Technology

Open banking: why your banking app can talk to other services

Open banking lets apps connect to your bank with permission. Learn what data can be shared, how payments differ and how to revoke access safely.

Open banking sounds like your bank has become less private, but that is not what the system is meant to do. It is a permission system that lets a regulated app or website connect to your bank account without asking for your banking password. The useful skill is knowing what you are approving, what can be shared, and how to switch it off later.

The Short Version

Open banking lets you give a regulated app or website permission to view selected account information or start a payment from your bank account. It works through secure connections called APIs, so you should not have to share your online banking login details with the app. The permission is not automatic: you choose the provider, approve the access through your bank, and can withdraw it later. The main risk is not the idea of open banking itself, but approving more access than you understand or trusting a service before checking who is behind it.

What Open Banking Actually Does

Open banking is the plumbing behind many modern money apps. Open Banking Limited describes it as a secure way to help people move, manage and make more of their money, including budgeting, payments, savings and account views across providers. In everyday terms, it lets one service talk to your bank with your permission.

There are two common types of service. An account information service can show information from selected accounts in one place, such as balances, recent transactions and spending categories. The FCA says these services may include budgeting apps or comparison websites that analyse your spending. A payment initiation service is different. It lets a provider start a payment from your bank account, usually by sending you back to your bank to approve it.

The technical point matters because open banking should not involve handing your password to a random app. The connection is made through an application programming interface, usually shortened to API. The app asks for specific access, your bank authenticates you, and the bank sends back the approved data or payment confirmation.

The Permission Screen Is The Important Bit

The permission screen is where open banking becomes a user decision rather than a technical idea. If an app wants access to your account information, it should explain what service it provides, what data it wants, how it will use the data and whether it will share it with anyone else. The FCA’s consumer guidance says firms can only provide account information or payment initiation services if you have given explicit consent.

That does not mean every consent screen is easy to read. Some are clear. Others are dense. The practical habit is to pause before approving and ask three questions: who is asking, what exactly are they asking for, and how long will it last?

Open Banking Limited says you are not automatically opted in. You use open banking only if you give explicit consent to a regulated firm that provides an app or website. That should make the system feel less mysterious. It is not a hidden pipe into your bank account. It is a permission you actively grant.

What Apps Can See

The exact data depends on the service and the accounts you choose. HSBC’s open banking help page gives examples such as account name, account number, sort code, balance, transaction details, direct debits, standing orders, payee agreements and product information. That is useful for budgeting, affordability checks and account dashboards, but it is also sensitive.

A budgeting app does not need every account if you only want to track household bills. A savings app may need different data from a loan affordability check. A merchant payment does not need ongoing account analysis if the only job is to confirm a single payment.

This is where open banking overlaps with broader digital privacy. A permission can be legitimate and still be too broad for your purpose. For a similar consent habit outside banking, Cristoniq’s guide to cookie banners and privacy choices is a useful companion: the words on the screen matter because they define what happens next.

Payments Are Different From Data Sharing

Open banking payments are not the same as allowing an app to read your transaction history. A payment initiation service can help you pay a business or move money without using a card network. Your bank still authenticates you before the payment goes ahead, but the practical consequences are different from simply sharing a balance.

HSBC notes that open banking payments can use Faster Payments and cannot be recalled or amended once made. That is why you should treat a payment approval like any other bank transfer. Check the amount, recipient and reason before you approve it in your banking app.

If a payment appears that you did not authorise, the FCA says you should contact your bank as soon as possible and claim a refund, even if you think a payment initiation service was involved. Do not start by arguing with the app while a suspicious payment sits on your statement. Your bank is the first practical stop.

How To Revoke Access

Open banking access should not be permanent by default. Open Banking Limited says you can stop giving access by withdrawing consent in the app or website, or by contacting your bank or building society. HSBC says customers can cancel access through Open Banking Connections in mobile or online banking, and the third party will be notified that access has been cancelled.

In practice, it is worth checking this every few months. Many people try a budgeting app, comparison service or payment method once, then forget it exists. The access may no longer be useful, but the permission can still be sitting in the background.

A sensible review takes five minutes. Open your banking app, look for open banking, connected apps, data sharing or permissions, and remove anything you no longer use. If you cannot find the setting, search your bank’s help pages or contact support. This is the same housekeeping mindset as removing old devices from an account or closing unused app permissions.

A Worked Example

Imagine you download a budgeting app that promises to show your current account, credit card and savings balance in one place. The app asks you to connect your main current account through open banking.

A good flow looks like this. The app tells you it will read balances and transactions, explains why it needs them, and sends you to your bank to approve access. Your bank asks you to log in using its normal security process. You choose the account to connect, approve the permission, and return to the app. The budgeting app can now show the approved information, but it does not know your bank password.

A poor flow feels different. The app asks for more accounts than it needs, gives vague wording about sharing your data, or pushes you to approve without explaining how to cancel access. That is your signal to slow down. Check whether the firm is authorised or registered on the FCA Financial Services Register, and decide whether the benefit is worth the data access.

What This Means For You

Open banking can be genuinely useful if you use it deliberately. It can make budgeting easier, reduce repeated document uploads, support affordability checks and make some payments quicker. It is also easy to approve a connection because an app looks helpful, then forget what you allowed.

Your practical rule is simple: treat open banking like a sensitive app permission. You would not give every app access to your photos, contacts or location forever. Do not give financial data access that way either.

Check the provider, read the permission, approve only the accounts needed, and revoke access when the service stops being useful. The system is built around consent, but consent only protects you if you pay attention to what you are consenting to.

In Plain English

Open banking lets an app connect to your bank account with your permission.

It should not need your banking password. Your bank checks who you are, then shares only the access you approved.

It can help with budgeting, payments and account checks, but it can also reveal sensitive spending data.

Approve carefully. Review often. Cancel access when you no longer need it.

Related Reads