Open banking & trust

Open banking, explained — and why it is safe

Open banking is the regulated system that lets you securely share your transaction data with an app like Fin — without ever handing over your online banking password.

How the connection actually works

Rather than typing your bank username and password into a third-party app (an older, riskier pattern called "screen scraping"), open banking uses a regulated, bank-approved handshake. You authorise access through your own bank’s official login flow, and the app receives read-only transaction data — never your credentials.

What "read-only" means in practice

A read-only connection can see your transaction history but cannot move money, make payments, or change anything in your account. It is the same category of access as viewing a statement — nothing more.

You stay in control

Consent is time-bound and revocable — you can disconnect a bank connection at any point, and access stops immediately. In Australia this sits under the Consumer Data Right (CDR), a framework specifically designed to give you ownership of your own financial data.

Common questions

Can an app move my money through an open banking connection?

No — a read-only connection can only view transaction data. Moving money requires a separate, explicit payment authorisation that a read-only feed does not grant.

Does the app ever see my banking password?

No. Authorisation happens directly on your bank’s own login page or app — the connecting service never receives or stores your credentials.

Can I disconnect at any time?

Yes. You can revoke access whenever you like, and the connection stops immediately — see the security & trust page for exactly how that works.

Let Fin handle it automatically

Connect your bank and Fin keeps this sorted for you all year — free to start, no card needed.

Get 2Fin free →

Back to all guides, or explore the glossary.