left logo image
right logo image
Skip to main content Skip to main content Skip to main content Skip to main content Skip to main content Skip to main content

Open Bank Project Sandbox Terms of Service

1 Definitions

1.1 "TESOBE", "Provider" or "We" refers to TESOBE GmbH, the owner of the Open Bank Project intellectual property and the company that runs the Open Bank Project.

1.2 "Sandbox" refers to the technical development environment powered by Open Bank Project technology. The Open Bank Project provides an open banking platform for banks.

1.3 "User" or "You" or "Developer" refers to a user of the Open Bank Project Sandbox; a person or entity who will interact with the APIs, functions, and data provided by the Sandbox.

1.4 "Services" refers to the set of applications required for the proper functioning of the Sandbox. Including but not limited to the OBP API and developer portal, API Explorer, API Manager, API Tester, authentication services, SDKs, email notifications, applications, and widgets, and any information, text, graphics, photos, logos, graphics, designs, page headers, button icons, scripts, service names, data, or other materials uploaded, downloaded, or appearing on the Services (collectively referred to as "Content").

2 Introduction

2.1 The aim of the Sandbox is to facilitate the rapid creation of innovative “FinTech” and banking-related applications leveraging the test data and Services provided by the Sandbox.

2.2 The basic use of the Sandbox is free to Developers. Some features are made available via subscriptions or "plans". The Provider has no obligation to use the applications or ideas created using the Sandbox or to buy or otherwise contract with the Users.

2.3 These Terms of Service ("Terms") govern your access to and use of the Services. Your access to and use of the Services are conditioned on your acceptance of and compliance with these Terms in full. By accessing or using the Services, you agree to be bound by these Terms. If you disagree with these Terms or any part of them, you must not use these Services.

2.4 If there is a conflict between this Agreement and the general Open Bank Project terms of use, this Agreement will prevail.

2.5 You will be deemed to have accepted the terms of this Agreement as soon as you start using the Services.

3 Who Can Join

3.1 Each User should register for a developer account before accessing the Services.

3.2 Users must be 13 years or over unless they are accompanied by a responsible guardian. Proof of date of birth or permission may be requested.

3.3 The Provider may limit certain functionalities of the Sandbox to certain Users or to certain subscriptions or plans.

3.4 The Provider reserves the right to refuse entry or remove a User from the Sandbox at their sole discretion at any time for any reason.

4 Responsibilities

4.1 Provider Responsibilities

TESOBE commits its best efforts to provide the following:

  • A stable and secure Sandbox environment available as per the SLA below

  • Monitoring and maintenance of the Sandbox

  • Periodic updates

  • Test Data that can be used by Users in their applications

  • Clear Documentation for the available APIs and code examples in selected programming languages

  • Support to the Users as per the SLA below

4.2 User Responsibilities

You acknowledge and agree that you:

  • Will use the Sandbox in a reasonable manner as defined in the Acceptable Use below

  • Shall provide accurate information and reasonable assistance to the Provider in relation to your use of the Services when required

  • Will never try to de-anonymize personal data when available

  • Will only upload data that belongs to You

  • Explicitly notify your users that the application uses a Sandbox instance powered by Open Bank Project and uses test data

  • Will never use the Sandbox with an intention to harm or be deceitful to end users

  • Will consider contributing to the Open Bank Project open-source project with new features, requests, or bug fixes.

5 Applicable Fees

5.1 The Sandbox is free for developers to use.

6 Data Provenance

6.1 Some data has been generated by the Provider. In general, it is test data involving no real customer information. However, depending on the endpoint and/or OBP instance you are using, a combination of synthetic and anonymized data may be available.

6.2 It may be possible to upload your own dataset to the Sandbox. You must not upload "production" data but rather test or synthetic data for applicaiton development testing. Please see the available subscriptions / plans. If you wish to work with production data, please get in touch with the Provider.

7 Available APIs

7.1

This Sandbox offers a catalogue of over 600 RESTful APIs.

7.2

In general, you can build customer-facing Apps meant to be used by bank account holders, using data from this private account and involving accounts, transactions, balances, metadata, entitlements, payments, onboarding and KYC - such as Personal Finance Management Solutions, online accounting services, saving apps, P2P payment...etc.

7.3

You can see a sample list of available APIs below:

  • Banks

  • Users

  • Customers

  • Accounts

  • Counterparties

  • FX

  • Transactions

  • Payments & Transaction Requests

  • Branches & ATMs

  • Products

  • KYC

  • Transaction and Counterparty metadata enrichment

  • Entitlements & Views

  • Manage credit/debit cards

7.4

For a full list of all available APIs, please refer to the API Explorer of this Sandbox. You can find it here.

8 Maintenance & Service-Level Agreement (SLA)

8.1

Our commitment to availability of the Services is limited to the Services and does neither include possible discomfort nor technical problems and/or any type of external connection. However, TESOBE will use its reasonable endeavours to provide the best possible quality of service and to maintain the Sandbox so as not to cause disruption to its users.

8.4

TESOBE reserves the right to plan and carry out service interruptions for tests, updates, network traffic improvement operations, or other reasons.

9 Data Privacy

9.1

TESOBE is committed to privacy and commits to never share the end-user’s identifiable data with a third party. See Privacy Statement in annex for more details.

9.2

YOUR USE OF THE SERVICES, OR YOUR PROVISION TO US OF ANY PERSONAL INFORMATION CONSTITUTES YOUR AGREEMENT TO THESE TERMS AND ANY SUBSEQUENT CHANGES TO THESE TERMS; DO NOT USE THE SITE OR PROVIDE INFORMATION IF YOU DO NOT AGREE WITH ALL OF THE TERMS.

9.3

You may cache data for up to one week.

9.4

You must not resell the data to others. The exception to this are any Open Data Feeds that the account holder may define.

10 Account Creation & Authentication

10.1

To start using the Services, Users need to create an account on the Sandbox.

10.2

Developers are provided with Consumer Keys which are enabled by default. The Provider or its partners may review and disable Consumers.

10.3

The Sandbox supports four authentication methods:

  • OAuth 1.0a (industry standard, secure, used by Mastercard and Twitter)

  • OAuth 2 + OpenID Connect from providers such as Google.

  • Direct Login (easier to use than OAuth, useful for hackathon contexts and trusted applications, uses JWT)

  • Gateway login only if specifically enabled for a trusted internal environment.

10.4

We recommend the use of Direct Login for the purpose of using this sandbox for ease of use.

11 Branding, Trademarks, Intellectual Property

11.1

The developer may mention that their applications are “powered by Open Bank Project” but should not use Open Bank Project or TESOBE logos in their applications.

11.2

TESOBE, Open Bank Project, openbankproject.com and other Open Bank Project graphics, logos, designs, page headers, button icons, scripts, and service names are registered trademarks, trademarks or trade dress of TESOBE. Open Bank Project’s trademarks and trade dress may not be used in connection with any product or service without the prior written consent of TESOBE. Non-compliance may become a reason for shutting off applications.

11.3

TESOBE remains the copyright holder of the Open Bank Project brand, Sandboxes, source code and logos and shall own and retain all right, title and interest, all improvements, enhancements or modifications and all intellectual property rights related to any of the foregoing.

11.4

All intellectual property rights in the ideas and applications of a User shall remain vested in the participant who owns them.

11.5

Any third party intellectual property rights shall remain vested in the third party or third parties who own them.

11.6

In a hackathon context, Third party intellectual property rights must be clearly identified by the hackathon participants as well as the applicable terms of licence and other details relating to use of same.

11.7

Hackathon participants agree that they will not infringe the copyright, design, database right or trademark or any other intellectual property rights of any third party including of TESOBE.

12 API Versioning

12.1

API Versions. It is understood that TESOBE will periodically deploy new versions of the API sandbox to incorporate new features and fixes. TESOBE will periodically retire API versions as per the policy below.

12.2

API Version Naming, compatibility and life time (For versions greater than 2.2.0,) the API versioning used by OBP is based on SemVer (http://semver.org/) i.e. X.Y.Z where X is the major version, Y is the minor version and Z is the patch.

12.3

The version can be specified via the URL e.g. /obp/v1.2.1/banks

Note that you cannot specify build versions (e.g. v1.2.1+r3456) via the URL.

12.4

If you want to be sure to get a certain version, specify the full patch e.g. 1.3.4. If you do not specify a patch version e.g 1.3 instead of 1.3.4 we may return the highest patch version available for that minor version i.e. 1.3.9

12.5

TESOBE ensures that the last three minor versions are available on the OBP API server. e.g. if versions 2.3.0, 2.4.0 and 3.0.0 are available on the server and 3.1.0 is added, 2.3.0 may be removed as long as the minimum lifetime of a minor version is respected.

12.6

The minimum lifetime of a minor version is 6 months.

12.7

Developers should check the root endpoint for API status regarding end of life.

12.8

Versions marked as –alpha or –draft are subject to change without notice.

12.9

Build versions may change without notice.

13 Acceptable use

13.1

You must not use the Service in any way that causes, or may cause, damage to the Services or impairment of the availability or accessibility of the Services; or in any way which is unlawful, illegal, fraudulent or harmful, or in connection with any unlawful, illegal, fraudulent or harmful purpose or activity.

13.2

You must not use the Service to copy, store, host, transmit, send, use, publish or distribute any material which consists of (or is linked to) any spyware, computer virus, Trojan horse, worm, keystroke logger, rootkit or other malicious computer software.

13.3

You must not use the Service to store, host, transmit, send, use or distribute any content which is obscene, indecent, pornographic, seditious, offensive, defamatory, threatening, liable to incite racial hatred, menacing, blasphemous, misleading, deceptive, or otherwise defined as objectionable content.

13.4

You must not use the Service to transmit or send unsolicited commercial communications.

13.5

You must not use the Service for any purposes related to marketing without Provider express written consent.

13.6

Fair Usage Policy - TESOBE maintains a fair usage policy to ensure stable and fast service to all users and to protect from DDOS attacks. Sandbox accounts may be rate limited. Any additional usage may result in restrictions on your account including limited access to the service or a requirement to upgrade if the limit is exceeded for several months.

14 Subscriptions to Plans

The Provider may provide certain features via monthly subscriptions to plans. In such a case, if your subscription lapses any data you have uploaded may become unavailable. It is recomended that you keep a backup of data you upload or generate. You can also use the provided APIs to download the data you have created during a subscription period whilst your subscription is still active.

15 Termination

15.1

The Provider may terminate or suspend any and all Services and/or your account immediately, without prior notice or liability, for any reason whatsoever, including without limitation if you breach terms and privacy rules, undesirable content rules, commercial restrictions or usage limits.

15.2

Where any of the factors for suspension cease to exist then, the Provider reserve the right to reinstate your account.

16 Document Name

The name of this document is 2014-04-30-TESOBE-OBP-API-SANDBOX-rev1