Someone appearently has reverse-engineered the Twint mobile app and published the API. Interesting stuff, although in German only: https://github.com/Globi-der-Hacker/Twint-API

The good thing is it looks solid from a security perspective (at least as long as you use a strong PIN and never forward any codes you receive by SMS).

You could probably use this API to build a web-shop and automatically process payments without paying Twint for a mearchant account. What other use-cases can you imagine?

by SliceLongjumping2688

2 comments

  1. The simple fact that you still receive codes by SMS is very much not secure.

  2. I can’t think of any other use-case than you mentioned, but considering that twint themselves have the most backwards api terms, I’m just glad that someone did the work and might make them reconsider their position.

    > Die API (Application Programming Interface, dt. Schnittstellendokumentation) von TWINT ist nicht öffentlich zugänglich *und wird auch nicht auf Anfrage zur Verfügung gestellt*. Eine Integration von TWINT in Online-Shops ist nur über einen Payment-Service-Anbieter oder ein entsprechendes Plugin möglich.

    Very progressive…

Leave a Reply