A token that needs to be passed on with every call to the API in order to access it.
Account Information Services
Account Information Services (such as getting access to the users' bank accounts, balances and transactions
Account Information Service Provider
Account Information Service Provider is a party which has the right to initiate a payment on behalf of a PSU.
An application programming interface key is a unique string of alphanumeric characters transmitted as part of an API request that authenticate the source of the API request.
Account Servicing Payment Service Provider
Can be regarded as a bank/financial institution
A financial institution that accepts deposits from the public and creates credit.
A data file that digitally binds a cryptographic key to an organization’s details or a package containing it and additionally a private key and (optionally) a passphrase.
A finAPI customer that has TTP certification.
A user's authentication information (typically a password, a token, or a certificate).
Data at Rest
Data that is being stored in stable destination systems
electronic Identification and Trust Services
A set of standards for electronic identification and trust services for electronic transactions in the European Single Market.
Mutual TLS authentication or certificate based mutual authentication refers to two parties authenticating each other through verifying the provided digital certificate so that both parties are assured of the others' identity.
The industry-standard protocol for authorization that focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices.
Payment Information Services
Payment Information Services (such as payment initiation from a bank account).
Payment Initiation Service Provider
Payment Initiation Service Provider is a party which has the right to initiate a transaction on behalf of a PSU.
A Web service testing tool.
Payment Services User
Can be regarded as an end-user
A separate file that is used in the encryption/decryption of data sent between the server and the connecting clients.
The second Payment Services Directive
Revised Payment Services Directive (PSD2, Directive (EU) 2015/2366). EU Directive, administered by the European Commission to regulate payment services and payment service providers throughout the European Union (EU) and European Economic Area (EEA).
A qualified Electronic Seal Certificate is a qualified digital certificate under the trust services defined in the eIDAS Regulation.
Qualified Trust Service Provider
Qualified Trust Service Provider is an entity allowed to issue qualified digital certificates which can be used to create qualified electronic signatures.
Qualified Website Authentication Certificate is a qualified digital certificate under the trust services defined in the eIDAS Regulation.
Strong Customer Authentication
Strong customer authentication is an authentication procedure based on two factors compliant with the requirements of PSD2.
Transport Layer Security
Transport Layer Security is cryptographic protocol designed to provide communications security over a computer network.
Third-party provider (such as finAPI)
Value Added Tax
The Value Added Tax, in the European Union is a general, broadly based consumption tax assessed on the value added to goods and services.
Access to Account
PSD2 compliant Access to Account Interface.