Open Banking

Open Banking lets your payment accounts work together, and can help save you time and money.

Open Banking is when you use another company's app or website to see information about, or to make payments from, your Co-operative Bank or smile payment account. It lets you use your accounts in new ways.

All you need to do is sign up and agree to share some of your data. It's completely optional and you'll never automatically be signed up.

We’ve made changes to Open Banking

We’ve updated how third party providers access data through Open Banking and we’ve added new features to give customers more control within mobile and online banking. You can read more about what's changed in Open Banking.

How Open Banking works

Open Banking services can be used with any payment account which you can access online, including current accounts, savings accounts and credit cards. With Open Banking, you can do things like:

  • See all your payment accounts from different providers in one place
  • Manage your personal finances and debt
  • Make payments directly from your payment accounts
  • Compare products and get recommendations on which is right for you.

Open Banking services are provided by companies known as service providers or TPPs (third party providers). You can use them with your Co-operative Bank and smile payment accounts through our online banking services or mobile app.

You may already be using Open Banking services without even realising. Many websites and apps offer them, but they may call them something different.

How to sign up for Open Banking

It's easy to sign up and get started with Open Banking. You just need to:

  1. Make sure you're registered for online or mobile banking for your Co-operative Bank or smile current account, savings account or credit card.
  2. Find a service provider which offers a service that you're interested in.
  3. Sign up for the service on the service provider's app or website. You'll then be brought to our online banking services or mobile app to confirm.
  4. Give your permission for the service provider to access your account data.

You can ask a service provider we don’t currently work with to approach us to use our services for Open Banking. We check that service providers are genuine and regulated by the relevant organisation before deciding to work together.

How to manage your Open Banking

You can find the permissions you've given for service providers to access your data in the Open Banking connections dashboard in our online banking services and mobile app.

In the Open Banking connections dashboard, you can:

  • See all your active and expired permissions
  • End your active permissions.

You can read more about what's changed in Open Banking.

Is Open Banking safe?

All genuine Open Banking service providers must be regulated by the FCA (Financial Conduct Authority). This means they have to treat you fairly when providing their services.

As with anything you do online especially anything involving your sensitive and financial information it's important to be wary. When signing up for Open Banking services, remember to:

  • Always check the service provider is regulated by the FCA or Gibraltar Financial Services Commission you can check the list of service providers authorised by the FCA in the UK
  • Make sure you're comfortable that they've clearly explained the service and how they, or anyone else, will use your data
  • Always check that they're directing you to our genuine online banking services or mobile app and not to a fake version.

Never give a service provider your card’s 4-digit PIN, or your online banking password, secure key codes or one-time passcodes sent to your phone. Service providers don’t need your banking security information to operate their services.

If a service provider requests this – STOP. It's a scam.

Before signing up for Open Banking services, you should check the service provider is genuine – see the FCA register of authorised service providers. If you don’t know who you’re talking to, or there’s reason to suspect that the provider is not who they claim to be, don’t provide your personal or financial information.

When you sign up on a service provider’s app or website, they should automatically direct you to our online banking services or mobile app, where we’ll ask you to enter your login credentials and review the request.

We only allow you to sign up to Open Banking services through us with registered service providers. As long as you’re sure that you’re on our genuine website or mobile app, it’s safe to enter your login credentials.

If you notice a payment out of your account that you didn’t authorise, you should contact us as soon as possible on 03457 212 212 (call charges). Lines are open 24 hours a day, 7 days a week.

If you didn’t authorise the transaction, you can claim a refund even if you think a service provider was used to make the payment. Please contact us to claim a refund.

Keeping your money safe is one of our top priorities. You can read about the steps we take to keep you safe when you bank with us.

Service providers must comply with relevant data protection laws – GDPR (General Data Protection Regulation) and PSD2 (Payment Services Directive 2). If you think a service provider hasn’t complied, please contact us to let us know.

You can review and end your permissions at any time in the Open Banking dashboard of our online banking services and mobile app.

Help and support

Frequently asked questions (FAQs)

If you need help with Open Banking, these answers to frequently asked questions may help.

What permissions you need to give to a service provider, and when you need to give them, depends on the type of service you’re using. Whenever you need to give permission, the service provider will take you to our online banking services or mobile app to log in, review the request and then give permission.

For an AIS (Account Information Service), service providers should first help you understand the service and explain how they or anyone else will use your data. Then, you need to give permission for them to access your data, and give permission again each time you want to access sensitive data.

For a PIS (Payment Initiation Service), you need to give permission each time you want to make a payment. The service provider will only initiate the payment and will have limited access to your account.

For a CBPI (Card-Based Payment Instrument), you need to give permission once for the service provider to run funds checks on your account.

You can review and end your permissions at any time in the Open Banking connections dashboard of our online banking services and mobile app.

With your permission, service providers can provide Open Banking services through a mobile app or website. You can use them to do things like see all your account information in one place or pay for things online instead of using your debit or credit card.

These services are provided by companies you may recognise, such as high street banks, retailers and financial technology companies. Some companies have been providing these services for some time in the UK. You may see the services referred to as AIS (Account Information Services), PIS (Payment Initiation Services) or CBPI (Card-Based Payment Instruments).

If you have allowed third party provider (service providers) to make payments on your behalf and to access your financial data on your old account, there are a couple of things you’ll need to do to get this set up with us:

  1. Before you close your old account, check whether you have any service provider permissions set up and if so, who with. Your old bank may be able to provide you with a list of the service providers you had permitted to access your old account.
  2. Set up permissions for these service providers to access your account data on your new account once it’s open. You’ll need to set this up directly with the service providers.

If you had any standing orders set up on your old account via a service provider, we’ll make sure any of these payments which are due after the switch date will still be made. If we cannot match the payment frequency of an existing standing order, we’ll contact you to discuss your options.

Definitions

Here are some definitions to help you understand common terms relating to Open Banking.

An AIS (account information service) allows you to use your bank account information in ways that you may find more helpful. For example, you may be able to see information about all your accounts in one place, or get personalised tips on what do with your money or accounts.

To use an AIS, you’ll need to give permission for the service provider to access your account information.

A CBPI (card-based payment instrument) allows you to set up a card or e-wallet which is linked to your payment account. Each time you want to use a card or e-wallet, they’ll check whether you have the specific transaction amount in your account. This is called a funds check, and won’t affect your account balance.

To use a CBPI, you’ll need to give permission to the service provider to run funds checks on your account.

The FCA (Financial Conduct Authority) sets rules on how financial companies need to act, and how to be fair to consumers. It’s also in charge of verifying that financial companies are genuine and following their rules.

A PIS (payment initiation service) allows you to quickly make payments from your accounts, without needing to enter the recipient’s payment details.

To use a PIS, you’ll need to give permission each time you want to make a payment.

Service providers – also called TPPs (third party providers) – are companies that offer Open Banking services to consumers. Services they might offer include:

  • Linking your payment account to a service so you can transfer money easily
  • Offering you an overview of several of your payment accounts in one place
  • Offering you advice on what to do with your payment accounts.

Make a complaint about a service provider

If you have a complaint about the service provided to you by a service provider, please contact them directly.

Contact us about something else

You can contact us to let us know if:

  • You've noticed a payment on your account which you didn't authorise
  • You've given your account information to someone posing as a service provider
  • You think a service provider has breached the Data Protection Act.

Let us know if something's not right

Developers

You can read about our range of APIs, how to onboard with us as a TPP and how to start developing and testing on our Developer Portal.

Visit our Open Banking Developer Portal

Not found what you're looking for?

Contact our support team