Is Open Banking safe in NZ?

If you’ve never really heard the term ‘Open Banking’ before, that’s OK. Most Kiwis haven’t (nearly 75%, actually, according Yabble/Payments NZ). But chances are you’re already using an Open Banking app or two, and your customers are almost certainly using one.

The thing about Open Banking is that as you dig into it, it looks like it could be quite scary. So, today we’re going to quickly define Open Banking, and answer the big question – is it safe?

Open Banking explained

Open Banking is a concept whereby third-party developers build software that can access your bank account, or the account of a non-bank financial institute (for example investment fund managers or lenders). Depending on the app, the third party may just look at your financial details or perhaps even make payments on your behalf.

This might sound huge, but it’s important to note that this access can be controlled by you – non-bank apps are only allowed to look at or control your accounts when you let them.

3 benefits of Open Banking

  1. Better innovation in financial sector

The banking industry has long been held as a bit of a laggard when it comes to digital evolution. Where other industries were storming ahead making new technologies and really pushing the boundaries of the digital age, banks’ responsibilities to their customers (protect data at all costs) held them back.

Now with Open Banking, there are more organisations releasing more financial products – which means the sector has made decades’ worth of development in barely a few years.

  1. More options for customers

What this revolution means for customers is options. Instead of relying solely on a bank (or other financial institute), there are lots of companies offering handy day-to-day solutions – apps to help customers save money, apps to help them get loans, apps to help them pay their taxes, and so on.

  1. Financial power for SMEs

This also has great benefits for business owners. With more apps comes more power – the power to integrate non-financial systems with financial systems (i.e. inventory management software and accounting software), the power to put “Pay Now” buttons on digital invoices, the power to better monitor cash flow and make investment decisions based on real-time financial information, and so on.

Examples of Open Banking in NZ

  • Payment apps: Services like POLi can connect your online banking account with that of your customers, letting them make direct payments to you, instantly, through a medium they already trust (their bank). No credit card involved.
  • Accounting apps: Accounting apps like Xero can often be connected to your bank account in order to import transaction histories and make or receive payments all in one system. This can improve the visibility you have over your money and make tax time a little simpler.

How do Kiwis consumers feel about Open Banking?

Payments NZ and Yabble combined forces to take a barometer test of Kiwi consumer opinions on Open Banking. So, what are your customers thinking?

  • As we mentioned earlier, most (73%) of Kiwis haven’t heard of Open Banking. Awareness tends to be higher in younger people than older.
  • Only 16% of Kiwis are comfortable sharing their data with an Open Banking app.
  • Just slightly more – 19% – are comfortable with an app making a payment on their behalf.
  • Cyber criminals are top of mind when it comes to fears about Open Banking, although there are also various trust issues regarding control and access of personal data.

But, Open Banking apps are increasingly prevalent and chances are more Kiwis are using one than they realise. And that’s why we’re here today, to talk about what Open Banking is and why it can be quite safe.

So is Open Banking safe?

Open Banking is generally considered to be safe.

In order to access your bank details, third-party developers need what’s called an API (application programming interface), which is designed by the bank itself. This is a sort of connector which links one system to the other and is as secure as the banks choose it to be.

By using a bank-developed API, third-parties don’t generally need to know or store your usernames and passwords, and communication between entities can be heavily encrypted.

Also, not just anyone can develop a piece of financial software and link it to a bank. In New Zealand, developers have to be registered as an API Standards User with Payments NZ and sign an agreement with the banks in order to use their API. This keeps the industry standardised and easy to regulate.

Example: How POLi keeps customer data safe

As an Open Banking API user, customer data is our top-most concern and we’ve worked hard to build a system that is highly secure and meets (and exceeds) appropriate certifications.

So what have we done?

  • We have full ISO 27001 certification.
  • We cache nothing and store no customer data.
  • POLi uses a proxy server to communicate with internet banking platforms – all communications with the proxy are heavily encrypted, and the proxy has advanced security measures of its own to prevent tampering.
  • We regularly check our own system with tools such as vulnerability scanning and using an external service to run penetration tests on us.
  • Limited POLi personnel have access to this system.

Read more: Our security credentials

In summary

A lot of your customers will feel a little uncertain about the idea of Open Banking apps, but the reality is they are here to stay and generally very safe. Additionally, chances are most customers already use many of these apps and don’t know it.

It’s perfectly safe for you to use Open Banking apps with your business and offer solutions to your customers that are also related to Open Banking (i.e. offering POLi as an online payment option). If you’re ever worried about what your customers think of such moves, you can show them articles like this or the links below to help them understand how you – and your third parties – are protecting their information.

Learn more:

  1. Westpac’s guide to Open Banking
  2. MoneyHub’s guide to Open Banking
  3. About Payments NZ