This is where you will get background and supplementary information about security model and other pre-requisites for accessing the APIs. This serves as a supplement and additional background to the information available in the API documentation. Also refer to the in-detail sections on TPP Onbarding and Prod environment



  • The following questions and answers have been published in categories to make it easier to find the relevant topics. Please use the search functionality in your browser to search for specific words.

  • Sandbox environment

    Note: As of September 2019, the isolated, purely mocked sandbox environment has been replaced by a new environment with support for security solution, consents and SCA flows. The new sandbox still

  • All API communication in the context of PSD2 will be handled by using a combination of certificates. There are 2 distinct flows that 3rd party clients need to use in every transaction:

    1. Identification
  • The diagram below depicts an overview of the flow, taking place during the creation of consent, including who plays what role. BEC's responsibility is limited to the actions happening between the TPP

  • The APIs are made available to TPPs authorized by a local NCA (in Denmark Finanstilsynet) to operate as an AISP, PISP or PIISP under the PSD2 directive. For TPPs registered under a different national

  • Production environment

    Production is a live environment working on real production data. Access to production APIs is strictly enforced and limited to authorized TPPs with proper license to operate as a AISP, PISP or CBPII

  • In order to ensure that we have the correct information and that we can trust the certificates that are used for TPP authentication and message sealing, we need to perform an enrollment of TPP. This

  • The diagram below depicts an overview of the flow, taking place during the creation and authorisation of a payment, including who plays what role. The respective banks responsibility is limited to the

  • The scope of this portal and the associated APIs is an implementation of the services described and specified under the PSD2 RTS:

    • Account Information Services (AIS) + Consents
    • Payment Initiation