Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "banking api"
Got pretty peeved with EU and my own bank today.
My bank was loudly advertising how "progressive" they were by having an Open API!
Well, it just so happened I got an inkling to write me a small app that would make statistics of the payments going in and out of my account, without relying on anything third-party. It should be possible, right? Right?
The bank's "Open API" can be used to fetch the locations of all the physical locations of the bank branches and ATMs, so, completely useless for me.
The API I was after was one apparently made obligatory (don't quote me on that) by EU called the PSD2 - Payment Services Directive 2.
It defines three independent APIs - AISP, CISP and PISP, each for a different set of actions one could perform.
I was only after AISP, or the Account Information Service Provider. It provides all the account and transactions information.
There was only one issue. I needed a client SSL certificate signed by a specific local CA to prove my identity to the API.
Okay, I could get that, it would cost like.. $15 - $50, but whatever. Cheap.
First issue - These certificates for the PSD2 are only issued to legal entities.
That was my first source of hate for politicians.
Then... As a cherry on top, I found out I'd also need a certification from the local capital bank which, you guessed it, is also only given to legal entities, while also being incredibly hard to get in and of itself, and so far, only one company in my country got it.
So here I am, reading through the documentation of something, that would completely satisfy all my needs, yet that is locked behind a stupid legal wall because politicians and laws gotta keep the technology back. And I can't help but seethe in anger towards both, the EU that made this regulation, and the fact that the bank even mentions this API anywhere.
Seriously, if 99.9% of programmers would never ever get access to that API, why bother mentioning it on your public main API page?!
It... It made me sad more than anything...7
While in the banking world, I had a project where I had to automate an import into a shit system called CRAWiz. The data had to come from multiple archaic loan systems with no API and tons of shit data.
After implementing, the shit data came to light. Instead of fixing shit data (and using their loan systems correctly), they decided to go back to digging through physical files and manually importing. They blamed CRAWiz and decided to go with a new system to import their shit data into. I warned them repeatedly that a new system would not fix the shit data but they couldn't accept it. I left at that point. 😂
I once tried to create a client for the fonds bank of Frankfurt. But I didn't expect their JSON API to be designed by a trainee.
Look at the API.
Stringified numbers, decimal commas (Germany), separator dots for thousands, and even one breaks as if it came from a pjp script where they just put an if condition in each line.
I documented the API and tried to create a Jax rs client, but stopped completing it. Not useable atm. Just look at what I spoofed.