Open Banking Explained: What It Means for Your Money
Clear explanation of open banking for consumers. How PSD2 works, what data is shared, security guarantees, and practical benefits for personal finance.
7 min czytaniaOpen Banking Explained: What It Means for Your Money
Open banking is the idea that your financial data belongs to you, not your bank, and you should be able to share it with any service you choose. Enshrined in EU law through the PSD2 directive (Payment Services Directive 2), open banking requires banks to provide secure digital access to your account data when you explicitly consent to sharing it with a licensed third-party provider.
Before open banking, if you wanted a budgeting app to read your bank transactions, you had two bad options: manually download CSV files from your bank (tedious, requires regular effort) or give the app your bank login credentials (insecure, violates bank terms of service). Open banking provides a third option: a secure, standardised, bank-approved data channel.
How it works in practice
The consent model
- You find a financial app you want to use (budgeting tool, loan comparison, investment tracker)
- The app asks to connect to your bank account
- You are redirected to your bank's own login page (the app never sees your password)
- Your bank asks you to confirm exactly what data you want to share:
- Account balances
- Transaction history (typically last 90 days)
- Account holder name and details
- You confirm consent
- The app receives your data via a secure API connection
- Consent is valid for 90 days, after which you must re-authenticate
What data is shared
| Data type | Included | Not included |
|---|---|---|
| Transaction amounts and dates | Yes | - |
| Merchant/payee names | Yes | - |
| Account balances | Yes | - |
| Account holder name | Yes | - |
| Credit card details (full number) | - | No |
| Your bank password | - | No |
| Your savings account interest rate | - | Usually no |
| Loan details | - | Not under PSD2 |
Security architecture
Open banking is arguably more secure than traditional online banking:
- No credential sharing: Your password never leaves your bank's systems
- Qualified certificates: TPPs must use eIDAS-qualified electronic certificates to authenticate API connections
- Regulatory licensing: Every TPP must be licensed by a financial regulator (KNF in Poland, FCA in UK, BaFin in Germany)
- Granular consent: You control exactly what is shared and can revoke access at any time
- Data minimisation: TPPs can only request data necessary for the service they provide
- Strong customer authentication (SCA): Bank login requires multi-factor authentication
Practical benefits for consumers
1. Financial aggregation
If you have accounts at two banks, a Revolut account, and a brokerage, open banking lets a single app show all your finances in one place. No more logging into four different apps to understand your total financial picture.
2. Faster, fairer lending
When you apply for a mortgage, the bank assesses your income and spending. Traditionally, this meant providing 3-6 months of paper bank statements. With open banking, the lender reads your transaction data directly (with your consent), getting a more accurate, real-time picture. This can:
- Speed up application processing (days instead of weeks)
- Improve approval rates for people with thin credit files
- Enable more personalised interest rates based on actual financial behaviour
3. Better budgeting
Open banking-connected budgeting apps can categorise your spending automatically, identify recurring subscriptions, detect unusual charges, and provide real-time spending alerts. The data flows continuously rather than requiring manual CSV uploads.
4. Account switching
Open banking makes it easier to switch banks by providing your new bank with your transaction history, standing orders, and direct debits from your old bank. In theory, this increases competition and pushes banks to offer better products.
5. Payment initiation
Open banking enables payments that bypass card networks entirely. Instead of paying by card (where the merchant pays 1-3% in card fees), you authorise a direct bank transfer at checkout. The payment is instant, the merchant saves on fees, and you maintain full bank-level security.
Common concerns
"Is it safe to let apps read my bank data?"
Yes, provided the app is a licensed TPP (third-party provider). Licensed TPPs must comply with data protection regulations (GDPR), cybersecurity standards (DORA), and financial conduct rules. They are subject to regulatory audits and can lose their licence for security breaches.
How to verify: Check the provider's regulatory status on the relevant authority's register (KNF in Poland, EBA's register for EU-wide). Legitimate TPPs will display their licence number and regulatory body prominently.
"Can they move my money?"
Only if you explicitly consent to PIS (Payment Initiation Service), and only for specific transactions that you approve. A budgeting app with AIS (Account Information Service) access can read your data but cannot initiate payments. The two permissions are separate.
"What if I change my mind?"
You can revoke consent at any time through your bank's online banking or mobile app. The TPP immediately loses access to your data. Under GDPR, you can also request that the TPP delete all stored data.
"Do I have to re-authenticate every 90 days?"
Yes, PSD2 requires re-authentication every 90 days. This is intentionally annoying: it ensures you are regularly reminded of and actively consenting to data sharing. The upcoming PSD3 regulation may extend this period for established, trusted connections.
Open banking across Europe
| Country | Adoption level | Key developments |
|---|---|---|
| UK | Very high | Open Banking Implementation Entity (OBIE) drove adoption; 7M+ users |
| Sweden | High | Strong fintech ecosystem, Tink (acquired by Visa) as key aggregator |
| Netherlands | High | Banking culture open to innovation, strong TPP ecosystem |
| Germany | Medium | Conservative banking culture, growing slowly |
| Poland | Medium | BLIK dominance reduces urgency, but ecosystem is maturing |
| France | Medium | BNP Paribas and others investing in open banking infrastructure |
| Spain | Low-Medium | Implementation lagging, consumer awareness low |
| Italy | Low-Medium | Growing but regulatory hurdles slow adoption |
Poland's situation is unique: BLIK already provides instant payments that solve many use cases open banking targets in other markets. The primary open banking opportunity in Poland is data sharing (AIS) for budgeting, lending, and financial aggregation rather than payment initiation (PIS).
The future: PSD3 and beyond
The European Commission is developing PSD3 and the Financial Data Access (FIDA) regulation:
PSD3 (expected 2027-2028):
- Improved API performance standards (banks must meet uptime and speed requirements)
- Extended consent periods for established connections
- Better fraud protection and liability rules
FIDA (Financial Data Access):
- Expands data sharing beyond bank accounts to insurance, pensions, investments, and crypto
- Creates a framework for premium APIs (banks can charge for enhanced data services)
- Aims to create a comprehensive "open finance" ecosystem
For consumers, this means eventually being able to connect all financial accounts, from bank to pension to brokerage to insurance, in a single app. Freenance is building toward this vision: a unified view of your entire financial life.
Related Articles
- Open Banking in Poland — Polish-specific implementation details
- Fintech Poland Landscape — The broader Polish fintech ecosystem
- How to Import mBank to Freenance — Connecting your bank data today
Want full control over your finances?
Try Freenance for free