Open banking, explained — and why it is safe
Open banking is the regulated system that lets you securely share your transaction data with an app like Fin — without ever handing over your online banking password.
How the connection actually works
Rather than typing your bank username and password into a third-party app (an older, riskier pattern called "screen scraping"), open banking uses a regulated, bank-approved handshake. You authorise access through your own bank’s official login flow, and the app receives read-only transaction data — never your credentials.
What "read-only" means in practice
A read-only connection can see your transaction history but cannot move money, make payments, or change anything in your account. It is the same category of access as viewing a statement — nothing more.
You stay in control
Consent is time-bound and revocable — you can disconnect a bank connection at any point, and access stops immediately. In Australia this sits under the Consumer Data Right (CDR), a framework specifically designed to give you ownership of your own financial data.
Common questions
Can an app move my money through an open banking connection?
No — a read-only connection can only view transaction data. Moving money requires a separate, explicit payment authorisation that a read-only feed does not grant.
Does the app ever see my banking password?
No. Authorisation happens directly on your bank’s own login page or app — the connecting service never receives or stores your credentials.
Can I disconnect at any time?
Yes. You can revoke access whenever you like, and the connection stops immediately — see the security & trust page for exactly how that works.
Let Fin handle it automatically
Connect your bank and Fin keeps this sorted for you all year — free to start, no card needed.
Get 2Fin free →Back to all guides, or explore the glossary.