We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
Plum open banking connection
Diver22
Posts: 43 Forumite
A few weeks ago I opened a cash isa with Plum and today established an open banking connection between my bank and Plum so I could make instant transfers into my ISA. In setting up open banking Plum asked me to agree to read only access to my current account, which is usual for open banking connections and which I have done with two other savings providers. After establishing the connection, confirmed as success by both Plum and my bank I attempted a small test transfer to check all was working as intended with the intention of making a bigger transfer afterwards if it was. As I was setting up the test transfer amount in the Plum app it displayed the whole of my current account account information asshown in my banking app, including all details of my balance and all transactions in and out, including my state pension and NI number. I consider this a breach of the the open banking agreement since read only to me means permission to only view my current account in order to facilitate authorised transfers to my ISA, but not permission to extract data and to replicate it as displayed in my banking app. It raises questions in my mind about security of data and therefore who else could view not just financial information but personal information too. I have revoked open banking authority for Plum and now am considering next steps. Needless to say I do not feel confident any money I might have saved with Plum would ave been secure. Any comments or views on this would be appreciated.
0
Comments
-
Personally I wouldn't see the latter as contravening read-only access rights, which to me simply entail the capability to access data without affecting (writing/modifying) it. I don't know if there is a sufficiently granular option that permits only accessing the account in order to conduct a specific transaction, but wouldn't see 'read-only' as equating to that....Diver22 said:As I was setting up the test transfer amount in the Plum app it displayed the whole of my current account account information asshown in my banking app, including all details of my balance and all transactions in and out, including my state pension and NI number. I consider this a breach of the the open banking agreement since read only to me means permission to only view my current account in order to facilitate authorised transfers to my ISA, but not permission to extract data and to replicate it as displayed in my banking app.1 -
Hi. Thanks for commenting. I know read only does mean not being able to modify it, but that's incredibly narrow if it means being able to do other things with the data such as copy it and present it in another place that the data owner has not agreed to . That seems to me a disingenuous and misleading use of read only and not one most people would understand . On your interpretation it is conceivable that it could be copied and stored elsewhere with who knows what security and who knows what purpose. And please note that I highlighted my NI number as being copied which goes beyond financial data. But even if you are right it as a minimum lacks transparency. And it's certainly not how other financial providers treat open access permissions.0
-
Sure, but concerns about how much data they're accessing and what they end up doing with it are a separate issue from what's meant by 'read-only'!0
-
All ISA providers require your NI Number as this is one of the data elements they must report to the HMRC in their annual ISA reports.0
-
This isn’t about sign up and verification but as described in my post0
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 349.7K Banking & Borrowing
- 252.6K Reduce Debt & Boost Income
- 452.9K Spending & Discounts
- 242.6K Work, Benefits & Business
- 619.3K Mortgages, Homes & Bills
- 176.3K Life & Family
- 255.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 15.1K Coronavirus Support Boards