Built for developers

At Finch, we've made it it fast and easy for you to build great products right away.

Integration & Testing

Easy integration and testing via our Postman collection with pre-loaded sample data sets for a variety of banks and use cases.

Single API

Simple, one-time API integration offering multiple endpoints to easily add new product plans or custom features with minimal effort.


Digitally signed JWTs using cryptographically generated Client ID/Secret Key, 86400 sec expirations, HTTPs, and non-sensitive data payloads.

Built for developers

Start testing with real transaction data today

Create account
  • Access to Developer Test Plan

  • Access to test data sets

  • Bank, card or aggregated data

  • Email Support

  • Batch or Overnight processing

  • Up to 100 end-users or 1000 transactions

Create account


Our ASAE-3150 assurance report covers all of the Schedule 2 security requirements, including over 24 prescribed security controls under CDR such as multi-factor authentication, firewalls, protections against malware and data leakage, user access and systems monitoring.

Secure Environment

Our physical infrastructure is hosted and managed on Sydney-based servers in ISO 27001, SOC 1 & SOC 2, and PCI Level 1 certified data centres.

Data Encryption

Customer data enters through our REST APIs (using HTTPS) and encrypted-in-transit using the SSL/TLS protocol. Data at rest is encrypted using 256-bit Advanced Encryption Standard (AES-256).

Firewalls & Restricted Access

Firewalls are utilised to restrict access to systems from both external networks and internal systems. Administrative access within our systems and to customer data is restricted and requires physical multi-factor authentication keys and strong password controls.