Open banking is a system that lets you share your bank account data with apps and companies you choose, securely and with your permission, through software connections called APIs. That's the answer to "what is open banking" in one breath: your financial data, unlocked from your bank and put to work wherever you decide it should go.
You've probably used open banking without knowing it. If you've ever connected your checking account to Venmo, set up a budgeting app that reads your transactions, or applied for a loan and verified your income by logging into your bank instead of uploading pay stubs, you've been on the receiving end. According to Plaid, the largest US data aggregator, more than 7,000 apps and services connect to over 12,000 financial institutions through its network alone.
This guide explains how those connections actually work, what they power, how the US approach differs from the UK and Europe, and where American open banking stands in mid-2026, which is a genuinely messy moment. If you're mainly worried about whether connecting your account is a good idea, we also have a dedicated guide on whether it's safe to link your bank account to apps.
Key takeaways
- Open banking lets consumers share bank data with third-party apps through secure APIs, replacing the older practice of handing apps your actual bank password.
- It powers budgeting apps, "pay by bank" payments, and faster loan verification. Juniper Research projects $1.4 trillion in consumer account-to-account transactions in 2026.
- The UK and EU mandated open banking by law (PSD2, 2018). The US grew a market-driven version first, with more than 130 million consumer accounts now connected via the FDX API standard.
- The US federal rule (CFPB Section 1033) was finalized in October 2024 but is currently blocked by a court injunction and being rewritten, so states like New York are drafting their own rules.
- The main risks are data overcollection and weak apps, not the API technology itself, and you can revoke an app's access at any time.
What is open banking? The plain-English definition
Strip away the jargon and open banking is three ideas stacked together. First, the data in your bank account (balances, transactions, account numbers) belongs to you, not just your bank. Second, you should be able to share that data with any company you trust, whether that's a budgeting app, a lender, or a payment service. Third, that sharing should happen through secure, standardized connections rather than workarounds.
The "open" part doesn't mean your data is open to anyone. It means the bank's systems are open to connections you authorize. Nothing moves without your explicit permission, and in a well-built system you can see and cancel every connection you've granted.
As Plaid's own explainer puts it, banks build dedicated endpoints so third-party applications can access consumer-permissioned data in encrypted form. The bank stays the vault. Open banking just adds a doorbell that you, and only you, can answer.
How open banking works, step by step
Say you download a budgeting app and tap "Connect your bank." Here's what happens behind that button.
The four players
Every open banking connection involves four parties. There's you, the consumer who owns the data. There's your bank or credit union, which holds it. There's the app you want to use. And in the US, there's usually a fourth party in the middle: a data aggregator such as Plaid, MX, Finicity (owned by Mastercard), or Akoya.
Aggregators exist because the US has thousands of banks, and no app developer wants to build thousands of separate integrations. The aggregator maintains one bridge to each institution, and apps plug into the aggregator. Connect your account to a fintech app and odds are one of these four companies handled the handshake.
APIs versus screen scraping
The modern connection method is a tokenized API. You're redirected to your bank's own login page, you approve the request there, and the bank hands the aggregator a limited-permission token. The app never sees your password, and the token can be revoked without changing anything else.
The legacy method, screen scraping, worked differently: you gave the app your actual username and password, and its software logged in as you and copied what was on the screen. It's less secure and less reliable, and the industry has spent years phasing it out. The Financial Data Exchange (FDX), the nonprofit that maintains the leading US data-sharing standard, reports that more than 130 million consumer accounts had moved to its tokenized API specification by early 2026. We break down the security differences in detail in our guide to linking bank accounts to apps safely.
What open banking actually powers
Open banking is plumbing. You notice it the way you notice water pressure: through the things it enables.
Budgeting and money management
Apps that pull your transactions from every account into one view are the classic use case. Consider Dev, a 29-year-old teacher juggling a checking account, two credit cards, and a high-yield savings account at a neobank. His budgeting app, connected through an aggregator, flagged $63 a month in subscriptions he'd forgotten about, including a streaming service he hadn't opened since 2024. Ten minutes of cancellations later, he was saving $756 a year. That whole-picture view only works because open banking lets one app read data from four institutions.
Pay by bank and account-to-account payments
Open banking also moves money, not just data. "Pay by bank" lets you pay a merchant straight from your checking account, skipping card networks and their fees. It's still early in the US, but growing fast: payment provider Aeropay reported that its active pay-by-bank merchants grew more than 40% in 2025 while transaction volume nearly doubled. Globally, Juniper Research expects $1.4 trillion in consumer account-to-account transactions during 2026. If you want the broader context on how money moves digitally, see our explainer on how mobile payments work.
Faster lending and verification
Lenders increasingly verify income and assets by reading bank data directly instead of collecting PDFs. Consider Maya, a freelance designer applying for an auto loan. Instead of assembling three months of statements and two years of tax returns, she authorized the lender to check her accounts through an aggregator. Verification that used to take days finished in about two minutes, and the lender saw her real cash flow rather than a stale credit-file snapshot. The same rails power cash-flow underwriting in peer-to-peer lending and other credit models that look beyond traditional scores.
Open banking in the US vs the UK and EU
Different countries got to open banking by very different roads, and the difference matters for what protections you have.
| United States | United Kingdom | European Union | |
|---|---|---|---|
| Driver | Market-led; federal rule (Section 1033) finalized 2024 but currently blocked and under rewrite | Regulator-mandated (CMA Order + PSD2), live since 2018 | Law-mandated (PSD2, 2018), with PSD3 reforms in progress |
| Technical standard | FDX API (industry standard; 130M+ connected accounts) | Single Open Banking Standard for the nine largest banks | Fragmented; Berlin Group NextGenPSD2 most common |
| Middlemen | Aggregators central (Plaid, MX, Finicity, Akoya) | Licensed third-party providers connect directly | Licensed third-party providers connect directly |
| Adoption snapshot | Most fintech app users touch it indirectly | 15.16 million users by July 2025, nearly 1 in 3 adults | Wide API coverage, uneven consumer usage by country |
The short version: the UK and EU wrote the law first and the market followed. The US built the market first, through aggregators and private agreements, and is still fighting about the law. That's why an American can use dozens of connected apps yet have no single federal rule guaranteeing data access rights today.
The benefits, and the honest risks
Open banking's upside is real, but so are the tradeoffs. Here's the balanced view.
What you gain:
- One view of your money. Apps can aggregate every account, which is the foundation of modern budgeting and embedded finance features inside non-bank apps.
- Cheaper, faster payments. Account-to-account payments cut out card fees, savings merchants can pass along.
- Fairer credit decisions. Cash-flow data can help people with thin credit files qualify for loans.
- Competition. When switching and comparing get easier, banks have to earn your business.
What to watch:
- Data concentration. Aggregators hold connection data for millions of people, making them high-value targets.
- Overcollection. Some apps request more data, for longer, than their features need.
- Weak links. The API is only as safe as the app on the other end. A sloppy fintech can leak what a careful bank protected.
- Regulatory limbo. With the federal rule stalled, your rights currently depend on private agreements between banks and aggregators rather than on law.
Where the US stands in mid-2026
The legal picture is the strangest part of the story. In October 2024 the CFPB finalized its Personal Financial Data Rights rule under Section 1033 of the Dodd-Frank Act, which would have required banks to share data with authorized third parties, free of charge, starting with the largest institutions on April 1, 2026.
That deadline came and went without effect. Bank groups sued, a federal court in Kentucky blocked enforcement in October 2025, and the CFPB itself announced it would rewrite the rule, reopening questions about fees, data privacy, security, and who can act on a consumer's behalf. Meanwhile, states including New York began drafting their own data-sharing laws in 2026 to fill the gap. The full saga, and what each outcome would mean for you, is covered in our companion piece on the Section 1033 open banking rule.
Here's the practical point: open banking in the US keeps working during the fight, because it never depended on the rule. The connections run on private contracts and the FDX standard. What's at stake is whether your access to your own data becomes a legal right or stays a revocable courtesy.
The bottom line
So, what is open banking? It's the consent-based plumbing that lets your financial data and payments flow to the apps you choose, with tokenized APIs replacing the old password-sharing hacks. It already powers your budgeting app, your loan verification, and a growing share of payments, and adoption keeps climbing on both sides of the Atlantic.
The technology question is largely settled. The open questions in 2026 are legal and political: whether the US will guarantee data rights in a rewritten federal rule, leave them to state law, or keep relying on industry agreements. Watch the CFPB's rewrite and the state bills, because they'll decide how much control you ultimately have.
In the meantime, use the system wisely: connect apps that earn your trust, grant the minimum access needed, and prune connections you no longer use. Our guide to safely linking your bank account to apps walks through exactly how, and our overview of how digital wallets work covers the payment side of the same story.
Frequently Asked Questions
What is open banking in simple terms?
Open banking means you can tell your bank to share your account data with an app or company you choose, through a secure connection called an API. You approve each connection, the app gets only the data you permit, and you can cut off access whenever you want. It's how budgeting apps, payment apps, and online lenders see your accounts.
Is open banking safe?
The API technology is generally safer than the alternative it replaced, because you log in at your bank and the app never sees your password. The bigger risks come from the apps themselves: what they collect, how they store it, and whether they're breached. Vet apps before connecting and review your linked connections a couple of times a year.
Does the US have open banking?
Functionally yes, legally not quite. More than 130 million US accounts connect to apps through the FDX API standard via aggregators like Plaid and MX. But the federal rule that would make data access a guaranteed right, CFPB Section 1033, is blocked in court and being rewritten as of mid-2026, and some states are drafting their own laws.
What's the difference between open banking and screen scraping?
Screen scraping requires giving an app your real bank username and password so it can log in as you. Open banking APIs use tokens instead: you authenticate directly with your bank, and the app receives limited, revocable access to specific data. APIs are more secure, more reliable, and easier to shut off, which is why the industry is retiring scraping.
