What's new
Carbonite

South Africa's Top Online Tech Classifieds!
Register a free account today to become a member! (No Under 18's)
Home of C.U.D.

Thoughts on a bank/card API? - Root

Will_I_Am

Senior Member
Rating - 100%
21   0   0
Joined
May 11, 2018
Messages
211
Reaction score
107
Points
2,935
Age
27
Location
Vuil Driehoek
Root

Came across this a while back while trying to find out if any of our banks support some kind of API access. The idea seems intriguing, I would like to play around with it and ponder up some cool ideas.

What are your thoughts? Something you would use or fiddle with? I see they are still in private beta, not sure when they will launch or have a more public beta...
 
Root

Came across this a while back while trying to find out if any of our banks support some kind of API access. The idea seems intriguing, I would like to play around with it and ponder up some cool ideas.

What are your thoughts? Something you would use or fiddle with? I see they are still in private beta, not sure when they will launch or have a more public beta...

This is really cool.
Would love to play around with this.
I actually developed/still develop API's for a few of the SA banks.
Non of which are "publicly"/client'ly available though.

I like the idea.
Have you signed up for early access?
 
I have signed up, but still nothing. So lets maar see... I signed up last year some time.
 
This is really cool.
Would love to play around with this.
I actually developed/still develop API's for a few of the SA banks.
Non of which are "publicly"/client'ly available though.

I like the idea.
Have you signed up for early access?
Did an integration into a bank in SA... needed to push and pull data via a web service...

They had contractors working there... contractor sent me the endpoint as something like //jnbserver1/xxxxxxx

When I said to him that I need a public facing IP or domain because that is the machines name on their network he told me.... "I tried it on another machine in the office and it worked fine".

😱

Then they wanted to set up a leased line or vpn or something between us and the bank...

I proposed using the existing ftp channel we had... saved everyone a lot of money. Lol.
 
Did an integration into a bank in SA... needed to push and pull data via a web service...

They had contractors working there... contractor sent me the endpoint as something like //jnbserver1/xxxxxxx

When I said to him that I need a public facing IP or domain because that is the machines name on their network he told me.... "I tried it on another machine in the office and it worked fine".

😱

Then they wanted to set up a leased line or vpn or something between us and the bank...

I proposed using the existing ftp channel we had... saved everyone a lot of money. Lol.
"I tried it on another machine in the office and it worked fine", how can someone be that incompetent? Wow!🤦‍♂️
 
This is really cool.
Would love to play around with this.
I actually developed/still develop API's for a few of the SA banks.
Non of which are "publicly"/client'ly available though.

I like the idea.
Have you signed up for early access?
Actually no, basically forgot about it until now lol. Will sign up in this week though and see what happens.
 
I have signed up, but still nothing. So lets maar see... I signed up last year some time.

Ah okay - i signed up last night as i read the post.
Haven't even received a confirmation email.
Wonder how active they are 🤔

Will you keep us updated if you are to hear anything?
 
I think regulations around this are pretty hectic. 22Seven does something similar don't they? I'm not sure if they use your secondary login to actually query your accounts via an API or if they're just scraping data.

This is one of those "Democracy of Data" topics that would be really great to get going and have real access to.
 
Did an integration into a bank in SA... needed to push and pull data via a web service...

They had contractors working there... contractor sent me the endpoint as something like //jnbserver1/xxxxxxx

When I said to him that I need a public facing IP or domain because that is the machines name on their network he told me.... "I tried it on another machine in the office and it worked fine".

😱

Then they wanted to set up a leased line or vpn or something between us and the bank...

I proposed using the existing ftp channel we had... saved everyone a lot of money. Lol.


:ROFLMAO::ROFLMAO: Yeah, love working with contractors that "are amazing" and "know what they are doing"
 
I think regulations around this are pretty hectic. 22Seven does something similar don't they? I'm not sure if they use your secondary login to actually query your accounts via an API or if they're just scraping data.

This is one of those "Democracy of Data" topics that would be really great to get going and have real access to.

This is true - especially with PCI and PoPI getting so strict over the last few years.
However, if my understanding is correct you have access to your data only(probably via a changing client token), so it shouldn't be too much of a hassle to comply.
 
Interesting read.



"includes access to a hosted code editor on the online banking platform"
"And “coming soon”, Bank account API Access"

This is interesting, so basically we will be able to code in rules and limits running realtime on transactions going through our own web service.
Going another step further, i like it :D

Sounds like the Investec solution is then the old Root solution? - "The beta launch follows OfferZen previously touting the idea of a programmable bank account called in Root in 2017. "

"Joubert said the Root team’s focus then shifted fully to insurance." - so it seems Root "as we know" it will no longer be.

"Investec said the banking beta is open to software developers – particularly those “interested in building innovative solutions and sharing their ideas with the tech community”." - sounds like they want all IP built for their API? - Or am i just being paranoid?

I will be signing up for the Investec offering as well.

Thanks for sharing the article @eujean (y)
 
This is true - especially with PCI and PoPI getting so strict over the last few years.
However, if my understanding is correct you have access to your data only(probably via a changing client token), so it shouldn't be too much of a hassle to comply.

It'd also be useful to have access to all the various data points stored about you in a particular system. So, for arguments sake, if you wanted to see every transaction that's on record at your bank, it should be a case of querying a public API (that's heavily secured and authenticated obviously) and then running your own reports if you want to.

Likewise things like insurance data - the fact that insurance companies still ask you how many claims you've had in the last 10 years is weird since systems exist that track these things. That should also be accessible with the right auth in place.
 
It'd also be useful to have access to all the various data points stored about you in a particular system. So, for arguments sake, if you wanted to see every transaction that's on record at your bank, it should be a case of querying a public API (that's heavily secured and authenticated obviously) and then running your own reports if you want to.

Likewise things like insurance data - the fact that insurance companies still ask you how many claims you've had in the last 10 years is weird since systems exist that track these things. That should also be accessible with the right auth in place.

Very true, i wonder how open this solution will be with regards to accessing what is "yours".. I guess only time will tell..

Yeah, i believe Insurance companies still do that for a reason though, its not that they don't particularly have the data, its more of a verification and "are you telling the truth" test imo.
Remember Insurance companies are sneaky lil places, so if they have the data and you tell them something else then its cause for a claim not to be paid out.
I might be wrong, just my opinion about the matter..

I think regulations around this are pretty hectic. 22Seven does something similar don't they? I'm not sure if they use your secondary login to actually query your accounts via an API or if they're just scraping data.

This is one of those "Democracy of Data" topics that would be really great to get going and have real access to.

Oh and back to the 22Seven thing. They have multiple ways of retrieving data - depending on what the bank/finance institution can provide them.
They will never scrape though(as far as i know).
API being the most commonly used though.
 
Did an integration into a bank in SA... needed to push and pull data via a web service...

They had contractors working there... contractor sent me the endpoint as something like //jnbserver1/xxxxxxx

When I said to him that I need a public facing IP or domain because that is the machines name on their network he told me.... "I tried it on another machine in the office and it worked fine".

😱

Then they wanted to set up a leased line or vpn or something between us and the bank...

I proposed using the existing ftp channel we had... saved everyone a lot of money. Lol.


I died a little inside reading that :'(.

I signed up with Root a while back spoke to some of the devs the, they hadn't really opened up to any public devs yet which made no sense as to why they were advertising it. I see that they then opened up access to people who banked with Investec, and i asked my banker to get me on the list but i am still waiting since beginning of the year.

Hopefully they open up something soon, would be cool to setup a few experiments.
 
I died a little inside reading that :'(.

I signed up with Root a while back spoke to some of the devs the, they hadn't really opened up to any public devs yet which made no sense as to why they were advertising it. I see that they then opened up access to people who banked with Investec, and i asked my banker to get me on the list but i am still waiting since beginning of the year.

Hopefully they open up something soon, would be cool to setup a few experiments.

Sad part is that a lot of the big dev houses run as "body shops", so I was probably dealing with someone that is lacking the experience, but put at a client site at R1000+ per hour and being paid R100 - R200 an hour... Clients expect top boitjies, but are actually sitting with juniors.
 
Oh and back to the 22Seven thing. They have multiple ways of retrieving data - depending on what the bank/finance institution can provide them.
They will never scrape though(as far as i know).
API being the most commonly used though.

22Seven uses a service from Yodlee for the screen scrapping of data https://www.yodlee.com/europe

Root never opened the programmable card up to more than the first batch of around 250 people. Standard bank was their banking partner at the time and limited them heavily to the point that they discontinued the project and moved in to programmable insurance products.

The Investec card I believe is a continuation of the original root card but supported by a team from investec.

Ive been told they only taking on non investec customer at the moment as part of the testing phase
 

Users who are viewing this thread

Latest posts

Back
Top Bottom