Our banking interface is open to third-party apps that help our clients to manage their bank accounts and data via an API.
Use of third-party apps is voluntary. If, as our client, you choose to use one of our apps to help you manage your banking data, please exercise caution. These apps are not developed by PPF banka.
Make sure that it is a trusted third-party app from a trustworthy source.
You may withdraw your permission for third-party apps to access your account at any time.
If you have any questions, please email us at email@example.com.
What is a third-party app?
An app that provides PPF banka’s services indirectly (in other words, an app that has not been created by PPF banka). These apps differ from each other in the processing, level and range of services they offer.
Why does PPF banka allow access to banking data?
The Payments Act requires us to do so, provided that security conditions are met.
Who can become a third party?
A third party may be a company or bank that has been granted a licence by a competent administrative authority from an EU member state.
Who grants or prohibits access to this banking data?
It is always up to users, on a voluntary basis, whether to allow a link to be created to a specific bank account. They may allow this up to the maximum extent of the rights granted to them in relation to the client’s accounts. Once you – as a user – have allowed access, you are free to withdraw your permission at any time afterwards. In your internet banking, you can view the list of third-party apps you have allowed to access your accounts. Here, disabling the access of any of these listed apps is a simple step.
Payment account information (AISP)
If the client has given permission, a third party provides information about a payment account and transactions carried out in the client’s account at the bank. For example, clients who hold accounts at multiple banks can use a third-party app to see their transaction history and balances for all those accounts at the same time in one place.
Option of placing a payment order (PISP)
If the client has given permission, a third party initiates a payment order from the client’s payment account held at the bank. For example, when making an online purchase, instead of paying by card the client may choose to use an alternative method of payment for the merchandise by initiating payment directly from the account. The payment order is pre-filled by a third party (entering the payee’s details, the amount, the payment symbols and/or a description of the payment), the client checks the order and authorises it by confirming the transaction.
Option of verifying whether there is enough money in an account to make a card payment (CISP)
A third party may issue a payment instrument (a card) that is linked to a payment account at a bank. When this card is used, a third party will be able to verify whether the client has sufficient funds in their bank account to make a transaction with the card. PPF banka will only respond to a third-party request with a YES/NO answer.
Can payments be disabled in an app?
Each app should tell you what permissions you have granted to it at the time you link it to your bank account.
If I hold multiple accounts at PPF banka, is it possible just to link one of them?
Yes. You can manage which specific accounts the third-party app will be allowed to access in the online banking settings.
Who should I contact if I have further questions?
Please email us at firstname.lastname@example.org.
We provide third parties with access to certain banking data only with the permission of our clients.
Third parties must hold a licence granted by a competent administrative authority from an EU member state and a certificate issued by the Certification Authority.
Register on our Developer Portal.
If you have any questions, please email us at email@example.com.
Payment account information (AISP API)
Account balance, account detail, payment history and payment details.
Payment initiation (PISP API)
The possibility of entering payment orders.
Sufficient balance information (CISP API)
The possibility of checking whether there is enough money in an account to make a card payment.
You must hold a licence granted by a competent administrative authority from an EU member state.
You also need to obtain a certificate from the Certification Authority.
Once you have your licence and certificate, follow the steps below.
How can third parties access a publicly available API?
Where can we find the technical details of services?
Documentation for each service can be found on the Developer Portal.
How can we replace our certificate?
A certificate of an already registered third party is renewed in the same as a new registration (on the Developer Portal).
If your new certificate is to differ from the old one, we recommend that you email us in advance at firstname.lastname@example.org to inform us what certificate it is. Ideally, send us the public part of the certificate directly.
Who should I contact if I have further questions?
Please email us at email@example.com.
We are using cookies on our website to ensure that you will receive the best experience while using our website. These cookies might relate to your information, your preferences or your device. The information does however not usually directly identify you, but it could provide you with a more personalized and better web experience. Since we do respect your privacy, you can choose to not allow some type of cookies. For more information on the types of cookies and the possibility to change the default cookies setting, click on the heading of the individual types of cookies. Blocking some types of cookies may impact your user experience on our website. For further information on how we process your personal data (cookies) please click on the section "More information about cookies”.
It is necessary to create a cookie to remember the choices you have made within our cookie privacy menu as well. This is going to have a couple of consequences:
Strictly necessary (technical) cookies are necessary for the functioning of our website and can therefore not be switched off in our systems. These cookies do not [collect or] store any personal identifiable information. They are usually a response to your actions and related to a request for services such as setting your privacy preferences, logging in or filling in the forms.
These cookies allow us to count the visits and the traffic sources on our website so that we can measure and improve the performance of our website. The performance cookies are supposed to help us to understand which sections of our website are the most and least popular and show how visitors move around the website. All the information that these cookies collect are aggregated and therefore anonymous. If you prefer to not allow these cookies, we will not be aware of when you have visited our website and we will not be able to monitor the performance of the website.
Functional cookies enable the website to provide you with enhanced functionality and personalization. These cookies are set by external administrator - to protect user data from unauthorized access. If you do not allow these cookies, then some or all of these services may not function properly.