Web Services

The Web Services protocol is a modern and safe data communications solution for connections between the financial administration of a company and the systems of a bank.

Web Services protocol

The Web Services protocol is intended for the transmission of payment files between your company and the bank. The protocol is a connection type transmitting files, and in this respect it deviates from corporate netbank, which is interactive.

Your benefits:

  • The connection can be automated and timed. 
  • The data communications connection is always encrypted, so you do not need a separate VPN connection.

PKI certificate

The Web Services connection identifies customers with a PKI certificate (Nordea eID), which corporates can retrieve from Nordea with their own bank connection software.

The software should send a request for a certificate which consists of the customer name, user ID and country code of the customer stated in the agreement. The request is secured with an activation code received via an SMS message delivered to the mobile phone number of the administrator specified in the agreement.

If your bank connection software does not have a feature for downloading the certificate, you can download the Nordea Security Client (NSC) by choosing “Certificate Download: Download of Nordea Security Client” below. Once downloaded you can start the client and fill in the customer name, user ID, country code, and activation code received via SMS, and send the certificate request. 

You can also refer to "Nordea Security Client-User Guide" for more detailed instruction. When you receive the certificate, you have to give a password to protect it. You can export the certificate directly for the use of the bank connection software, or it can be stored locally on the windows certificate store. Please refer to the detailed instruction available in the bottom of this page.

A retrieved certificate is valid for two years. It is your company's responsibility to renew it before it expires. Some bank connection software will notify the user of the certificate's expiry in advance, enabling users to renew their certificate without an interruption to the service. 

Depending on the software, the renewal may be done fully automatically or you can download a new certificate as described above, for which you can order a new activation code from Nordea Business Centre or from Nordea's E-support for Corporate Customers, tel. 0200 67230 (local network charge/mobile call charge), provided that the administrator's mobile phone number is saved in the bank's agreement register. An activation code is valid for 7 days.

Certificate Download

  1. Opens new windowDownload of Nordea Security ClientOpens new window
  2. Nordea Security Client - User Guide (pdf, 763 KB)Opens new window
  3. How to export a certificate to a PSKC #12 file (pdf, 660 KB)Opens new window
Start using

How to start using the services

Your company must make an agreement on the use of the Web Services protocol with Nordea. You can start using the service by calling Nordea Business Centre. In addition, you need bank connection software that supports the Web Services protocol. In Finland the use of the protocol so far requires local agreements.

The PKI certificate is used for identifying a customer in the Web Services protocol. 

Service descriptions
File types
SHA256 Change and Migration

How to start using the services

Your company must make an agreement on the use of the Web Services protocol with Nordea. You can start using the service by calling Nordea Business Centre. In addition, you need bank connection software that supports the Web Services protocol. In Finland the use of the protocol so far requires local agreements.

The PKI certificate is used for identifying a customer in the Web Services protocol. 

SHA256 Change and Migration

In support to provide secure services and solutions to our customers, Nordea will discontinue the support of the SHA1 certificate and signing signature because of weaknesses in the SHA1 algorithm, and replace it with SHA256.

Documents:

1. Technical change description: Web Services SHA256 - Technical Change Description (pdf, 383 KB)Opens new window

2. Frequently Asked Questions: Web Services SHA1-SHA256 Migration FAQ (pdf, 261 KB)Opens new window


Certificates:

1. Customer SHA256 DEMO certificates(RSA 2048 Bits). Customers can use these to test whether systems can handle SHA256 certificates and establish Web Services connection to existing and new services. 

Only GetUserInfo, and DownloadFileList and DownloadFile function with file type of VKEUR can be used by DEMO certificates. Please don't renew or revoke these certificates because they are shared for all customers.

With GetUserInfo, response will be ResponseCode=24, ResponseText=Content not found. This means that the connection was successful but there is no service overview to show with this test user. 

 

2. Nordea's Web Services signature certificate and its Root CA certificates in SHA256 service (new service, link can be found from Technical change description document)

This is the certificate Nordea uses to sign Nordea's responses to customers in SHA256 service. Certificate validity is about 2years.

If customers validate Nordea's responses using this certificates, this certificate needs to be installed.

Possible error for customers who didn't install it correctly: error related to certificate validation. 

In case of errors especially when you have uploaded payment files, please don't send in files again, but contact Support team instead. 

This is the Root certificate of the signature certificate of Nordea Web Services server in SHA256 service. Certificate validity is 15years.

If customers validate Nordea's responses using this certificates, this certificate needs to be installed.

Possible error for customers who didn't install it correctly: error related to certificate validation. 

In case of errors especially when you have uploaded payment files, please don't send in files again, but contact Support team instead. 

Interested?

Contact Us