
My bank has an API so I built online banking - jamesallison
https://medium.com/@jamesallison/mondo-hackathon-e504883a4a05#.iye0e0pne
======
redbeard0x0a
I want a US based bank to build something like that. I believe Simple was
initially supposed to expose an API to developers. The API has never come to
fruition and I doubt ever will.

In order to disrupt the banking industry, you need a huge amount of capital to
start and you are regulated in a way to prevent fast growth. These 2 things
pretty much rule out the 'standard' way of doing startups.

I would love to see an opensource bank, open code all the way down to the core
services that a bank depends on. It would help break up the stranglehold that
just a handful of companies have on the market.

Too many things are just 'in the way'. The stagnation would probably need to
start with regulatory support instead of using banking regulations to make it
difficult for new business and ideas.

~~~
xux
> I would love to see an opensource bank, open code all the way down to the
> core services that a bank depends on

Yeah, no thanks. I would not trust my money with a bank like that. A lot of
fraud prevention is based on obscurity, and multiple steps of hurdles to make
it easy to reverse a transaction. There's a reason money transfer takes a few
days.

Source: I work in a tangential field

~~~
kalleboo
> There's a reason money transfer takes a few days.

The reason a money transfer takes a few days is because ACH is based on
SFTPing back and forth fixed-column ASCII text files.

In other countries there is not this delay.

~~~
nathancahill
SFTP or FTP?

~~~
kalleboo
SFTP, luckily [http://engineering.gusto.com/how-ach-works-a-developer-
persp...](http://engineering.gusto.com/how-ach-works-a-developer-perspective-
part-1/)

------
joshstrange
Ahh yes, an API on top of your bank... this was the promise of Simple Bank,
one that they have now almost wholly backed out of which is quite
disappointing. Don't get me wrong I still love them as my bank but I was
really looking forward to an API that never materialized.

~~~
X-Istence
Well, there goes the last reason to hold on to my Simple account. The API is
what I was hoping for.

~~~
joshstrange
Simple's support is bar none IMHO but I'm right there with you, the API was a
BIG reason to why I signed up.

~~~
X-Istence
I've had no issues what so ever with CapitalOne 360. Simple doesn't provide me
anything over them...

------
zschuessler
Does anyone know of a US bank that offers an API as a service? For consumer-
level access and without requiring fees or a third party service, preferably.

The hackathon this app was a part of doesn't mention developer-friendly banks:
[https://getmondo.co.uk/blog/2015/11/22/mondohack/](https://getmondo.co.uk/blog/2015/11/22/mondohack/)

I'm left to assume these are private APIs. I would love to play around with
APIs similarly, but don't want to depend on privatized APIs.

~~~
ceejayoz
I've heard of [https://plaid.com/](https://plaid.com/) but have no personal
experience with them.

~~~
orky56
Intuit also offer an API to gather financial data.
[https://developer.intuit.com/docs/0020_customeraccountdata/0...](https://developer.intuit.com/docs/0020_customeraccountdata/009_using_customeraccountdata/0010_gettingstarted)

~~~
ceejayoz
Oh, that's _really_ neat.

------
isomorph
Wait till you guys see what sjtgraham has been up to

EDIT: teller.io

He's had to do impossible things to make it

~~~
sjtgraham
As isomorph says I've built a fully transactional API that works with existing
major banks. We currently have a closed beta supporting banks in the RBS group
(RBS, Natwest, Ulster, IOM) and we'll be adding Barclays and HSBC next.

[http://teller.io/](http://teller.io/)

~~~
antaviana
What prevents you from emptying my account if I use your service?

~~~
StavrosK
Looks like just their honour, unfortunately. If banks provided first-party
support, rather than forcing people to reverse engineer mobile phone app APIs,
we might see safer implementations.

------
tomblomfield
Awesome - love this project :-)

You can also see some of the other projects are listed here
[https://getmondo.co.uk/blog/2015/11/22/mondohack/](https://getmondo.co.uk/blog/2015/11/22/mondohack/)

------
sredfern2
Hi Folks, Open Bank Project is an open source API for banks that is designed
to sit on any core banking:

[https://github.com/OpenBankProject/OBP-
API/wiki/Sandbox](https://github.com/OpenBankProject/OBP-API/wiki/Sandbox)

We're currently introducing a Kafka layer which core banking connectors can
interface with in any language. Else you can use Scala / Java code to connect
to banking (or blockchain?) interfaces directly.

The core is AGPL plus commercial licenses for banks that don't want to abide
by AGPL or get commercial support. SDKs etc are Apache licensed.

Regulation from EU (PSD2) and UK government Open Banking Working Group (OBWG)
initiative is starting to move the API needle :-)

cheers, Simon (founder of OBP)

------
pootley
Have been tinkering with the Mondo API myself and can confirm it's great. It's
really strange building apps around your own money.

------
DomBlack
How far down the FCA application process are they? As far as I know only 2
companies have been granted permissions in the UK so far this year. One is a
law firm, the other a stock broker.

Their site says they are still applying, thus how can they be accepting
people's money already?

~~~
jhuckestein
Hi DomBlack, I work at Mondo.

The cards we're issuing now are prepaid debit cards backed by another firm's
license (Wirecard Card Solutions Ltd).

We're aiming to have a full banking license and issue our own cards by the end
of next year.

------
neom
The selflender team did something similar except they built a banking core:

[https://selflender.com/blog/why-fintech-innovation-is-
broken...](https://selflender.com/blog/why-fintech-innovation-is-broken-at-
its-core.html)

~~~
jkgarvey
It's true! :)

Warm regards, James @ Self Lender

------
Jonovono
Mondo looks neat. Anything like that in Canada?

~~~
oneplusone
[https://www.koho.ca](https://www.koho.ca)

~~~
Jonovono
Oh interesting. Have you used this? Any thoughts?

Edit: looks like they havn't launched. Will keep an eye out. Thanks for
posting!

------
FireBeyond
What tool is that in your first screenshot?

~~~
michael_fine
It's Postman[1], a Chrome app for making HTTP requests/testing API's that has
a ridiculously full featured free version.

1: [https://www.getpostman.com/](https://www.getpostman.com/)

~~~
hughes
Do Chrome apps really not get to share credentials/cookies with the rest of
Chrome? Postman asked me to sign in with my google account, and proceeded to
show me a login form that _looked_ like a google login page but with no way
for me to verify the domain.

~~~
icebraining
There is an API for Chrome Apps to get authentication tokens, and they are
probably using it in interactive mode, which shows just what you saw:
[https://developer.chrome.com/apps/app_identity#getAuthToken-...](https://developer.chrome.com/apps/app_identity#getAuthToken-
prompts)

------
rckrd
A side note: The big banks expose mobile apis to their apps. However, I'm
pretty sure that those are for private use

~~~
lamby
> I'm pretty sure that those are for private use

.. And do you do everything you're told? ;)

I think we put far too much weight into magic documents like Privacy Policies
and Terms of Service, etc.

~~~
dandelany
When we're talking about banking, those magic documents are pretty important.
I wouldn't be surprised if, for example, using their private API makes you
ineligible for fraud protection on your account.

~~~
lamby
Oh I am sure doing anything does, quite frankly.

------
nissehulth
Will accounts be available to those of us that do not live in the UK? At least
within the EU?

~~~
jhuckestein
Hi, I work at Mondo.

We need to work through a bunch of KYC and AML issues around EU-wide signup,
but it's definitely high on our priority list.

That said, our accounts will initially be GBP only, so we'd hold your balance
in pound sterling.

If you sign up to our waiting list we'll reach out as soon as we know more :)

~~~
nissehulth
GBP is good enough for me. :)

------
mikekij
I've really felt the need for an API into my bank transactions lately. There
are a bunch of visualizations I want to do that Mint etc. don't support.

BTW @jamesallison The interface looks great. Good work!

~~~
jessedhillon
You can download daily statements using a client like ofxclient[0] and then
transform them into a ledger appropriate for GNU ledger. From there you can
pretty much extract and export whatever it is you'd like to know.

[0]
[https://pypi.python.org/pypi/ofxclient/](https://pypi.python.org/pypi/ofxclient/)

------
Gunderful
With PSD2 regulations coming in I think we will see a lot more of this with
banks having to open up APIs for merchants and more and more innovative
solutions using them. Good work!

------
nly
> Store Access Token in PHP $_SESSION

I just hope my bank never does this.

~~~
tomschlick
Nope. They just store your 6-8 character password in plaintext behind their
huge monolithic Java/.Net/Cobol app.

~~~
function_seven
They employ a clever 3-step hashing algorithm, though:

    
    
        1. Truncate user's password to 8 characters
        2. Uppercase the entire thing
        3. Convert to EBCDIC

------
frankiechh
Another programmer giving off the impression that programming is easy and we
shouldn't even get paid for our work.

Thanks, man!

------
izolate
IMO Mondo are a proverbial rocket ship. Keep an eye on them, and join them if
you're lucky enough.

~~~
josephpmay
They're a rocket ship IF they can get regulatory approval.

------
jhoechtl
My government has an API so I can access my data and build services upon.

Now that would be fascinating.

