Zaster Banker

Rating: 
4.923075
Your rating: None Average: 4.9 (13 votes)

Say hello to Zaster Banker, your mobile banking app!
Zaster Banker currently supports (mostly German) banks which use the FinTS/HBCI API - fast and easy-to-use!

  • Search-as-you-type for your bank: No complex searching for backend API URLs, your bank ID (BLZ) or other things. Just use your bank's name (or only parts of it), select your bank from the search results and Zaster Banker automatically finds all parameters for you automatically.
  • Balances for Accounts and Portfolios: See the balances of your accounts and portfolios at one glance
  • Transaction Details: Access all transaction details of last few months in a easy-to-use list

IMPORTANT: Due to the new PSD2 regulatations it might be possible that signing in to your account is currently not possible. Testing wasn't possible before and the current version may only work for a few banks as I can't test with others. If possible, please test and debug with your bank! Let me know if you need assistance!

Moreover, feedback about Zaster Banker is always appreciated (good, bad, improvement/feature ideas etc.).

As mentioned, you can contribute with a translation, a new feature or even a bugfix. The sources are on GitHub at https://github.com/Wunderfitz/harbour-zaster Please acknowledge the GNU GPLv3 before contributing/forking. Thanks to all contributors!

Screenshots: 
Application versions: 
AttachmentSizeDate
File harbour-zaster-0.1-25.armv7hl.rpm342.68 KB27/11/2018 - 23:05
File harbour-zaster-0.1-25.i486.rpm354.88 KB27/11/2018 - 23:05
File harbour-zaster-0.2-2.i486.rpm363.97 KB05/12/2018 - 00:11
File harbour-zaster-0.2-2.armv7hl.rpm350.8 KB05/12/2018 - 00:11
File harbour-zaster-0.3-2.armv7hl.rpm371.62 KB06/05/2019 - 23:24
File harbour-zaster-0.3-2.i486.rpm384.84 KB06/05/2019 - 23:24
File harbour-zaster-0.4-4.armv7hl.rpm365.75 KB04/11/2019 - 23:09
File harbour-zaster-0.4-4.i486.rpm379.05 KB04/11/2019 - 23:09
Changelog: 

0.4
- Initial support for PSD2/SCA
- Several bugfixes (#17, #18)
- Removed Wagnis

0.3
- Choose current account from PIN/password screen
- Add abort button for loading screen
- Make transactions retrieval period configurable
- Bugfix: Transaction headers missing for some banks (e.g. GLS)

0.2
- Support for multiple accounts
- Limit transactions to last month (should solve missing transactions in most cases)
- Bugfix: Long bank name correctly wrapped
- Bugfix: Crash in case of incorrect account credentials
- Bugfix: Transactions without Cents for ING should no longer display NaN (untested)
- Bugfix: UniCredit banks complain about unsupported "All Accounts" option (untested)

Comments

WerkWolf's picture

If it calms you down I can guarantee that your bank credentials are not transmitted to any third party. Zaster Banker directly connects to your bank's given API endpoint via SSL/TLS and only stores your account metadata on your device (see /home/nemo/.config/harbour-zaster). WerkWolf doesn't know anything about that. This metadata (so your bank account number and it's capabilities for API access such as API version number) is encrypted by SimpleCrypt https://wiki.qt.io/Simple_encryption_with_SimpleCrypt - which is not a strong encryption, but unless sailfish-secrets is stable, it's hard to become better. Maybe there is an option to encrypt that better using libcrypto in the near future. However, the most important thing is that your PIN/password is NEVER stored on your device - it only lives in memory as long as you use the app. That's why you need to enter it each time. Moreover, everything is read-only so far - there is no implementation of any money transfer yet in the software and would anyway require two-factor (TAN) authentication as well.

So, being paranoid myself, I chose that it's totally fine to use it... But in any case, there is always a risk when you use mobile applications and there is no guarantee that you are completely safe. You need to balance the risk/convenience ratio yourself.

mugshot's picture

Another feature request, if you may. :) Would be nice to see Finnish bank support. Samlink at least has quite a lot of documentation about the payments, transactions, etc. They might require a service agreement with the banks (was mentioned in some of the documents). So not sure how open the API is or if it'll cost anything.

Here's the documentation for Samlink (doesn't cover all Finnish banks, but the one I use ;)) if you want to take a look: Software services

There's also a (bit unmaintained) API for most of the Finnish banks, so might need some testing and probably a fork: FpiAPI Api for making Finnish web payments via a handful of banks and Luottokunta.

WerkWolf's picture

Thanks for the information, highly appreciated! Finland is the 2nd biggest market for Sailfish OS after Germany, so it's quite likely that they will come next, but as already said: No commitments so far... :)

mugshot's picture

Hi, I did some more digging and it seems that the PSD2 is slowly being implemented by different Finnish banks. Here's some data what I could find:

Nordea: https://developer.nordeaopenbanking.com/
S-Pankki: https://www.s-pankki.fi/fi/yhtiot/open-banking/
Aktia (unfortunately only in Finnish or Swedish, but doesn't give much information, basically just stay tuned...): https://www.aktia.fi/fi/psd2

But as a bonus, I bumped in to this Node.js code made by a Finnish software/coding company: https://github.com/reaktor/maksunappi

So as a summary, the situation in Finland is quite "random" some banks support the PSD2 and even provide a developer API, some don't. The best approach at this time would be to directly ask from the banks if they have an open API available.

WerkWolf's picture

Wow, great! Thank you very much! And if you ask me: If I lived in a country outside of Germany, one factor in choosing my bank account would be the availability of an open API. Maybe, this will become common for SFOS users in the near future. ;)

mugshot's picture

Seems that there is an open API for a bunch of other banks as well (due to PSD2):

https://developer.samlink.fi/
https://developer.samlink.fi/get-started
https://developer.samlink.fi/docs
https://developer.samlink.fi/sandbox-doc

Would be super to see Zaster Banker to support the PSD2 and all the banks that provide the API through that. It does seem that you'd need to develop separate module for at least the PSD2 banks, so I have no idea how much work it woud require.

mugshot's picture

Hi,

Just took a look again and it seems that AKTIA has an open API (not sure about the terms and conditions), but might be worth taking a look: https://www.aktia.fi/fi/openbanking

Too bad it's not my bank of choise, but I'm optimistic that other banks will follow suite as the September deadline for the PSD2 draws closer.

Edit: Seems that S-Pankki has also opened up the API: https://www.s-pankki.fi/fi/yhtiot/open-banking/ (site in Finnish, but leads to here: https://crosskey.io/stores/s-pankki/apis) So good progress here in Finland regarding the banking API development.

PawelSpoon's picture

Nice idea ! Could not find my bank: Easybank. Do.they not.support the api or are they not on your list ?

WerkWolf's picture

Easybank is Austria, isn't it? Zaster Banker is currently limited to German banks supporting FinTS/HBCI. Other APIs/banks may come at a later stage. It's the first version 0.1, right? ;)

Historyscholar's picture

very good

naytsyrhc's picture

Thanks for this app. Highly appreciated. A suggestion: will you support multiple bank accounts? It seems, I'm currently limited to one. And: do you have plans to support initiation of transactions?

WerkWolf's picture

Multi-bank support it highest priority as I need it myself and not that hard to implement. Transaction initiation is a different story and quite complex to implement. I tend to scale to other European countries with read-only access before more features for Germany are implemented, but let's see. I can't give any detailed commitments as all depends on an open API...

Kabouik's picture

You can take all the money you want directly from my bank accounts if you can extend that to other banks within Europe and help everyone getting rid of Android and Google services for good. I suspect they use other APIs, bur I hope you can add N26 (German) in the future, and then other countries (one vote for French banks here).

glanternier's picture

Another vote for French banks.☺

WerkWolf's picture

N26 has its own API, but support might be feasible. If the other banks have an open API, they can be supported as well. However, no promises yet as everything needs to be checked and evaluated first.

Kabouik's picture

I don't know if that helps because I'm not sure whether it is open, but it seems most French banks (and some others, including N26) are supported by Linxo: https://www.linxo.com/decouvrir/liste-banques/ (couldn't not find this page in the English version of the website, sorry). Is this the kind of APIs you need?

Otherwise, I read that banks have been asked to provide APIs in the near future anyway: http://fintechnews.ch/fintech/psd2-eu-banks-fintechs-responding-open-ban.... Now, I'm not sure how realistic this is on the short term.

WerkWolf's picture

Zaster Banker will only use APIs which are directly supported by the individual banks. There will be no investment in any third-party services for privacy and security reasons. Seems like Linxo is something like such a third-party service, but I may be wrong...

PSD2 is very promising, but there are tendencies to limit access to PSD2-compliant APIs to bigger companies which need to go through a certification process. We'll see how it will work...

Kabouik's picture

Understood. Looking forward to having those banks supported then, if it turns out to be feasible. I'll definitely buy  the app when/if I can use it for my accounts. 

To be honest, my main accounts are in French banks, but I can live without applications for them because the websites, even though very annoying to use on a mobile devices, offer the same features as the Android applications. However, things are different with N26 because the application is required to do any operation, like a bank wire or the validation of a secured Internet payment. The website does not allow confirming those operations, on purpose, which to be honest is quite annoying. I know Zaster Banker is read only at the moment, and that it doesn't support N26 yet, but if it can replace mandatory Android applications one day, this would be a game changer for Sailfish. It is critical for N26 since the official application does not install anymore on 4.4.4 provided by Alien Dalvik (meaning even with Google Services installed, I can't use N26 anymore).

explit's picture

Shut up and take my money!

objectifnul's picture

Thx! May I suggest to be in touch with https://cbc.be ? Would be so great to drop Android permanently.

WerkWolf's picture

Sure, thanks for the hint! However, I can't give any promises yet if and when other banks can be supported. Some may charge fees for using their APIs...

objectifnul's picture

Okay. Looking forward to having it working for Belgian banks, and willing to pay for it. Any idea of how much they may be asking for licensing a corporate API ? (To be honest, after discussions with CBC's IT department, I'm not really optimistic... They keep saying "Usage restrictions are for your security", without any explanation). Anyway, please keep trying, preferably with top executives.

Pages