You may have heard the term ‘Open Banking’ as part of payment industry changes. Although Tesco Bank is not currently supporting Open Banking, we will become a part of Open Banking later this year.
Here are the key things you need to know about Open Banking:
It can be used to allow authorised third party providers (TPPs) to access accounts that are available online or by mobile through other banks and building societies that are members of Open Banking. Opening Banking can be used with your payment account (such as your personal current account, credit card account and some savings accounts).
It is a Government initiative to improve competition in the UK by opening up the information that banks hold about their services and customers.
The use of Open Banking is always your choice. Authorised third party providers (TPPs) will only have access to your accounts if you have given them your explicit consent. You can revoke the consent to use these services at any time by contacting the TPP directly, or through your bank or building society, to let them know you no longer want the authorised TPP to have access to your information.
More information and details of the banks and building societies participating in Open Banking can be found on the Open Banking website.
On 13 January 2018, the Second Payment Services Directive (PSD2), came into effect. This is a piece of EU legislation with which all payment service providers (PSPs) within the European Union must comply.
For Tesco Bank, PSD2 applies to our Personal Current Accounts, Credit Cards, Internet Saver Accounts and Instant Access Savings Accounts. PSD2 provides a legal framework that aims to keep customers safe and secure and creates the opportunity for companies to offer new payment and/or account information (aggregator) services, which customers with a Tesco Bank online payment account can choose to use. Providers of these new services are called Authorised Third Party Providers (TPPs). Find out more about how to use TPPs securely.
On 14 September 2019, further security measures as part of PSD2 will come into effect, which will introduce higher security standards for online payments.
There are two types of authorised third party provider (TPP):
Account Information Service Providers (AISPs)– Also known as aggregators, these are companies that allow you to see a consolidated view of your different financial accounts (e.g. money management tools).
Payment Initiation Service Providers (PISPs) – Companies that can initiate payments from your online payment account on your behalf (e.g. an alternative to using your card to make a payment online).
These services may be offered by new apps, or even from larger financial service providers. In January 2018, these services became regulated by the Financial Conduct Authority (FCA). TPP services work by accessing your online banking using your Tesco Bank online banking security details, so you should always ensure that a company is authorised by the FCA, or another European regulator, to provide these services.
You should also do your own research to ensure you are comfortable that the TPP is legitimate.
The TPP should explain what services it is providing you and how it will use your data. You will need to give explicit consent for the TPP to act on your behalf as we’ll treat any instruction from it as an instruction from you.
Third party provider services are designed to help you with your finances, but before choosing to use them, make sure that you understand the service and that you are happy with who will be providing it to you.
Remember, if you share your online banking security details with a TPP:
TPPs will be able to see and access all the accounts that appear in your online banking; not just the ones for which you give consent to the TPP.
We will treat all instructions from the TPP as having been authorised by you, so inform us if you believe your details have been compromised and contact us immediately if you have any concerns.
Tesco Bank has no control over how your data is used by a TPP, which is why you must ensure you only ever deal with authorised TPPs.
TPPs have access to your accounts to act on your behalf. If you wish to stop using a TPP service, you will need to update your security details with us.
For further information on how to keep your accounts secure, visit tescobank.com/security
Nothing will change in the relationship you have with Tesco Bank. You will still be able to manage your accounts with us as you always have done. The new services offered by authorised third party providers (TPPs) are additional ways to view your accounts and make payments, but they have no impact on how you manage your account with Tesco Bank directly.
You may have seen a number of companies offering these new services, and you may wish to use them, but it is completely your choice whether you do so.
If you do choose to use these new services, you must ensure that the provider you use is authorised by the FCA , or another European regulator, to provide these services. You should also do your own research to ensure you are comfortable the TPP is legitimate.
More information on keeping your account secure can be found on our security pages.
You are in control - if you don't want to use third party providers, you don’t have to. If you don’t want TPPs to access your account, you don’t need to do anything. These services will be available to Tesco Bank Current Account, Credit Card, Instant Access Savings Accounts and Internet Saver customers, but it is your choice whether or not you use them.
If you do wish to use a TPP before 14 September 2019, you will have to share your online banking security details to allow them to access your account. Before you use a TPP you should check with them that they are authorised to undertake the services for you, that you trust them with your account, and you are clear what accounts they have access to and what they are using your data for.
Up until 14 September 2019, to use these new services you will have to share your Tesco Bank Online Banking Security details with an authorised third party provider.
Before you share your details, you should always ensure that the TPP is authorised by the FCA, or another European regulator, to provide these services and you should also do your own research to ensure you are comfortable that the TPP is legitimate.
This is because TPPs not authorised by the FCA, or fraudsters pretending to be an authorised TPP, may ask for your online banking credentials in order to gain access to your bank account.
After 14 September 2019, you will no longer need to share your online banking security details with authorised TPPs in order to use their services, as they will now ask for your consent to access your account details in another way.
For further information on how to keep your accounts secure, visit tescobank.com/security , or takefive-stopfraud.org.uk.