypted database that can only be accessed and decrypted by the finX API when communicating with the banks.

Qwist will not delete any financial data of the end user until the customer has sent a DELETE request via the finX API.

Prerequisites

API Access & Authentication

The finX API is a restful API that is accessed using HTTP Basic Auth with a Client ID as username and a Client Secret as password. Therefore each customer receives a Client ID and Client Secret from Qwist to access the finX API, which has a specific set of Scopes attached to it. Scopes define the usage rights of each Client ID on the finX platform.

If you want to get started with your dedicated Credentials, please reach out to us!

Widget Integration

Before continuing with the implementation guide, please view our Widget Integration best practices.