I need to look into this more, but I thought that PSD2 (the Payment Services Directive, part 2) was solution agnostic like @anon23935806 suggests, but that @jzw95 you’re right that the UK has chosen an enhanced implementation.
This might be where I am confused. I understood that Open Banking was only mandated for the top 8 (?) UK providers, whereas based on what @edo1493 says, all providers will be obliged to comply with PSD2 but not necessarily using the open banking APIs?
Hi Harry, we are discussing with our provider today-tomorrow, so we can know more regarding MBNA.
PSD2 is the legal framework that governs a few things such as the access to bank accounts / display of information or the initiation of payments (moving money from bank A -> B).
Open Banking is just a shared protocol they are trying to build, but it’s not related with the legislation, which is actually the biggest “banking revolution” of the past years.
We use TrueLayer for every connection apart from Monzo and Starling. A few banks have released their Open Banking implementation, but at this point, we are not looking forward to moving. The problem with OB is that it’s still to early and most of the APIs don’t work for what we do.
We can only refresh data 4 times a day.
Current accounts are only available.
We don’t see information such as account numbers and sort codes (useful for detecting internal transactions)
The access is revoked after 90 days for no reason.
Scraping still guarantees a high level of performance and in the past 15 years there hasn’t been a single incident. In terms of security, I would be more worried about buying things online with my credit card. It takes very little to clone it.
It looks really good to us. We have been in the industry for several years and there are some companies who offer similar services whose security is embarrassing. However, there hasn’t been a single incident.
I would be more worried about banks, at least they don’t just offer a read-only service.
There’s a couple things that aren’t super ideal - the main one being that the encryption of your details happens on TrueLayers system so if you can compromise it you may be able to just nab all keys that are created or even the credentials yourself. Or any time the key is handed over to fetch fresh data there’s an opportunity there where everything you need is present
Security is never perfect and with this sort of architecture you’re always going to have to hand over your credentials somehow. I’m happy enough using this for my two cents
(It’s about the Facebook scandal, use of Facebook by Emma and quotes comments on this forum. It’s all a bit confused, I think. Especially about the relationship between Monzo and Emma.)
I’m not sure there’s a reasonable expectation that what we say here stays private, given it’s public and all that , but if the forum members quoted weren’t approached before publication that would seem to be bad form on the part of the journalist.
I’m a little more worried at a) picking selective posts, b) not quoting Edo’s responses on here (did they approach you for comment, @edo1493?) - so to be fair and balanced and all that, and c) that the respective roles of Monzo, Emma and Facebook aren’t made clear (and in the case of Monzo seems to suggest a stronger link than there is)…
[Edit, the article does actually quote @edo1493, but again I’d argue that it’s a bit out of context and makes it appear as if he’s defending data slurping in a rather blasé way…]
Also they say Monzo and Starling link prepaid cards to apps. This from their personal finance writer? For millennials of course because that is a legal must if you mention either company.
At the risk of having a conversation with myself, this makes me cross not so much due to the sloppiness, but because this is a really important conversation to be having - but is being undermined by the inability of the media to cover it properly, and therefore for people to have informed conversations.
it needs staff from Monzo, Emma, Starling etc to respond officially to the article to correct the journalist as this article can do damage to sign up efforts, and incorrect journalism more likely to be repeated on the grapevine than accurate stuff!
hello to journalists! (This link explains why, and why this thread)