UKShortbankList

No, open banking requires your explicit consent 

Yes. You can withdraw your consent by either:

• Contacting and withdrawing consent us “WWUB via email 
• Contacting your bank or financial institution to inform them that you no longer wish to allow access to your information by a regulated TPP;

Open banking has security at its core. APIs allow for highly secure data transfers, and you’ll always have to authorise access to your financial data.

This means that only you have access to your security credentials and that you are always in control of what’s being shared with whom and for how long

Online payments’ fraud is greatly reduced by the implementation of zero-trust cybersecurity protocols like Strong Customer Authentication (SCA). In order to comply with SCA requirements, payment providers have to confirm user ID through at least two independent pieces of information:

• Something they own (e.g., smartphone)
• Something they know (e.g., PIN code)
• Something they are (e.g., fingerprint)

At least two of the previous conditions must be fulfilled in order for a transaction to be confirmed and accepted.

SCA is mandatory, but there are some possible exemptions. Have a look at our dedicated Strong Customer Authentication page for more detailed information.

In Europe, everyone has the right to access their bank accounts and financial data through licensed and regulated third-party providers under the Revised Payment Services Directive (PSD2).

Payment service providers (PSPs) are obliged, under this EU legislation, to allow customers to securely share their data with third-parties. Each Member State of the European Union (EU) and European Economic Area (EEA) has to determine a national competent authority to oversee PSD2 implementation and allow PSPs to use open banking.

The overarching regulator for PSD2 in the EU and EEA is the European Banking Authority (EBA). In the UK, PSD2 regulation is enforced by the Financial Conduct Authority (FCA).