How to stop allowing third party having open banking access to my account?


#1

Hi,

I’ve recently given Tail access to my Monzo account via open banking API, but realised that there’s no way to stop the access via Monzo app. I also can’t see all the third party that I’ve authorised/ manage the permission list.

How can I manage the list of third parties? I don’t trust asking the third party to stop accessing my data - feel safer to do it myself via Monzo’s app.

I feel like this is something super important before I feel safe using open banking products?

Thanks!


(Andre Borie) #2

You can ask to revoke all your access tokens via in-app chat. Hopefully in the long term Monzo implements a proper way to revoke access from the app directly. At the moment their stance is that AISPs shouldn’t access accounts once consent has been withdrawn on their side but that’s IMO bullshit as security never works by asking nicely (otherwise we’d all still be using plain text protocols and relying on the “evil bit” to tell legitimate requests from malicious ones).


#3

Ah interesting thanks.

I think before I feel comfortable using third party via open banking, I’ll need to see a list of third party apps that have access to my account ATM, and more crucially the ability to stop access via Monzo.


#4

You need to contact whoever you gave permission to as they’ll need to delete all your records. Just asking your bank to remove access won’t delete the third party records


#5

I’m not asking about having records deleted though, more on stop having accesss to my data.

I’m approaching this as if it’s a direct debit - before setting up DD, I need to have the ability to cancel the DD.

At the moment using third party apps feels like a CPA - but worse. At least with CPA I can raise a dispute because I can see myself being charged.

With current open banking integration, I’m clueless which parties could still be subscribing to my data.

Regarding data that I’ve already given access too, I see them as money already spent - no ability to get it back, which I’m okay with it as I benefitted from the “service”.


(Andy) #6

There will probably be a very comprehensive management platform in soon.

For comparison this is RBS. It gives you date approved, date when access will end unless you renew it, immediate withdrawal and what data is being shared


#7

It makes you wonder if Monzo designers actually bother looking at other apps before they design things! While most non-fintech apps are not ideal why reinvent the wheel, where they get it right use that for inspiration