File Transfer
Payments are transmitted most efficiently as files through a file transfer service. Your company can choose to upload and download files manually from our File transfer service in Corporate Netbank or automate the process of the upload and download directly from your financial administration or ERP system with a Host-to-Host solution, which enables routine tasks to be managed automatically.
Customers of Corporate Access and Corporate eGateway use File Transfer service to connect and transmit the files to and from Corporate Access and Corporate eGateway.
File transfer via Host-to-Host has no user interface, such as of our Netbank solutions. Corporate customers must always conclude an agreement with Nordea on the transmission of payment files. Extended technical knowledge is needed for implementing the solution. Nordea recommends a 3rd party service/software provider if the necessary in-house knowledge is not available on the customer’s side.
The customer using File Transfer services need to have proper and professional process for Certificate change. Nordea sends out information regarding certificate change via our Cash Management newsletter Subscription service. Certificates are published below in the “Certificate download” section of the page.
Your benefits
-
Easy and low cost transferring of files
-
Automatic sending and receiving of files
-
Handling of large files
-
File transfer service is available 24 hours a day every day
-
You can send payment files to Nordea and download account reports when it best suits your company
-
Support during business hours
Several communication protocols/methods are supported in File transfer via Host-to-Host:
Web Services is a modern and safe channel for the data communication between Customer’s ERP system and the bank’s system. The Web Services protocol is based on common global standards and complies with the definitions of the World Wide Web Consortium (W3C). In Web Services, connection data is SSL encrypted in the Internet TCP/IP network. Customers and the bank are identified using PKI standard.
With the Web Services standard, Nordea offers a data communication protocol to corporates, Public Key Infrastructure (PKI) identification and security specifications in line with the definitions of the Web Services Interoperability Organization.
There are two Web Services offerings: One is Finnish and eGateway Web Services, and the other is Corporate Access Web Services.
Finnish and eGateway Web Services is designed for the transmission of the XML files, such as ISO20022 files, Corporate eGateway files, and also the local Nordea Cash Management (CM) service files in Finland. It requires local agreements in Finland or agreements of Corporate eGateway. More information of the service is available in Nordea.fi.
Corporate Access Web Services is designed for Corporate Access. It is for the transmission of Corporate Access Payable (CAP) files, and it requires Corporate Cash Management Agreement with a CAF eService. More information of the services is available in Corporate Access page.
SWIFTNet for Corporates Fact Sheet
SWIFTNet for Corporates is an access for corporate customers to the highly secure and reliable SWIFT Network, which for years has been used as an international platform for exchanging financial messages between banks. Corporate customers can get access to this network and exchange data with financial institutions.
SWIFTNet is a standard communication method to exchange data/files to Corporate Access, Corporate eGateway, and Finnish Corporate Payment Services.
According to the rules set by SWIFT, we offer our corporate customers access to send and receive messages like payment instructions, account statements etc. For more information please contact your local Cash Management adviser or send a mail with your question to: swiftnetsupport [at] nordea.com (swiftnetsupport[at]nordea[dot]com).
In the description you will find information about the set-up in connection to SWIFTNet FileAct communication between companies and Nordea. The SWIFTNet FileAct solution offered by Nordea is fully compatible with SWIFTNet security and communication standards. Links to relevant documentation from SWIFT can be found in the document below. The document is intended for technical staff at the company. For access details please contact your local Cash Management adviser.
Security and communication description for SWIFTNet FileAct.
SFTP Protocol Cryptographic Standard
SFTP is a standard communication method to exchange data/files to Corporate Access and Corporate eGateway.
sFTP secures the transport of the files. Approval of the content of the file and authority to the service has to be applied as described by the receiving service, i.e Corporate Access and Corporate eGateway.
One of the key values for the customers regarding SFTP is its easy implementation process.
PEPPOL is a network for handling electronic procurement and invoices, and is widely used by municipalities and governmental entities and their counterparts handling electronic procurement and invoices.
Norwegian PEPPOL Payment (earlier called Enhanced PEPPOL) is an extension of PEPPOL which also handles secure transfer of payments, and the service can handle all existing file messages in ISO20022/XML.
Enhanced PEPPOL is a supported communication method in Corporate Access.
On this page you can download Nordea's Public Key Certificates for automated file transfers. Nordea uses Entrust CA Certificates which may be downloaded from here.
For information about Finnish and eGateway services, please visit our local Nordea.fi site (in English).
Nordea uses the same Public Key Certificate for signing, encrypting, and SSL. Nordea's certificate together with intermediary certificates may be downloaded using the links below.
New certificates
Production environment – Valid from Oct 8th 2024
Test environment (zip) – Valid from Sep 26th 2024
SSL.com CA Root and Intermediate certificates used by Entrust certificates after 26.10.2024 CEST (Nordea switchover to SSL.com)
Nordea Public RSA key in SSH2 and open SSH format can be downloaded using the links below.
SSH2
New keys (with 2-year validity)
Production environment – Valid from Oct 8th 2024
Test environment (zip) – Valid from Sep 26th 2024
OpenSSH
New keys (with 2-year validity)
Production environment – Valid from Oct 8th 2024
Test environment (zip) – Valid from Sep 26th 2024
The Nordea PGP Public Keys may be downloaded using the links below.
New PGP keys valid from June of 2023
Test environment (zip) Valid from June 8th, 2023, at 10:00 CET
Production environment (zip) Valid from June 15th, 2023 at 10:00 CET
Old PGP keys valid from Aug and Sep of 2021
Test environment (zip, 2 KB) - Valid from August 31, 2021 at 10.00 CET
Production environment (zip, 2 KB) - Valid from September 7, 2021 at 10.00 CET
SSL certificate of the EBICS and Corporate Access Web Services servers. Nordea's certificate together with intermediary certificates may be downloaded using the links below.
New certificates
Production environment – Valid from Oct 8th 2024
Test environment (zip) – Valid from Sep 26th 2024
SSL.com CA Root and Intermediate certificates used by Entrust certificates after 26.10.2024 CEST (Nordea switchover to SSL.com)
Treasury File Service is a Nordea solution for treasury departments and financial institutions to generate file payments in SWIFT-format from their own system. If you have debit accounts in Nordea you can make financial and intra-company payments via the file service or in Nordea Sweden and Finland you can even make internal cash pool payments plus pre-advise Nordea about financial payments to come. Before you can start sending payments via the Treasury File Service, a test file must be sent to Nordea at least two weeks in advance of every test and customer set-up.
The test requires a so called SHA1 sum in the end of the file. You can check the SHA1 sum for testing purposes by downloading a utility provided by Nordea in order to check that the Hash value is correct.
Instructions
1. Check that you have Java version 1.6 otherwise it can be found at Java
2. Download the Java program
3. Drop your test file into the validation program.
The program calculates SHA1, SHA2 and a HMAC sum. For treasury files, SHA1 is used and others are not supported.
Below you can drop the MT101 Treasury File into the Swiftvalidator, included the Hash code. A SHA1 hash should be calculated on the complete SWIFT MT101 message from Block 1 to Block 4 and placed after the Block 4 after a <CRLF> AND should be followed by another <CRLF>. The outcome are showing in the validation result.
The validations are gradual.
1. Block control
2. Structure control
3. Content control
4. Hash control
Before you can start sending payments via the Treasury File Service, a test file must be sent to Nordea at least two weeks in advance of every test and customer set-up. The tests first of all deal with handling of file content in the IPS system (International Payment Services) and they are handled together with IPS-IT. If you use the systems TWIN or CRM you do not need to make a test.
| Protocol/service | Support unit | Contact information | Opening hours |
|---|---|---|---|
| AS2, FTP/ VPN, SFTP, Corporate Access Web Services | File transfer and communication support | Production environment Tel: +46 823 9930 | Mon-Fri 8.00 - 18.00 CET |
| SWIFTNet for Corporates | SWIFTNet Support | +46 771 77 69 75 SWIFTNetSupport [at] nordea.com | Mon-Fri 7.00-18.00 CET |
| Finnish and eGateway Web Services | Finland | ||
| GiroLink | GiroLink | +46 771 77 69 92 | Mon- Fri 8.00-18.00 CET |
| Corporate eGateway | +46 771 77 69 75 egatewaysupport [at] nordea.com | Mon-Fri 7.00-18.00 CET | |
| Treasury File | Treasury File Service test | ||
| Test support for Swedish file services | +46 8 22 22 02 pg.kundtester [at] nordea.se | Mon-Fri 8.00 - 17.00 CET | |
| Test support for Norwegian file services | Support | +47 232 06002 | Mon-Fri 8.00 - 17.00 CET |
As a data controller Nordea Bank Abp processes personal data to deliver the products and services that are agreed between the parties and for other purposes, such as to help you with your request or comply with laws and other regulations. For detailed information on Nordea Bank Abp's processing of personal data, please review Nordea’s privacy policy, which is available on Nordea’s website or by contacting Nordea Bank Abp. The privacy policy contains information about the rights in connection with the processing of personal data, such as the access to information, rectification, data portability, etc.
The information provided by you will be processed in accordance with Nordea’s Privacy Policy. Please do not provide any sensitive or financial information in this form. Should you have a banking related question, kindly contact us through your Netbank or customer service.
Change description document: Remove Insecure setting in AS2 and SFTP
Timeline:
PREPROD: change implemented on May 15th 2023
PROD: change implemented on October 18th 2023 at 09:00 CET.