When you give consent, open banking allows a licensed third-party provider to see specific data from the accounts you authorise: typically your account holder name, account number and sort code, current balance, and transaction history (dates, amounts, descriptions, and counterparties). The exact data depends on the provider's permissions (AIS scope) and the regulation in your country.

Open banking cannot see accounts you have not consented to share, your online banking password or card PIN, or data from other financial products (e.g. pensions, insurance) unless the regulation explicitly covers them (as open finance frameworks may in the future). You can revoke consent at any time through your bank or the third-party app, and consent typically expires after 90 days under PSD2/UK Open Banking rules unless you re-authorise.

The Open Banking Tracker explains AIS (Account Information Services) data scope in more detail. For provider-level privacy and security information, see individual aggregator pages in the API aggregators directory.