Our consent driven open banking REST API enables accounting software, FinTechs, RegTechs and innovators to quickly and securely connect to consumer data from Australia's major banks and financial institutions.
Access accurate (reconciled daily) and reliable (direct from core banking systems) open banking data via a single REST API.
SISS Data Services has entered into formal data supply contracts with Australia’s largest banks and financial institutions to provide you access to consumer data.
Modelled on the Consumer Data Right (CDR) framework, SISS Data Services provides you with all the resources you need to build and grow your solution, including REST API, accreditation, and developer sandbox.
Direct Data Feeds
High quality, direct Data feeds directly from the Banks
Sandbox + Development
Start Building Your API Today in our Sandbox
More Data
Look at the list of Banks we have partnered with right now!
Data Recipient Accreditation
One central location to complete all your compliance
Single Rest API For Bank Data
Single Rest API to connect to Bank Data
The Open Banking Rest API is designed for Accounting Software Providers (ASP), FinTechs, RegTechs and software developers wanting access to accurate and reliable Bank and Credit Card Balance and Transaction Information.
- ✓ Single Rest API
- ✓ Sandbox & Development Portal
- ✓ Transactional based Pricing
- ✓ Major Banks
- ✓ Accurate & Reliable Data
- ✓ Direct Data Feeds (Core Banking System)
Our transactional pricing is month to month, no lock in contract, with no exit penalties. It is designed to get you connected quickly.
Set Up Fee - Access to our awesome support team and the Sandbox to connect your app
SISS Fee- This how we make our money
Bank Fee - This is the fee the banks charge us, directly passed onto you with no mark ups
Set Up Fee- $5,000 + gst
SISS Fee- $0.03 (3 cents) + gst per line item
Bank Fee- Nil to $0.05 (3 cents) + gst per line item
Search our data feeds
Key features
DIRECT DATA FEEDS
High quality data feeds directly from the banks
SANDBOX + DEVELOPMENT
Start building your API today in our sandbox
MORE DATA
Look at the growing list of banks we have partnered with to date
DATA RECIPIENT ACCREDITATION
One central location to complete all your compliance
SINGLE REST API FOR BANK DATA
Single REST API to connect to bank data
DIRECT DATA FEEDS
High quality data feeds directly from the banks
DIRECT DATA FEEDS
High quality data feeds directly from the banks
SANDBOX + DEVELOPMENT
Start building your API today in our sandbox
SANDBOX + DEVELOPMENT
Start building your API today in our sandbox
MORE DATA
Look at the growing list of banks we have partnered with to date
MORE DATA
Look at the growing list of banks we have partnered with to date
DATA RECIPIENT ACCREDITATION
One central location to complete all your compliance
DATA RECIPIENT ACCREDITATION
One central location to complete all your compliance
SINGLE REST API FOR BANK DATA
Single REST API to connect to bank data
SINGLE REST API FOR BANK DATA
Single REST API to connect to bank data
Who is the open banking REST API designed for?
The open banking REST API is designed for accounting software providers (ASP), FinTechs, RegTechs and software developers wanting access to accurate and reliable balance and transaction information for credit cards and bank accounts.
- ✓ Single REST API
- ✓ Sandbox & Development Portal
- ✓ Transactional Based Pricing
- ✓ Major Banks
- ✓ Accurate & Reliable Data
- ✓ Direct Data Feeds (Core Banking System)
We keep costs simple
Our transactional pricing is month-to-month with no lock-in contract and no exit penalties. It is designed to get you connected quickly.
Set up fee: Access to our incredible support team and the developer sandbox to connect your app.
SISS fee: A per transaction fee for our product and service.
Bank fee: This is the exact fee the banks charge us, directly passed onto you with zero mark ups.
Set up fee $5,000 +GST
SISS fee $0.03 (3 cents) +GST per line item
Bank fee Nil to $0.05 (5 cents) +GST per line item
Data Lifecycle
The following diagram highlights the phases of the data lifecycle.
Definitions
WSO2 Open Banking is the only purpose-built solution that provides all technology requirements for achieving complete open banking compliance using a single technology platform.
Data Custodians
Data Managers
Personnel directly responsible for the operational access and management of data.
Data Owner
SISS Data Services is the owner of all data collected, stored or managed by personnelof SISS Data Services.
Data Sources
The Bank or Financial Institution the Data Owner maintains an account with and obtains the data feeds from
Data Stewards
Personnel responsible for the integrity, availability, confidentiality, and quality of data management. There should be at least one designated data steward for each business unit or department.
Financial Information
Data that relates to a financial product or transaction from Data Sources that may contain information as detailed in Table 3 below.
Personal Information or PII
Any information or an opinion about an identified individual, or an individual who is reasonably identifiable.
SISS Data Services Data Resource
Data owned by SISS Data Services may reside in various systems and locations as required and justified by the business, these are consistently referred to as a single, shared resource.
All such data owned and managed by or on behalf of SISS Data Services is considered part of the SISS Data Services Data Resource.
Third Party
An individual, company or other entity that an individual has granted consent to access their personal information.
Data Types
| We'll help you comply with the regulation's Open API and security requirements |
We are part of the Data Standards technical working group and follow the regulation closely. We will ensure that the open banking solution is updated as and when the specification and security updates are released. This frees your team’s time to focus on more pressing tasks. |
| Our technology model and team, work well with yours |
We provide both cost-based and deployment-based engagement models catering to banks of any size. We also provide training programs that get your teams up-and-running with our technology in record time. |
| We assist in communicating the benefits of open banking to your customers |
Our work with European banks revealed some key concerns consumers had with open banking. We’ll use these as examples to address perceptions for Australian banking customers. The earlier you educate your customers, the more trust you build in them. |
| Use us to prepare for digital banking initiatives in Australia |
As open banking takes off, your customers will demand more services and products that make their lives easier. Your IT infrastructure needs to scale to meet these new demands. Our platform and domain expertise make us the ideal technology partner to help you become a market leader in digital banking. |
Data Types
SISS Data Services, through their feeds, may store the information as detailed in the table below.
Bank Account Data
Direct from Financial Institution
- Account Number
- Account Name
- BSB
- Transaction details
- Balance details
Credit Card Data
Direct from Financial Institution
- Tokenised Credit Card Number
- Card Name
- Transaction details
- Balance details
Contract Note Data
PDF of contract Note emailed to SISS & Direct from Financial
- Name of Account
- Account ID
Institutions system
- Email Address
- Transaction details
- Brokers details
Wrap & Managed Fund Data
Direct from Financial Institution
- Account Number
- Account ID
- Investment Holding details
- Transaction details
- Balance Details
Share Registry Data
Direct from Financial Institution
- HIN
- Account Name
- Investment Holding Details
- Transaction details
- Balance Details
Principles
The following principles outline the acceptable minimum requirements that must be adhered to by SISS Data Services and its personnel to provide high quality and easily accessible data while protecting the confidentiality, integrity and availability of data collected and provided by SISS Data Services.
Collection of Data Principles
- SISS Data Services owns the data collected, created, and provided via its services.
- A delegated Data Steward is responsible to ensure the ongoing confidentiality, integrity, availability and quality of information collected and provided.
- There is at least one Data Steward identified for each data type collected, created and provided by SISS Data Services.
- SISS Data Services will obtain consent from individuals for the processing, storing, and transfer of personally identifying information where applicable and relevant as required by the Privacy Act.
- Consent from an individual must be information and explicit.
- SISS Data Services will never utilise screen scraping to obtain or collect information.
Plan to Distribute Principles
- A delegated Data Manager is provided for each business unit or data type to ensure the data is availablein accordance with operational requirements to authorised parties only.
- Collected data is verified to be accurate and true from the supplying feed prior to delivery to SISS Data Services customers.
- SISS Data Services will be transparent in the use and purpose of the data sourced.
Assess Classification Principles
Open Banking in Australia was created to give consumers the power to control their own data. As holders of this data, every bank has a responsibility to ensure data protection when the data is shared across various data holders and recipients. A key aspect of building trust is through transparency. A few things you can do include
- SISS Data Services will ensure the accuracy and integrity of the information provided via its services.
- Data is classified as public or protected.
- Public data is any data that is made publicly available in accordance with compliance requirements such as media releases or is already directly available via public systems.
- Protected data is all SISS Data Services Data Resource that is not considered public.
- Data classified as public will require no special treatment or imposition of access controls.
- Data classified as protected will be stored securely and only made accessible where a suitable business need or justification has been demonstrated by the authorised party.
- The principles of least privilege and need to know are adhered to by SISS Data Services.
- Only authorised parties are provided access to data they require access to.
- Unauthorised parties are not provided access to any SISS Data Services Data Resource.
- Suitable business justification must be provided prior to access being authorised, enforcing the principle of "need to know".
Protection of Data Principles
- Data is protected against misuse, misconduct, and failing integrity through access control and authorisation limitations.
- All entities using SISS Data Services API or other interfaces to access SISS Data Services Data Resources must agree and adhere to terms and conditions with SISS Data Services.
- All entities using SISS Data Services API or other interfaces to access SISS Data Services Data Resources must implement appropriate and reasonable information security protections and controls.
- SISS Data Services may verify and request evidence of appropriate security protections and controls being applied by any entity accessing SISS Data Services Data Resources.
- Access to the API and other interfaces are reviewed and audited periodically to identify any potential misuse.
- SISS Data Services does not share personal or financial information with individuals or third-parties without completing identification verification.
- SISS Data Services will ensure that any breach of personally identifiable information collected or provided is identified and mitigated in a reasonable time period.
- SISS Data Services will ensure that any breach of personally identifiable information collected or provided is notified in accordance with the Notifiable Data Breaches Scheme.
Disposal of Data Principles
- Data that is no longer of value to SISS Data Services or its customers is securely destroyed within a reasonable time frame.
- All data, unless there no longer exists a value of personally identifying information, will undergo a de-identification process or be destroyed.
- All entities using SISS Data Services API or other interfaces to access SISS Data Services Data Resources must implement appropriate and reasonable information security protections and controls.
- Personally identifiable information will be destroyed in accordance with the Privacy Act 1988, ensuring PII is destroyed when it is no longer required.
- SISS Data Services will comply with appropriate legislation, for any requests made by an individual for the extraction, correction, or deletion of their own records.
- SISS Data Services provides individuals with the right to be forgotten (delete all data) when an individual has been identified accurately, via their financial institution or via an authorised third-party.
- SISS Data Services will, at their discretion, either destroy the client information where any record may result in or cause harm to an individual or anonymise it such that the individual can no longer be identified.
Review
SISS Data Services commits to reviewing and updating this policy on an annual basis or more frequently where required.