/ Money

Open Banking: how can you stay safe when sharing financial data?

Credit card

Open Banking – the ability to securely share your current account data with trusted third parties – has been running in the UK for a few months. Guest author, Caroline Ambrose, from Barclays UK, explains…

While we’re certainly still in the early days, what we’ve seen so far with Open Banking is an exciting step forward. It will give you the chance to take charge of your financial data and grant access to it in ways that can help you manage your money better.

New tools and services will be developed to allow you to see multiple accounts in one place, gaining helpful insights about your holistic spending and saving, and the opportunity to interact with your accounts more easily. And in time you’ll see more innovative ways to make and take payments.


But for some, the question of sharing also raises a question over security. If we unlock the vault to this key asset, how can we be sure our financial data remains safe?

First off, it’s important to understand that, while the benefits of services using Open Banking will be great, it’s a personal choice. Everyone has the ability to decide if they want to use a service that requires them to share their data, and if they do, they will have the control over who they give it to.

For those who want to take advantage of the new services using Open Banking, the Government and industry have spent a lot of time building a system designed to keep you safe and secure, should you choose to share your data.

How it works

It works through what we call APIs (or Application Programming Interfaces). These clever bits of technology allow different systems to safely and securely communicate with one another, but – and here’s the crucial bit – they also allow the user (in this case, the customer) to stay in control.

So while you may choose to use a service on Monday, on Tuesday you can change your mind and turn it off. The use of APIs mean that – when you press ‘disconnect’, your data stops being shared at that instant. You will also be able to know exactly what specific information you are sharing for any service you use

The services that use Open banking will be welcomed by different people in different ways. However, whatever your choice, it should be driven by how you want to manage your money and not fears over the safety of your data. Consumers can be confident that so long as the service they’re using uses APIs, they’re safe and in control.

This is a guest post by Caroline Ambrose. All views expressed are Caroline’s own and not necessarily those also shared by Which?.

Do you use Open Banking? Will you consider using it in the future? Or do you still have concerns?


I have not used Open Banking and am not keen to use any new service until it has been well established and has been shown to be secure.

At a time when removal of ATMs and bank branches has already caused considerable problems for many bank customers, particularly in rural areas, I suggest that the banks focus on finding ways of maintaining and restoring essential services. I suggest, Caroline, that Barclays could take a lead and push other banks to work together and provide shared branches where it is not economically viable for any bank to maintain a branch. Another suggestion would be to install ATMs at shops, Post Offices, village halls to serve the needs of local communities.

It will give you the chance to take charge of your financial data and grant access to it in ways that can help you manage your money better.“.

I am sorry to be something of a cynical dinosaur on occasions.

“Take charge of your financial data”: I can do quite a bit of that already with the help of MS Money – home accountancy made simple. If the banks wanted to help their customers, a good start would be to provide them with similar software. It not only tracks bank accounts, but looks at investments (if any), upcoming bills, credit and debit cards……………………..

“Help you manage your money better”. I use Excel spreadsheets to look budgets – income and outgoings – to check when and how much I will be spending and earning. Again, banks could help by providing software to help people do this for themselves.

I would not hand over more personal and financial data to another organisation in an insecure environment; it is quite unnecessary if you learn to understand your own finances.

MS Money, wow thats an old program! Surprised it even runs on modern windows

This comment was removed at the request of the user

I was dubious and looking at alternative software for a Win10 computer, but loathe to leave MSMoney that I had used successfully for years. I downloaded the free “Sunset edition” and it runs fine.

I have not used open banking, largely because most of my money management requirements are already coordinated under one institution and I effectively have a dashboard showing me in one place all the accounts that I have – including insurance products. I have seen bank advertisements showing the claimed benefits of open banking but if I can see what I hold elsewhere I have an awful feeling that the open banking provider can do so as well, and I would prefer to keep some things private thank you. If I had a pound for every time someone in the banking industry said that new systems could “safely and securely communicate with one another” I would be quite wealthy. I think I shall wait for a few years of unbroken operating performance reliability with no outages, hackings, data breaches, system collapses, fraud cover-ups, and other problems before trusting the banks to share my data responsibly.

Change the “few years” to “Decades” and I’ll agree totally. Banks have NEVER promoted ANYTHING that is not beneficial exclusively to the banks themselves. Trust them ? They are having a laugh ! Not in 100 years will I ever “trust” any bank to do anything other than look after its OWN INTERESTS !

I will not be using open banking.

But I would hope the banks make full use of it to track criminal activity and stolen funds.

This comment was removed at the request of the user

There was a previous Conversation in October last year on this topic but it only garnered 24 comments. See –

At least Duncan is utterly consistent in his virulent opposition to ‘open banking’ and I loved his comment [one of many in this vein] as follows – “meet Lucas the confirmed-dyed in the wool – the real deal – the sure thing – guaranteed for life – no bull: glory be that I am one. I fall on my knees and thank God for His mercies. My address: Luddite Village-by-the-sea, 1 Luddite Gardens, by way of the Primrose-lined Luddite Lane, 1LDD LD2“. As can be seen, his characterisation as a Luddite is entirely by his own declaration but none the worse for that.

That October Conversation followed on from one in March 2017 [only 47 comments] called “Would you do all your banking on your mobile phone?”. See –

The usual suspects all protested. It’s difficult to see where Which? stands on it.

Looking at your second link it is interesting to see how different age groups view mobile-only accounts – the the graphic in the introduction. Maybe Caroline would be reading some more positive comments about Open Banking if younger people had replied.

This comment was removed at the request of the user

It was just a provocative comment to elicit discussion, Duncan. 🙂 If you read my opening comment you can see that I have my own reservations and am definitely not interested.

Rightly or wrongly, many of us (with notable exceptions) become less willing to adopt new ideas when we get older. If we do decide to adopt technology such as online banking, contactless cards, smartphones etc. we often become advocates.

My bank has today told me that it will be discontinuing sending paper statements. I’m not quite sure why I carried on receiving them when it was so easy to download them as csv files for the past seven years.

This comment was removed at the request of the user

This comment was removed at the request of the user

The reason you give for not having a smart phone is curious, Duncan. I am not sure why you should worry that you “would be telling the world (your) every geographic move”. Most of the people I know delight in letting their family, friends and other contacts know whenever they are somewhere different from the usual circuit – you don’t hear from them for weeks on end and then suddenly they need to phone you from the airport to say they are off to Maastricht and “can you recommend a restaurant?” or some equally lame and limp excuse to publicise their exotic lifestyle.

I have a smartphone but ninety-five per cent of my time is spent within five miles of the city centre of Norwich so tracing my movements would be a pretty unrewarding exercise and in any case, unlike you, I am not interesting enough to generate that sort of enquiry. Whenever I go away for a day, or have a short break as I have just had in London [oh no – I’ve let the cat out of the bag now], I don’t need to take my smart phone with me so I am still recorded as being in Norwich; you could adopt the same policy in order to foil your pursuers. I am indifferent to whether or not you wish to use a smart phone but I have heard that they can be quite useful, although other means of communication remain available.

P.S. As I have suggested before – you should also give yourself a calmer life and stop worrying about the thumbs down to your comments; you don’t know who they are from or even what they actually mean on the spectrum from just “I don’t agree with you” to “I totally detest what you are saying”. Give peace a chance – roll with the punches.

John, I’m all for giving peace a chance! I’ve only recently acquired a secondhand smartphone from a son and use it more than I expected. It’s not very good for posting comments as it seems to lead to even worse spelling than normal (missing letters and, however hard I try “there” my brain wants “their”, and I do know the difference).

It is very handing for checking websites while I’m out, searching for places, tourist attractions, nearest ATM (hardly ever use one), and using maps to find your way around a strange place. Plus, no doubt, loads more I haven’t yet discovered and wouldn’t know I needed.

I could not care less about being tracked – I’ve nothing to hide. However, one day, if anything untoward happens or when I become weak in memory it might be very useful to be tracked – and found.

We can take Convos too seriously, as if when we speak someone seems to question our motivation, knowledge, integrity rather than appreciating that we all have differing points of view, background, knowledge, and the right to explore issues along a different tack perhaps. Not a reasons to shoot the messenger, but to attract reasoned responses. It is what conversations are about, isn’t it? It’s not prime minister’s questions.

Hear, hear! Malcolm.

I don’t care for the demanding style of interrogation that sometimes emerges here, nor the use of links as crowbars to force doors open. I think links are useful to substantiate comments and reference further information, not to substitute for a comment and force readers to go elsewhere and then come back to continue the conversation. I would propose that the community guidelines could usefully be adapted to cover the appropriate, and supportive, use of links.

This comment was removed at the request of the user

This comment was removed at the request of the user

Duncan – I have no criticism of links that are inserted after a comment to give added detail, or as evidence, or to reference some supporting material in a publication or elsewhere – so carry on providing links as I do when I think it would help. What I don’t like – and it’s only my personal preference – are comments [or whole new threads] that start with a link and little else. This wouldn’t happen in a real-life Conversation; I think contributors should summarise what they are trying to tell us and use a link [if necessary] to back it up or extend the contribution for those who wish to explore it in more detail.

My remarks were not directed at you – it has become a common behaviour. In the early days we could not insert links and had to explain ourselves. I happen to think that remains the most courteous way to proceed.

Yes, I know all that Duncan. It doesn’t bother me. GCHQ can tap into all calls on any device from anywhere in the world so worrying about smart phones seems irrelevant to me. Those with nothing to hide have nothing to fear. My reference to “peace” was in the form of advice to you to give yourself some peace from worrying about things you can’t control or influence. You seem to be obsessed with access to your computers via back doors, tracking your internet use, following your movements on a phone, and polluting your cyberspace. I think it gives you a bad time while most of us seem to manage to have enjoyable on-line experiences without all the anxiety you project, but it’s up to you. All I am saying is that, as we get older, we don’t need all this fretful overload of suspicion and distrust. In my opinion, the simple life is the better one.

I support your invocation of the observation attributed inconclusively to Edmund Burke that “the only thing necessary for the triumph of evil is that good men do nothing”. I am sure you [like most of us] have done many good things in your life, Duncan, and need have no fear of misjudgment at the appointed hour, so you do not have to keep going at full tilt wearing yourself to a frazzle for ever and a day. You are allowed to take it easy and give yourself some peace.

This comment was removed at the request of the user

Which? do not seem to examine these topics critically and help any of us with expert advice. Maybe they do not have the capability.

I won’t touch open banking (well not now), simply because I do not see the need for it. I can quite happily control my own finances, helped by personal accounting software..

I’ve just had a 32 pp colour booklet (presumably 700 000 others have also) from Which? entitled “Planning for your family’s future”. I have not read it from cover to cover, but it mostly deals with financial matters and products. However, nowhere I can I find any information on keeping track of finances (whether paper or software based) nor on everyday budgeting.

I would really like Which? to spend some time and expertise in helping people look after their money for themselves. Another booklet? Or even paid-for software. Before they look at indulging in new banking initiatives people should learn how to keep track of all their finances, and how to set up and monitor a personal budget. Is this too much to ask?

I passed my booklet onto a friend but I cannot recall any advice on avoiding an unauthorised overdraft. That would have been useful. The booklet had a couple of pointers that I found helpful, however.

Hi Malcolm. This guest post from Barclays is intended to discuss open banking more broadly. However, our Which? Money team does have a guide on the subject that you can find here:


This goes into more detail around its uses, security etc. This explanation of Open Banking standards should also be useful: https://www.openbanking.org.uk/providers/standards/

@gmartin, Hello George. I did read the Which? guide when it was first put online but as far as I am concerned it does not adequately explain the real advantages – if there are any – to a customer when they give such wide access to their data. There is nothing in it that convinces me to use it, or how I would benefit, when other secure and private methods to track my information are available.

The main point I was making was that in my view, rather than promote another financial product that is subject to questions about its usefulness and its security, Which? could look at providing, or pointing to, ways that people good get a better grip on their own finances without involving data sharing with 3rd parties. Personal financial software does this, and although this has been reviewed, there could be more encouragement for people to use it to control their money.

I think we – Which? – should press for the banks to issue basic software to individuals to help them track all their money and accounts, personally not through a system that involves a number of 3rd parties. I also think that they could devise home budgeting software to help people control their spending.

I see no reason why Which?, with its expertise, could not also look at cooperating with this. You did produce an income tax calculator if I remember rightly, and maybe you could get BBA cooperation and funding to help the cause.

Thanks Malcolm. I’ll pass all this on to Chiara (the author of the guide) to find out if the Money team has any plans to further advise on personal finances.

@gmartin, Thanks George. I hope we’ll hear back from Chiara or yourself as to whether Which? sees this as worthwhile.

It would be useful to hear from those with experience of Open Banking.

After a few years of using a contactless card without losing money I’m now happy with using it routinely and it removes the possibility that someone could see me entering my PIN in a busy shop etc.

On the other hand I was a fairly late adopter of online banking because the terms and conditions were highly technical and not really fair for the consumer, at least according to friends who worked in computer science. Once they were revised and written in terms I could understood I adopted online banking.

I’m not yet ready for phone payment systems because I don’t know enough to be sure that they are secure.

I must say, given the number of data breaches that have occured, I find it difficult enough to trust my own bank with my data. The idea of trusting third parties is preposterous.

I’d like a clear and rational explanation of exactly what great advantage Open Banking could be to a potential private customer. So far those I have seen have waffled on but not made any kind of convincing case. Perhaps someone here can tell me why I must join in?

It’s a bit like the desperate marketing for smart meters and virtual assistants, isn’t it? A solution looking for a problem.

So, would any of the Which team use “Open Banking.” ? It does seem to be like someone’s good idea looking for a purpose, rather than an essential service that we should all use. I don’t see any reason to “Open Bank”. since I like to keep my finances simple and I know what I’ve got, where it is, what I’ve spent and what’s left. My finances are private, for obvious reasons, and the idea of sharing them with others seems absurd. What are they going to do with the information and why do they need to know what I spend, save and earn? The opening introduction is somewhat vague in its description. I don’t have any difficulty accessing accounts, bill paying -by various means – is straight forward and that’s it. If I want financial advice I seek it in a place I choose and divulge the information necessary for that transaction. I can’t speak for those with complicated accounts or those who have loaded credit cards to pay off, and, maybe a helping hand could do some good there. For me, I am about as mystified now as I was before I read this page and intend to remain so.

This comment was removed at the request of the user

This comment was removed at the request of the user

I would never use Open Banking, its totally unsafe and unsecure!

It is good to hear that this won’t be compulsory. I think that’s all I need to know.

“your holistic spending and saving” *

adjective: holistic

characterized by the belief that the parts of something are intimately interconnected and explicable only by reference to the whole.
characterized by the treatment of the whole person, taking into account mental and social factors, rather than just the symptoms of a disease.

As many of you are aware there are people who for various reasons cannot control their money. This may be tied to manic-depression, an inability to deal with numbers, or infirmity. If the banks wish to provide holistic solutions to help humans deal with finance I suggest that they look at the disadvantaged section of their customers rather than those few with multiple accounts and savings.

Would I use it. No never because having multiple bodies with access to your data does not seem to provide any benefit to me. That the financial sector will have a better picture of my dealings is not actually a reason to sign up. Quite the reverse.


This comment was removed at the request of the user

This comment was removed at the request of the user