Is Open Banking safe?

Open Banking has the potential to transform the way we use our financial data.

It’s not a piece of software or a product, but a piece of legislation, which requires current account providers to allow trusted third parties – approved by you – to view your account information securely.

This has prompted a mini-revolution in the way that some financial products are provided, and Open Banking can make our lives much easier.

For example, Koyo uses Open Banking technology, so that we can base our lending decisions on your real financial situation – rather than just what someone else says about you. Find out more at www.koyoloans.com (representative APR 27%).

If you’re wondering whether Open Banking is safe, this is the article for you: below, we’ll explain how Open Banking works, how you can be sure that it’s safe, and what protections and regulations are in place for users.

What is Open Banking

Your bank account provider holds lots of information about you. For example, they have data on:

• How much you earn and spend each month

• What your biggest outgoings are

• Who your regular payments – such as utility bills – go to

These are just a few examples, but from the above, you can see how this data might be useful to you.

Open Banking is a piece of legislation introduced in 2018 that requires large current account providers (like Nationwide, HSBC, Lloyds, Santander, and Barclays) to “open up” their data.

That doesn’t mean financial services companies just put your bank information on the internet for anyone to see. Instead, they allow providers to “plug in” to your financial data securely – and only with your permission.

For example, have you ever applied for a mortgage? If so, you’ll remember filling in some pretty complex forms, asking you about your spending. Imagine an app that plugged in to your current account and quickly compiled data about your spending? Well, that’s a great use for Open Banking.

Or what if you have multiple current accounts and want to see them all in one place? An app could use Open Banking to do just that.

Pretty useful, right? That’s why it’s been described as having “the potential to revolutionise how you manage your money”. (1)

For more information, take a look at our detailed guide: Open Banking explained, as well as our explainer on how Open Banking loans can help you to access credit.

Lastly, when researching Open Banking, you might come across a lot of jargon – we’ve put a glossary at the bottom of this article to help.

How does Open Banking affect bank accounts in the UK?

When it comes to logging in to online banking and using your current account, you won’t notice a difference.

The difference comes when you use a third-party provider that wants to access your bank account data. You’ll need to grant them permission – and you can later revoke this permission if you change your mind.

As we’ve explained above, you can use Open Banking to do all sorts of interesting things, and that’s the main effect on bank accounts – it truly opens up your data, allowing you to share it on your terms, with providers who can help you.

Is Open Banking safe?

Yes – Open Banking is built with security at its heart.

Firstly, in order to use Open Banking, third parties should be authorised by the Financial Conduct Authority (FCA). That’s a significant hurdle – the FCA is responsible for protecting consumers in the UK, with far-reaching oversight and enforcement powers. You can check that a given provider is approved on the FCA register.

Approved providers have to adhere to strict data protection rules, and there’s a financial ombudsman ready to fight your corner if you have any issues.

Lastly, Open Banking is optional – if you don’t want to allow a provider to access your data, you don’t have to (although that may affect their ability to provide you with products and services).

Who can access your financial data through Open Banking?

In order to access your financial data using Open Banking, a provider must pass two criteria:

1. They must be approved by the FCA

2. You must give them permission to do so (and you can revoke this permission at any time)

Open Banking is designed to give you control. You never have to share your login details (such as your username or password) with a third party, which means your data stays safe.

What information can third parties see?

There are two “levels” of permission you can grant:

Account information services – this allows a provider to access your financial information. For example, this could include your current balance, your income, bills you’ve paid in the last month, or whether or not you use your overdraft.

Payment initiation services – this gives the provider the ability to make a transfer or payment on your behalf. This can provide a more convenient way to pay trusted providers.

Importantly, Open Banking providers can only view information on the account for which you approve them – not linked accounts or credit cards. So if you have a bank account and a credit card with a bank, for example, a provider you approve for the bank account wouldn’t be able to see your credit card balance.

How do you know if a business is authorised to use Open Banking?

The FCA maintains a register of approved companies – so you can check that online register any time, for free, here.

You can search either by company name, or by reference number, and check what permissions they are granted by the FCA. You can also view a switchboard number if you want to confirm that you’re dealing with the right company.

For example, if you search for “Koyo”, you’ll get to Koyo’s entry on the FCA register, which explains that Koyo is authorised for – amongst other things – consumer credit.

Can you opt out of Open Banking?

Absolutely. In fact, you’re opted out by default – if you want to take advantage of Open Banking, you’ll need to proactively opt in, giving your explicit consent.

Banks are required to give you the option to share your data, but that’s all it is – an option, which you can choose to decline.

The benefits of Open Banking can be significant, but you’re under no obligation to use it if you’re not comfortable. If you don’t want to use Open Banking, you can just carry on as you were!

It’s worth noting that some services and products are only available to people who opt in to Open Banking, but these are fairly rare, and there will usually be an alternative option that doesn’t require you to opt in.

On top of this, you can always remove permissions at a later date, if you change your mind or want to stop using a particular provider.

Next steps

If you want to get started with Open Banking, there’s a detailed list of approved providers here, with a short description and further details of each.

Hopefully, you’ve found this guide useful – we’ve done our best to cut out the complexity, and the key things to remember are:

• Open Banking is a secure way to share your bank account data with trusted third parties.

• That data unlocks useful services, designed to improve the financial tools you have at your disposal.

• Only providers you approve can view your data, and you can withdraw your permission at any time.

Lastly, Koyo uses Open Banking technology, so that we can base our lending decisions on your real financial situation – rather than just what someone else says about you. Find out more at www.koyoloans.com (representative APR 27%).

How safe is Open Banking? Frequently asked questions

What is the point of Open Banking?

We’ve outlined a few use cases above: using Open Banking services, you can:

• View your balance on multiple bank accounts in the same place,

• Access credit more easily, by allowing financial institutions to get accurate affordability information, or

• Get tailored recommendations on suitable saving and borrowing products based on your spending habits.

Those are just a few examples – you can see the full list of service providers on the Open Banking directory.

Is Open Banking dangerous?

Open Banking is designed to offer extremely high levels of security and protection against scams and fraud. The FCA keeps a list of approved providers, and you’ll never need to share your login details with a third party. You can withdraw permissions at any time. On top of this, when you choose to give a provider access to your financial information, your bank will also check that it’s on the FCA-approved list of providers.

Does Open Banking also apply to building societies?

Yes – Open Banking applies to the largest providers of current accounts, and that includes certain building societies as well as high street banks. Nationwide is probably the best-known building society, and is covered by the scheme, but other, smaller building societies are also on the list.

Cutting through the jargon

If you read more about Open Banking, you’ll come across plenty of jargon. We’ve tried to cut it out of this article, as a lot of it isn’t necessary, but we’ve put some explanations below in case it’s useful.

CMA	Competition and Markets Authority, the body which introduced Open Banking following an investigation into the retail banking market.
API	Application Programming Interfaces. It’s complicated – but a simple way to understand Open Banking APIs is as a standardised way for current account providers to allow third parties to connect and interact with data.
Screen scraping	Before Open Banking, people would give their login details to third party apps which would log in and “scrape the screen” for your banking data.Open Banking does away with this – and because you don’t have to share your bank login details, it’s safer too.
Financial Ombudsman Service	A neutral third party that exists to settle disputes between consumers and businesses.
Payment Services Directive Two	Often referred to as PSD2 – a piece of legislation requiring providers of payment services to improve efficiency and security.

Footnotes:

1. https://www.moneysavingexpert.com/banking/open-banking/