Bank Feed security

Question

I understand using bank feeds that are direct between Sage and the bank are secure. My belief is that the portal that opens in Sage is actually created by the Bank and so all personal security data is only seen by the bank who then gives access to retrieving data to Sage. Is this correct and if it is variable how can I know if this is the case or not? 
 As some of my bank feeds may be set up through one of the third party companies, how is my sign in information held and protected? Also in the case that there is a loss of my secure sign in data with subsequent losses, where does the responsibility lie, as I would not want to be the one in the middle trying to sort out the issues as to who is responsible etc. 
 Having recently looked into some cryptography write ups, I believe that the banks have a method of encrypting and having transferred personal secure data that is only viewable by them. Is this in place for bank feed secure data in Sage, whether direct or via 3rd party? 
 Finally, I assumed that open banking is a direct connection between the bank and the FCA approved other (which I assume Sage is) so will the 3rd parties be removed over the upcoming months or will they always be used. 
 Thanks

DJ Byrne · Answer

Hi David, 
 Apologies for the delay in responding. Here is the answer I have received from our banking team: 
 At Sage we have two different methods to communicate with banks. 
 The first is called "direct", this is based on an offline authorisation process with the bank, and the bank securely sending transactions to Sage. 
 The second method, called "indirect", is based on using online feeds. These are managed by connections through third parties and are protected by the latest banking and payments directive regulations called PSD2 and the UKI equivalent, Open Banking where third parties process your data under these strict regulations, and while this directive is fully implemented on all the actors of these connections, they can still offer you a fallback to a previous pre-PSD2 mechanism to connect to your online transactions. 
 These mechanisms have been reviewed and approved by the FCA. 
 If you are interested in knowing more about how we protect your data rights and obligations, please visit our terms and conditions for our Bank Feeds Service, which may answer many of your concerns: 
 Sage Bank Feeds Service Terms 
 Further information: 
 PSD2 - Payment services (PSD 2) - Directive (EU) 2015/2366 Open Banking - What is Open Banking? 
 If this has answered your question please click More > Verify Answer. 
 Thank you,

Sage Accounting UKI

Bank Feed security

COMMUNITY

COMPANY

PARTNERS

SUPPORT & TRAINING