FAQs

General

1. What is Yapily?

Yapily is a technology enabler, offering service providers an easy way to retrieve financial data and initiate payments providing one single secure API for connectivity to financial institutions. We are engineers who envision democratising innovation in financial services and building an inclusive financial world.

2. What is open banking?

Open banking describes a new era in financial services, in which individuals and businesses now own their financial data and are free to share it with third parties. This helps bring competition to the market but also helps banks create new products and new revenue streams.

'Open banking' is also used however to colloquially identify the Open Banking Implementation Entity (OBIE). This is the UK-specific entity that the Competition and Market Authority charged with setting standards for PSD2-compliant technology at the nine biggest banks. As one of the world's first instances of government-sponsored API initiatives, the standards and processes it has established are proving influential globally. Visit the OBIE’s official website.

3. How can service providers benefit from open banking?

Open banking APIs are the financial channels of the future for financial data retrieval and payment initiation. Open banking is aimed at significantly reducing the costs associated with traditional methods of data retrieval and making payments while enforcing customer data security and autonomy. What’s more, it provides better user experience and the opportunity to provide tailored products to end users. Read more on our blog here.

4. How are you different from other open banking providers?

We have a very simple mission: to be an API Only, developer focussed, security-first technology provider that’s built to scale and change. To that end, we’re not interested in having any consumer facing interaction; your clients, your brand. Instead we focus on precise, invisible API technology so businesses can connect to financial institutions in the safest and best way possible. We neither store consumers credentials, financial data nor retrieve data by reverse engineering APIs and screen scraping.

5. What are the benefits for a service provider using Yapily vs building integrations in-house?

Maintaining one integration alone to a bank is complicated and time-consuming. Maintaining a handful - or hundreds - is unnecessary when we do it for a living. It is comparable to building your own servers when you can just use cloud-hosted providers. Open Banking APIs are not built to maximise adoption, and therefore a lot of optimisation services, tools and monitoring capabilities will need to be developed in-house otherwise connections are likely to break and render your product unusable. We manage, monitor and maintain global Open Banking connectivity so that our clients can focus on their attention on core products.

6. Do my customers/end users see Yapily? Is there a Yapily interface?

No. Yapily does not even require a mention on the user journey. We have neither end consumer interface nor interaction, we are simply your technology enabler, working totally behind the scenes!

7. What is the Open Banking Directory?

The Open Banking Directory is a list of regulated third party providers (AISPs and PISPs) and account providers (ASPSPs) that operate in the UK’s Open Banking ecosystem. By enrolling into this directory, account providers - such as banks, building societies and payment companies - can verify the identity of regulated third party providers. Once you’ve enrolled in the Open Banking Directory, you can manage your company’s profile. You can manage the digital certificates and software statements you need to connect to account providers using the Open Banking API Standards.

8. As a business, how do I enrol with Open Banking Directory?

Once you have filed your application with the FCA as an Account Information Service Provider (AISP) and/or Payment Initiation Service Provider (PISP), you need to register directly with the Open Banking Implementation Entity itself. They have an easy online application, and the process only takes a few weeks. Learn more with our Open Banking Guide. Note that you don’t need to have the final approval. You can start the Directory enrollment after you have filed the application.

9. What would you advise for a firm evaluating the FCA process to become AISP/PISP in the UK?

The FCA authorisation process for registered AIS or PIS (or both) is not as complicated as people think. Depending on your focus or experience, you should account for a couple of weeks to a month for assembling documents, then roughly 2 months to action FCA feedback before a decision is made. The entire process takes anything between 2 and 5 months. The FCA is very collaborative so you don’t need to have everything in place before you start the application. You don’t even need capital reserves or insurances in place but simply be ready to have them once they have made a decision. The sooner you start, the better. Want some help applying? Happy to make some intros, let us know at hello@yapily.com

10. I’m not regulated, but I provide AIS to end users. Can’t I just be an agent of a regulated AISP provider?

You can, but there are limitations in doing so which will impact your offering, your users and your application’s commercial viability. Read this post on the subject. To truly benefit from open banking, you should consider getting an AISP/PISP licence.

11. Are you hiring at the moment?

Yes we are, we are hiring talented people to join our team and help us achieve our global mission. Please check out our careers page here - or drop us a line at join@yapily.com

12. How can I contact Yapily?

We are always eager to meet businesses and understand their needs. If you are a developer interested in Open Banking APIs, we’d like to invite you to our growing developer community on Slack - a collaborative place to get real-time support, share ideas & feedback (and show off what you’re building.) Enter your email to get a slack invite here. For commercial discussions, please email hello@yapily.com.

Product

1. Each bank has different configurations and understanding them is time-consuming. Can Yapily help?

Absolutely. We exist to normalise and maintain data feeds from as many banks as possible without you having to manually integrate each one individually - you’re right, it’s a time consuming and inefficient process. Simply integrate with the Yapily API via our institution configuration guide to easily setup connectivity, and benefit from all our ongoing maintenance and monitoring too.

2. Is using Yapily API secure?

Owing to our technical focus and lean approach, we can guarantee bank-grade encryption (following OpenID) across our channels, secured with OAuth2. We are ISO 27001:2013 certified, too. Because tokenisation underpins open banking, end consumers only share their consent - not credentials - to third-party providers to enable data access, and banks, in turn, share the data with authorised third-parties by validating consent tokens. We do not store user credentials.

3. What is your bank coverage?

We cover almost 95% of UK bank accounts (retail and business) with live API connectivity already! We not only offer Account Information Service (AIS) APIs but also Payment Initiation and Open Data. We also have many other banks in Germany, the Nordics, Spain, France, Greece and we are continuously growing the coverage. For up to date information please get in touch because sooner or later we will cover all banks from London to Sydney! Please find our latest institutional availability on GitHub or use the dashboard institution search if you have already signed up.

4. I require connectivity to a bank that isn’t yet live on the Yapily API. What next?

Let us know! We can integrate with it (if PSD2 compliant) or migrate your existing channel (if screen scraping or a private API) until that bank’s public API is available.

5. Why don’t you connect with thousands of banks already?

Because there are not thousands of banks’ APIs available! We don’t do ‘screen scraping’ or private API reverse engineering. Coverage across hundreds of banks is only currently possible using screen scraping (aka Direct Access). This method is unworkable with new regulations for Strong Customer Authentication (SCA), and it has auxiliary commercial and security flaws. Bear in mind that screen scraping will become illegal in Europe starting from the 14th September 2019. Learn more about the differences between screen scraping vs API in our simple Q&A blog post here.

6. What data does Yapily provide?

We offer dedicated API resource endpoints and a host of developer-focused, industry-standard API management tools to help developers connect to banks and retrieve data. Using the dedicated API resource endpoints, you can retrieve data in a clean, ready-to-use format. The resources currently supported via our API are:

6.1. Payments Initiation

a) Initiate Payments on behalf of the user.
b) Get Payment status of a previously made payment.
c) Initiate transfer between two accounts of a user.

6.2. Financial Data Retrieval

a) Account & Balances Information b) Transactions Information
c) Identity Information between two accounts of a user.

6.3. Bank Product Data

a) Personal Current Accounts b) ATMs

Our API endpoints also facilitate backend user-id management, institution management and consent token (access & refresh token) management to better manage connectivity. For the full breakdown see our API Explorer. We deliver all data available from PSD2-complaint APIs plus more (if offered; for example, some banks choose to provide identity data, and the level of Open Data varies across different institutions.)

7. How do you deliver financial data?

We only use open/public APIs that are PSD2 compliant. These are very scalable, highly efficient and secure channels. We provide data via a unified API endpoint that closely follows the flow and version releases of official Open Banking Standards, so your team familiarises itself with open banking, maintaining transparency.

8. What are bank sandboxes, and how can I access those?

A ‘sandbox’ is a virtual testing environment, something that closely mimics a real bank account to help people test their app or product before they start testing it on real personal or business accounts. Most developers prefer ‘playing in a sandbox’ before accessing live banks. Not only do we provide multiple bank sandboxes, you can choose to skip signing up with banks for sandbox access and instead use our preconfigured sandbox to get started. See our guide to learn how!

9. Do you have a dev kit available for me to easily plug and play your solution?

Yes, we have SDKs available in the programming language of your choice. Also, we have sample TPP code to make your work easy, and a whole toolkit to support developers. Check our GitHub repository for the complete set.

10. What is the dashboard for?

Our application dashboard is your key to a unified API gateway. Here, you can use sandbox/live banks with our end-user simulator, API postman collection, certificate management and various guidance to help integrate our API into your environment. Check it out here.

11. How do I test your API?

Simple! Just like any developer trying out a new API, get started by reading our API docs. If you want a product walkthrough, feel free to book a demo here.

12. How long does it take to integrate Yapily?

Once familiar with the documentation and flow, it takes a matter of minutes to connect with Yapily or, with our support, a few hours maximum, after which you can have live Open Banking connectivity. To start using the Yapily API from scratch and get data in real-time, follow our simple step-by-step tutorial on Github. To prove it, we even built a fully-functioning payments app from scratch in 48 hours using our API in a native programming language, and open-sourced it - try it out here!

13. What kind of guidance is available when integrating with the Yapily API?

We facilitate end-to-end support for onboarding each financial institution on the platform, from signup to production. Please find the publicly available resources below:

a) API docs and how to access resources
b) Institution configuration guide to connect various institutions and add them to your app.
c) Guide on accessing and using financial data in 15 minutes.

The manual onboarding steps have been automated and are facilitated by us (digital certificate registration, application creation on the banks etc) via the application dashboard. Our Slack channel for the developer community provides real-time assistance and live access to our engineering team.

14. I’m building an MVP but I’m not regulated, can Yapily help?

Yes. Some challenger banks provide real money ‘personal access’ accounts you can link to your app and use live with us. Here’s one example in our guidance from Starling Bank. Otherwise, connect to sandboxes and closely simulate open banking, simply uploading your certificates once regulated and start using live feeds.

15. Can I migrate my current third-party data provider to your API?

Yes! We have a dedicated team that assists companies wishing to urgently switch data channels for the commercial, security and legal benefits of API-only connectivity, or to integrate into our single API endpoint. We can manage the migration. Drop us a line and we’ll chat.

16. What is Open Data, and can I access them without FCA regulation (in the UK)?

Open Data describe open source banking data that you are free to access as a business or end consumer - regardless of whether or not you are a client of that specific bank. For example, a bank’s mortgage rate or overdraft fees are Open Data. We provide such data over our API to enrich your products - no need for you to be regulated. Read more on our GitHub guide to access Open Data using our API.

17. How does Yapily handle digital certificates required for API communications?

As the FCA suggests in their recent documentation, it is a standard for Technical Service Providers to use their clients’ certificates. We have a secure certificate management vault for developers to upload digital transport & signing certificates and manage them for API connectivity.