FAQs – Frequently asked questions for our Open Banking APIs

General Questions 


List of connected banks 

Please see the Download Area in the Top Menu to download a list of all Banks connected to our PSD2 API. 
 

Are retail and business accounts accessible through PSD2 APIs? 

All retail accounts with access to Mein ELBA Online-Banking can also be accessed through the PSD2 APIs. 

For Business Accounts the access to the Mein ELBA Online-Banking can be enabled or disabled. Only if access to the Online-Banking is enabled the PSD2 APIs are also available for this account.  

 

Payment Initiation



How is the available account balance checked?

Our system checks the available amount after the PSU authorizes the payment.

If the amount IS NOT available the payment will be rejected.

If the amount IS available, the payment state changes to Pending and our system will start processing the payment.

Each new initiated transaction will reduce the available account balance.

Example: If the account balance is 100 Euro, and we receive two transactions (one 80 Euro, one 40 Euro) then the 2nd transaction (40 Euro) will be rejected.

 

It seems that payments are not processed after 18:00?

In the evening (typically from 18:00 to 03:00), on weekdays and on holidays SEPA payments can not be processed. This means if a payment is received during these hours the available amount will be checked and the payment will stay in the pending status until settlement can continue on the next bank working day in the morning.

 

What is the final Status of a payment? 

For SEPA Credit Transfers the final status is typically ACSC, but also may be ACCC because some banks will confirm the settlement directly. 

For Instant Payments the final status is always ACCC.  

To make your integration more robust we suggest, that implementors always check for ACSC or ACCC as final status in their systems.  

 

Are Instant Payments available to all customers?  

The availability and pricing of instant payments is the same as in the Online-Banking and depends on the banking products the customer has signed up for.

 

Account Information


What is the maximum validity for Account Information Consents?  

Recurring Account Information Consents can be requested for up to 90 days. If you request a consent until a date more than 90 days in the future (eg. Year 9999), the consent can still be requested, but will bet shortened to the maximum of 90 days.  

 

Number of days for transaction history  

For recurring consents transaction history is provided for the last 90 days only.  
For a one-off Consent (single use only) the whole historz of transactions the customer sees in the Online-Banking can be requested.  
The maximum transaction history depends on the banking product the customer.  

 

Certificates 


What type of certificates are supported? 

Currently QWAC eIDAS certificates are supported, QSEAL is NOT supported.  

 

Are Certificates with 4096 bits supported? 

Our API supports eIDAS certificates of up to 4096 bits.  

 

Our certificate will expire soon, do we need to inform Raiffeisen about the new certificate?

If only the key is renewed and thus the validity is extended you can use the new certificate without any additional steps and without informing us. It is a good idea to call the first-contact Endpoint again, which should result in the same client-id for the new certificate. If the fields in the certificate are different the first-contact will result in a new client-id.

 

Our company has a new name or has merged with another company, do we need to inform Raiffeisen about this? 

If your company has changed its name, then most likely the “subject” field will be different for any new certificates. If the fields in the certificate change you will need to call the first-contact Endpoint again to get a new client-id. With a new client-id all old consents will have to be renewed. We cannot check if the old and new company are the same legal entity, so customers will need to give their consent again to access their accounts.  

 

In case the first-contact returns a new client-id are services going to be disrupted or are both the old and new client-id going to be working?

Both client-ids will continue to work as long as the corresponding certificates are valid. Please be aware, that consent's are always tied to a client-id and thus consents from the old client-id are not available on the new client-id.  With a new client-id all old consents will have to be renewed.