
Ask HN: Is there any US bank with a sandbox or API? - kparjaszewski
I&#x27;d like to test integration with various bank systems, is there any API&#x2F;Sandbox for Citi, HSBC, JP Morgan Chase or any other American Bank - similar to PayPal&#x27;s Sandbox?
======
smitherfield
Capital One provides this toy API:
[http://api.reimaginebanking.com](http://api.reimaginebanking.com)

If you want to create an app or startup that does anything involving banking,
look elsewhere. The chances you will get approval from banks and regulators
are zero. To have a halfway decent shot, you would need years, significant
industry connections, expensive lawyers on retainer in New York and
Washington, and the ability to prove you have cash on hand in the high 7
figures.

Here's a good example of what I'm talking about:
[https://medium.com/@oscargodson/thatll-do-pig-that-ll-
do-899...](https://medium.com/@oscargodson/thatll-do-pig-that-ll-
do-8998f9df9f77)

~~~
KirinDave
> The chances you will get approval from banks and regulators are zero. To
> have a halfway decent shot, you would need years, significant industry
> connections, expensive lawyers on retainer in New York and Washington, and
> the ability to prove you have cash on hand in the high 7 figures.

Full disclosure, I work for Capital One now. So... C1 has stated publicly it's
interested in this space and some of its prominent employees are in prominent
public technical groups trying to make it happen. The liability and fraud
stories are really unimaginably complicated.

For people looking to make a product today, I've decided to add a quick
primer:

Finicity, FinancialServices, and Plaid are all financial aggregators that you
can use in combination with novel (read: quasi-legal) mechanisms you can use
to provide financial services within the confines of the beleaguered law.

In general a financial product's engineering cycle looks like this:

1\. Find a data aggregator you can partner with and give most of your profits
to. 2\. Work very hard on experience driven products. 3\. Find a good lawyer
who can help you produce a novel interpretation of the law that works with a
specific financial product. 4\. Still have limited success because fintech
products have linear adoption curves (even Mint).

Examples in this space of novel mechanisms that use existing payment services,
data aggregation products and very clever lawyers: Acorns, Digit, Tally.

I was one of the founders and the founding engineer of Level, and worked on
Simple. My general observation is that most of the challenge is around data
quality and aggregation on the technical side of things.

A lot of the challenge of making these apps work is balancing your fraud risk
with your customer experience. Customers are apathetic and inclined to ignore
the space, fraudsters are diabolically clever and very engaged.

~~~
mildbow
heartily agree with "give most of your profits to"

Even though Plaid comes up a lot in these conversation, I haven't found their
pricing any better or startup friendly than any other provider (fincity,
yodlee etc).

Better marketing yes. Better api? Meh.

Anyway, I see the current set of financial data aggregators being fine for
market validation for some type of applications, but they are too expensive to
allow for wide-spread innovation.

~~~
deet
Has Plaid changed their pricing model significantly over the past year?

The way Plaid structures (structured?) their pricing is much friendlier than
Yodlee in that there are no monthly minimums, setup costs, or term
commitments. Simple volume based pricing is generally much more startup
friendly, at least in the initial stages.

~~~
misframer
They have a $500/mo minimum, last I asked (a few months ago.)

------
sjtgraham
I'm working on Teller ([https://teller.io](https://teller.io)), which is a
universal banking API. We don't support any US banks yet (but we certainly
plan to), but we will be publishing a sandbox API in the near future along
with the GA release of our production APIs.

In the US I recommend you check out Plaid
([https://plaid.com](https://plaid.com)), although I believe they offer read
only APIs.

There is also the Open Bank Project
([https://openbankproject.com](https://openbankproject.com)) which is also
intended as a universal API but I don't believe has any production
integrations, although they do have sandbox APIs.

Email address in profile if anyone wants to chat more about this topic.

~~~
alistproducer2
Thanks for sharing the open bank project. I'd never heard of it. I'm actually
working on something similar to you.

It's called POSADA (personal open source automated digital assistant). It's a
open source digital assistant. The primary use cases are financial (paying
bills, transferring money, etc). It will open source and user hosted. People
host their assistant on pre-loaded, plug and play raspberry pi 3s. Hopefully
there will be a community of developers that will share integrations (ie,
scraping scripts). So if I want my assistant to work with my local bank, I
build an intergration and now anyone else that has the same bank can connect
to it.

POSADA's logic will be programmable as well. So you can customize when it
alerts you, requests confirmation, or automatically transfers money from one
account to another to pay a bill.

One of the use cases I'm most excited about is the ability of POSADA to make
donations to organization and charities you care about. So rather than setting
up an auto-pay thing with a 3rd party, you tell POSADA how much you want to
give, how frequently, and can even adjust the amount based on an assessment of
your current financial position. The user would be in total control and I hope
that will encourage more people to financial support media outlets, open
source projects, and other worthy causes on a regular, sustaining basis.

I've got a mobile app prototype that handles two factor authentication and
will eventually grow to become the front end of the assistant. I'm currently
leveraging the built in speech-to-text capabilities of android phone to allow
the user to communicate with their assistant via voice.

~~~
nicholasjarnold
This is great! I too am working behind the scenes (nothing on Github yet) on a
set of scrapers that pull in data from various financial institutions (my
bank, a credit union, a CC account, ect.) along with a 'manager' application
that recieves results from these scrapers and displays the data to me. That's
step 1. Next I'd like to fully automate the paying of my bills and setting up
arbitrary actions based on certain conditions. For instance, send money to
some investment account when primary checking scraper sees a new ACH deposit
from my employer, ect.

Have you opened this up anywhere yet? I'm interested in using some of your
ideas and/or contributing to them. :)

~~~
xavi
You may want to check out
[https://github.com/bankbotsbank/bankbotsbank](https://github.com/bankbotsbank/bankbotsbank)

~~~
alistproducer2
I just noticed you're the creator of bankbotsbank. We essentially have the
same idea. We should collaborate.

I'm currently using protractor (webdriver) for my crawler but I would open to
switching to nightmare to be compatible with you as long as I am able to get
that stack running on a pi.

------
tinbad
Nope, up until earlier this year I worked in the 'innovation lab' of a top 3
US bank, that was supposedly leading in the banking API space (one of current
hottest payment companies uses our backend/wholesale services) and we only
offer APIs to big customers and not public, let alone a sandbox environment.
My impression with all the regulatory and compliance issues it will take a
long time (if ever) that banks will release such tools publicly. By that time
hopefully someone will figure out a better system to bypass altogether...

EDIT: Yes, there are aggregators who have agreements with banks, but I believe
the OP asked for directly accessing a bank's API, which I believe is not
possible with the exception of some beta programs here and there that gives
access to some non trivial bank data.

~~~
drglitch
Barclays, Citi, or JPM? :) Oh sorry, you were probably under a take-your-
firstborn-NDA.

Either way, the internal incubators at leading banks - at least in NYC - are
actually very promising. As parent said, almost every bank has
agreements/internal APIs, but they are VERY VERY careful with who gets access.
Primary issue, aside from privacy/compliance/PII is that transactional data
can be mined so heavily for purchasing patterns and thus predicting revenue
for publicly traded companies. In fact, there are a couple of startups trying
to do exactly this that popped up recently.

------
funnyenough
US Bank has a hackathon site:
[http://thinkbighacksmall.com](http://thinkbighacksmall.com) or
[http://usbinnovationsd.apiportal.akana.com/](http://usbinnovationsd.apiportal.akana.com/)

US Bank's Elavon:
[https://developer.elavon.com/#/home/landing](https://developer.elavon.com/#/home/landing)

Barclays:
[https://developer.barclays.com/static/landing/landing.html](https://developer.barclays.com/static/landing/landing.html)

Capital One:
[https://developer.capitalone.com](https://developer.capitalone.com)

------
alistproducer2
You're going to have to scrape. I'm working on an open source competitor to
Mint. I call it POSADA (personal open source automated digital assistant).
People run their own scrapers (plu and play, dockerized rasperry pis) so they
don't have to trust their credentials and personal data to a 3rd party.

I envision a repository of integrations (ie, scripts for certain sites) so as
people create integrations, you share them with the community. There's also a
mobile app that allows users to get updates from the assistant, makes requests
to it, or give confirmation before the assistant takes action.

~~~
firebird84
Wow, I had this very same idea recently, but I'm glad someone is already
working on it! One of the other problems with Mint is that despite their
claims to the contrary, it's not exactly actively maintained. Do you have a
git link?

~~~
alistproducer2
I don't have the code up here yet, but I created a repo. Please follow it and
I will have some code up very soon. I really hope once it gets going you'll be
a contributor!

[https://github.com/ShamariFeaster/posada](https://github.com/ShamariFeaster/posada)

------
mercora
In Germany i do not know any bank that does not support [0]FinTS when using
online banking with your account. I would consider that a documented API for
external use.

However, you asked for american banks and i haven't seen options to get a
sandboxed variant albeit i am sure these exist. Another option would be to
open accounts at some Banks....

[0] [https://en.wikipedia.org/wiki/FinTS](https://en.wikipedia.org/wiki/FinTS)

------
mwexler
While I would expect we will see every bank releasing APIs sooner or later
([http://www.theregister.co.uk/2016/02/10/consumer_trust_centr...](http://www.theregister.co.uk/2016/02/10/consumer_trust_central_to_success_of_uk_initiative_on_open_data_in_banking/)
shows the UK heading this way already), you may find it easier to work through
an aggregator (plaid, yodlee, quovo, etc) initially for consumer-facing
experiences.

Other commenters point out that some US banks have shared some early APIs, but
most are not for public consumption and are limited to "partners". I suspect
we'll see some restrictions on API access for a while still while regulators
and banks get comfortable with an API approach.

Citi has had a Mobile Challenge for a few years with some API test access
([http://www.citimobilechallenge.com/](http://www.citimobilechallenge.com/)),
and the Open Bank Project has a sandbox
([https://openbankproject.com/](https://openbankproject.com/)) for their
version of banking APIs.

But for now, unless you want to leverage aggregators, I think you'll need to
just keep reaching out to the banks to be included as a "partner" and try to
get early access, or wait til they open broadly, and I wouldn't expect to see
that til the next few years for most large banks.

------
lhnz
Isn't that what Plaid [0] provides?

I know in the UK the only production banking API is Teller [1].

[0] [https://www.plaid.com/](https://www.plaid.com/)

[1] [https://teller.io/](https://teller.io/)

------
lefstathiou
We are a young unfounded company and work with most of the major us investment
banks and the answer is there is no sandbox or API that they will share with
you. Our experience is that the banks won't waste their time on anything that
feels beta so you have to invest in having a solution built out and people
using it (a catch 22). The exception to this rule however is that banks work
for their clients (this pertains to investment banks not retail) and they will
use a new tool in the context of an engagement when asked by the issuer,
investor or firm they are representing. Not sure what you're planning to build
but go to their customers first (issuers or large investors) who are much more
agile. Once you're in the system you can navigate through the onboarding.
Happy to share our experiences further if you want to discuss - reach out
directly.

------
throwaway2016a
A lot of banks support the Open Financial Exchange format
[http://www.ofx.net/](http://www.ofx.net/)

Here's a list:
[https://wiki.gnucash.org/wiki/OFX_Direct_Connect_Bank_Settin...](https://wiki.gnucash.org/wiki/OFX_Direct_Connect_Bank_Settings)

Note that some banks (I think Bank of America is one) turn off this access by
default on your account to prevent people being tricked into providing access
but a quick call to them will get it enabled on your account.

------
joe10
This is a marvelous thread! - I'll read it more carefully, but from a glance
it looks like most of the functional links are the right ones... I'll speak
more to the theory.

I've recommended that every Bank I've done work for (which is quite a few)
consider an external facing API to enable Lead User Behavior (see Von Hippel
et al from MIT and MIT Press) and the concept has never gotten good air, for a
variety of reasons which, no doubt, make sense to the their reference business
models. Much of that can be explained be the theories of Disruptive Innovation
(see Clay Christensen, et al, Harvard Business Press).

While I can't speak on this front, I think it's also acknowledged by anyone
with a fully functioning brain stem that the various screen scraping solutions
are sketchy for all concerned. There are some stable providers (Plaid seems
pretty shiney and exciting. Fiserv and Yodalee have been around, and I'd only
say that one of them seems yo have more clout than the other.

I think you'll see some exciting possibilities in the not too distant future,
but I'd have trouble seeing a major Bank opening their doors to the public for
all the reasons mentioned here. If the theories of disruptive innovation hold
water, I'd say that once robust services come available that allow smart
developers to apply modern thought to services, the disintermediation will be
annoying to the big Banks if it strips away their best customers, which it's
not likely to.

The problem (from the theory side) is a) there's not much money in providing a
service, there's money in selling accounts, and that's where it's really hard
for a small player to gain entry and b) in a battle where the incumbent is
motivated to fight, that incumbent will likely win, and I personally don't
want to fight with an incumbent who makes 5BB a quarter.

------
jslampe
100% agree, but there are some exciting banks out there doing innovative
things (e.g. BBVA, Santandar, US Bank, Fidor, Silicon Valley Bank). There
future of Open Banking is coming... It's just not here yet and I wouldn't hold
your breath.

In the meantime...

Work at Dwolla. What us and others, like Plaid, have done is taken these
partnerships, resources, compliance requirements, etc. and smashed them into
endpoints, creating [hopefully] something you're looking for. Our White Label
and co-branded APIs
([https://developers.dwolla.com/](https://developers.dwolla.com/)). A quick
list.

Create Bank Transfers - Yes Know Your Customer Verification - Yes Sandbox -
Yes Bank account verification - Yes Webhooks - Yes Oauth - Yes (Co-branded
only) Create Customer Records - Yes (White Label only)

Reach out to Spencer@Dwolla.com, if you think we can help to. (While we don't
work directly with Plaid, we can be complimentary).

------
inglor
In practice, everyone uses products by companies like Yodlee, they barely work
and have a ton of production bugs and they're expensive but they sort of get
the job done and they "work" almost everywhere.

------
revicon
I'm playing with
[https://github.com/euforic/banking.js](https://github.com/euforic/banking.js)
right now, looks promising, sounds like other ppl have used it to connect via
OFX to their respective banks (I use chase which requires a $10 per month fee
to access)

------
drglitch
Look into FinTech Sandbox (boston) - they are backed by Devonshire/FMR (aka
Fidelity) and provide an incubator-like program for anything fintech-related.
Its probably a best place to start if you want to do anything in the banking
space and dont have high millions raised already for connectivity alone.

------
gregparadee
Not necessarily a big bank but Visa also has a developer site with several
APIs that include Payments, Data and Analytics, and Fraud. Their website can
be found at [https://developer.visa.com/](https://developer.visa.com/)

------
zengr
Banks suck at APIs (even if one exists). If you are trying to move money
between bank accounts, you can checkout
[https://checkbook.io](https://checkbook.io), they have a white label, token
based API to create bank transactions.

------
angei
What about Geltbox Money? it doesn't use any third party Aggregation site (the
user can aggregate his own data without exposing private data to any third
parties /web site. It is a new way of aggregating data privately.

------
ch4ch4
US Bank just opened up their read-only API for a hackathon this weekend:
[https://usbinnovationsd.eap.soa.com/#!welcome](https://usbinnovationsd.eap.soa.com/#!welcome)

------
downandout
Depending on your use case, [https://plaid.com](https://plaid.com) may be able
to help. Used by Stripe, Venmo, etc. and supports more than 15,000 banks.

~~~
mildbow
Their pricing isn't really prototype/startup friendly though.

------
dmourati
This was the business model for Standard Treasury before they got acquired by
Silicon Valley Bank. If you want details, you should talk with Dan Kimerling,
one of the founders.

------
endswapper
Dwolla provides a sandbox and they can connect to banks. So, there is a layer
between your app and the bank, but it may give you the functionality you are
seeking.

------
vonnik
Have you tried Yodlee? They serve as the API for many banks.

------
twovi
[https://developer.mastercard.com/apis](https://developer.mastercard.com/apis)

------
randomsofr
Most banks support, NACHA files over SFTP. But you will need a contract and
stuff.

------
umeboshi
perhaps this [http://www.programmableweb.com/api/capital-
one](http://www.programmableweb.com/api/capital-one)

------
tommynicholas
What do you want to do? Pull transaction data or something else?

------
shamir
BBVA has public APIs in the US and Spain
-[https://www.bbvaapimarket.com/](https://www.bbvaapimarket.com/) More APIs
are coming too.

------
syngrog66
Silicon Valley Bank (svb.com)

------
44448
_

~~~
jared_smith
Check out [https://developer.capitalone.com](https://developer.capitalone.com)
for three APIs that Capital One has published. There are also open source
reference applications at
[https://github.com/capitalone/](https://github.com/capitalone/)

(By way of full disclosure, I work in Capital One's Open Source Office.)

~~~
kylehotchkiss
Open source office? cool! (I am a happy customer)

