First of all, this information is provided by me @bjornsallarp as a result of my private investigations. Noone has assisted me or disclosed any details regarding the implementation at Länsförsäkringar Bank. I have no association with Länsförsäkringar, in fact, I'm not even a customer with their bank.
Länsförsäkringar Bank has not publically announced this API, this is the API they use for their iPhone application. It seems they are not too keen on people using this API given the token challenge they implemented possibly hoping it will keep me and you out. I would really like for all banks to publish public APIs and let users access their own personal information. I've written a longer blog post regarding this hack here: http://blog.sallarp.com/lansforsakringar-bank-api-hack-documentation
NOTE: Content type for all requests is: application/json; charset=utf-8
GET: https://mobil.lansforsakringar.se/appoutlet/security/client RESPONSE: {"number":178263227,"numberPair":"7ff1c2cfd1cfb21ee2b9a4b31394abef"}
(updates values in steps ahead)
Javascript code to successfully hash:
function calculateLFHash() {
// Convert string to integer
var challenge = parseInt($('#challenge').val(), 10);
// Add the magic number 4112
challenge += 4112;
// Convert to hex representation string. Must be lower case!
var challengeHexString = challenge.toString(16).toLowerCase();
// Hash and we're done!
var hash = Sha1.hash(challengeHexString);
$('#hash').val(hash);
}
POST https://mobil.lansforsakringar.se/appoutlet/security/client
BODY: {
"originalChallenge":178263227,
"hash":"20f15bb1b789db32f5b138655af6d7965e67190a",
"challengePair":"7ff1c2cfd1cfb21ee2b9a4b31394abef"
}
RESPONSE: {"token":"11f57d68-2849-4fb4-b02c-8aae595e75cb","lifetime":3600000}
POST: https://mobil.lansforsakringar.se/appoutlet/security/user HEADERS: ctoken: 11f57d68-2849-4fb4-b02c-8aae595e75cb, DeviceId: f8280cf34708c7b5a8bd2ed93dcd3c8148d00000 BODY: {"ssn":"8209250000","pin":"0000"} RESPONSE: { "name":"Firstname Lastname", "ssn":"1900-01-01", "lfCompanyBelonging":"08", "ticket":"06b895e0-84e7-4e83-8855-a17534d37bed", "ticketLifetime":1800000 }
The device id needs to be set but it doesn't have to be a real device id of course. This example uses a fake id and it works.
You now have the artifacts (token and ticket) you need to use the API.
POST https://mobil.lansforsakringar.se/appoutlet/account/bytype HEADERS: ctoken: 11f57d68-2849-4fb4-b02c-8aae595e75cb, utoken: 06b895e0-84e7-4e83-8855-a17534d37bed, DeviceId: f8280cf34708c7b5a8bd2ed93dcd3c8148d00000 BODY: {"accountType":"SAVING | CHECKING"} RESPONSE: { "accounts" : [ { "accountName" : "Kortkonto", "accountNumber" : "00000000", "balance" : 1.1399999999999999, "clearingNumber" : "0", "dispoibleAmount" : 1.1399999999999999, "ledger" : "DEPIOSIT", "productCode" : "11", "transferFrom" : true, "transferTo" : true, "youthAccount" : false }, { "accountName" : "Lönekonto", "accountNumber" : "00000000", "balance" : 1.05, "clearingNumber" : "0", "dispoibleAmount" : 1.05, "ledger" : "DEPIOSIT", "productCode" : "11", "transferFrom" : true, "transferTo" : true, "youthAccount" : false }, { "accountName" : "Internet", "accountNumber" : "00000000", "balance" : 0.0, "clearingNumber" : "0", "dispoibleAmount" : 0.0, "ledger" : "DEPIOSIT", "productCode" : "11", "transferFrom" : true, "transferTo" : true, "youthAccount" : false } ] }
accountType can be either SAVING or CHECKING. Those are the only two I've found so far.
Response information (such as account numbers etc) has been altered to anonymize it.
POST https://mobil.lansforsakringar.se/appoutlet/account/bynumber HEADERS: ctoken: 11f57d68-2849-4fb4-b02c-8aae595e75cb, utoken: 06b895e0-84e7-4e83-8855-a17534d37bed, DeviceId: f8280cf34708c7b5a8bd2ed93dcd3c8148d00000 BODY: {"accountNumber":"00000000"} RESPONSE: { "accountName" : "Kortkonto", "accountNumber" : "00000000", "balance" : 1.1399999999999999, "clearingNumber" : "0", "dispoibleAmount" : 1.1399999999999999, "ledger" : "DEPIOSIT", "productCode" : "11", "transferFrom" : true, "transferTo" : true, "youthAccount" : false }
Response information (such as account numbers etc) has been altered to anonymize it.
POST https://mobil.lansforsakringar.se/appoutlet/account/transaction HEADERS: ctoken: 11f57d68-2849-4fb4-b02c-8aae595e75cb, utoken: 06b895e0-84e7-4e83-8855-a17534d37bed, DeviceId: f8280cf34708c7b5a8bd2ed93dcd3c8148d00000 BODY: {"requestedPage":0,"ledger":"DEPIOSIT","accountNumber":"00000000"} RESPONSE: { "hasMore" : true, "nextSequenceNumber" : 1, "transactions" : [ { "ammount" : -248.0, "text" : "Etrendstore", "transactiondate" : 1319580000000 }, { "ammount" : 500.0, "text" : "FIRSTNAME LASTNAME", "transactiondate" : 1319493600000 }, { "ammount" : -132.0, "text" : "RESTAURAN GAVLE", "transactiondate" : 1319234400000 }, { "ammount" : -152.0, "text" : "RESTAURAN GAVLE", "transactiondate" : 1319234400000 }, { "ammount" : -152.0, "text" : "RESTAURAN GAVLE", "transactiondate" : 1319234400000 }, { "ammount" : -43.0, "text" : "RESTAURAN GAVLE", "transactiondate" : 1319234400000 }, { "ammount" : -53.0, "text" : "RESTAURAN GAVLE", "transactiondate" : 1319234400000 }, { "ammount" : -7.0, "text" : "ITUNES STORE", "transactiondate" : 1319320800000 }, { "ammount" : 700.0, "text" : "FIRSTNAME LASTNAME", "transactiondate" : 1319234400000 }, { "ammount" : -259.93000000000001, "text" : "PREEM TRANÅS", "transactiondate" : 1318802400000 }, { "ammount" : -148.0, "text" : "INKCLUB", "transactiondate" : 1318716000000 }, { "ammount" : -500.06, "text" : "TARNSJOKORSET", "transactiondate" : 1318629600000 }, { "ammount" : -80.900000000000006, "text" : "STATOIL BÅSTAD", "transactiondate" : 1318629600000 }, { "ammount" : -59.5, "text" : "HEMKÖP TRANÅS", "transactiondate" : 1318716000000 }, { "ammount" : -48.899999999999999, "text" : "MAXI ICA STORMARKNAD", "transactiondate" : 1318716000000 }, { "ammount" : -7.0, "text" : "APPLE ITUNES STORE", "transactiondate" : 1318716000000 }, { "ammount" : 300.0, "text" : "FIRSTNAME LASTNAME", "transactiondate" : 1318716000000 }, { "ammount" : 700.0, "text" : "FIRSTNAME LASTNAME", "transactiondate" : 1318629600000 }, { "ammount" : -274.0, "text" : "CAFE", "transactiondate" : 1318284000000 }, { "ammount" : -22.0, "text" : "ITUNES STORE", "transactiondate" : 1318370400000 } ] }
The transactions list is paged and the response indicate if there are more items and what the next page number would be.
Transaction dates are given in milliseconds since 1970/01/01 and without time (00:00). In javascript you can use new Date(1319580000000) to get Wed Oct 26 2011 00:00:00 GMT+0200 (CEST).
Response information (such as account numbers etc) has been altered to anonymize it.
GET https://mobil.lansforsakringar.se/appoutlet/transferrable?direction={to|from}
HEADERS: ctoken: 11f57d68-2849-4fb4-b02c-8aae595e75cb, utoken: 06b895e0-84e7-4e83-8855-a17534d37bed, DeviceId: f8280cf34708c7b5a8bd2ed93dcd3c8148d00000
RESPONSE:
{ "accounts" : [
{ "accountName" : "Kortkonto",
"accountNumber" : "00000001",
"balance" : 1.1399999999999999,
"clearingNumber" : "0",
"displayText" : "Kortkonto - 445 kr",
"localAccount" : true,
"transferFrom" : true,
"transferTo" : true,
"youthAccount" : false
},
{ "accountName" : "Lönekonto",
"accountNumber" : "00000002",
"balance" : 1.05,
"clearingNumber" : "0",
"displayText" : "Lönekonto - 10 249 kr",
"localAccount" : true,
"transferFrom" : true,
"transferTo" : true,
"youthAccount" : false
},
{ "accountName" : "Sparkonto",
"accountNumber" : "00000003",
"balance" : 1.0,
"clearingNumber" : "0",
"displayText" : "Sparkonto - 2 000 kr",
"localAccount" : true,
"transferFrom" : true,
"transferTo" : true,
"youthAccount" : false
},
{ "accountName" : "Internet",
"accountNumber" : "00000004",
"balance" : 0.0,
"clearingNumber" : "0",
"displayText" : "Internet - 0 kr",
"localAccount" : true,
"transferFrom" : true,
"transferTo" : true,
"youthAccount" : false
},
{ "accountName" : "Lotsaskonto",
"accountNumber" : "00000005",
"balance" : 1.99,
"clearingNumber" : "0",
"displayText" : "Lotsaskonto - 4 505 kr",
"localAccount" : true,
"transferFrom" : true,
"transferTo" : true,
"youthAccount" : false
}
]}
Gives you a list of accounts that are available for transfering funds. The direction parameter can be either from or to.
Response information (such as account numbers etc) has been altered to anonymize it.
Functionality exist to do this but because I don't have a personal account with Länsförsäkringar I am not able to test and document this. Perhaps in the future...
GET https://mobil.lansforsakringar.se/appoutlet/card/list HEADERS: ctoken: 11f57d68-2849-4fb4-b02c-8aae595e75cb, utoken: 06b895e0-84e7-4e83-8855-a17534d37bed, DeviceId: f8280cf34708c7b5a8bd2ed93dcd3c8148d00000 RESPONSE: { "cards" : [ { "aviAmount" : 0.0, "balance" : 0.0, "cardAvailable" : 0.0, "cardLimit" : 0.0, "cardName" : "Bankkort MC Privat", "cardNumber" : "0000", "cardType" : "DEBIT", "connectedAccountNumber" : null, "expires" : "04/12", "reservedAmount" : 0.0, "status" : null, "versionNumber" : "1" }] }
Response information (such as card numbers etc) has been altered to anonymize it.
POST https://mobil.lansforsakringar.se/appoutlet/regionlock/bycard HEADERS: ctoken: 11f57d68-2849-4fb4-b02c-8aae595e75cb, utoken: 06b895e0-84e7-4e83-8855-a17534d37bed, DeviceId: f8280cf34708c7b5a8bd2ed93dcd3c8148d00000 BODY: {"versionNumber":"1","cardNumber":"0000"} RESPONSE: {"regionRestrictions":[ {"open":true,"region":"Sverige","countryRestrictions":[{"open":false,"region":"Sverige","countryCode":"752"}],"regionCode":"1"}, {"open":true,"region":"Europa","countryRestrictions":[ {"open":false,"region":"Albanien","countryCode":"008"}, {"open":false,"region":"Andorra","countryCode":"020"}, {"open":false,"region":"Belgien","countryCode":"056"}, {"open":false,"region":"Bosnien-Hercegovina","countryCode":"070"}, {"open":false,"region":"Bulgarien","countryCode":"100"}, {"open":false,"region":"Cypern","countryCode":"196"}, {"open":false,"region":"Danmark","countryCode":"208"}, {"open":false,"region":"Estland","countryCode":"233"}, {"open":false,"region":"Finland","countryCode":"246"}, {"open":false,"region":"Frankrike","countryCode":"250"}, {"open":false,"region":"Färöarna","countryCode":"234"}, {"open":false,"region":"Gibraltar","countryCode":"292"}, {"open":false,"region":"Grekland","countryCode":"300"}, {"open":false,"region":"Grönland","countryCode":"304"}, {"open":false,"region":"Irland","countryCode":"372"}, {"open":false,"region":"Island","countryCode":"352"}, {"open":false,"region":"Italien","countryCode":"380"}, {"open":false,"region":"Kroatien","countryCode":"191"}, {"open":false,"region":"Lettland","countryCode":"428"}, {"open":false,"region":"Liechtenstein","countryCode":"438"}, {"open":false,"region":"Litauen","countryCode":"440"}, {"open":false,"region":"Luxembourg","countryCode":"442"}, {"open":false,"region":"Malta","countryCode":"470"}, {"open":false,"region":"Moldavien","countryCode":"498"}, {"open":false,"region":"Monaco","countryCode":"492"}, {"open":false,"region":"Montenegro","countryCode":"499"}, {"open":false,"region":"Nederländerna","countryCode":"528"}, {"open":false,"region":"Norge","countryCode":"578"}, {"open":false,"region":"Polen","countryCode":"616"}, {"open":false,"region":"Portugal","countryCode":"620"}, {"open":false,"region":"Rumänien","countryCode":"642"}, {"open":false,"region":"Ryssland","countryCode":"643"}, {"open":false,"region":"San Marino","countryCode":"674"}, {"open":false,"region":"Schweiz","countryCode":"756"}, {"open":false,"region":"Serbien","countryCode":"688"}, {"open":false,"region":"Slovakien","countryCode":"703"}, {"open":false,"region":"Slovenien","countryCode":"705"}, {"open":false,"region":"Spanien","countryCode":"724"}, {"open":false,"region":"Storbritannien","countryCode":"826"}, {"open":false,"region":"Svalbard och Jan Mayen\r\n","countryCode":"744"}, {"open":false,"region":"Tjeckien","countryCode":"203"}, {"open":false,"region":"Turkiet","countryCode":"792"}, {"open":false,"region":"Tyskland","countryCode":"276"}, {"open":false,"region":"Ukraina","countryCode":"804"}, {"open":false,"region":"Ungern","countryCode":"348"}, {"open":false,"region":"Vatikanstaten","countryCode":"336"}, {"open":false,"region":"Vitryssland","countryCode":"112"}, {"open":false,"region":"Österrike","countryCode":"040"} ],"regionCode":"2"}, {"open":true,"region":"Afrika","countryRestrictions":[ {"open":false,"region":"Algeriet","countryCode":"012"}, {"open":false,"region":"Angola","countryCode":"024"}, {"open":false,"region":"Benin","countryCode":"204"}, {"open":false,"region":"Botswana","countryCode":"072"}, {"open":false,"region":"Burkina Faso","countryCode":"854"}, {"open":false,"region":"Burundi","countryCode":"108"}, {"open":false,"region":"Centralafrikanska Republiken","countryCode":"140"}, {"open":false,"region":"Demokratiska republiken Kongo","countryCode":"180"}, {"open":false,"region":"Djibouti","countryCode":"262"}, {"open":false,"region":"Egypten","countryCode":"818"}, {"open":false,"region":"Ekvatorialguinea","countryCode":"226"}, {"open":false,"region":"Elfenbenskusten","countryCode":"384"}, {"open":false,"region":"Eritrea","countryCode":"232"}, {"open":false,"region":"Etiopien","countryCode":"231"}, {"open":false,"region":"Gabon","countryCode":"266"}, {"open":false,"region":"Gambia","countryCode":"270"}, {"open":false,"region":"Ghana","countryCode":"288"}, {"open":false,"region":"Guinea","countryCode":"324"}, {"open":false,"region":"Guinea-Bissau","countryCode":"624"}, {"open":false,"region":"Kamerun","countryCode":"120"}, {"open":false,"region":"Kap Verde","countryCode":"132"}, {"open":false,"region":"Kenya","countryCode":"404"}, {"open":false,"region":"Komorerna","countryCode":"174"}, {"open":false,"region":"Kongo-Brazzaville","countryCode":"178"}, {"open":false,"region":"Kongo-Kinshasa","countryCode":"243"}, {"open":false,"region":"Lesotho","countryCode":"426"}, {"open":false,"region":"Liberia","countryCode":"430"}, {"open":false,"region":"Libyen","countryCode":"434"}, {"open":false,"region":"Madagaskar","countryCode":"450"}, {"open":false,"region":"Malawi","countryCode":"454"}, {"open":false,"region":"Mali","countryCode":"466"}, {"open":false,"region":"Marocko","countryCode":"504"}, {"open":false,"region":"Mauretanien","countryCode":"478"}, {"open":false,"region":"Mauritius","countryCode":"480"}, {"open":false,"region":"Mayotte ","countryCode":"175"}, {"open":false,"region":"Mocambique","countryCode":"508"}, {"open":false,"region":"Namibia","countryCode":"516"}, {"open":false,"region":"Niger","countryCode":"562"}, {"open":false,"region":"Nigeria","countryCode":"566"}, {"open":false,"region":"Reunion och Mayotte","countryCode":"638"}, {"open":false,"region":"Rwanda","countryCode":"646"}, {"open":false,"region":"Sankta Helena","countryCode":"654"}, {"open":false,"region":"Senegal","countryCode":"686"}, {"open":false,"region":"Seychellerna","countryCode":"690"}, {"open":false,"region":"Sierra Leone","countryCode":"694"}, {"open":false,"region":"Somalia","countryCode":"706"}, {"open":false,"region":"Sudan","countryCode":"736"}, {"open":false,"region":"Swaziland","countryCode":"748"}, {"open":false,"region":"Sydafrika","countryCode":"710"}, {"open":false,"region":"São Tomé och Principe","countryCode":"678"}, {"open":false,"region":"Tanzania","countryCode":"834"}, {"open":false,"region":"Tchad","countryCode":"148"}, {"open":false,"region":"Tunisien","countryCode":"788"}, {"open":false,"region":"Uganda","countryCode":"800"}, {"open":false,"region":"Västsahara","countryCode":"732"}, {"open":false,"region":"Zambia","countryCode":"894"}, {"open":false,"region":"Zimbabwe","countryCode":"716"} ],"regionCode":"3"}, {"open":true,"region":"Asien","countryRestrictions":[ {"open":false,"region":"Afghanistan","countryCode":"004"}, {"open":false,"region":"Armenien","countryCode":"051"}, {"open":false,"region":"Azerbajdzjan","countryCode":"031"}, {"open":false,"region":"Bahrain","countryCode":"048"}, {"open":false,"region":"Bangladesh","countryCode":"050"}, {"open":false,"region":"Bhutan","countryCode":"064"}, {"open":false,"region":"Bouvetön","countryCode":"074"}, {"open":false,"region":"Brunei","countryCode":"096"}, {"open":false,"region":"Filippinerna","countryCode":"608"}, {"open":false,"region":"Förenade Arabemitraten","countryCode":"784"}, {"open":false,"region":"Georgien","countryCode":"268"}, {"open":false,"region":"Hongkong","countryCode":"344"}, {"open":false,"region":"Indien","countryCode":"356"}, {"open":false,"region":"Indonesien","countryCode":"360"}, {"open":false,"region":"Irak","countryCode":"368"}, {"open":false,"region":"Iran","countryCode":"364"}, {"open":false,"region":"Israel","countryCode":"376"}, {"open":false,"region":"Japan","countryCode":"392"}, {"open":false,"region":"Jemen","countryCode":"887"}, {"open":false,"region":"Jordanien","countryCode":"400"}, {"open":false,"region":"Kambodja","countryCode":"116"}, {"open":false,"region":"Kazakstan","countryCode":"398"}, {"open":false,"region":"Kina","countryCode":"156"}, {"open":false,"region":"Kirgizistan","countryCode":"417"}, {"open":false,"region":"Kuwait","countryCode":"414"}, {"open":false,"region":"Laos","countryCode":"418"}, {"open":false,"region":"Libanon","countryCode":"422"}, {"open":false,"region":"Macau","countryCode":"446"}, {"open":false,"region":"Malaysia","countryCode":"458"}, {"open":false,"region":"Maldiverna","countryCode":"462"}, {"open":false,"region":"Mongoliet","countryCode":"496"}, {"open":false,"region":"Myanmar / Burma","countryCode":"104"}, {"open":false,"region":"Nepal","countryCode":"524"}, {"open":false,"region":"Nordkorea","countryCode":"408"}, {"open":false,"region":"Oman","countryCode":"512"}, {"open":false,"region":"Pakistan","countryCode":"586"}, {"open":false,"region":"Qatar","countryCode":"634"}, {"open":false,"region":"Saudiarabien","countryCode":"682"}, {"open":false,"region":"Singapore","countryCode":"702"}, {"open":false,"region":"Sri Lanka","countryCode":"144"}, {"open":false,"region":"Sydkorea","countryCode":"410"}, {"open":false,"region":"Syrien","countryCode":"760"}, {"open":false,"region":"Tadzjikistan","countryCode":"762"}, {"open":false,"region":"Taiwan","countryCode":"158"}, {"open":false,"region":"Thailand","countryCode":"764"}, {"open":false,"region":"Turkmenistan","countryCode":"795"}, {"open":false,"region":"Uzbekistan","countryCode":"860"}, {"open":false,"region":"Vietnam","countryCode":"704"}, {"open":false,"region":"√ñsttimor","countryCode":"626"} ],"regionCode":"4"}, {"open":true,"region":"Nord- och Centralamerika","countryRestrictions":[ {"open":false,"region":"Anguilla","countryCode":"660"}, {"open":false,"region":"Antigua och Barbuda","countryCode":"028"}, {"open":false,"region":"Aruba","countryCode":"533"}, {"open":false,"region":"Bahamas","countryCode":"044"}, {"open":false,"region":"Barbados","countryCode":"052"}, {"open":false,"region":"Belize","countryCode":"084"}, {"open":false,"region":"Bermuda","countryCode":"060"}, {"open":false,"region":"Caymanöarna","countryCode":"136"}, {"open":false,"region":"Chagosöarna","countryCode":"086"}, {"open":false,"region":"Costa Rica","countryCode":"188"}, {"open":false,"region":"Dominica","countryCode":"212"}, {"open":false,"region":"Dominikanska Republiken","countryCode":"214"}, {"open":false,"region":"El Salvador","countryCode":"222"}, {"open":false,"region":"Grenada","countryCode":"308"}, {"open":false,"region":"Guadeloupe","countryCode":"312"}, {"open":false,"region":"Guatemala","countryCode":"320"}, {"open":false,"region":"Haiti","countryCode":"332"}, {"open":false,"region":"Honduras","countryCode":"340"}, {"open":false,"region":"Jamaica","countryCode":"388"}, {"open":false,"region":"Jungfruöarna (GB)","countryCode":"092"}, {"open":false,"region":"Jungfruöarna (US)","countryCode":"850"}, {"open":false,"region":"Kanada","countryCode":"124"}, {"open":false,"region":"Kuba","countryCode":"192"}, {"open":false,"region":"Martinique","countryCode":"474"}, {"open":false,"region":"Mexico","countryCode":"484"}, {"open":false,"region":"Montserrat","countryCode":"500"}, {"open":false,"region":"Nedeländska Antillerna","countryCode":"530"}, {"open":false,"region":"Nicaragua","countryCode":"558"}, {"open":false,"region":"Panama","countryCode":"591"}, {"open":false,"region":"Puerto Rico","countryCode":"630"}, {"open":false,"region":"Saint Kitts och Nevis","countryCode":"659"}, {"open":false,"region":"Saint Lucia","countryCode":"662"}, {"open":false,"region":"Saint-Pierre och Miquelon","countryCode":"666"}, {"open":false,"region":"St.Vincent och Grenadierna","countryCode":"670"}, {"open":false,"region":"Trinidad och Tobago","countryCode":"780"}, {"open":false,"region":"Turks- och Caicosöarna","countryCode":"796"}, {"open":false,"region":"USA","countryCode":"840"} ]," regionCode":"5"}, {"open":true,"region":"Sydamerika","countryRestrictions":[ {"open":false,"region":"Argentina","countryCode":"032"}, {"open":false,"region":"Bolivia","countryCode":"068"}, {"open":false,"region":"Brasilien","countryCode":"076"}, {"open":false,"region":"Chile","countryCode":"152"}, {"open":false,"region":"Colombia","countryCode":"170"}, {"open":false,"region":"Ecuador","countryCode":"218"}, {"open":false,"region":"Falklandsöarna","countryCode":"238"}, {"open":false,"region":"Franska Guyana","countryCode":"254"}, {"open":false,"region":"Guyana","countryCode":"328"}, {"open":false,"region":"Paraguay","countryCode":"600"}, {"open":false,"region":"Peru","countryCode":"604"}, {"open":false,"region":"Surinam","countryCode":"740"}, {"open":false,"region":"Uruguay","countryCode":"858"}, {"open":false,"region":"Venezuela","countryCode":"862"} ],"regionCode":"6"}, {"open":true,"region":"Oceanien","countryRestrictions":[ {"open":false,"region":"Amerikanska Samoaöarna","countryCode":"016"}, {"open":false,"region":"Australien","countryCode":"036"}, {"open":false,"region":"Cooköarna","countryCode":"184"}, {"open":false,"region":"Fiji","countryCode":"242"}, {"open":false,"region":"Franska Polynesien","countryCode":"258"}, {"open":false,"region":"Franska Södra Territorierna","countryCode":"260"}, {"open":false,"region":"Guam","countryCode":"316"}, {"open":false,"region":"Heard- och McDonladsöarna","countryCode":"334"}, {"open":false,"region":"Julön","countryCode":"162"}, {"open":false,"region":"Kiribati","countryCode":"296"}, {"open":false,"region":"Kokosöarna","countryCode":"166"}, {"open":false,"region":"Marshallöarna","countryCode":"584"}, {"open":false,"region":"Micronesien","countryCode":"583"}, {"open":false,"region":"Nauru","countryCode":"520"}, {"open":false,"region":"Niue","countryCode":"570"}, {"open":false,"region":"Nordmarianerna","countryCode":"580"}, {"open":false,"region":"Norfolkön","countryCode":"574"}, {"open":false,"region":"Nya Kaledonien","countryCode":"540"}, {"open":false,"region":"Nya Zeeland","countryCode":"554"}, {"open":false,"region":"Palau","countryCode":"585"}, {"open":false,"region":"Papua Nya Guinea","countryCode":"598"}, {"open":false,"region":"Pitcairnöarna","countryCode":"612"}, {"open":false,"region":"Salomonöarna","countryCode":"090"}, {"open":false,"region":"Samoa","countryCode":"882"}, {"open":false,"region":"Togo","countryCode":"768"}, {"open":false,"region":"Tokelauöarna","countryCode":"772"}, {"open":false,"region":"Tonga","countryCode":"776"}, {"open":false,"region":"Tuvalu","countryCode":"798"}, {"open":false,"region":"USAs yttre öar","countryCode":"581"}, {"open":false,"region":"Vanuatu","countryCode":"548"}, {"open":false,"region":"Wallis & Futunaöarna","countryCode":"876"} ],"regionCode":"7"}], "originalCountryRestrictions":[],"originalCountryList":[]}
Huge list of countries where restrictions can be applied. Response information (such as card numbers etc) has been altered to anonymize it.
Functionality exist to do this but because I don't have a personal account with Länsförsäkringar I am not able to test and document this. Perhaps in the future...