Introduction
API base
Schema:
httpsHost:
api.finsify.comBase path:
/v2
Welcome to the Finsify API! Our API allows you to easily access your Finsify Hub account, get information about your transaction history. In addition you may provide services for Finsify customers and access their accounts if certain conditions are met.
Our API is RESTful, we use JSON format.
Definition
Please read the terms of Finsify Hub's documents
Customer identify a user on Finsify system. Partners need to store this information because it is only provided once.
Token is one code to make the connection with Finsify. It is used when partner needs to connect with a service provided by Finsify.
Login could be known as an account of customer which was logged in on Finsify Hub system.
Account One login could include several accounts. For example, one internet bank account could be accessed to different accounts such as current account, saving account, credit card which have different balance and transaction history.
Transaction it provides information of each transaction from each account.
Service is service provided by Finsify Hub. It could be an ecommerce website, financial institution such as Paypal, Vietcombank, Maybank, etc.
Authentication
Authenticate your account when using the API by including your secret API key in the request. You can manage your API keys in the Dashboard. Your API keys carry many privileges, so be sure to keep them secret! Do not share your secret API keys in publicly accessible areas such GitHub, client-side code, and so forth.
HTTP Header
To access to Finsify system, Header of HTTP request must contain 2 headers Client-Id andService-secret(or App-secret).
Description
| Header | Required | Description |
|---|---|---|
| Client-Id | yes | Finsify identifies partner by client-id . |
| Service-secret | yes | Use for web-based service. |
| App-secret | yes | Use for mobile applications. |
Sample
An example of a request to Finsify system:
NodeJS code
var request = require("request");
var options = { method: 'POST',
url: 'https://api.finsify.com/v2/customer',
headers:
{ 'service-secret': 'sample-service-secret',
'client-id': 'sample-client-id',
'content-type': 'application/json',
accept: 'application/json' },
body: { identifier: 'sample-authentication' },
json: true };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
Php code
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://api.finsify.com/v2/customer",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\n \"identifier\": \"sample-authentication\"\n}",
CURLOPT_HTTPHEADER => array(
"accept: application/json",
"client-id: Tu5dvG07KVpx6b",
"content-type: application/json",
"service-secret: 75167f66-22dc-415d-b799-c0dd73b951ca"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
Java OK HTTP
OkHttpClient client = new OkHttpClient();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n \"identifier\": \"sample-authentication\"\n}");
Request request = new Request.Builder()
.url("https://api.finsify.com/v2/customer")
.post(body)
.addHeader("accept", "application/json")
.addHeader("content-type", "application/json")
.addHeader("client-id", "sample-client-id")
.addHeader("app-secret", "sample-app-secret")
.build();
Response response = client.newCall(request).execute();
Swift (NSURL)
import Foundation
let headers = [
"accept": "application/json",
"content-type": "application/json",
"client-id": "sample-client-id",
"app-secret": "sample-app-secret"
]
let parameters = ["identifier": "sample-authentication"] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api.finsify.com/v2/customer")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()
Objective-C (NSURL)
#import <Foundation/Foundation.h>
NSDictionary *headers = @{ @"accept": @"application/json",
@"content-type": @"application/json",
@"client-id": @"sample-client-id",
@"app-secret": @"sample-app-secret" };
NSDictionary *parameters = @{ @"identifier": @"sample-authentication" };
NSData *postData = [NSJSONSerialization dataWithJSONObject:parameters options:0 error:nil];
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"https://api.finsify.com/v2/customer"]
cachePolicy:NSURLRequestUseProtocolCachePolicy
timeoutInterval:10.0];
[request setHTTPMethod:@"POST"];
[request setAllHTTPHeaderFields:headers];
[request setHTTPBody:postData];
NSURLSession *session = [NSURLSession sharedSession];
NSURLSessionDataTask *dataTask = [session dataTaskWithRequest:request
completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
if (error) {
NSLog(@"%@", error);
} else {
NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse *) response;
NSLog(@"%@", httpResponse);
}
}];
[dataTask resume];
Getting started
Flow
- Register for an Developer account
- Create a new customer to let Finsify know who is using service
- Select a service
- Request to create a token to access to services provided by Finsify
- Enter login information of selected service
- Wait for process to finish and receive data via APIs
Services
You can access to the list of service provided by Finsify.
HTTP Request
GET https://assets.finsify.com/service.json
Structure of a service
{
"id": 67,
"name": "AmBank",
"provider": "Finsify",
"media_path": "https://assets.finsify.com/services/",
"cover_file_name": "ambank-cover.png",
"logo_file_name": "ambank-logo.png",
"color": {
"primary": "ED1B24",
"secondary": "FEF200"
},
"type": "bank",
"country_code": "MY",
"has_balance": true,
"call_to_action": null
}
Structure description
| Key | Type | Description |
|---|---|---|
| id | integer | Service ID |
| name | string | Name of service provided by Finsify Hub |
| provider | string | Name of Finsify's partner. finsify is deploy by Finsify Hub. |
| media_path | string | URL to link of service's images. |
| cover_file_name | string | Cover file name. A cover always has 3 sizes: small, medium and large. |
| logo_file_name | string | Logo file's name |
| color | object | Colour code of service. |
| type | string | The type of services provided by Finsify Hub. Finsify currently supports bank, statement and other. |
| country_code | string | Service's country code. |
| has_balance | boolean | Does service have available balance? |
| call_to_action | object | If no call_to_action, value is NULL |
Example of Call to action
"call_to_action": {
"prompt": "No account yet?",
"text": "Register now!",
"url": "https://example.com/register-account"
}
Note about media_path
To have a complete url of cover or logo image, it should be merged string media-path with cover_file_name or logo_file_name.
In order to have a valid URL, cover_file_name must contain size. Example:
https://assets.finsify.com/services/ambank-cover-medium.png
https://assets.finsify.com/services/westpac_bank-cover-large.jpg
API Guide
Create a new customer.
curl -X POST \
https://api.finsify.com/v2/customer \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'client-id: sample-clientId' \
-H 'service-secret: sample-clientSecret' \
-d '{
"identifier": "sample-identifier-user"
}'
const request = require('request');
var request = require("request");
var options = { method: 'POST',
url: 'https://api.finsify.com/v2/customer',
headers:
{ 'service-secret': 'sample-clientSecret',
'client-id': 'sample-clientId',
'content-type': 'application/json',
accept: 'application/json' },
body: { identifier: 'sample-identifier-user' },
json: true };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
The above command returns JSON structured like this:
{
"data": {
"customer_id": "115eff49-1323-4f09-9fc1-c8009d81777b",
"identifier": "sample-identifier-user"
},
"version": "v2"
}
Sample error
{
"error": "CustomerExists",
"message": "Customer \"sample-identifier-user\" is exists",
"extra": {
"identifier": "sample-identifier-user"
}
}
This endpoint allow create a customer.
HTTP Request
POST https://api.finsify.com/v2/customer
Body Parameters
| Parameter | Type | Description |
|---|---|---|
| identifier | string | Identify customer on your system. |
Create a token.
curl -X POST \
https://api.finsify.com/v2/token \
-H 'client-id: sample-clientId' \
-H 'content-type: application/json' \
-H 'service-secret: sample-clientSecret' \
-d '{
"customer_id": "115eff49-1323-4f09-9fc1-c8009d81777b",
"service_id": 8,
"callback_url": "http://localhost:2000/v2"
}'
var request = require("request");
var options = { method: 'POST',
url: 'https://api.finsify.com/v2/token',
headers:
{ 'service-secret': 'sample-clientSecret',
'client-id': 'sample-clientId',
'content-type': 'application/json' },
body:
{ customer_id: '115eff49-1323-4f09-9fc1-c8009d81777b',
service_id: 8,
callback_url: 'http://localhost/finsify-callback' },
json: true };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
The above command returns JSON structured like this:
{
"data": {
"id": "fa03b249-3024-4564-a4bf-2661319e5a07",
"connect_url": "https://api.finsify.com/v2/connect/term/fa03b249-3024-4564-a4bf-2661319e5a07"
},
"version": "v2"
}
To connect with Finsify's services, we will provide a token.
HTTP Request
POST https://api.finsify.com/v2/token
Body Parameters
| Parameter | Type | Description |
|---|---|---|
| customer_id | string | Identify customer on Finsify system, get it after creating new customer. |
| service_id | integer | Service ID provided by Finsify. Read more List of service |
| callback_url | string | After successful connect, Finsify will send customer data through this URL. |
Response
With returned data, Developer use connect_url in order to access to Finsify’s website
Connect response
Data will be sent via callback_url when connect. callback_url is registered when creating token.
Sample connect successful
{
"status": "success",
"login_id": 23456,
"secret": "78cea84c-7eb8-4425-2312-3a1ac8383afe"
}
Describe flow
After successful connect on Finsify Website, Finsify will send data via webview or browser by redirecting to registered callback_url.
Example:
yourapp://finsify-hub/{"status":"success","login_id":23456,"secret":"78cea84c-7eb8-4425-2312-3a1ac8383afe"}
Account List
curl -X GET \
https://api.finsify.com/v2/account \
-H 'client-id: sample-clientId' \
-H 'content-type: application/json' \
-H 'login-secret: 78cea84c-7eb8-4425-2312-3a1ac8383afe' \
-H 'service-secret: sample-secret'
var request = require("request");
var options = { method: 'GET',
url: 'https://api.finsify.com/v2/account',
headers:
{ 'login-secret': '78cea84c-7eb8-4425-2312-3a1ac8383afe',
'service-secret': 'sample-serviceSecret',
'client-id': 'sample-clientId',
'content-type': 'application/json' } };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
Request successful. Response return JSON data:
{
"data": [
{
"id": 14324,
"original_id": "mockup-data-123456",
"login_id": 123456,
"name": "Finsify sample account",
"balance": "291087.00",
"currency": "VND",
"type": "current"
}
],
"version": "v2"
}
Or request failed
{
"error": "LoginNotFound",
"message": "Cannot find Login with login secret: 'd16bdfd0-5bd2-46d3-96c2-12313sdsda'.",
"extra": {
"loginSecret": "d16bdfd0-5bd2-46d3-96c2-12313sdsda"
}
}
With this API, developer can get the list of accounts that user has connected.
HTTP Request
GET https://api.finsify.com/v2/account
Header Parameters
On header of request has login-secret. Finsify uses this information to find list account of customer.
| Header | Description |
|---|---|
| login-secret | Get it after connecting successfully. |
Response
Structure of data:
| Params | Type | Description |
|---|---|---|
| data | Array | Finsify account data |
| version | String | Finsify API version |
Get transactions
This API allows developer get transactions list of an account
curl -X GET \
'https://api.finsify.com/v2/transaction?account_id=14324&from_date=2016-08-26&to_date=2017-10-25' \
-H 'client-id: sample-clientId' \
-H 'content-type: application/json' \
-H 'login-secret: 78cea84c-7eb8-4425-2312-3a1ac8383afe' \
-H 'service-secret: sample-service-secret'
var request = require("request");
var options = { method: 'GET',
url: 'https://api.finsify.com/v2/transaction',
qs:
{ account_id: '1226893',
from_date: '2016-08-26',
to_date: '2017-10-25' },
headers:
{ 'login-secret': '626fb63e-0543-4722-9e78-e9e42fca2e85',
'service-secret': '75167f66-22dc-415d-b799-c0dd73b951ca',
'client-id': 'Tu5dvG07KVpx6b',
'content-type': 'application/json' } };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
Response if request is successful
{
"data": [
{
"id": 4116357,
"original_id": "techcombank-0bd9d3f5d3406cf0b1d545ccab422fa2",
"date": "2017-03-27",
"amount": "-61299.00",
"currency": "VND",
"description": "GD THE QUA POS SO THE 422149...0052 NGAY 26/03/2017 TAI UBER VN MAR27 R5HKO HE help.uber.com NL APPCODE 579124 TID / FT17086406712347",
"category": "auto_and_transport",
"meta": null
},
{
"id": 4116358,
"original_id": "techcombank-1cef6959d463d8934115ce5e9a2a0c7c",
"date": "2017-03-27",
"amount": "-23450.00",
"currency": "VND",
"description": "GD THE QUA POS SO THE 422149...0052 NGAY 26/03/2017 TAI UBER VN MAR27 AQBOO HE help.uber.com NL APPCODE 576931 TID / FT17086103050008",
"category": "auto_and_transport",
"meta": null
},
{
"id": 4116359,
"original_id": "techcombank-a8dae967460a0881ecee8f849f408bd2",
"date": "2017-03-27",
"amount": "-127396.00",
"currency": "VND",
"description": "GD THE QUA POS SO THE 422149...0052 NGAY 26/03/2017 TAI UBER VN MAR26 PW7K5 HE help.uber.com NL APPCODE 535772 TID / FT17086522805934",
"category": "auto_and_transport",
"meta": null
},
{
"id": 4116353,
"original_id": "techcombank-5c03e6df3ee5381acf0dfa6ba320c9dc",
"date": "2017-03-27",
"amount": "-26467.00",
"currency": "VND",
"description": "GD THE QUA POS SO THE 422149...0052 NGAY 27/03/2017 TAI UBER VN MAR27 HCADN HE help.uber.com NL APPCODE 583730 TID / FT17086851032573",
"category": "auto_and_transport",
"meta": null
},
{
"id": 4779956,
"original_id": "techcombank-f8c88974d15f0beb80d7527256709c45",
"date": "2017-07-04",
"amount": "-26000.00",
"currency": "VND",
"description": "GD THE QUA POS SO THE 422149...0052 NGAY 04/07/2017 TAI UBER TRIP KLPVK HELP.U help.uber.com NL APPCODE 198836 TID / FT17185354419755",
"category": "auto_and_transport",
"meta": null
},
...
],
"version": "v2"
}
HTTP Request
GET https://api.finsify.com/v2/transaction
Query Parameters
| Parameters | Type | Description |
|---|---|---|
| account_id | integer | Customer account code. |
| from_date | date('YYYY-MM-DD') | Starting date. |
| end_date | date('YYYY-MM-DD') | Ending date. |
Webhooks
Webhooks are notifications (HTTP callbacks) to customers that let them know an event has occurred. They can take relevant/useful actions as needed.
Benefits of Webhooks
With webhooks developers don't have to poll continuously to know the status of a process. Finsify will keep customers informed about the event. Finsify webhooks let customers know:
- the MFA information is requested by the provider site to log in for aggregating data
- the Finsify system has performed the login on the provider site successfully
- the Finsify system has retrieved the account summary information from the provider site successfully
- the final status of account addition or update account APIs
Webhooks APIs
Customers can use the following webhooks services
Webhooks Supported Events
- Notification new transaction.
- Notification login change status.
New transaction
When there is a new transactions, Finsify will send data via webhook endpoint which was set up in Developer profile.
Message notifies a new transaction
{
"login_id": 21000,
"timestamp": 1467331200000,
"accounts": [{"id": 19316}],
"new": 1,
"referenceId": "hsSU83HnX"
}
Login status has changed.
login_wrong_credentials- login changed password.login_password_expired- login password is expired.login_account_locked- login is locked.
Example: Send a message via webhook to notify that login status has changed
{
"status": "login_wrong_credentials",
"login_id": 538
}
login_wrong_credentials account password has been changed.
login_password_expired Account password has been expired. User need to access to Internet Banking or Call to Support center to change the password.
login_account_locked Account has been locked. User should contact banks to get support.
Reconnect
Use to request user to re-login, for example account password of Internet banking has been changed.
curl -X POST \
https://api.finsify.com/v2/token/reconnect \
-H 'client-id: sample-clientId' \
-H 'content-type: application/json' \
-H 'login-secret: sample-loginSecret' \
-H 'service-secret: sample-serviceSecret' \
-d '{
"callback_url": "http://localhost:2000/v2"
}'
var request = require("request");
var options = { method: 'POST',
url: 'https://api.finsify.com/v2/token/reconnect',
headers:
{ 'login-secret': 'sample-loginSecret',
'service-secret': 'sample-serviceSecret',
'client-id': 'sample-clientId',
'content-type': 'application/json' },
body: { callback_url: 'http://localhost:2000/v2' },
json: true };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
Response if request is successful
{
"data": {
"id": "def5ac74-3d17-46ef-a940-4b3dd1a874ab",
"connect_url": "https://api.finsify.com/v2/connect/term/def5ac74-3d17-46ef-a940-4b3dd1a874ab"
},
"version": "v2"
}
HTTP Request
POST https://api.finsify.com/v2/token/reconnect
Body Parameters
| Parameters | Type | Description |
|---|---|---|
| callback_url | string | After connect successful, Finsify will send data of user through this URL. |
Active/Inactive login
That API allows Finsify partners to change Login status of users.
curl -X PUT \
https://sandbox.zoostd.com/v2/login/deactivate \
-H 'client-id: sample-clientId' \
-H 'content-type: application/json' \
-H 'login-secret: sample-loginSecret' \
-H 'service-secret: sample-serviceSecret'
var request = require("request");
var options = { method: 'PUT',
url: 'https://sandbox.zoostd.com/v2/login/deactivate',
headers:
{ 'login-secret': 'sample-loginSecret',
'service-secret': 'sample-serviceSecret',
'client-id': 'sample-clientId',
'content-type': 'application/json' },
json: true };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
Response if active successful
{
"data": {
"id": 52345,
"activate": true
}
}
Or deactived
{
"data": {
"id": 52345,
"deActivate": true
}
}
HTTP Request
PUT https://api.finsify.com/v2/login/activate
or
PUT https://api.finsify.com/v2/login/deactivate
Refresh login
If user does not update transactions, refresh login will support to get transactions
curl -X PUT \
https://api.finsify.com/v2/login/refresh \
-H 'client-id: sample-clientId' \
-H 'content-type: application/json' \
-H 'login-secret: sample-loginSecret' \
-H 'service-secret: sample-ServiceSecret'
var request = require("request");
var options = { method: 'PUT',
url: 'https://api.finsify.com/v2/login/refresh',
headers:
{ 'login-secret': 'sample-loginSecret',
'service-secret': 'sample-ServiceSecret',
'client-id': 'sample-clientId',
'content-type': 'application/json' },
json: true };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
Response
{
"data": {
"id": 51234,
"refreshed": true,
"last_refresh_at": "2017-08-13T09:19:08.073Z",
"next_refresh_possible_at": "2017-08-13T09:24:08.073Z"
},
"version": "v2"
}
HTTP Request
PUT https://api.finsify.com/v2/login/refresh
Errors
The Finsify API uses the following error codes:
| Status Code | Error | Description |
|---|---|---|
| 400 | BadRequest | Invalid Request |
| 404 | AccountNotFound | Account is not found - Your account request not found in server |
| 404 | ClientNotFound | Can't find client with your id |
| 503 | ConnectError | We're temporarily offline. Please try again later. |
| 400 | ContentInputInvalid | Only allow data type application/json |
| 400 | CredentialInvalid | Credentials is invalid |
| 500 | CustomerCreateError | Can't create new customer. Please try later. |
| 400 | CustomerExists | Your customer is exists |
| 404 | CustomerNotFound | Can't find your customer. |
| 400 | DataInvalid | Data is invalid |
| 500 | InternalError | Sorry server is crash. Please try again. |
| 404 | LoginNotFound | Login is not found - Can't find your login in server |
| 503 | ServerMaintenance | Servers are currently undergoing maintenance. Please try later |
| 404 | ServiceNotFound | Service is not found - Your service request is not define |
| 500 | TokenCreateError | Can't create a token. Please try again. |
| 400 | TokenExpire | Your token is expired. Please create new token. |
Status Code is status in HTTP request.
White paper
Finsify Aggregator provides Bank Aggregation service with the help of screen scraping technologies. In this blog, we will give you an overview of this technology and how it benefits fintech companies.
Definition of Screen Scraping
According Wikipedia (https://en.wikipedia.org/wiki/Data_scraping), Screen Scraping or Data Scraping is a technique in which a computer program extracts data from human-readable output coming from another program. In other words, it's is a process through which the information is gathered from the Internet and is then later aggregated for some particular use.
Now we will explain the term Screen Scraping in the words that everyone can understand, even an old men who has never used computer before. Think about a public library which has hundred thousands of books. To know what the books are about, their subjects, it actually needed to be read and labeled or categorized. It seem a ton of work with enormous effort.
When applying screen scraping, these a not the books we handle with but the web pages. As data is in digital form, it's possible to perform all processes without any human efforts. Imagine that a robot is able to screen all pages of book at the light speed then places books at the right shelf in the library. You can imagine screen scraping technology is similar.
Example of Screen Scraping: Google Search
One of the best examples of screen scraping is Google Search the thing the Internet users like us use everyday. You enter the searching phases and Google shows up the search results within seconds.
According to Google, (https://www.google.com/search/howsearchworks/) Google is using web crawlers to organize information from webpages and other publicly available content in the Search index. Before you search, web crawlers gather information from across hundreds of billions of web pages and organize it in the Search index.
Data Scraping in Fintech aka Financial Technology
Now this is the most important part of this article. As you know, your financial information including account balance, transaction history, savings or debts is stored and secured by your banks and it mostly could not be accessed publicly.
Is it good or bad? Generally it's good because you would rarely want to share your information to others such as third parties. However, in some circumstances it's better to share your financial information with another secure institution than keeping it in the safe.
Fintech companies leverage screen scraping technology to develop products that better service both individual consumers and corporates.
The most well-known use case is personal finance management solution. Personal financial management (PFM) refers to software that helps users manage their money. PFM often lets users categorize transactions and add accounts from multiple institutions into a single view. PFM also typically includes data visualizations such as spending trends, budgets and net worth. (https://en.wikipedia.org/wiki/Personal_financial_management).
Before, consumers have to handle all tasks manually such as download bank statements, categorize transactions, it's really time-consuming. But thank for screen scraping technology to enable PFM software to process most of tasks automatically. It helps user to download bank statements, categorize transactions, generate reports, advise them based on consumer goals and transaction history and it's totally automatic.
Corporates benefit from screen scraping technology when using automatic accounting services. It helps companies gather a lots of transactions from multiple bank accounts in one place, accounting software in near real-time, 24/7. It means no more manual jobs, no more delay and mistakes.
When you share your information to financial institutions they can analyse your previous performance then supply you more attractive offers such as credit card or loan with reasonable rate. We can say that banks and institution could leverage and adapt data scraping to better understand consumer behaviour and consumption of financial service to offer their customers more suitable products.
Advantages of Finsify Screen Scraping technology
Now we have come to a part where I suppose to tell why Finsify Aggregator technology is exactly what you need when it comes to extracting financial data. Let's see how our technology works for you.
Security
Finisfy Aggregator offers both SaaS and On-Premises solutions to fit the needs of different clients. Both solutions offer a high level of data security:
No sensitive credentials are ever stored in database or logged on the server thus virtually eliminating risk of any external attacks on the server running service
Credentials are stored only in volatile memory and are deleted as soon as they are no longer needed
No financial data is persisted to database unless the user explicitly chooses to do so. However, it needs to be stressed that the data is stored in database only for a predefined period of time (24 hours at most). The API allows the client to delete any stored data, when it becomes obsolete
Industry standard: to fetch data Finsify Aggregator service uses https protocol to connect to external websites
Finsify Aggregator service is well protected against man-in-the-middle attacks. It uses its own trust store containing strictly selected CA certificates that identify other parties the service connects to, during the development phase strong emphasis is placed on security. Every change to the core of the Finisfy Aggregator service is reviewed before going on to production.
Finsify Aggregator provides a dedicated server for every single client. This way you are not only getting enhanced security, but also a higher degree of reliability. Less requests will take place, hence the chances something goes wrong are smaller too. Also, there will be less stress placed on your servers, less bandwidth will be used and you could actually get more imports in the same time!
Speech
Finsify Aggregator is developed in pure Java, our technology lets us perform the extraction of the data faster and with a higher rate of success.
Speed, of course, is the one of considerable factor when selecting aggregation service beside Security.
Flexibility
Another great point of our software is its flexibility. As you can choose among different integration models depending on the needs of your organisation, you can also get financial data aggregation customised to fit the needs of your software or application.
In general, we are simply supplying you with the technology that is exactly like a plain canvas – you are an artist that has to create the app the way you want it using our service.
Hope this article is helpful. If you have any questions or feedbacks, please drop email to [email protected]