Could apps help you manage debt?

Part of this guide says:
“What are the security risks to open banking?
Open banking should give you greater control over your money, but it raises critical questions about data privacy, security, and financial exclusion. Even regulated firms aren’t immune from cyberattacks, as evidenced by the recent Equifax data breach, and bank account transactions can include highly sensitive personal data about spending habits, political affiliations, medical care, family and friends.

The OBIE says: ‘The regulated third-party provider the consumer has given their consent to for sharing their data with, is responsible for ensuring any personal data they process, store or transfer is appropriately and securely protected. ‘The consumer can directly complain to the third-party provider in the first instance, and should this not resolve the issue, they can lodge a complaint with the FOS. They can also lodge a complaint with the Information Commissioners Office.’ But, with a complicated chain of providers sharing access to your data, multiple parties could be potentially liable for loss of a personal customer’s data though error, attack, or fraud.

The issue of ‘consent’ needs to be looked at carefully, so that consumers understand exactly what they are agreeing to when they share their data. This is particularly important when apps or services combine open banking with other methods of data sharing. ”

Read more: https://www.which.co.uk/money/banking/switching-your-bank/open-banking-sharing-your-financial-data-anscq4g8p62h – Which?

Sharing sensitive data with others is surely going to increase your risk of a security problem. however small – as, in the scheme of things, is APP fraud. It has its advantages as it takes away personal effort in compiling your own financial picture. However, I would argue that many people with simple finances – a current bank account, savings account, credit card and a mortgage – would be better off keeping their own records up to date with personal money software and gain a better understanding of their situation. Even if you have multiple accounts this software is more than useful; MS Money includes loans, investments, cash, a bill and reminders, search for old transactions, checking statements …….

Chris, thanks for the detailed reply.

But, as I think the Travelex case shows quite well, using any given online service comes with attendant risks from cyber attacks.

When the potential benefits far outweigh the potential detriments, it can make good sense to use a service.

But, in other cases, it might not be wise to sign up.

Yesss…I think it’s this phrase:

By linking securely with your bank account

that marked the spot where I decided it wasn’t for me. I’m not a Luddite, however; our youngest tells me I’m classed as an ‘early adopter’, and technology and what it can do has always fascinated me. So why would I balk at a single sentence?

Many years ago I was a computer journalist, writing for magazines such as QL and a variety of others that sensed the excitement as the world of the desktop computer became accessible to mere mortals. I also programmed for Sinclair, which is where I had to learn Assembler and its associated intricacies.

One thing I learnt at a very early stage was that binary code (the low level stuff on which everything else in a computer depends) was close to impossible to program in; simply writing lines and lines of zeros and ones lacked a bit of job satisfaction. You needed words to know what you were doing, and so Assembler was created.

That allowed us to work on commands that would address the processor directly – essential for high speed graphics in early machines. As time went on, it was clear that it wasn’t feasible to write everything from scratch (simply making a ball roll down a ramp on screen produced around 30 sheets of code) so the subroutine was developed.

Since then Moore’s law has become a reality, computer processor speeds have increased exponentially, and what needed to be done on a low level language is no longer necessary, as more and more high level languages have become available. A ‘high level’ language is one in which you can use words and sentences directly to make things happen: the For-Next loop is a classic example.

To save time, sub-routines were written in high level languages and, over time, people forgot that low level languages even existed. Figures on screen could be created with a few words, calling a specific sub routine, and the gaming industry thrived – and thrives.

What’s this got to do with the banking app, I hear you ask in frustration. Well, if you haven’t yet lost the will to live, it’s this: all current software uses code that has been built over the years on low level codes that talked directly to the processor. But there’s a problem: there were flaws from the outset in the processor codes. Instead of those being rectified, faster and bigger processors were developed.

The upshot of this is that all current coding languages are flawed.

In reality this means Boeing Max, Ransomware and a host of other nasties that render the word ‘secure’ in computer terms largely meaningless. The programming world spends its days and nights catching up to those who’ve exploited the flaws.

So on balance – no. Not only do I agree with everything Alfa has said but it’s only secure until it isn’t.

Well said Ian.

As someone who sometimes writes code and also, from time to time, hacks code that others have written, I have often found it all to easy to come up with imaginative ways of cheating or breaking intended security features. When I used to do target shooting, I was legally required to keep my firearms securely locked away when not in use. In that context, a friend at my local gun club gave me some very good real world advice: “Locks only keep honest people out”.

I agree on standardisation on .csv downloads and having a minimum standard for security, Kevin. I’ve used a range of accounts over the years and having date of birth or my mother’s maiden name should not feature in security information or security questions.

You can use false date of birth and maiden name presumably, just as long as you remember what you have used. I did this on Facebook and one of my relations gave me a card and present – on the wrong birthday.