They don't deliver value as rapidly as devs do. Hardware has massive lead time and substantial pre-production costs, can't possibly compete with iteration rate of pure software.
To use these APIs in Europe you need a license, and I'm not willing to pull my banking data via third parties. Never mention the apps which want me to give them my full credentials.
I would be willing to use a script which I can audit and run myself, but nobody offers that for my bank.
Disclaimer: I work for them. What I'm saying here is 100% personal and does not reflect the views of my employer, yada yada...
To be honest, we're doing an excellent job of protecting our customers' data. It's one of our core concern, and I have absolutely zero issue putting my own data in there.
We do _NOT_ store your credentials or even receive them at any point. Quite frankly, we don't want them. Any authorisation you would give us automatically expires after some time anyway, enforced by the banks.
The primary offer of Ponto is one API to interact with all your own bank accounts. No license needed, we handle all of that. We also provide a unified interface to all the banks.
The API is well thought out. All of our managers are highly skilled devs, so they understand what it takes to build good software (= time).
Check it out, we have a great support directly via Slack. I'm not answering that myself, but the guys who do it are super dedicated and will go a long way to help you.
Honestly I can't say enough good things about this product and our team! A product you can rely on, long term.
Belgian law seems pretty data hoarding heavy. Even things like activity logs will be kept around for 10 years after contract termination, per your Privacy terms.
Fintech might be overall more security focused in their software development practices, but 10 years is still a very long time to entrust someone with your data.
Sure, that I understand, I'm just saying that you failed to actually reply to me (or your reply was ambiguous at best)
The topic is GnuCash, parent said "The biggest problem with it as far as I can tell is the requirement for manual entry" whereas someone replied "To use these APIs in Europe you need a license" and you said "There's Ponto", and I asked you if I can use Ponto to connect to GnuCash.
I think it's understandable to think that if someone is suggesting Ponto (in a submission about GnuCash), then you should reasonably be able to use Ponto to connect to GnuCash, since that's the entire point of this submission. Otherwise your comment just reads as trying to shoehorn in your own product wherever it's only slightly related to the topic at hand.
AFAIK, none of this is true. Banks are required by law to provide open APIs with solid authentication mechanisms, apps usually access them via aggregators and never request your banking credentials.
Understandably because you are dealing with a heavily regulated industry but I do agree it would be nice to be able to use the APIs for your own data somehow.
Aggregators to require you to provide credentials are just web-scraping the websites or have reverse engineered the banks (internal) APIs.
I'll concede that it's only for business accounts. But, that includes small single owner businesses and I've been considering to switch to ABN to automate the accounting of my small side business.
The PSD2 APIs (also for consumers) indeed need a PSD2 license and an EIDAS certificate.
Technically, for consumer data, I think you could use GDPR to request a computer-readable extract of your transaction data. However, I think most banks would then redirect you to some CSV/MT940 export option in the web interface that is hard to automate.
Yes, but no. The law is PSD2, but there are so many requirements that it's impossible for a private person to access it. First of all you need to generate a certificate which needs to be signed by a financial authority. Then you use client-based certificates to connect to these APIs. [1]
I have been playing with the idea to use its API for my personal finance but the API with MFA is not so simple. At least not simple enough for me to spend much time for writing a customized interface. So I am still using their web interface which works well for my personal needs.
I was excited when my bank first announced Open Banking; I could use it to replace my embarrassing, then Selenium based mess with something more sane. Then Open Banking went into production and I learned I need a business entity and a whole host of other bs to make use of it without relying on some third party bottom feeder.
I don't know what I was thinking. This is Europe and there is very little chance a good idea won't be ruined with some sort of bureaucracy, licensing requirements, utterly vapid credentialism, or as a last resort, some other form of obtuse gatekeeping.
Similarly, they can't comprehend the difference between a "website" and a "web-service" which powers the "website". Like, there is immense infrastructure behind say google.com or twitter.com.
You get vastly better results if your team has culture of having smaller pull requests. The effort required to review a PR is non-linear, so make sure that:
- high-level tests can be submitted before code implementing them exists, they just need to be disabled and then selectively re-enabled in subsequent PRs - this way any logical design issues should surface in tests which should be much cheaper to deliver and iterate on than implementation
- any refactoring is submitted separately (it's easy to verify because it doesn't affect any valuable tests, so it leaves out a whole class of issues), even if it didn't happen "organically" during development - take some of the burden on you so that your reviewers don't have to waste time trying to logically unlink these things in their head - it should be much easier for you, you wrote that code
- features are delivered in an incremental fashion whenever it makes sense - you probably don't need to submit a fully working solution, you can prop it up it with fakes or simply not expose the changes to the user (feature flags, or just simply not hooking up a feature yet)
If you do that, it makes things much more digestible, at some cost of understanding of the overall solution (starting with tests and necessary refactoring should help here describe what you want to achieve) and burden from having to split things. It has worked very well for me, in multiple companies.
In most of companies I worked for, backend had a more mature and robust testing approach than frontend. It also had a fair bit less churn or experiments which vastly increased complexity for the frontends.
You see similar phenomena with long-term contractors (who jump projects all the time) - they are brought in with no agency in the project, get handed something to implement, they do it in move on. Sure they have experience implementing something others have designed, but that's just a small slice of software engineering. Although I agree it's not common to use that particular phrase with this situation.
I learned from experience that spending years at the same chair and desk can do even more damage. As part of my rehab, I switched to a laptop so I could move from couch to chair to table to standing desk easily. I also highly recommend using a motorized adjustable desk, now that goods ones are easily available and affordable. A perfectly customized height for sitting or standing is just a button push away, and I can use multiple monitors again.
There are manual height adjustable desks that can be set for near zero resistance moving up and down. They have a brake and an adjustable tension spring. I think those are the best ones. The only advantage (some) motorized ones have is the ability to remember presets.
For years I only used a laptop and I didn't really experience any of the issues you describe, I was very young though so that may have alleviated some potential issues.
My guess would be Serbia, that's the typical attitude towards the EU there (not to mention not-so-subtle pro-Russian stance). The only place which sees the EU in worse light would probably be Belarus or Russia.
Generally British people wouldn't say "heart of Europe". If anything when talking about Europe they mean continental Europe and don't include the British Isles in that.
For majority of the companies I worked, the only copyrightable content - at code itself - was rarely the main driver of success (or failure), it was nearly always some combination of luck, culture and business strategy.
