FinTS
Encyclopedia
FinTS formerly known as HBCI (Home Banking Computer Interface), is a bank-independent protocol for online banking, developed and used by German
Germany
Germany , officially the Federal Republic of Germany , is a federal parliamentary republic in Europe. The country consists of 16 states while the capital and largest city is Berlin. Germany covers an area of 357,021 km2 and has a largely temperate seasonal climate...

 banks.

HBCI was originally designed by the two German banking groups Sparkasse and Volksbanken und Raiffeisenbanken
Volksbanken und Raiffeisenbanken
Volksbanken und Raiffeisenbanken is a brand of the co-operative banks in Germany. "Volksbank" derives from People's Bank institutes and "Raiffeisenbanken" refers to banks founded on initiatives by Friedrich Wilhelm Raiffeisen...

 and German higher-level associations as the Bundesverband deutscher Banken e.V.. The result of this effort was an open protocol specification, which is publicly available. The standardisation effort was necessary to replace the huge number of deprecated homemade software clients and servers (some of them still using BTX
Bildschirmtext
Bildschirmtext was a V.23 online service launched in West Germany in 1983 by the Deutsche Bundespost, the German postal service. Btx originally required special hardware, which had to be bought or rented from the post office...

 emulation).
While IFX
Interactive Financial Exchange
Interactive Financial Exchange is an XML specification for financial transactions such as bill presentment and payment, business to business and consumer to business banking , payments and automated teller machine communications.It is being developed and maintained by a consortium of individuals...

 (Interactive Financial Exchange), OFX (Open Financial Exchange) and SET
Secure electronic transaction
Secure Electronic Transaction was a standard protocol for securing credit card transactions over insecure networks, specifically, the Internet. SET was not itself a payment system, but rather a set of security protocols and formats that enable users to employ the existing credit card payment...

 are tailored for the North American market, HBCI is designed to meet the requirements of the European market.

The FinTS-specification is publicly available on a website run by the ZKA (Central Credit Committee
Central Credit Committee
The Central Credit Committee is an industry association of the German banking industry. Its decisions are held normative for the national banking sector – either directly by interbank treaties or indirectly by preparing a corresponding ministerial or Bundesbank decision.- Structure :The Central...

).

Features

  • Support for online-banking using PIN
    Personal identification number
    A personal identification number is a secret numeric password shared between a user and a system that can be used to authenticate the user to the system. Typically, the user is required to provide a non-confidential user identifier or token and a confidential PIN to gain access to the system...

    /TAN
    Transaction authentication number
    A Transaction authentication number, TAN or T.A.N. is used by some online banking services as a form of single use one-time passwords to authorize financial transactions...

     one time passwords.
  • Support for online-banking with SWIFT
    Swift
    The swifts are a family, Apodidae, of highly aerial birds. They are superficially similar to swallows, but are actually not closely related to passerine species at all; swifts are in the separate order Apodiformes, which they share with hummingbirds...

    .
  • DES
    Data Encryption Standard
    The Data Encryption Standard is a block cipher that uses shared secret encryption. It was selected by the National Bureau of Standards as an official Federal Information Processing Standard for the United States in 1976 and which has subsequently enjoyed widespread use internationally. It is...

     and RSA encryption and signatures.
  • Making use of XML
    XML
    Extensible Markup Language is a set of rules for encoding documents in machine-readable form. It is defined in the XML 1.0 Specification produced by the W3C, and several other related specifications, all gratis open standards....

     and SOAP
    SOAP
    SOAP, originally defined as Simple Object Access Protocol, is a protocol specification for exchanging structured information in the implementation of Web Services in computer networks...

     for data-exchange, encryption and signatures.
  • Implemented on top of HTTP, HTTPS
    Https
    Hypertext Transfer Protocol Secure is a combination of the Hypertext Transfer Protocol with SSL/TLS protocol to provide encrypted communication and secure identification of a network web server...

     and SMTP as communication layer.
  • Multibanking: The software clients are designed to support accounts on multiple banking companies.
  • Platform Independency: The specification allows software development for various types of clients.
  • Storage of the encryption keys on an external physical device (a chip card) for improved security.


HBCI has been superseded by its successor FinTS, but as of 2005 most of the banks in Germany still use HBCI or HBCI+.

HBCI 2.2 PIN/TAN

HBCI 2.2 PIN/TAN (or HBCI+) is an extension to HBCI that added a security method based on PIN
Personal identification number
A personal identification number is a secret numeric password shared between a user and a system that can be used to authenticate the user to the system. Typically, the user is required to provide a non-confidential user identifier or token and a confidential PIN to gain access to the system...

s and TAN
Transaction authentication number
A Transaction authentication number, TAN or T.A.N. is used by some online banking services as a form of single use one-time passwords to authorize financial transactions...

s, which had already been in use with BTX
Bildschirmtext
Bildschirmtext was a V.23 online service launched in West Germany in 1983 by the Deutsche Bundespost, the German postal service. Btx originally required special hardware, which had to be bought or rented from the post office...

 and web banking.

FinTS 3.0

For version 3.0, which formally introduced the PIN/TAN method, the specification was renamed to FinTS, whereas the original DSA- and RSA-based security method retained the name HBCI.

FinTS 4.0

In version 4.0, the basic message syntax was switched over to XML
XML
Extensible Markup Language is a set of rules for encoding documents in machine-readable form. It is defined in the XML 1.0 Specification produced by the W3C, and several other related specifications, all gratis open standards....

. Further, the number of roundtrips necessary was reduced, allowing asynchronous communication (e.g. via SMTP) for simple transaction dialogues.

External links

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK