CA+ API integration services (Credit Agricole Ukraine · OpenBanking)

Protocol analysis, IBAN & UAH transfer APIs, statement export, and compliant data integrations for the Ukrainian retail banking stack

From $300 · Pay-per-call available

OpenData · OpenFinance · NBU OpenBanking · Protocol analysis

Connect CA+ accounts, transactions, and savings to your back office — under Ukrainian open banking rules

CA+ is the flagship retail mobile banking app from Credit Agricole Bank Ukraine, a TOP-3 most reliable bank in the country and a member of the global Crédit Agricole Group. We deliver clean, documented integrations that read account balances, transaction history, IBAN transfers, currency exchange events, and mobile savings positions — aligned with the National Bank of Ukraine (NBU) open banking framework that went live on 1 August 2025.

Account & balance APIs — Login flow mirrors CA+ authorization (phone + card number or tax code, biometrics, PIN). Pull card and IBAN balances in real time for personal finance dashboards or treasury tools.

Statement export & categorisation — Transaction history with categorisation (the same category icons CA+ shows in its history thread), filtered by date range, card, or merchant; export to JSON, CSV, Excel, or PDF.

Mobile savings & deposits — Read positions on the in-app mobile savings (up to 8% p.a.) and term deposits, with accrual snapshots for accounting and tax reporting.

Bill pay & mobile top-ups — Programmatic access to saved billers (utilities, mobile carriers, favourite companies) and replenishment flows used inside CA+, suitable for SME accounts payable automation.

Why CA+ data matters for OpenBanking integrations

CA+ replaced the older CA Mobile Ukraine app and is now the only mobile channel for Credit Agricole Bank Ukraine's retail customers. It exposes structured financial data — card balances, IBAN movements, FX conversions, deposit positions, scheduled payments — that businesses and fintechs increasingly need to connect into accounting platforms, ERP systems, AML tooling, and cross-border consolidation dashboards. Following the NBU's August 2025 launch of open banking, third-party providers (TPPs) authorised by the National Bank can request standardised access to such data with explicit customer consent, mirroring the EU's PSD2 model.

Our work focuses on the practical gap between published open banking specs and a production-ready client: protocol analysis of the live CA+ flows, mapping of internal field names to ISO 20022 / Berlin Group equivalents, and a hardened SDK that Ukrainian and international teams can drop into their stack. We do not bypass authentication; we build adapters that the customer's authorised user signs into, in the same way they sign in to the official app, and we follow the data-minimisation guidance issued by the NBU.

Feature modules

1. Authentication & session

Replicates the CA+ registration path — phone number plus card number or tax code (РНОКПП) — and the per-session login choice between biometrics, PIN, and password. Sessions refresh on a rolling token, so long-running automations stay valid without storing credentials in plain text.

2. Card & IBAN balances

Returns multi-currency balances per card and per IBAN account, including authorisation holds and the available limit on credit cards. Useful for treasury dashboards that consolidate UAH, USD, and EUR positions across several Ukrainian banks.

3. Transaction history & categories

Streams entries from the CA+ history thread with the original category labels (groceries, transport, utilities, salary, FX, transfers). Supports date-range filters, merchant filters, and incremental sync via cursor — purpose-built for bookkeeping and personal-finance categorisation engines.

4. IBAN & peer-to-peer transfers

Initiates fee-free transfers between Crédit Agricole accounts and instant IBAN transfers within the bank (the feature added in 2024). Works for both card-to-card and IBAN-to-IBAN flows, with idempotency keys that prevent accidental duplicate payments in batch runs.

5. Currency exchange & FX events

Reads the in-app currency exchange feature: rate snapshots at execution time, source and destination card, and resulting balance impact. Suitable for FX P&L reports and audit trails when converting USD/EUR/UAH inside CA+.

6. Mobile savings, deposits & loans

Pulls open positions on mobile savings (with the published yearly rate, up to 8%), term deposits, and any active loans or credit-card eligibility checks. Returns accrued interest and maturity dates for downstream forecasting.

Data available for integration

The following inventory maps each CA+ in-app surface to the data we can expose via integration. All access is performed under explicit user authorisation; we follow the NBU's data-minimisation and consent rules.

Data type	Source (CA+ surface)	Granularity	Typical use
Card balance	Main screen card carousel	Per card, real-time	Treasury dashboards, low-balance alerts
IBAN account balance	Account details	Per IBAN, multi-currency	SME accounting reconciliation
Transaction history	History thread	Per transaction, with category	Bookkeeping, ERP sync, AML monitoring
Currency exchange events	In-app FX module	Rate, source, destination, timestamp	FX P&L, audit trail
Mobile savings position	Savings card	Balance, accrued interest, rate	Personal-finance forecasting
Term deposit position	Deposits screen	Principal, rate, maturity	Maturity calendars, tax reports
Loan / credit card limit	Loans & cards screen	Limit, used, remaining	Credit utilisation analytics
Saved billers & templates	Bill pay screen	Per biller, per template	Accounts-payable automation
Scheduled payments	Payments screen	Date, amount, beneficiary	Cash-flow projections
Card limits & status	Card management	Daily limits, blocked state	Fraud control, risk scoring

Typical integration scenarios

A. SME accounting sync (BAS, M.E.Doc, 1C)

Business context: Ukrainian SMEs that hold their operating account in Credit Agricole still re-key statements into BAS, M.E.Doc, or 1C. Data involved: IBAN balance, daily transaction list, FX events, scheduled payments. OpenData mapping: account information service (AIS) under the NBU framework, with read-only consent renewed every 180 days, and ISO 20022 camt.053-style daily statements pushed to the customer's accounting suite.

B. Personal finance & budgeting tools

Business context: PFM apps that aggregate Privat24, Monobank, Sense SuperApp, and CA+ in one view. Data involved: card balances, transaction stream with CA+ categories, mobile savings yield. OpenFinance mapping: a single user-consented connector that delivers categorised transactions and recurring-spend detection without storing the user's CA+ password — only short-lived session tokens are kept.

C. Cross-border treasury for Polish/French parent groups

Business context: groups with subsidiaries in Ukraine often need to consolidate Crédit Agricole Ukraine balances with Crédit Agricole Polska (CA24 Mobile) and the parent CA SA accounts in France. Data involved: end-of-day IBAN balance, FX rates, intercompany transfers. OpenBanking mapping: combined PSD2 (EU side) and NBU (Ukraine side) AIS calls, normalised into a single multi-entity view.

D. AML & compliance monitoring

Business context: regulated entities and crypto on-/off-ramps must monitor inflows and outflows on Ukrainian bank accounts. Data involved: transaction stream, beneficiary IBAN, narrative, MCC codes when present. OpenData mapping: streaming webhook from a TPP gateway into the customer's AML engine, with the NBU's encryption and data-retention rules applied at every hop.

E. Loan origination & credit decisioning

Business context: Ukrainian fintechs offering BNPL or microloans want a 90-day income proof from CA+ without manual PDF uploads. Data involved: salary inflows, balance trajectory, FX activity, credit-card utilisation. OpenFinance mapping: a one-shot AIS consent that delivers a redacted statement to the lender's underwriting engine, scored and discarded after the decision per data-minimisation rules.

Technical implementation & API examples

Login & session refresh

// Authorise a CA+ session via our adapter
POST /api/v1/caplus/auth/login
Content-Type: application/json
X-TPP-Id: tpp_demo_01

{
  "phone": "+380XXXXXXXXX",
  "factor": "card_number",      // or "tax_code"
  "card_number": "4149XXXXXXXX1234",
  "device_fingerprint": "dvc_8f2..."
}

// Response (truncated)
{
  "session_id": "ses_01HRZ...",
  "expires_in": 600,
  "next_step": "otp_required",
  "challenge_id": "chl_01HRZ..."
}

Statement query (history thread)

POST /api/v1/caplus/statement
Authorization: Bearer <ACCESS_TOKEN>
Content-Type: application/json

{
  "iban": "UA213996220000026XXXXXXXXXXXXX",
  "from_date": "2026-03-01",
  "to_date":   "2026-03-31",
  "currency":  "UAH",
  "page_cursor": null
}

// Response (item)
{
  "id": "txn_01HS...",
  "posted_at": "2026-03-14T08:21:11Z",
  "amount": -245.50,
  "currency": "UAH",
  "category": "groceries",
  "merchant": "ATB-Market",
  "card_last4": "1234"
}

Webhook: balance & OTP events

POST https://your-app.example/webhook/caplus
X-Signature: sha256=...

{
  "event": "balance.changed",
  "iban":  "UA21399622...",
  "card_last4": "1234",
  "delta": -245.50,
  "currency": "UAH",
  "occurred_at": "2026-03-14T08:21:12Z"
}

// Error envelope (consistent across endpoints)
{
  "error": {
    "code": "consent_expired",
    "message": "AIS consent expired; user must re-authorise.",
    "doc": "/docs/errors#consent_expired"
  }
}

Compliance & privacy

All CA+ integrations we deliver follow the National Bank of Ukraine (NBU) open banking rules that went live on 1 August 2025, with the five-month implementation window for banks and TPPs running through January 2026. Where customers operate cross-border, we also align with the EU's PSD2/PSD3 Account Information Services (AIS) and Payment Initiation Services (PIS) regimes, plus GDPR for data subjects in the EEA. Consent is explicit, time-boxed (typically 180 days for AIS), revocable from the customer's portal, and recorded with a full audit log.

We minimise data: only fields the integration actually needs are stored, encryption is enforced in transit (TLS 1.3) and at rest (AES-256), and OTP-protected actions in CA+ remain OTP-protected end-to-end. For TPP-style flows, the NBU requires registration and an electronic certificate to access bank APIs; we help teams prepare the document package and structure their cybersecurity controls accordingly.

Data flow / architecture

A typical CA+ integration follows four nodes: (1) Client App / User → (2) CA+ Adapter (TPP gateway) → (3) Normalisation & storage → (4) Downstream API or analytics. The adapter handles authentication, session refresh, and rate limiting; normalisation maps CA+ field names to ISO 20022 / Berlin Group equivalents; storage holds only consented data with the agreed retention window; downstream consumers (ERP, PFM, AML, BI) read through a single REST or GraphQL surface, optionally enriched by webhooks.

Ingestion: signed REST calls + push webhooks for balance and OTP events
Normalisation: ISO 20022 camt.053 / pain.001 mapping where applicable
Storage: encrypted Postgres or customer-supplied KMS keys
Output: REST + GraphQL + scheduled CSV/PDF statements

Market positioning & user profile

CA+ is positioned at retail and SME customers of Credit Agricole Bank Ukraine, one of the country's TOP-3 most reliable banks and the local arm of the global Crédit Agricole Group. The user base skews toward salaried professionals, agricultural and SME owners (a segment the bank historically serves), and Ukrainian customers who want a European-group bank rather than a domestic-only player. The app is available on Android and iOS, with feature parity, and competes with Privat24 and Monobank on the consumer side and with PUMB Online and Sense SuperApp on the SME side. Integration demand is concentrated in Kyiv-based fintechs, accounting-software vendors, and EU parent groups consolidating Ukrainian subsidiaries.

Screenshots

Click any thumbnail to view a larger version. Screenshots are sourced from the official Google Play listing for CA+.

Similar apps & integration landscape

Customers building on CA+ usually need to interoperate with the rest of the Ukrainian and European retail-banking ecosystem. The apps below frequently appear in the same integration projects; we frame them purely as part of the broader landscape, not as competitors to rank.

Privat24 — PrivatBank's flagship mobile bank with around 13 million active users; teams that integrate CA+ often need a unified transaction export across both Privat24 and CA+ for SME accounting.

Monobank — Universal Bank's fully digital app with high-cashback cards and a public personal API; CA+ users moving funds to Monobank produce IBAN transfer pairs that PFM tools should reconcile.

Sense SuperApp — Sense Bank's (formerly Alfa-Bank Ukraine) consumer and SME super-app; commonly aggregated alongside CA+ in business-banking dashboards.

UKRSIBBANK — A BNP Paribas Group bank in Ukraine; appears in cross-border use cases where European parent groups consolidate UKRSIBBANK and CA+ statements together.

PUMB Online — The mobile app of First Ukrainian International Bank (FUIB), one of the country's TOP-5 banks; SME treasury reports often combine PUMB and CA+ IBAN positions.

Pivdenny Bank — Odesa-based bank focused on SME and corporate clients; integrators add Pivdenny next to CA+ when serving south-Ukrainian businesses.

LiqPay — PrivatBank's payment app for QR and face-pay flows; merchants accepting LiqPay in addition to CA+ card payments need merged settlement reports.

Wise — Multi-currency international transfers; Ukrainian users move money between Wise USD/EUR balances and CA+ UAH accounts, and accountants need both sides linked.

Revolut — Pan-European neobank used heavily by Ukrainian customers in the EU; cross-border treasury views often pair Revolut with CA+ for full UAH/EUR coverage.

CA24 Mobile — Crédit Agricole Polska's retail mobile app; group-wide consolidations look at CA24 Mobile and CA+ side by side for personal customers crossing the Polish-Ukrainian border.

What we deliver

Deliverables checklist

API specification (OpenAPI 3.1 / Swagger)
Protocol & auth flow report (CA+ session, OTP, trusted-device)
Runnable adapter source: Python & Node.js (Go on request)
Sample data fixtures, Postman collection, and contract tests
NBU open banking compliance notes & data-retention guidance
Optional hosted endpoints with pay-per-call billing

Engagement workflow

Scope confirmation: which CA+ surfaces and which downstream targets.
Protocol analysis & API design (2–5 business days, complexity-dependent).
Build and internal validation (3–8 business days).
Docs, samples, contract tests, and compliance notes (1–2 business days).
Typical first delivery: 5–15 business days; NBU TPP onboarding may extend the timeline.

About us

We are an independent technical service studio specialising in App interface integration and authorized API integration. Our team has a decade of hands-on experience in mobile applications and fintech, with engineers who have shipped open banking adapters across the EU PSD2 perimeter and now in Ukraine under the NBU framework. We deliver one-stop services across protocol analysis, interface refactoring, OpenData integration, and third-party API integration.

Service scope: financial & banking apps, e-commerce, hotel/travel/mobility, social/OTT/dating apps
Deliverable type: ready-to-use API source code, OpenAPI docs, test plans
Coverage: Android and iOS protocol analysis, server-side reconstruction
Compliance: NBU open banking, EU PSD2, GDPR, internal audit-ready logs

Two engagement models:

Source code delivery from $300 — runnable API source code and full documentation; pay after delivery upon satisfaction.
Pay-per-call API billing — access our hosted API endpoints and pay only for the calls you make, no upfront fee.

Contact

To request a quote, share the target app and your concrete data needs (e.g. statement export, IBAN transfers, balance webhooks). We reply with scope, timeline, and a fixed price for the source-code option or a per-call rate for the hosted option.

Open contact page →

We sign NDAs on request and operate under documented customer authorisation only. We do not perform unauthorised access or work that bypasses bank security controls.

FAQ

What do you need from me to start?

The target app (CA+ in this case), a concrete list of data or operations you need (e.g. last-90-day statement, balance webhook, IBAN transfer initiation), and any sandbox or TPP credentials you already hold with the NBU. If you do not yet have TPP status, we can outline the registration steps.

How long does the first delivery take?

Most CA+ integrations land in 5–15 business days. Bank-side approvals or TPP onboarding can extend that, but we deliver a runnable source build and test fixtures first so you can start work in parallel.

How do you handle compliance under Ukrainian open banking?

We work only under documented user authorisation or via the NBU's TPP API channel once the customer is registered. Consent records, encryption keys, and retention windows are all documented in the delivery package.

Do you support cross-border consolidation with EU Crédit Agricole entities?

Yes. We frequently pair CA+ adapters with PSD2 connectors for Crédit Agricole Polska (CA24 Mobile) and the parent group, normalising both sides into a single multi-entity view.

📱 Original app overview (CA+ — full description)

CA+ is the fresh mobile banking app from Credit Agricole Bank Ukraine — a TOP-3 most reliable bank in the country and the local arm of the global Crédit Agricole Group. CA+ replaced the older "CA Mobile Ukraine" application (terminated on 31 May 2021) and is now the bank's only retail mobile channel, available on Android and iOS.

Handle your money

Check card balances instantly on the main screen
Easily transfer money between your accounts, for free
Exchange currency in app
Put extra funds from a card to a safe mobile savings and access them any time
See the category of your expenses in one glance from your history thread

Move funds and make payments

Replenish your Credit Agricole card in app for free
Send money to peers in Credit Agricole for free
Add your home address or favourite companies and pay bills from a Credit Agricole card for free
Top up your mobile or one of your contacts for free
Save any card to CA+ to promptly make transactions

Save or borrow

Mobile savings with up to 8% yearly, with instant withdrawal
Online term deposits with no transfer fees
Credit cards with up to 250,000 UAH limit; eligibility check without affecting credit history
Review and manage existing loans and deposits with an interactive visualisation

Security

Easy but secure registration via phone and card number or tax code
Login by biometrics, PIN, or password
Instant card block / unblock
OTP confirmation for important actions and trusted-device checks

Recent updates (2024–2025)

Instant IBAN transfers within Crédit Agricole Bank
Improved card-number scanning experience
VIP support line access for premium clients
Online opening of a digital credit card without visiting a branch

Package ID: ua.creditagricole.mobile.app. CA+ is a third-party trademark of Credit Agricole Bank Ukraine; this page describes integration positioning only.