Is it safe to provide my account login details to a price comparison or financial aggregator site?
Screen-scraping financial aggregators require your login credentials, which carries real security risk. Regulated 'open banking' services use a safer, token-based approach instead. Understand the difference before sharing login details.
Last reviewed: 10 June 2026
Explanation
Financial aggregation services — tools that pull together your accounts, utilities, and subscriptions in one place — have historically used 'screen scraping': you provide your actual username and password, and the aggregator logs in to your accounts on your behalf to collect data.
Screen scraping is risky for several reasons: the third party now holds your credentials, if they are breached, your accounts are exposed; your bank's terms and conditions may consider sharing credentials a breach that affects your fraud protections; and you cannot see or control what else the third party does with that access.
Open banking, available in the UK, EU, and increasingly other markets, provides a regulated alternative: you authorise specific data access via your bank's official interface without sharing your password. The bank grants a time-limited, revocable token for specific purposes. This is demonstrably safer than credential sharing.
Before using any aggregation service, check whether it is regulated under open banking rules, what data it accesses and retains, how it is secured, and whether sharing your credentials affects your bank's fraud liability terms. Reputable, regulated services will be transparent about all of these.
Common red flags
- The service asks for your full bank login username and password rather than directing you to your bank's own authorisation page
- The service is not listed as regulated by the relevant financial authority
- Terms and conditions are unclear about data retention and sharing
- The service offers unusually broad functionality that requires access across many services simultaneously
What to do now
- Prefer open banking-authorised services over those requiring direct credential entry
- Check the service's regulatory status before providing any account access
- If you have already shared credentials with a service you now distrust, change your banking passwords immediately
- Review your bank's terms regarding third-party credential sharing and its effect on fraud protections
Frequently asked questions
What is open banking and is it safe?
Open banking is a regulated framework allowing you to share specific financial data with authorised third parties through a secure API. You authorise access through your bank's own interface without giving your password to the third party. It is generally much safer than credential sharing.
If I provide credentials and the aggregator is hacked, who is responsible?
Your bank's fraud liability terms may exclude claims arising from sharing your credentials with third parties. This means the financial and legal exposure from a breach of an aggregator's credential store could fall on you rather than the bank.