In the scope of the European Payment Services Directive 2015/2366 (also known as PSD2), CIC provides API access to qualified Third Party Payment Service Providers for the following purposes:

• Account and Transaction Information for Account Information Service Providers (AISPs)
• Checking of Funds Coverage for Card-Based Payment Instrument Issuers (CBPIIs)
• Payment Initiation for Payment Initiation Service Providers (PISPs)

These APIs are available at https://oauth2-apiii.e-i.com/cic/, with a sandbox environment at https://oauth2-apiii.e-i.com/sandbox/cic/.

Recent and upcoming changes

• December 11^th, 2019: Breaking change - On the OAuth2 registration API, a contacts metadata field has been added as specified in RFC 7591, and has been set as mandatory. That information is needed so that CIC can comply with legal notification requirements (notifying TPPs at least 3 months in advance) for technical changes in the future.

Subjects

• Registration for API Access - Who can access the APIs, under what criteria?
• OAuth 2 and Strong Customer Authentication Workflows - How, when, and under which conditions will Strong Customer Authentication be processed?
• OAuth 2 Endpoints - How is OAuth 2 implemented?
• Open Banking API Endpoints - How to call the endpoints, what do they return?
• Fallback Mechanism - What is the fallback mechanism, and how to use it?

API Specifications

If you want to dive directly into the APIs, they are documented as OpenAPI Specification (Swagger) files:

• View OAuth 2 Endpoints Specification
• View Open Banking API Endpoints Specification

Contact us

• Need some help? Get in touch with CIC