Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@.

Search
  • FIRST POST
    • MSE Rosie
    • By MSE Rosie 9th Jan 18, 3:15 PM
    • 67Posts
    • 34Thanks
    MSE Rosie
    Open Banking explained
    • #1
    • 9th Jan 18, 3:15 PM
    Open Banking explained 9th Jan 18 at 3:15 PM
    Hi!

    This is the discussion thread for the



    Click reply below to discuss. If you havenít already, join the forum to reply.


    Thanks folks,
Page 1
    • karld316
    • By karld316 9th Jan 18, 4:41 PM
    • 4 Posts
    • 3 Thanks
    karld316
    • #2
    • 9th Jan 18, 4:41 PM
    • #2
    • 9th Jan 18, 4:41 PM
    I will be opting out of this for all of my accounts. Protection or not, I am just not comfortable with god knows who having access to my bank details like this. This is just waiting to be abused.
    • Anthorn
    • By Anthorn 9th Jan 18, 6:38 PM
    • 3,339 Posts
    • 874 Thanks
    Anthorn
    • #3
    • 9th Jan 18, 6:38 PM
    • #3
    • 9th Jan 18, 6:38 PM
    I will be opting out of this for all of my accounts. Protection or not, I am just not comfortable with god knows who having access to my bank details like this. This is just waiting to be abused.
    Originally posted by karld316
    Probably a case of the splitting of hairs but if my understanding of Open Banking is correct and I think it is, you don't opt out, you opt in by entering into an agreement with a third party to share your data. The ability to share data and therefore Open Banking itself will already be present on all accounts if it isn't already there. The alternative would be for banks to add the software to individual accounts as needed: A lot of work I'd say.
    • eskbanker
    • By eskbanker 9th Jan 18, 7:15 PM
    • 6,042 Posts
    • 6,046 Thanks
    eskbanker
    • #4
    • 9th Jan 18, 7:15 PM
    • #4
    • 9th Jan 18, 7:15 PM
    I will be opting out of this for all of my accounts. Protection or not, I am just not comfortable with god knows who having access to my bank details like this. This is just waiting to be abused.
    Originally posted by karld316
    Probably a case of the splitting of hairs but if my understanding of Open Banking is correct and I think it is, you don't opt out, you opt in by entering into an agreement with a third party to share your data.
    Originally posted by Anthorn
    Agree wholeheartedly with this and don't think it's splitting hairs at all - quite a few posters on previous threads about this have fallen for scaremongering articles in the likes of the Daily Heil and convinced themselves that they need to opt out rather than simply not opting in! The MSE article is pretty unequivocal on this so there's really no need for concern on that front:
    OK, got it! But what if I don't want to share my data?

    First things first, it's important to point out that...

    You don't have to share your data if you don't want to.

    This is a fundamental part of it. The rules say that banks have to allow your info to be shared, but ONLY if you expressly give permission to the new provider - they can't just look at all your accounts willy-nilly.

    Each provider will ask you to give your consent for it to access your info when you sign up. It'll then send a request to your bank, which will process it and share your details. You can also withdraw your permission at any time.

    If you just want to stay banking the way you do now, you absolutely can and no one's going to force you to change. So if you're not comfortable sharing your account data with anyone else - or don't want to use any of these new companies - you don't have to.
    • The MoneySavingKid
    • By The MoneySavingKid 9th Jan 18, 7:21 PM
    • 321 Posts
    • 206 Thanks
    The MoneySavingKid
    • #5
    • 9th Jan 18, 7:21 PM
    • #5
    • 9th Jan 18, 7:21 PM
    Most of the banks I'm with sent notification that it will become part of the T&C's, and the only you can reject it is by rejecting the T&C's but thereby resulting in you not being able to use their services. So I'm not sure how you would manage to opt out without foregoing most, if any bank account available from the 13th onward.
    Just don't use the service, simple.
    • Shakin Steve
    • By Shakin Steve 9th Jan 18, 8:00 PM
    • 1,195 Posts
    • 887 Thanks
    Shakin Steve
    • #6
    • 9th Jan 18, 8:00 PM
    • #6
    • 9th Jan 18, 8:00 PM
    Most of the banks I'm with sent notification that it will become part of the T&C's, and the only you can reject it is by rejecting the T&C's but thereby resulting in you not being able to use their services. So I'm not sure how you would manage to opt out without foregoing most, if any bank account available from the 13th onward.
    Just don't use the service, simple.
    Originally posted by The MoneySavingKid
    This has been forced on the banks, they are not forcing it on you. They will be quite happy if you just carry on as if nothing has happened, because nothing will happen unless you want it to.
    I came into this world with nothing and I've got most of it left.
    • eskbanker
    • By eskbanker 9th Jan 18, 8:40 PM
    • 6,042 Posts
    • 6,046 Thanks
    eskbanker
    • #7
    • 9th Jan 18, 8:40 PM
    • #7
    • 9th Jan 18, 8:40 PM
    Most of the banks I'm with sent notification that it will become part of the T&C's, and the only you can reject it is by rejecting the T&C's but thereby resulting in you not being able to use their services. So I'm not sure how you would manage to opt out without foregoing most, if any bank account available from the 13th onward.
    Just don't use the service, simple.
    Originally posted by The MoneySavingKid
    Fortunately those able to read and comprehend the explanatory information issued by banks will realise that accepting (or not rejecting) these changes to Ts & Cs applying from the 13th is neither opting in to third party access nor getting into a position where opting out is necessary!

    Again: third party access is a facility that account-holders would need to opt in to, not out of....
    • Shakin Steve
    • By Shakin Steve 9th Jan 18, 8:47 PM
    • 1,195 Posts
    • 887 Thanks
    Shakin Steve
    • #8
    • 9th Jan 18, 8:47 PM
    • #8
    • 9th Jan 18, 8:47 PM
    If Barclays are doing this then I am switching to Metro Bank. I do not want third parties knowing how much money I have.
    Originally posted by wearingjohnnies
    Why not? Most of us on here can guess how much money youíve got.
    I came into this world with nothing and I've got most of it left.
    • zerog
    • By zerog 9th Jan 18, 9:33 PM
    • 2,318 Posts
    • 790 Thanks
    zerog
    • #9
    • 9th Jan 18, 9:33 PM
    • #9
    • 9th Jan 18, 9:33 PM
    How long until you need to share your data in order to access improved financial products (such as a better loan rate or something like that)?
    • newatc
    • By newatc 9th Jan 18, 9:58 PM
    • 141 Posts
    • 158 Thanks
    newatc
    I wouldn't use this service which at best opens the door for more unwanted selling communication.

    I can see some lenders "suggesting" they have access to your financial information to enable to offer you the "right" loan deal.
    • Moneyer
    • By Moneyer 10th Jan 18, 7:46 AM
    • 108 Posts
    • 69 Thanks
    Moneyer
    Does anybody know exactly how consent will be given?

    I'd be reasonably happy about this if I had to confirm directly to the bank (e.g. through my online banking) that a named third party had my permission to access my data, or to supply the third party with some kind of password they can use to prove this to the bank. But I'm worried my bank will simply take the word of a third party that they have received my permission.

    Given the value of this data for marketing purposes, it could end up like trying to opt out of direct marketing. Call centre staff will be pressurised/incentivised to get people's consent to access their financial data. Some of these staff will respond by ticking the box to say permission has been granted even when it hasn't. And if the customer wants compensation, they'll be left with the impossible burden of proving that they didn't consent....
    • marlewuk
    • By marlewuk 10th Jan 18, 8:42 PM
    • 76 Posts
    • 24 Thanks
    marlewuk
    From what I've read, if it's some sort of comparison site or account aggregation service (aka Account Information Services) - when you want to sign up it will present the terms of what data will be needed, what for and how long etc... kinda like when you download an app from Google Play Store - it tells what data the app will access on your phone. When you agree it should present a secure window where you are then asked to enter your logon details for online banking and this will also act as confirmation to your bank that you have accepted to share the data with them.

    You can cancel this data share at anytime by contacting you bank or via your online banking - it should be updated with this functionality when it's live.
    • Shakin Steve
    • By Shakin Steve 10th Jan 18, 8:49 PM
    • 1,195 Posts
    • 887 Thanks
    Shakin Steve
    How long until you need to share your data in order to access improved financial products (such as a better loan rate or something like that)?
    Originally posted by zerog
    You hit the nail on the head. Thatís partly what itís for, so that customers can get better deals. Now do you see why your bank will be happy if you just carry on as you have done?
    I came into this world with nothing and I've got most of it left.
  • jamesd
    This part of the article seems to be unrue:

    "Screen-scraping is what most of the apps that are already on the market use, and involves you giving providers 'read-only' access to your online banking, essentially giving it your login details and letting it pretend to be you. However, they can only look at your account and can't make any changes or move money unless you give your explicit consent."

    A firm that has your login details can do anything you can do, including carrying out transactions. They may not be authorised by you to do those things but they will have the capability to do them. There's a huge difference between what they can do and what they are authorised to do.

    Anyone who made the mistake of believing MSE might wrongly think that their money is safe if they give login details to a place which claims it is only going to read information.
    • Anthorn
    • By Anthorn 13th Jan 18, 7:40 AM
    • 3,339 Posts
    • 874 Thanks
    Anthorn
    This part of the article seems to be unrue:

    "Screen-scraping is what most of the apps that are already on the market use, and involves you giving providers 'read-only' access to your online banking, essentially giving it your login details and letting it pretend to be you. However, they can only look at your account and can't make any changes or move money unless you give your explicit consent."

    A firm that has your login details can do anything you can do, including carrying out transactions. They may not be authorised by you to do those things but they will have the capability to do them. There's a huge difference between what they can do and what they are authorised to do.

    Anyone who made the mistake of believing MSE might wrongly think that their money is safe if they give login details to a place which claims it is only going to read information.
    Originally posted by jamesd
    Hence Open Banking.

    Previously giving access to a bank account was a matter of trust in that we trust that the third party to which we give access has software and security processes in place that prevent them from doing anything other than read only while protecting data. In Open banking they can only access the data which the bank authorises. That's why Open Banking is a better system.
    • sheepworrier
    • By sheepworrier 13th Jan 18, 10:15 AM
    • 2 Posts
    • 1 Thanks
    sheepworrier
    Are there any 3rd Party budgeting apps that are FCA registered yet? Searching for YOLT on the FCA website gave no hits, but Money Dashboard came up with two hits. On the app in the App Store, I could see no mention of FCA registration, but following the link to the developers website the FCA registration number is listed and matches the one that came up on my FCA search. So in a round the houses way, does that mean I am protected if I give Money Dashboard my banking details?
    • 18cc
    • By 18cc 13th Jan 18, 11:29 AM
    • 140 Posts
    • 94 Thanks
    18cc
    I'm kind of in the dark as much as the next person about exactly how all this will work but this is an example from the Independence of how you would opt in to open banking

    The way you do this will be by using an app that allows you to drag in accounts from multiple providers.!

    Giving the app access to your account is the trigger for your data to be shared by the provider with the app you're using.

    For example, say you are an HSBC customer using the!HSBC beta!app which is currently being piloted, if you download it only your HSBC accounts will initially be visible - just like in your existing mobile banking app.

    The new HSBC app allows you to pull in your other accounts from other banks, but to do this, you have to log in using your online banking details from that bank.

    By logging in to your Barclays current account through the HSBC app, you're consenting to Barclays sharing your data with HSBC.!
    • 18cc
    • By 18cc 13th Jan 18, 11:36 AM
    • 140 Posts
    • 94 Thanks
    18cc
    Sorry the above extract was from this is money not the independent Another example they give is using oAuth

    So, for example, you could grant a mortgage app temporary access to your current accounts to allow it to do a real-time assessment of your income and expenditure so it can work out automatically what mortgage you can afford.

    If the mortgage app was using OAuth you wouldn't need to give your current account password to them, keeping your money safe even if they got hacked.

    You could also give them access for a limited time period - while the mortgage application is going through for example - after which the token you assigned expires and your data is locked back into your bank.!
    • _DL_
    • By _DL_ 13th Jan 18, 11:58 AM
    • 1 Posts
    • 6 Thanks
    _DL_
    Authorising data transfer
    Just thought I'd clear a few things up.

    Key points:
    • No Data will be shared without your permission
    • No third Party will be able to request to share your data directly to your bank (it's not like switching energy provider)
    • All third parties will need to be authorised by the FCA
    • You will not need to login to your bank by giving a third party your log in details (i.e. you will not need to log in to Barclays through the HSBC app)
    • Authorisation for a third party to access your details will be given by you to your bank and will include whether they get read-only access to your details or they can actually make transactions from your account, they may also include other restrictions such as a set period of time they can do this (1, hour, 24 hours, 1 week etc)
    • You can see all third parties that are authorised at any time and remove permissions at any time
    • It is up to the banks to some extent how they implement this but it will use a standard that will be similar across all of them (a bit like the way you can use your pin-pad card reader from any bank to get security codes to login to your bank)
    • The third party will only ever know limited details about your login details such as which bank you have authorised and get a security token that is only valid for them to use and would not work for anyone else
    • The most likely way this will be used is using something like OAuth which many of you will have used already without knowing - it is how you login into websites such as this one using your facebook or google login. This also allow MSE and Facebook to share certain information about you.

    Is it secure?
    Nothing is 100% secure but the most likely issue with security around it is likely to be phishing attacks based upon the confusion around it when it starts up. E.g. a message from 'Barclays' stating that you need to click a link to login to a site to opt out of Open banking or they'll allow access. Or a message from 'HSBC' stating that 'Evil Company' has requested access to your account and if you did not authorise this, click this link to remove their permission.

    Overall, if implemented correctly it should be more secure that most methods and will reduce the reliance to log into you own bank system so often so less risk of your login details being stolen. However software is never perfect and so security issues may appear, however as stated you would not be liable for all losses.

    Hope that helps clear some things up...
    Last edited by _DL_; 13-01-2018 at 12:00 PM. Reason: clarification
    • theroamingnomad
    • By theroamingnomad 13th Jan 18, 1:25 PM
    • 57 Posts
    • 62 Thanks
    theroamingnomad
    I'm genuinely intrigued to see how beneficial this will be and I definitely intend to give a go, when the opportunity presents itself.
    Debt-free by September 1st, 2018 - hopefully!
    £5124/£5124 (Jan 2018)
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

70Posts Today

3,200Users online

Martin's Twitter