Say hello to Zaster Banker, your mobile banking app!
Zaster Banker currently supports (mostly German) banks which use the FinTS/HBCI API - fast and easy-to-use!
IMPORTANT: Due to the new PSD2 regulatations it might be possible that signing in to your account is currently not possible. Testing wasn't possible before and the current version may only work for a few banks as I can't test with others. If possible, please test and debug with your bank! Let me know if you need assistance!
Moreover, feedback about Zaster Banker is always appreciated (good, bad, improvement/feature ideas etc.).
As mentioned, you can contribute with a translation, a new feature or even a bugfix. The sources are on GitHub at https://github.com/Wunderfitz/harbour-zaster Please acknowledge the GNU GPLv3 before contributing/forking. Thanks to all contributors!
Attachment | Size | Date |
---|---|---|
![]() | 342.68 KB | 27/11/2018 - 23:05 |
![]() | 354.88 KB | 27/11/2018 - 23:05 |
![]() | 363.97 KB | 05/12/2018 - 00:11 |
![]() | 350.8 KB | 05/12/2018 - 00:11 |
![]() | 371.62 KB | 06/05/2019 - 23:24 |
![]() | 384.84 KB | 06/05/2019 - 23:24 |
![]() | 365.75 KB | 04/11/2019 - 23:09 |
![]() | 379.05 KB | 04/11/2019 - 23:09 |
0.4
- Initial support for PSD2/SCA
- Several bugfixes (#17, #18)
- Removed Wagnis
0.3
- Choose current account from PIN/password screen
- Add abort button for loading screen
- Make transactions retrieval period configurable
- Bugfix: Transaction headers missing for some banks (e.g. GLS)
0.2
- Support for multiple accounts
- Limit transactions to last month (should solve missing transactions in most cases)
- Bugfix: Long bank name correctly wrapped
- Bugfix: Crash in case of incorrect account credentials
- Bugfix: Transactions without Cents for ING should no longer display NaN (untested)
- Bugfix: UniCredit banks complain about unsupported "All Accounts" option (untested)
Comments
WerkWolf
Wed, 2018/11/28 - 12:20
Permalink
If it calms you down I can guarantee that your bank credentials are not transmitted to any third party. Zaster Banker directly connects to your bank's given API endpoint via SSL/TLS and only stores your account metadata on your device (see /home/nemo/.config/harbour-zaster). WerkWolf doesn't know anything about that. This metadata (so your bank account number and it's capabilities for API access such as API version number) is encrypted by SimpleCrypt https://wiki.qt.io/Simple_encryption_with_SimpleCrypt - which is not a strong encryption, but unless sailfish-secrets is stable, it's hard to become better. Maybe there is an option to encrypt that better using libcrypto in the near future. However, the most important thing is that your PIN/password is NEVER stored on your device - it only lives in memory as long as you use the app. That's why you need to enter it each time. Moreover, everything is read-only so far - there is no implementation of any money transfer yet in the software and would anyway require two-factor (TAN) authentication as well.
So, being paranoid myself, I chose that it's totally fine to use it... But in any case, there is always a risk when you use mobile applications and there is no guarantee that you are completely safe. You need to balance the risk/convenience ratio yourself.
mugshot
Wed, 2018/11/28 - 09:39
Permalink
Another feature request, if you may. :) Would be nice to see Finnish bank support. Samlink at least has quite a lot of documentation about the payments, transactions, etc. They might require a service agreement with the banks (was mentioned in some of the documents). So not sure how open the API is or if it'll cost anything.
Here's the documentation for Samlink (doesn't cover all Finnish banks, but the one I use ;)) if you want to take a look: Software services
There's also a (bit unmaintained) API for most of the Finnish banks, so might need some testing and probably a fork: FpiAPI Api for making Finnish web payments via a handful of banks and Luottokunta.
WerkWolf
Wed, 2018/11/28 - 12:06
Permalink
Thanks for the information, highly appreciated! Finland is the 2nd biggest market for Sailfish OS after Germany, so it's quite likely that they will come next, but as already said: No commitments so far... :)
mugshot
Thu, 2018/11/29 - 10:49
Permalink
Hi, I did some more digging and it seems that the PSD2 is slowly being implemented by different Finnish banks. Here's some data what I could find:
Nordea: https://developer.nordeaopenbanking.com/
S-Pankki: https://www.s-pankki.fi/fi/yhtiot/open-banking/
Aktia (unfortunately only in Finnish or Swedish, but doesn't give much information, basically just stay tuned...): https://www.aktia.fi/fi/psd2
But as a bonus, I bumped in to this Node.js code made by a Finnish software/coding company: https://github.com/reaktor/maksunappi
So as a summary, the situation in Finland is quite "random" some banks support the PSD2 and even provide a developer API, some don't. The best approach at this time would be to directly ask from the banks if they have an open API available.
WerkWolf
Thu, 2018/11/29 - 11:59
Permalink
Wow, great! Thank you very much! And if you ask me: If I lived in a country outside of Germany, one factor in choosing my bank account would be the availability of an open API. Maybe, this will become common for SFOS users in the near future. ;)
mugshot
Mon, 2019/06/24 - 09:23
Permalink
Seems that there is an open API for a bunch of other banks as well (due to PSD2):
https://developer.samlink.fi/
https://developer.samlink.fi/get-started
https://developer.samlink.fi/docs
https://developer.samlink.fi/sandbox-doc
Would be super to see Zaster Banker to support the PSD2 and all the banks that provide the API through that. It does seem that you'd need to develop separate module for at least the PSD2 banks, so I have no idea how much work it woud require.
mugshot
Wed, 2019/04/24 - 15:13
Permalink
Hi,
Just took a look again and it seems that AKTIA has an open API (not sure about the terms and conditions), but might be worth taking a look: https://www.aktia.fi/fi/openbanking
Too bad it's not my bank of choise, but I'm optimistic that other banks will follow suite as the September deadline for the PSD2 draws closer.
Edit: Seems that S-Pankki has also opened up the API: https://www.s-pankki.fi/fi/yhtiot/open-banking/ (site in Finnish, but leads to here: https://crosskey.io/stores/s-pankki/apis) So good progress here in Finland regarding the banking API development.
PawelSpoon
Wed, 2018/11/28 - 09:32
Permalink
Nice idea ! Could not find my bank: Easybank. Do.they not.support the api or are they not on your list ?
WerkWolf
Wed, 2018/11/28 - 12:04
Permalink
Easybank is Austria, isn't it? Zaster Banker is currently limited to German banks supporting FinTS/HBCI. Other APIs/banks may come at a later stage. It's the first version 0.1, right? ;)
Historyscholar
Wed, 2018/11/28 - 03:11
Permalink
very good
naytsyrhc
Wed, 2018/11/28 - 02:45
Permalink
Thanks for this app. Highly appreciated. A suggestion: will you support multiple bank accounts? It seems, I'm currently limited to one. And: do you have plans to support initiation of transactions?
WerkWolf
Wed, 2018/11/28 - 12:03
Permalink
Multi-bank support it highest priority as I need it myself and not that hard to implement. Transaction initiation is a different story and quite complex to implement. I tend to scale to other European countries with read-only access before more features for Germany are implemented, but let's see. I can't give any detailed commitments as all depends on an open API...
Kabouik
Wed, 2018/11/28 - 00:19
Permalink
You can take all the money you want directly from my bank accounts if you can extend that to other banks within Europe and help everyone getting rid of Android and Google services for good. I suspect they use other APIs, bur I hope you can add N26 (German) in the future, and then other countries (one vote for French banks here).
glanternier
Thu, 2019/06/13 - 01:02
Permalink
Another vote for French banks.☺
WerkWolf
Wed, 2018/11/28 - 00:50
Permalink
N26 has its own API, but support might be feasible. If the other banks have an open API, they can be supported as well. However, no promises yet as everything needs to be checked and evaluated first.
Kabouik
Wed, 2018/11/28 - 13:46
Permalink
I don't know if that helps because I'm not sure whether it is open, but it seems most French banks (and some others, including N26) are supported by Linxo: https://www.linxo.com/decouvrir/liste-banques/ (couldn't not find this page in the English version of the website, sorry). Is this the kind of APIs you need?
Otherwise, I read that banks have been asked to provide APIs in the near future anyway: http://fintechnews.ch/fintech/psd2-eu-banks-fintechs-responding-open-ban.... Now, I'm not sure how realistic this is on the short term.
WerkWolf
Wed, 2018/11/28 - 13:41
Permalink
Zaster Banker will only use APIs which are directly supported by the individual banks. There will be no investment in any third-party services for privacy and security reasons. Seems like Linxo is something like such a third-party service, but I may be wrong...
PSD2 is very promising, but there are tendencies to limit access to PSD2-compliant APIs to bigger companies which need to go through a certification process. We'll see how it will work...
Kabouik
Thu, 2018/11/29 - 13:06
Permalink
Understood. Looking forward to having those banks supported then, if it turns out to be feasible. I'll definitely buy the app when/if I can use it for my accounts.
To be honest, my main accounts are in French banks, but I can live without applications for them because the websites, even though very annoying to use on a mobile devices, offer the same features as the Android applications. However, things are different with N26 because the application is required to do any operation, like a bank wire or the validation of a secured Internet payment. The website does not allow confirming those operations, on purpose, which to be honest is quite annoying. I know Zaster Banker is read only at the moment, and that it doesn't support N26 yet, but if it can replace mandatory Android applications one day, this would be a game changer for Sailfish. It is critical for N26 since the official application does not install anymore on 4.4.4 provided by Alien Dalvik (meaning even with Google Services installed, I can't use N26 anymore).
explit
Tue, 2018/11/27 - 23:32
Permalink
Shut up and take my money!
objectifnul
Tue, 2018/11/27 - 23:20
Permalink
Thx! May I suggest to be in touch with https://cbc.be ? Would be so great to drop Android permanently.
WerkWolf
Wed, 2018/11/28 - 00:48
Permalink
Sure, thanks for the hint! However, I can't give any promises yet if and when other banks can be supported. Some may charge fees for using their APIs...
objectifnul
Wed, 2018/11/28 - 01:34
Permalink
Okay. Looking forward to having it working for Belgian banks, and willing to pay for it. Any idea of how much they may be asking for licensing a corporate API ? (To be honest, after discussions with CBC's IT department, I'm not really optimistic... They keep saying "Usage restrictions are for your security", without any explanation). Anyway, please keep trying, preferably with top executives.
Pages