/ Money

Will open banking open new possibilities?

Open banking

In January 2018, a new law comes into effect that could open up banking forever. But what is it, how will it work – and should you be worried?

Following comments asking us about our views on open banking in a recent convo, we thought we’d share our most recent policy points on the subject.

Not so long ago, I had four current accounts with four different banks: one as my main account, one to manage the bills in the house share I lived in, and two that I used as savings accounts because they offered better interest rates.

It was a bit of a nightmare. I had four different usernames, four different passwords, an array of secret questions and ‘memorable information’. And anytime I wanted to move money from one account to the other I had to find the debit card and the reader, or the little number pad, and remember how on earth to use it. If only I’d lived in 2018.

Open Banking

From January next year, thanks to the Second Payment Services Directive (PSD2), every provider of a ‘payment account’ will have to provide a way for third parties to access data about the account and to make payments from it (although you don’t have to give anyone access if you’re uneasy). This could be to show your spending in different ways to help you budget and plan, to ‘aggregate’ your accounts in a single place, or to automatically divert money to a savings account.

This could have all sorts of benefits, including helping people better manage their finances, and even potentially improving competition in banking, by reducing the ‘hassle factor’ of holding a current account and a savings account with different institutions.

Services that do these sorts of things already exist but their take-up is quite low. This is partly because to use them you have to provide your bank login details and the service provider logs in as if they’re you (sometimes called ‘screen-scraping’). This understandably feels far too risky for many people, and it’s also against many, if not all banks’ T&Cs, so you risk being treated as ‘grossly negligent’ if you later need to make a fraud claim.

Open banking means banks have to offer an application programming interface (API) for these third parties – basically a separate ‘door’ to the account through which they’ll access, rather than impersonate you. And to go through that door they will need three things: to be authorised by the Financial Conduct Authority (and your bank has to check this when giving access); to have your consent to see or use the information; and for you to prove to your bank it’s you authorising the access (probably by logging in).

This is a much safer way for a third party to access the information in your account, and it could lead to the development of all sorts of innovative services (including beyond financial services). For example, you might get an app that alerts you if you don’t have enough money to meet an expected payment, or notices if your energy bill seems high this month. These could be from new financial technology companies, established banks, or even companies such as Facebook or Google.

Unanswered questions

One main barrier to this market developing – and a potential risk for consumers – is undoubtedly data security. Although it’s much safer than giving your login details out, hackers might target these third parties to try to get at your financial details or even make payments, and it’s vital that you’re able to trust these third parties to have a high level of security.

We’ll be watching closely to make sure that regulators are taking this seriously as they authorise and monitor this market, and that consumers are protected and have access to redress if things do go wrong.

Relatedly, it’s still possible that screen-scraping will be allowed to continue as a backup, in case banks’ interfaces fail. This is unacceptable on security grounds, and also risks damaging consumer confidence in a way that chokes off the market and its possible benefits altogether.

We’re also concerned that payments made by third parties could be bank transfers – and if there’s more of those, there are more payments for which you’re inadequately protected in the event you’re tricked into paying a fraudster.

But if these concerns can be addressed, we think open banking could deliver huge benefits to consumers. And, if nothing else, it’ll be nice to know that the next generation of financially savvy house sharers don’t have to go through the same experience I did.

Will you be using open banking?
Loading ... Loading ...

Would you use an open banking service? What sorts of ways can you imagine these services being useful to you? What questions or concerns do you have that might stop you using something like this?

Comments
Profile photo of Ian
Member

It’s an interesting concept and there’s a definitive paper regarding API security here. Among some of the issues raised are those tied directly to the quality of API programming: transactions that are secure in isolation become insecure in combination, whether because of application syntax, feature interaction, slow information leakage or concurrency problems. So I would tend to treat it as I would a major OS upgrade: wait for quite a while to see how they deal with the bugs.

Profile photo of malcolm r
Member

My concern, being over-cautious, is in giving data to third parties that can be misused or hacked, and I can only rely on others to assess the reliability of these “third parties”.

However, at a personal level, I see no need for this and by handing over control of your finances, some detriment in losing the hands-on knowledge of how they stand. I operate two current accounts, one little used. Transferring money to and from a savings account is simple and quick. I have no difficulty with the relevant passwords nor log-ins. By recording transactions I know where I stand financially at any moment and, if something unexpected arises, know how best to deal with it.

For those who cannot be bothered to record and monitor their financial affairs this may well be a solution. I’d rather keep control of mine.

Profile photo of duncan lucas
Member

Has somebody taken leave of their senses ??? Another Third-party access I think I am wasting my time on Which warning posters of the dangers in this type of exercise introduced by big business to gather up your details for third party exploration . Safe ??? if you believe that then god help this world . As long as this is not forced on us then I wont be using it , another business idea from Tory Party Central Office I wonder who lobbied and who got the money ?

Profile photo of Ian
Member

I suspect that horse has well and truly bolted, Duncan, with the introduction of the Direct Debit authority. If I’m right, this is only the 21st C implementation of the same idea.

Profile photo of evertonboy
Member

Another unnecessary service, being promoted as a service we need and such an innovation is not only good for us but we need it and must want it.
Sorry but 21st century tech or not this is a item we do not need, should not use, will never be 100% safe. People themselves need to take responsibility for controlling their finances, and only you should be the one to monitor and decide on it.
Giving over to this type of system is totally unnecessary, unwarranted and unwelcome in my opinion.

Profile photo of malcolm r
Member

Today I’ve received the (first) letter from one of my banks telling me about “open banking”. I really do not see any real advantages (for me, anyway).

Part 1:

It explains “a new way to pay”. It says, when you pay an online retailer
“Today: opt to pay by debit/credit card or Paypal —– online retailer’s bank makes request——debit/credit card company or Paypal processes payment—–money leaves your account”

From 13 Jan 2018: “Opt to pay directly from your bank account——-online retailer requests payment from your account——-your bank asks you to type in some security details to give your consent—–bank sens payment directly to online retailer”

So where is the benefit for me? I might prefer to use a credit card to delay payment but, if I use a debit card, funds will still go from my account. I don’t bother with Paypal.

Profile photo of wavechange
Member

I buy many small items from small companies, mainly through eBay. The most recent purchase was 50 polytop nails for £2.85 including postage. I don’t fancy giving an unheard of company my card details, so I pay by PayPal. There is rarely more than £100 in my PayPal account.

Profile photo of malcolm r
Member

Today I’ve received the (first) letter from one of my banks telling me about “open banking”. I really do not see any real advantages (for me, anyway).

Part 2: New ways to view and manage your account

Today; Your computer/device——–log in to account A, account B, or account C etc—–to access your account A, B, or C etc

From 13 Jan 2018: Sign up for a service—-confirm what information you want to share with the service—–give your consent by typing in some of your security details—–log in to the service and view data from different accounts and organisations all in one place”.

That sounds useful, but at the risk of disclosing sensitive information to third parties. I use MSMoney, update it whenever I use an account, it lists all forthcoming income and bills so know where I stand. I don’t need a third party to handle this for me.

Maybe the banks should give away a common money-management app that does the same?