Open Banking Specifics in Norway

# Authentication flows and SCA

Norwegian banks primarily support redirect authentication flows for Open Banking, with BankID serving as the dominant Strong Customer Authentication (SCA) mechanism. BankID is Norway's national electronic identity system, operated by the banks themselves and widely used across both private and corporate customers. However some banks also offer alternative SCA methods such as through their own mobile apps.

BankID is the most commonly used variant, offering a user-friendly authentication experience, although it requires input of personal identification code and app-to-app switching is not supported when Mobile BankID is installed on the device where authentication is initiated.

# Major Banks (ASPSPs)

The most widely used Norwegian ASPSPs, in order of significance, are:

• DNB
• SpareBank 1
• Nordea
• Handelsbanken
• Danske Bank

A full list of Norwegian banks (as per EBA) is available here (opens new window).

# Payment Specifics

All Norwegian banks support domestic credit transfers in NOK (Norwegian Krone) and SEPA Credit Transfers (SCT) in EUR via their open banking APIs.

Instant payments are well-established in Norway through the Straks real-time payment scheme, introduced in 2013. Most Norwegian banks support instant payments for domestic NOK transfers, enabling real-time settlement between banks.

SEPA Instant Credit Transfers (SCT Inst) in EUR is not currently supported by majority of Norwegian banks.

Norwegian banks are not legally required to verify payee names against account numbers for NOK-denominated payments. According to the Financial Contracts Act, if a bank executes a payment to the specified account number, the payment is considered correctly executed regardless of whether the payee's name matches.

# Specifics per ASPSP

# Danske Bank

Danske Bank in Norway uses redirect-based authentication flow with BankID or Mobilbank app for Strong Customer Authentication. If the mobile app is installed on the device where authentication is initiated, automatic app-to-app switching will be performed.

The bank supports both domestic NOK transfers and SEPA EUR payments through its open banking interface.

# DNB

DNB, Norway's largest bank, provides a comprehensive open banking interface supporting redirect authentication flow with BankID for Strong Customer Authentication. Prior to redirect to the DNB's authentication web page PSUs are required to provide their user ID, which is Norwegian national identity number for individuals or DNB-specific organization ID in the format XX12345 for legal entities. Both domestic payments in NOK and SEPA payments in EUR are supported.

# Handelsbanken

Handelsbanken's Norwegian operations provide open banking services with redirect authentication flow and SCA either using BankID or Handelsbanken mobilbank app.

Both domestic payments in NOK and SEPA payments in EUR are supported.

# Nordea

In Norway, Nordea provides redirect authentication flow for Open Banking with BankID as the primary SCA method.

Similar to other Nordic markets, when initiating payments Norwegian Nordea users need to perform two SCAs: first for getting the list of available accounts and second for the actual payment confirmation. The first SCA step can be avoided if the debtor account is known beforehand.

For the business users Nordea provides multiple account types managed through different systems. Open banking APIs differ for this systems and correspondingly when using Enable Banking API end-users have to choose different "brands" depending on the system they use. Available the options are:

• Nordea (for the users of Nordea Business (opens new window), which is used mostly by SME customers),
• Nordea Corporate (for the users of Nordea Corporate Netbank (opens new window), which is mainly used by larger companies),
• Norde First Card (for the users of Nordea First Card (opens new window) providing payment cards for businesses).

# Sparebanken Norge

Sparebanken Norge, previously Sparebanken Vest and Sparebanken Sør, operates in open banking under the old names until the technical merger of their open banking APIs.

# Sandbox Availability

Nordea provides a sandbox environment suitable for end-to-end testing including authorisation flows, account information retrieval, and initiation of payments.

It is available through the Enable Banking API's sandbox environment. Please refer to the Sandbox Credentials section for the credentials to be used for authentication in the Nordea sandbox.

The sandbox environment is also available for Nordea Corporate and Nordea First Card.

# SpareBank 1

SpareBank 1 (including various regional Sparebank 1 entities) offers open banking services with redirect authentication flow and SCA using BankID. In order to authenticate, PSU must choose their regional SpareBank 1 as the banks operate dedicated open banking interface for each region.

The bank supports both domestic NOK payments and SEPA EUR transfers.