Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuckBuy Now
Search - "banking api"
Got pretty peeved with EU and my own bank today.
My bank was loudly advertising how "progressive" they were by having an Open API!
Well, it just so happened I got an inkling to write me a small app that would make statistics of the payments going in and out of my account, without relying on anything third-party. It should be possible, right? Right?
The bank's "Open API" can be used to fetch the locations of all the physical locations of the bank branches and ATMs, so, completely useless for me.
The API I was after was one apparently made obligatory (don't quote me on that) by EU called the PSD2 - Payment Services Directive 2.
It defines three independent APIs - AISP, CISP and PISP, each for a different set of actions one could perform.
I was only after AISP, or the Account Information Service Provider. It provides all the account and transactions information.
There was only one issue. I needed a client SSL certificate signed by a specific local CA to prove my identity to the API.
Okay, I could get that, it would cost like.. $15 - $50, but whatever. Cheap.
First issue - These certificates for the PSD2 are only issued to legal entities.
That was my first source of hate for politicians.
Then... As a cherry on top, I found out I'd also need a certification from the local capital bank which, you guessed it, is also only given to legal entities, while also being incredibly hard to get in and of itself, and so far, only one company in my country got it.
So here I am, reading through the documentation of something, that would completely satisfy all my needs, yet that is locked behind a stupid legal wall because politicians and laws gotta keep the technology back. And I can't help but seethe in anger towards both, the EU that made this regulation, and the fact that the bank even mentions this API anywhere.
Seriously, if 99.9% of programmers would never ever get access to that API, why bother mentioning it on your public main API page?!
It... It made me sad more than anything...8
What irritates me to no end.
"Companies" that try to game the system and have people pay for something that is already free.
I was tasked with implementing a Magento payment solution integrating WeChat Starpay.
Sure no problem, maybe 6 hrs of work.
When I couldn't get access to the api as a developer, when the site doesn't have SSL and wants sensitive banking information, when the contact form doesn't work directly, and they have a contact form on mikecrm.com, my suspicions were raised.
Looking around further, all they are doing is mirroring the chinese api, taking your banking info and submitting to wechat for you.
Ofc, I canceled the project, found the chinese api, and will most likely release an open source version integrating the free chinese api directly.
Companies like this piss me off, so unethical. they want to do the minimum amount of work possible and have people pay for it.
As far as doing work again for friends, that is over.
I may not be the most righteous human being that walked the earth, but I do have unwavering ethics and honesty for the most part.3
While in the banking world, I had a project where I had to automate an import into a shit system called CRAWiz. The data had to come from multiple archaic loan systems with no API and tons of shit data.
After implementing, the shit data came to light. Instead of fixing shit data (and using their loan systems correctly), they decided to go back to digging through physical files and manually importing. They blamed CRAWiz and decided to go with a new system to import their shit data into. I warned them repeatedly that a new system would not fix the shit data but they couldn't accept it. I left at that point. 😂
I once tried to create a client for the fonds bank of Frankfurt. But I didn't expect their JSON API to be designed by a trainee.
Look at the API.
Stringified numbers, decimal commas (Germany), separator dots for thousands, and even one breaks as if it came from a pjp script where they just put an if condition in each line.
I documented the API and tried to create a Jax rs client, but stopped completing it. Not useable atm. Just look at what I spoofed.