What are the downsides of open banking?
The downsides of open banking include data privacy risks, potential exposure to fraud if a third-party provider is compromised, and the complexity of managing multiple consents. Some consumers also worry about losing control of their financial data. However, all UK open banking providers must be FCA-regulated, and the Payment Services Regulations 2017 provide clear consumer protections and compensation rights.
What are the main security risks of open banking?
The primary risks are phishing attacks that mimic legitimate open banking consent screens, rogue apps impersonating FCA-regulated providers, and data breaches at third-party companies. Because open banking access tokens can be long-lived, a compromised AISP could expose months of transaction history. Consumers should always verify a provider’s FCA registration before granting access and revoke permissions they no longer need.
Can open banking data be misused by lenders or companies?
FCA regulations prohibit providers from using open banking data beyond the purpose stated at the point of consent. However, concerns remain about data being used to build detailed behavioural profiles or shared with data brokers. The FCA’s Consumer Duty (2023) places additional obligations on firms to use data in consumers’ best interests. GDPR gives you the right to request deletion of your data from any provider at any time.
Open Banking in Practice: The FCA’s Financial Services Register allows consumers to verify any open banking provider before connecting. Revoke access via your bank’s app or the provider’s settings at any time. The JROC’s 2023 roadmap includes stronger liability and consent standards as open banking scales. Read our guide to staying safe with open banking on openfuture.world.
FAQ
Can I opt out of open banking entirely?
Yes — open banking is entirely opt-in. You never have to share your data unless you actively choose to connect an account to a third-party app.
What happens if an open banking provider goes bust?
Your bank data access is revoked automatically; under UK GDPR the provider must delete your data, and the FCA monitors wind-down plans.
Is open banking riskier than online banking?
Not necessarily — open banking uses the same bank-grade encryption as online banking, and your login credentials are never shared with third parties.