Open banking Explained - Nordigen

What is open banking? A comprehensive guide

| Article by: Antonis KazoulisProfile Image Antonis Kazoulis 14 min

Open banking is the process of enabling third-party payment service and financial service providers to access consumer banking information such as transactions and payment history. This practice is possible through the use of application programming interfaces (APIs).

Open banking promotes interoperability and networking between banking information and service providers, creating a smoother user experience.

What kind of data are you sharing when using “open banking”?

Popular online resources keep referring to open banking as the process of sharing banking information and data with third parties. What kind of data are we talking about, though? Here’s a list of the things you’ll be sharing with external providers under open banking.

Account data

  • Account holder name: John Doe
  • Account type:Savings, Checking
  • Currency: Euro (€), American Dollar ($)
  • Account open date:13/11/2020
  • Transaction details: Amounts, merchants, etc.

Product and services data

Sharing is a two-way exchange. By giving access to your bank account data we listed above, banks and third party providers can in-turn share data and information regarding their products and services.

You once had to book a meeting with your personal banker and go over what the bank had to offer you. With digital banking, you could browse the bank’s website and make that decision for yourself. Open banking takes that one step further by proactively tailoring its offering to your profile and making the recommendations without you even asking.

Open banking explained: a bit more detail

Open banking essentially describes how banks allow regulated financial providers to access, use and share your banking data. This is not done without your consent. Whether it’s ticking a box on a terms-of-service pop-up, or through an official email informing you about it, a bank will have to first get your consent to enable access to your data.

Once consent is given, these regulated service providers will aggregate the data they need, analyse it and start building an accurate consumer profile.

Open banking example

In order to make this a little simpler, let’s use personal finance as an open banking example to understand its application in real life. Personal finance is the lifecycle of financial management activities which a consumer performs to save, spend, budget and invest their monetary resources.

In the past, personal finance consisted of visiting the bank branch and talking to your personal banker, pulling out a calculator at home, taking notes, making calculations and trying your best to manage your wealth.

With money being divided into different bank accounts, different loans, interests, standing orders, payments and on-going spending, doing it the old way does not cut it in this day and age.

Today, personal finance is digital and consumers need to access, manage and interact with their finances on the go, from the palm of their hands. This is where open banking comes in to elevate the personal finance experience.

While seeing your bank account balance and transferring money instantly are great feats, they are simply the foundation of what open banking can do.

By accessing your account information, third-party providers can improve the relevance of services they suggest. For example, if you have created a savings account titled “New house” in which you save a specific amount per month, they can suggest a loan tailored to your income and savings capabilities.

Other personal finance features that can be afforded by open banking are:

  • budgeting tips
  • savings notifications
  • price comparison features
  • real-time updates on
  • customised investment advice

With open banking, personal finance suddenly goes from reactive to proactive since you now have a partner in the background, constantly analysing data and suggesting a better course of action for your financial well being.


A brief history open banking

Open banking is changing the way we bank and use financial services in the modern world. The open banking market is growing steadily. A report by Allied Market Research announced a 24.4% growth and predicted the market value will reach over $43 billion by 2026. How did we get here and when did all of this begin?


Open banking Timeline - Nordigen


1980: Screen test conducted by German Federal Post Office

While open banking in practice has only been around for a short while, roots for the concept can be traced back to 1980,when Deutsche Bundespost (German Federal Post Office) conducted an experiment. The organisation ran a screen test with five external computers, and invited approximately 2,000 private users to participate.

The experiment was introduced to test their new online banking service, marketed under the slogan “My bank in the living room”. As part of the online service, the users could make online transfers using the code “300#”.

This experiment proved to be very impressive at the time and is considered the first appearance of a self-service banking machine. The innovation led to the development of the Home Banking Computer Interface (HBCI) in 1998 and Financial Transaction Services (FinTS) in 2002.

1998 - 2002: The emergence of HBCI and FinTs

The next step towards open banking was the development of the Home Banking Computer Interface (HBCI) in Germany, an open standard for customer self-service machines and electronic banking.

It took 4 years to create and was officially launched after the introduction of HBCI 2.0 in 1998. Through this innovation, security protocols, message formats and transmission procedures were established.

In 2002, HBCI was replaced by FinTs (Financial Transaction Services). These allowed for the use of signature cards and offered a procedure for PIN/TAN. A banking security system where customers need to provide their personal identification number (PIN) to gain access to their accounts, and a single-use transaction authentication number (TAN) for a second level of authorisation.

Both of these numbers are in place to prevent fraudulent activities and to verify user identity.

2004: The creation of SOFORT

In 2004, HBCI and screen scraping were combined to create what is now known as SOFORT. Screen scraping refers to the process of collecting and sharing screen display data from an application. For this to occur, the bank customer must grant the service provider permission to access their banking information and provide their login details. The server provider can then access the account as if they were the customer.

In the case of SOFORT, the customer would log into their account to pay for a service digitally and the service provider would take over to perform all the following steps up until the transaction.

At the time, screen scraping was seen as innovative, however APIs are the more secure and straightforward option.

2007: The first Payment Services Directive (PSD1)

In 2007, the European Commission devised the first Payments Services Directive - PSD1. Its objectives were to stimulate competition in the banking and finance industry, enhance the quality of services provided and to protect the end user. The creation of the directive has led to:

  • a new industry category – payment service providers
  • a regulatory framework that permits non-banks to execute financial transactions
  • the implementation of transparency regulations for banks and payment service providers regarding services and fees
  • SEPA, a payment-integration initiative in the EU for streamlined euro transfers
  • the growth of the fintech sector, as financial institutions now had more capabilities and opportunities

2009: Giropay vs SOFORT

In 2009, German digital payment service Giropay filed a lawsuit against the operator of SOFORT, Payment Network AG, accusing them of creating unfair competition and endangering the security of online banking.

The accusations were countered by the Federal Cartel Office and the European Cartel Office in 2011 for the sake of preventing discrimination against competitors that operated independently outside of traditional financial institutions.

This occurrence set the foundation for increased competition in the online banking sector and prevented monopolisation in the industry. This was a huge step for fintech companies and an opening for alternative payment systems to fill.

2018: The second Payment Services Directive (PSD2) is implemented

In 2018, PSD1 was replaced by an updated version – PSD2. The new directive expanded on the foundations set by its predecessor and had a profound impact on banks and banking institutions. PSD2 required banks to expose open banking API access to authorised third parties.

The focus of the directive is on setting up a more integrated and efficient European payments market, while helping to level the playing field for payment service providers.

There are two types of official payment service providers under PSD2:

  • Account Information Service Providers (AISP) – companies authorised to access an individual or business account data sourced from their banks and payments systems with their consent
  • Payment Initiation Service Providers (PISP) – companies that are not only authorised to access data, but also to initiate payments on the behalf of their customers as well

PSD2 has already made it easier for new market entrants and third party providers to gain access to this new market, improve their product offerings, and increase competition. Open banking paved the way for many amazing and innovative financial solutions and the future is destined to be filled with even more.


Open banking pros & cons: opportunities and challenges

Every new breed of technology comes with its own set of benefits and challenges. In the case of open banking, the use case is two-fold since we have to look at both the customers and the market/businesses who are affected by it.

Open banking challenges and opportunities

Open banking benefits for businesses

More competition, less barriers to entry

The banking sector used to be one of the most rigid, legacy-burdened industries in business. Consumers would open a bank account and all their data would be centrally stored and kept with that one bank, creating an inefficient dependency between consumer and institution.

There was no room for small to medium sized businesses to enter this sector since the financial institutions were set to dominate the space.

With the introduction of open banking, new players have access to the same data as big banks, allowing them to innovate and create new, more affordable alternatives to traditional financial services. Open banking has democratized the space, tearing down barriers to entry.

Banks will have to improve their offerings

More competition will bring the best out of banks as well. Open banking is not here to put traditional banks out of business. If anything, it’s an opportunity for them to rise up to the challenge and take steps towards a digital, more customer-centric future.

It’s not a coincidence that traditional banking institutions have recently released apps and online banking solutions for their customers.

Banks are seeing the fintech evolution happening right in front of them and they are embracing change by adopting the new tech.

Increased customer engagement, greater chance at success

Open banking improves the relevance of services suggested to consumers which innately increases the chances of customer engagement. The more personalized a service is to a customer’s needs, the greater are the chances the customer will interact with the brand.

Open banking benefits consumers

Open banking benefits for consumers

The bank is in their hands

Remember when you had to ask your manager for a few spare hours in the morning to sort out your bank obligations? Standing in a queue outside your local bank branch waiting to be served by the bank representative with a questionable attitude?

Those days are gone. Digital banking has brought the bank to the palm of your hands and open banking is making it stay there. Open banking gives consumers a different depth of services to what traditional digital banking used to do. Now, it’s so much more than checking your account balance.

Open banking makes the banking experience interactive, as it proactively advises people on their financial wellbeing based on advanced analytics.

Consumers are in control of their finances

The relationship between traditional banking institutions and consumers used to have very defined parameters – banks had the lion share of the power and consumers were the ones in need of banks. Open banking is shifting the balance of power, putting the customer in the driver’s seat.

By opening up Pandora's data box and unleashing the power of analytics, open banking has made financial services an open and fair playing field for traditional banks and fintech companies alike. Consumers not only have more choice about their financial provider but they are the only decision makers when it comes to sharing their data.

Banks are no longer the de facto keepers of personal data. Open banking has given that right back to the consumer.

All the information they need is centralised

To make a financial decision, consumers need to have as much information as possible to ensure the best possible outcome. With all the accounts linked together by an app and available on a single platform, open banking is helping you make the most beneficial decision for your financial well being.

With open banking, consumers have an ally, a partner looking for them. Not all of us have the business acumen or foresight to plan, budget and invest in the best way possible. Open banking technology does the dirty work for us, analysing our habits, picking up on trends, and tailoring products and services that fit our profile.

Open banking challenges

Cons: Open banking challenges

Resistance to change and misinformation

We, humans, are creatures of habit and change is something we always take with a pinch of salt. Especially when that change comes with a very basic and vague title billing it as “sharing your data with a bunch of companies”.

Open banking is facing the same challenge every new type of technology faces when they try to change the way things have been done for long periods of time – misinformation and lack of trust.

It takes time for a concept to prove itself to the general public and in all fairness, open banking is actually doing pretty well in terms of powering through this first wave of resistance.

Considering it came into effect in January 2018, 24.7 million individuals worldwide used open banking services in 2020, a number that is forecasted to reach 132.2 million by 2024.

Removing the human element - building a purely digital brand

Yes, removing the need for a personal banker or waiting in line for hours is a major benefit for consumers but at the same time it poses a major challenge for banks. By removing the human element, banks lose a major competitive advantage in their branding and customer retention efforts.

Many consumers used to correlate their bank allegiance with the level of relationships they developed with their personal banker or the person who served at the register in their local branch.

With open banking empowering the move to a completely digital offering, financial institutions will now be judged purely on the strength of their products and services.

The brand used to be its people and now it becomes the product and the efficiency of service it provides. That’s a huge adjustment banks need to make.

Regulation is playing catch up

Open banking essentially proposes the idea of unbundling retail banking services, creating more layers and segments. With financial regulation already being a huge undertaking for the more compact, traditional financial system, regulators are now faced with a greater challenge.

They will now need to find new ways, and more resources, to oversee a much more fragmented financial ecosystem that will keep growing exponentially.

To add more obstacles and raise the level of difficulty for regulators, this ecosystem will also include non-financial services companies performing either regulated activities, or acting as third party providers of outsourced critical functions.

Here’s how Christine Lagarde, the Managing Director of the International Monetary Fund, explains this new reality for regulators:

“Traditionally, regulators have focused on overseeing well-defined entities. But as new service providers come on stream in new shapes and forms, fitting these into buckets may not be so easy. Think of a social media company that is offering payments services without managing an active balance sheet. What label should we stick on that?”

Open banking safety

Open banking security – how safe is your data?

Open banking is as safe as traditional digital banking. If you trust any digital banking activity such as sending money from your smartphone, there is no reason why you shouldn’t trust open banking technology.

If anything, the API technology was designed to make the access, transfer and management of information more secure. Access to APIs is safeguarded by specific industry standards such as the PSD2, which require technical authorization, user authentication and consent.

Couple that with the fact that the technology requires integration with web single sign-on and Identity and Access Management (IAM) and what you have is layers upon layers of security that fortify your data.

Be careful of open banking fraud

Remember the most quoted line from Spider-Man? It’s actually a line from Uncle Ben and not Peter Parker that reads “With great power comes great responsibility.” While open banking will not ask you to protect people by jumping from building to building, it does grant you both power and responsibility.

Being the sole decision maker of who you share your financial data with, you need to be very careful who you share that information with.

  • Much like a phishing email is an attempt to access your personal information, don’t be surprised if people pose as third parties that ask you to grant them access to your data. Always check the firm or person you're dealing with is listed on the Financial Conduct Authority Register.
  • When you transfer your data using an API, you should always be redirected to your bank's website to log in to your online banking. Allow some time to check that the website you’ve landed on, is definitely the right one by checking the URL, ensuring it starts with “https://” and that it's a website you recognise.

You can get all your open banking questions in our dedicated FAQ page.

Recommended articles