(window.webpackJsonp=window.webpackJsonp||[]).push([[29],{333:function(e,n,a){"use strict";a.r(n);var t=a(10),s=Object(t.a)({},(function(){var e=this,n=e._self._c;return n("ContentSlotsDistributor",{attrs:{"slot-key":e.$parent.slotKey}},[n("h1",[e._v("Open Banking Specifics in Germany")]),e._v(" "),n("h2",{attrs:{id:"authentication-flows-and-sca"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#authentication-flows-and-sca"}},[e._v("#")]),e._v(" Authentication flows and SCA")]),e._v(" "),n("p",[e._v("German banks predominantly use "),n("strong",[e._v("redirect-based flows")]),e._v(" for PSD2 Open Banking authentication.\nNoticeable exception is Volksbanken Raiffeisenbanken (the German Cooperative Financial Group), which\nonly offers decoupled and so-called embedded flows.")]),e._v(" "),n("p",[e._v("Strong Customer Authentication (SCA) is typically performed using "),n("strong",[e._v("mobile banking apps")]),e._v(",\n"),n("strong",[e._v("photoTAN")]),e._v(", "),n("strong",[e._v("pushTAN")]),e._v(", or "),n("strong",[e._v("chipTAN")]),e._v(" methods. The method varies per bank and per user profile,\nespecially between retail and corporate customers.")]),e._v(" "),n("p",[e._v("Identification during login generally involves entering a "),n("strong",[e._v("user number or login name")]),e._v(", often\nfollowed by a "),n("strong",[e._v("PIN")]),e._v(".")]),e._v(" "),n("h2",{attrs:{id:"major-banks-aspsps"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#major-banks-aspsps"}},[e._v("#")]),e._v(" Major Banks (ASPSPs)")]),e._v(" "),n("p",[e._v("The most widely used German ASPSPs, in order of significance, are:")]),e._v(" "),n("ul",[n("li",[n("a",{attrs:{href:"#deutsche-bank"}},[e._v("Deutsche Bank")])]),e._v(" "),n("li",[n("a",{attrs:{href:"#commerzbank"}},[e._v("Commerzbank")])]),e._v(" "),n("li",[n("a",{attrs:{href:"#postbank"}},[e._v("Postbank")]),e._v(" (part of Deutsche Bank)")]),e._v(" "),n("li",[n("a",{attrs:{href:"#hypovereinsbank"}},[e._v("HypoVereinsbank")]),e._v(" (UniCredit banking group)")]),e._v(" "),n("li",[n("a",{attrs:{href:"#dkb"}},[e._v("DKB")]),e._v(" (Deutsche Kreditbank)")]),e._v(" "),n("li",[n("a",{attrs:{href:"#ing"}},[e._v("ING")])]),e._v(" "),n("li",[n("a",{attrs:{href:"#volksbanken-raiffeisenbanken"}},[e._v("Volksbanken Raiffeisenbanken")])]),e._v(" "),n("li",[n("a",{attrs:{href:"#sparkasse"}},[e._v("Sparkasse")])])]),e._v(" "),n("p",[e._v("A full list of German banks (as per EBA) is available "),n("a",{attrs:{href:"https://enablebanking.com/open-banking-apis?country=DE",target:"_blank",rel:"noopener noreferrer"}},[e._v("here"),n("OutboundLink")],1),e._v(".")]),e._v(" "),n("h2",{attrs:{id:"payment-specifics"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#payment-specifics"}},[e._v("#")]),e._v(" Payment Specifics")]),e._v(" "),n("p",[e._v("All German ASPSPs support "),n("strong",[e._v("SEPA Credit Transfers (SCT)")]),e._v(" in "),n("strong",[e._v("EUR (Euro)")]),e._v(" through their open\nbanking APIs. "),n("strong",[e._v("Instant SEPA Credit Transfers (SCT Inst)")]),e._v(" are supported by some banks, particularly\nlarger ones like Deutsche Bank, Commerzbank, and DKB, but are "),n("strong",[e._v("not yet universally supported")]),e._v("\nacross all German ASPSPs.")]),e._v(" "),n("p",[e._v("Due to so-called "),n("em",[e._v("batch processing")]),e._v(", many German banks do not provide final statuses such as "),n("code",[e._v("ACSC")]),e._v(",\n"),n("code",[e._v("ACCC")]),e._v(", or "),n("code",[e._v("RJCT")]),e._v(" for initiated payments. The last available status depends on the bank and the type\nof payment being initiated; often, the last available status is "),n("code",[e._v("ACCP")]),e._v(".")]),e._v(" "),n("h2",{attrs:{id:"specifics-per-aspsp"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#specifics-per-aspsp"}},[e._v("#")]),e._v(" Specifics per ASPSP")]),e._v(" "),n("h3",{attrs:{id:"deutsche-bank"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#deutsche-bank"}},[e._v("#")]),e._v(" Deutsche Bank")]),e._v(" "),n("p",[e._v("Deutsche Bank uses the "),n("strong",[e._v("redirect authentication flow")]),e._v(". However, before the redirect can be\ndone, user's identification needs to be provided. Deutsche Bank ID (2-50 characters, no spaces) is used for user identification.\nAfter redirect to the bank's authentication page, the user is required to input the sub-account number and the PIN.\nMultiple SCA methods available depending on the user's setup, including "),n("strong",[e._v("Deutsche Bank photoTAN")]),e._v(" app and "),n("strong",[e._v("TAN generator")]),e._v(".")]),e._v(" "),n("p",[e._v("Since the Deutsche Bank Online Banking migration effective 24 August 2025, customers must use their self-defined Deutsche Bank ID\nfor login and identification. Previously, identification was based on the FKDN (3-digit branch number and 7-digit customer number).\nUsers who are still using the old FKDN format are required to log in to Online Banking and migrate to the new Deutsche Bank ID.")]),e._v(" "),n("h3",{attrs:{id:"commerzbank"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#commerzbank"}},[e._v("#")]),e._v(" Commerzbank")]),e._v(" "),n("p",[e._v("Commerzbank supports a "),n("strong",[e._v("redirect-based flow")]),e._v(". Up on redirect to the bank's authentication page\nusers are required to input their  online banking credentials: 8 digit banking ID (Teilnehmernummer) or its alias (Benutzername) and PIN. Once authenticated, users are prompted to confirm the access\nto account information or payment using a TAN provided through the "),n("strong",[e._v("Commerzbank photoTAN")]),e._v(" app.")]),e._v(" "),n("p",[e._v("Corporate and retail users access Open Banking through the same interface.")]),e._v(" "),n("h3",{attrs:{id:"postbank"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#postbank"}},[e._v("#")]),e._v(" Postbank")]),e._v(" "),n("p",[e._v("Postbank (part of the Deutsche Bank) uses "),n("strong",[e._v("redirect authentication flow")]),e._v(". Before the redirect can\nbe done, user's Postbank ID needs to be provided. The primary SCA method is Postbank's "),n("strong",[e._v("BestSign")]),e._v("\nmobile app.")]),e._v(" "),n("h3",{attrs:{id:"hypovereinsbank"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#hypovereinsbank"}},[e._v("#")]),e._v(" HypoVereinsbank")]),e._v(" "),n("p",[e._v("HypoVereinsbank (UniCredit group) provides Open Banking API with redirect authentication flow. After\nredirect to the authentication web page users have to input their direct banking number and PIN. SCA\nis performed using the "),n("strong",[e._v("HVB Banking")]),e._v(" mobile app.")]),e._v(" "),n("h3",{attrs:{id:"dkb"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#dkb"}},[e._v("#")]),e._v(" DKB")]),e._v(" "),n("p",[e._v("When using open banking interface DKB (Deutsche Kreditbank) users can choose between SCA with\n"),n("strong",[e._v("DKB")]),e._v(" mobile app ("),n("strong",[e._v("redirect-based flow")]),e._v(" with automatic app switch when DKB mobile app is\ninstalled) and "),n("strong",[e._v("Chip TAN")]),e._v(" ("),n("strong",[e._v("decoupled flow")]),e._v("). In both options username and password are to\nprovided before authentication can be started.")]),e._v(" "),n("h4",{attrs:{id:"dkb-sandbox-availability"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#dkb-sandbox-availability"}},[e._v("#")]),e._v(" Sandbox Availability")]),e._v(" "),n("p",[e._v("DKB provides a sandbox environment suitable for end-to-end testing including authorisation\nflows, account information retrieval, and initiation of payments.")]),e._v(" "),n("p",[e._v("It is available through the Enable Banking API's sandbox environment. Please refer to the\n"),n("RouterLink",{attrs:{to:"/api/sandbox/#dkb"}},[e._v("Sandbox Credentials")]),e._v(" section for the credentials to be used\nfor authentication in the DKB sandbox.")],1),e._v(" "),n("h3",{attrs:{id:"ing"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#ing"}},[e._v("#")]),e._v(" ING")]),e._v(" "),n("p",[e._v("ING Germany supports Open Banking interface with the "),n("strong",[e._v("redirect authentication flow")]),e._v(". App switch to\nthe "),n("strong",[e._v("ING Deutschland")]),e._v(" app is done automatically when the app is installed on the device from which\nopen banking auth flow is triggered.")]),e._v(" "),n("h3",{attrs:{id:"volksbanken-raiffeisenbanken"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#volksbanken-raiffeisenbanken"}},[e._v("#")]),e._v(" Volksbanken Raiffeisenbanken")]),e._v(" "),n("p",[e._v("As a network of many regional cooperative banks, users must select their "),n("strong",[e._v("local bank")]),e._v(" when\ninitiating Open Banking authentication. SCA using "),n("strong",[e._v("VR SecureGo plus")]),e._v(" app, "),n("strong",[e._v("SmartTAN")]),e._v(",\n"),n("strong",[e._v("SmartTAN Photo")]),e._v(" and "),n("strong",[e._v("Mobile TAN")]),e._v(" methods can be used (depending on the users settings). All SCA\nmethods require providing "),n("strong",[e._v("VR NetKey")]),e._v(" (user ID) and "),n("strong",[e._v("PIN")]),e._v(". App switch is supported when the\nSecureGo app is present.")]),e._v(" "),n("p",[e._v("Support for Instant SEPA payments varies by individual bank within the network.")]),e._v(" "),n("h4",{attrs:{id:"volksbanken-raiffeisenbanken-sandbox-availability"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#volksbanken-raiffeisenbanken-sandbox-availability"}},[e._v("#")]),e._v(" Sandbox Availability")]),e._v(" "),n("p",[e._v("The German Cooperative Financial Group provides a sandbox environment suitable for end-to-end\ntesting including authorisation flows, account information retrieval, and initiation of payments.")]),e._v(" "),n("p",[e._v("It is available through the Enable Banking API's sandbox environment. Please refer to the\n"),n("RouterLink",{attrs:{to:"/api/sandbox/#german-cooperative-financial-group"}},[e._v("Sandbox Credentials")]),e._v(" section for\nthe credentials to be used for authentication in the sandbox. The same credentials work for brands\nunder the group, including Aachener Bank, Berliner Volksbank, Dortmunder Volksbank, and other\nRaiffeisen-Volksbanks.")],1),e._v(" "),n("h3",{attrs:{id:"sparkasse"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#sparkasse"}},[e._v("#")]),e._v(" Sparkasse")]),e._v(" "),n("p",[e._v("Sparkasse is the group of a large number of regional banks. In Open Banking, users must select their\n"),n("strong",[e._v("specific Sparkasse")]),e._v(". After redirect to the bank's authentication web page, users shall enter the\n"),n("strong",[e._v("Anmeldename")]),e._v(" (login name) and "),n("strong",[e._v("Online-Banking-PIN")]),e._v(". SCA is typically performed using the\n"),n("strong",[e._v("S-pushTAN app")]),e._v(" or a "),n("strong",[e._v("chipTAN device")]),e._v(". Mobile users with the S-pushTAN app installed benefit\nfrom "),n("strong",[e._v("automatic app switch")]),e._v(" during authentication.")]),e._v(" "),n("p",[e._v("SCT Inst support varies by regional bank.")])])}),[],!1,null,null,null);n.default=s.exports}}]);