Hacker News new | past | comments | ask | show | jobs | submit login

Open Banking is a sham. It mandates account access for "AISPs" which need to be registered, audited, etc which is unfeasible for a solo developer especially when releasing a free/open-source product. Worse, it doesn't actually mandate your access to your own account, so that still depends on the bank. The modern banks provided APIs even before open banking so we're good, but the legacy ones still don't provide personal APIs.

It's not ideal, but I wouldn't call it a sham. Vulnerable users' banking details are highly targeted by fraudsters, and I can see the concern from lawmakers that making it mandatorily open to all via some oauth style flow (for ex) would limit the banks from controlling access to scammers.

The law doesn't restrict the banks giving access to non-AISPs and, like you say, many of the modern banks do have personal API access, it just sets a minimum bar you have to reach before they're forced to let you in. It seems like a pragmatic middle ground.

What is bad, in my eyes, is the law currently only applies to the CMA9.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact