Open banking is the technology behind many of the UK’s most useful money apps — from budgeting tools to mortgage eligibility checkers. Introduced by the FCA and CMA in 2018, it lets regulated apps securely access your bank account data with your explicit consent, using secure APIs rather than your password.
How Open Banking Works
Open banking operates under the Payment Services Regulations 2017. UK banks are required by the Competition and Markets Authority (CMA) to give authorised third-party providers (TPPs) access to customer data via standardised APIs — but only when the customer consents.
The process works like this:
| Step | What happens |
|---|---|
| 1. You choose an app | Select a budgeting tool, mortgage checker, or other open-banking-powered service |
| 2. App requests access | The app specifies exactly what data it wants: read-only account data or payment initiation |
| 3. You authenticate via your bank | You are redirected to your bank’s own login — your credentials never go to the third-party app |
| 4. Access is granted | A secure, time-limited API token allows the app to access the specified data |
| 5. You can revoke any time | Through your bank’s app or online banking under connected apps / open banking permissions |
Your bank password is never shared with the third-party app. The secure token is what grants access, and it expires or can be revoked at any time.
Two Types of Open Banking Access
Not all open banking access is the same. There are two distinct permission types:
| Access type | What it allows | Common use cases |
|---|---|---|
| Account Information (read-only) | View balances, transactions, account details | Budgeting apps (Emma, Plum), mortgage affordability checkers, credit score tools |
| Payment Initiation | Initiate a payment from your account | Pay-by-bank at checkout, instant bank transfers via apps |
Payment initiation is a much stronger permission. When an app requests it, your bank will prompt you to authorise the specific payment amount before it proceeds — the app cannot silently move money.
How to Check an App Is Authorised
Before granting any open banking access, verify the provider is FCA-authorised:
- Go to the FCA register
- Search for the app or company name
- Confirm it has Account Information Service Provider (AISP) or Payment Initiation Service Provider (PISP) permissions
If the provider is not on the FCA register, do not grant access. This is the single most important safety check with open banking.
Open Banking vs Traditional Screen Scraping
Before open banking, some apps used “screen scraping” — asking for your full bank login credentials to log in as you and harvest data. This is insecure and most banks now prohibit it. Open banking replaced screen scraping with a secure, consent-based API system where your credentials stay with your bank.
The Digital Pound (UK CBDC)
The Bank of England and HM Treasury are exploring a central bank digital currency (CBDC) — a digital form of pound sterling issued directly by the Bank of England. Key facts as of 2026:
| Fact | Detail |
|---|---|
| Official name | The digital pound (informally: “Britcoin”) |
| Status | Design and consultation phase — no launch date confirmed |
| Who issues it | Bank of England (not a private company or crypto project) |
| Relationship to cash | Would complement, not replace, physical cash |
| Privacy concerns | HM Treasury has confirmed the digital pound would not give the government real-time visibility of individual spending |
The digital pound is entirely separate from Bitcoin and other cryptocurrencies. It would be a state-issued, stable-value digital currency.
E-Money vs Bank Accounts
Open banking connections can be made to both bank accounts and e-money accounts. Understanding the difference matters for how your money is protected:
| Provider type | Examples | FSCS-protected? |
|---|---|---|
| Fully licensed UK bank | Monzo, Starling, Chase, Barclays | Yes — up to £85,000 |
| E-money institution | Revolut (UK), Wise (UK), PayPal | No — safeguarding only |
For open banking read-only connections, the distinction is less critical — you are only sharing data, not deposits. For payment initiation and stored balances, the protection difference is significant.
Articles in This Hub
- Open Banking Explained — how open banking works, which apps use it, your rights, and how to revoke access
- The Digital Pound Explained — what a CBDC is, the Bank of England’s consultation, and privacy concerns
- E-Money vs Bank Accounts — how Monzo, Starling, and Revolut differ legally — and what it means for FSCS protection
Related Hubs
- Bank Security and FSCS Protection — deposit protection, scam prevention, and how to complain
- Payments and Transactions — Faster Payments, CHAPS, direct debits, and what happens when payments go wrong
- Bank Reviews — individual bank assessments and digital vs high-street comparisons