nemiah
DKB issues since server change
Hi everyone,
yesterday was the deadline to use the new fints url for DKB. After implementing the changes we are now facing some issues when verifying the now updated credentials (TAN Mode 940 instead of 921):
Message: FinTS errors:
9050 (global): Teilweise liegen Fehler vor.
9010 (wrt seg 3): Verarbeitungssystem nicht verfügbar.
Request segments:
HKSPA:3:3'
Fhp\Protocol\ServerException in zend/library/Fhp/Protocol/ServerException.php(170)
#0 /Fhp/FinTs.php(963): Fhp\Protocol\ServerException::detectAndThrowErrors(Object(Fhp\Protocol\Message), Object(Fhp\Protocol\Message))
#1 /Fhp/FinTs.php(307): Fhp\FinTs->sendMessage(Object(Fhp\Protocol\Message))
#2 [...]/Api/Bank/Hbci.php(130): Fhp\FinTs->execute(Object(Fhp\Action\GetSEPAAccounts))
This stack trace is after authorizing the TAN request in the DKB APP and resubmitting the Action. This works fine for other banks and even before the server change with DKB.
Am I the only one with these issues? Maybe I am missing something which is now required.
FWIW I have reverted the new DKB URL for now until I have more time to look into this. With the old URL (https://banking-dkb.s-fints-pt-dkb.de/fints30) everything (still) works as expected.
I just noticed this: https://help.outbankapp.com/de/kb/articles/dkb-fints-umstellung-2024
Darlehenskonten nicht mehr über FinTS abrufbar Seit der Servermigration übermittelt die DKB keine Darlehenskonten mehr über die finTS-Schnittstelle.
And that's exactly the kind of account I have tested with. I hope that this is only temporary.
Update: The situation has improved. I can now synchronize credit accounts without issues but I have to re-authenticate every time I do it. Luckily the old server is still available for now. I'll report back here if anything changes.
I can confirm this behaviour - same here. The old server working flawlessly up to now. The new one is working as well but requires re-authentification on every Umsatzabfrage.
Maybe it's the same like with Sparkasse and you have to persist and re-use the last session or at least save and restore the Kundensystem-ID like in #471
Unfortunately not. My code is running flawlessly with Sparkasse Accounts and DKB accounts as well as long as I am using the "old" DKB Server. So I guess the way I am persisting and reusing the kundensystemId should be generally fine. Then again my code is running on the latest "release" version of this lib and not on the latest master...
However I am not sure if this is even is a problem of the lib, it could possibly also be an issue with the new DKB system. If everything would be fine DKB would probably already be fading out the old system.
If anyone is interested I could be providing logs to further analyze the situation? (I myself am unfortunately not very familiar with the protocols and have difficulty analyzing what is going on under the hood...)
The same here. I am already reusing the Kundensystem-ID for Sparkasse which works just fine.
@peukerjonathan
However I am not sure if this is even is a problem of the lib, it could possibly also be an issue with the new DKB system. If everything would be fine DKB would probably already be fading out the old system.
I fear it is actually be design - both the end customer ("Es ist erforderlich, dass du jede Anmeldung bzw. jeden Umsatzabruf mit der DKB-App oder chipTAN bestätigst.") and the business customer ("Aus Sicherheitsgründen ist zukünftig bei jedem Login bzw. Umsatzabruf eine Autorisierung erforderlich. Die Bestätigung erfolgt mittels DKB-App oder mit einer TAN (chipTAN).") fints information pages of the DKB state that with their new FinTS access, a TAN / confirmation is required for any signin (including retrieving transactions). Their documentation even includes to leave the "Kunden-ID" empty, suggesting they don't use it.
So based on this information we can assume that unsupervised automated data synchronization will not really be possible with the new DKB server once the old server is not usable anymore.... what a shame.
Well maybe the responsible persons at the DKB will change their mind in the future - but if this turns out to be true maybe this information should be placed in the "Banks with special needs" part of the libs readme file ;-)
Hi everyone, i am also experiencing problems since the server change. I did some debugging and i do not get the TAN-method 940 as available TAN-method. I only get 910 and 913 as TAN methods back. I have all apps installed on my mobile.
Does anyone of you have any hints what to do?
Regards
I would recommend to get in touch with DKB customer support to make sure there is a device connected and correctly set up for Push TAN. Getting presented with only 910/913 indicate that there is no device available for Push TAN.
It seems they stopped processing new TAN requests on the old server some days ago. The new server works for me, but needs a new TAN for every request. Are you sure that you are using the new server, https://fints.dkb.de/fints?
Hi Roben, yes i changed the URL as it was not working anymore with the old one. I think TAN-generation would be no problem if i have the TAN-mode 940 available.
Hi, now it is suddenly working. 940 is available. I did nothing on my side and DKB now brings back the TAN-mode. Thanks for your quick replies!
It's also working for me. And for the record, they do log you out, even after less than 24h, so when you reuse a (perfectly persist()-ed) session a while later, they will ask for 2FA again. I checked and it's not a case of #458, i.e. they don't send 9391 to offer a session token refresh. They simply want a new 2FA and there's nothing we can do about that besides comply or lobby against it.
So I think we can close this given that the original issue (with TAN mode 940) got apparently fixed on the DKB server side and there are no other actionable issues here.
@Philipp91 do you by any chance know how long it takes until the forced logout?
And do you know wether it is preventable by interacting with the server within a given timeframe? If so I would consider implementing a dedicated DKB subroutine into my software to keep the session alive - e.g. reading transactions every few hours for a DKB account instead of every 24 hours as I am currently doing with other banks....