Open Banking Misconceptions - Nordigen

Common open banking misconceptions

| Article by: Vitor UrbanoProfile Image Vitor Urbano 5 min

Open banking is still quite recent as a concept. To give you an idea, it's only been fully implemented for the past few years. That, together with the fact that it is completely revolutionising the banking industry, resulted in many misconceptions when it comes to the way it works and what can be achieved.

Most of the misconceptions are due to the lack of information and education, being easily dismissed once the basics about open banking are understood.


1. Open banking is a risk to customer data security

In Europe, open banking follows the revised Payment Services Directive (PSD2), drafted with consumers’ data security as one of the main priorities and concerns. The new directive instructed banks to develop their own API (Application Programming Interface), making sure third party providers would have facilitated, safe, and reliable access to customers' account information.

With that in mind, there are various security measures in place that assure customer data safety.

The most important, and directly visible to the customer is called Strong Customer Authentication (SCA), which adds an extra layer of security to previously used methods, such as using one time codes via SMS.

Essentially, SCA relies on the collection of two pieces of information that only the user has access to, such as:

  • Something they own (e.g., smartphone)
  • Something they know (e.g., PIN code)
  • Something they are (e.g., fingerprint)

Furthermore, with the introduction of PSD2 regulated APIs it became possible to ditch the dangerous use of screen scraping methods, used as a standard during the early days of open banking. This legacy method endangers customer private data, since it requires third party providers to impersonate the user on the bank online platform, and by storing their credentials.

1.1. Customer data can be shared without consent

Another common misconception is the fact that third party providers (TPPs) will have free access to all information on a customers’ bank account. This couldn’t be further from the truth.

To be compliant with the current regulations, TPPs need to clearly indicate to which information users are giving their consent. Anything outside that scope will not be available to the provider, requiring new consent to access additional information.

1.2. Funds can be easily compromised

With the rise of open banking, users voiced concerns regarding the security around their personal details, which could compromise their funds. By following all regulations and security measures, open banking regulated services are as secure as your bank.

Sensitive information, such as passwords and account numbers, are encrypted to avoid potential access from external parties (a.k.a. hackers).

1.3. In case of fraud, the customer won’t be able to get the money back

In open banking, there are several security protocols that were implemented to reduce the potential of fraud to a minimum. 

Moreover, if an issue like fraud arises, financial services providers have insurances to protect their customers (and their funds), and your bank has the responsibility to resolve the problem and assure the money gets returned to you.

Open banking x traditional banking

2. Open banking is the beginning of the end of traditional banking

Open banking shouldn’t be seen as a “traditional bank killer”, but as the perfect tool to help banks adopt new technologies and improve their services.

Although open banking has significantly changed the banking industry, creating greater competition for banks, also opens many doors allowing them to improve what they offer their customers.

Through open banking, banks can improve their products and services, giving users new ways to use their accounts. New technology alongside competition breeds innovation, which ensures customers’ needs are met to the highest level.

2.2. Open banking doesn’t simplify banking processes for users

Even though the open banking framework might be a very complex environment for the average user, the way its final form presents itself greatly improves all the banking experience.

Users no longer need to provide card details or login credentials to proceed with online payments. This, along with the fact that payments are made directly between the payee and payers bank:

  • Drastically reduces the processing times
  • Reduces fees
  • Increases security levels

Moreover, on the AIS (account information services) side of open banking, by allowing users to display all their accounts in one single place, the personal finance management of all their assets is greatly simplified.

Open banking expensive

3. Open banking is expensive

Open banking has – theoretically – been free in the UK since 2018 and in the rest of Europe since 2019. In practice, access to the same APIs ends up not being free at all for the end-user. All open banking companies, except one, choose to charge users for their API connections, the same ones these companies connect to for free. This is a shame, considering the price barrier blocks many developers and businesses from building new fintech services that compete with large retail banks.

Luckily, Nordigen offers free access to PSD2 data across Europe with no hidden costs. We're the only open banking company that provides free access to banking APIs. Unlike our competitors, we have decided to assure that what is free, stays free for everyone. To maximise what can be done with the financial data provided by these APIs, we offer a wide range of premium products that can be invaluable in a diversity of use case scenarios.


4. Open banking being disruptive is a bad thing

Open banking APIs are a disruptive change for banks, but that doesn’t mean it’s a bad thing. Until now, banks had exclusive access to customers' financial information, keeping it safe and closed off from the outside world.

On the other hand, this was a very limited situation where customers couldn’t do anything else with their own data. Open banking allows third parties to create new services and products that maximise the potential of financial data, while ensuring its safety.

Recommended articles