Summary

Below is a summary of the technical details for the PTSB Dedicated Interface available to authorised TPPs. For more detailed information including the API swagger files please enrol on the Developer Portal.

UK Open Banking Standards

The Account and Transactions, Payment Initiation and Confirmation of Funds Application Programming Interfaces (APIs) have been developed and designed in line with the Open Banking Standards. This market-enabling standard is designed to assist European account providers in meeting their PSD2 and RTS requirements. For detailed information on the Open Banking Standards including detailed specifications please visit www.openbanking.org.uk.

Secure Communication

To enable AISPs, PISPs and CISPs to identify and mutually authenticate themselves with our APIs, we require both a QWAC and QSealC certificates. These certificates also allow us to establish a secure connection and prove origin, authenticity, and integrity of data.

  • QWAC: used to establish a channel for communication with the subject of the certificate using the Transport Layer Security (TLS) protocol, which guarantees confidentiality, integrity and authenticity of all data transferred through the channel (in the transport layer)
  • QSealCs used to create electronic seals on any data that ensure the integrity and correctness of the origin (i.e. authenticity) of the signed/sealed data

eIDAS Technical Specification

For further information in relation to the use of a QWAC and QSealC please refer to Electronic Signatures and Infrastructures (ESI); Sector Specific Requirements; Qualified Certificate Profiles and TSP Policy Requirements under the payment services Directive (EU) 2015/2366 (ETSI TS 119 495 V1.2.1)

API Security Profile

The APIs are developed in line with the Open Banking UK Security Profile v1.1.2 which implements the following protocols and practices:

  • OAuth 2.0
  • Open ID Connect
  • Mutual TLS
  • Payload Signing

PSU Authentication

We utilise redirection for PSU authentication, whereby the PSU will be redirected to a permanent TSB domain where they will complete authentication

API Swagger Files

To view and browse the API Swagger files please enrol on our Developer Portal

TPP Enrolment Form

Use our TPP enrolment Form to request access to our developer portal.

Terms of Use

Please read our Terms of Use before you enrol on the developer portal and use the test sandbox.

Data Privacy Statement

Please read our Data Privacy Statement before you enrol on the developer portal and use the test sandbox.

Back to top
Page loading

Alternate Text