Open Banking Vs Screen Scraping

When people compare open banking with screen scraping, the safest starting point is the sourced part: how Australia's Consumer Data Right works, and how the Australian Government describes screen scraping.

Under the Consumer Data Right, data is shared through a regulated, opt-in process. The official CDR site says the technology uses APIs, and that data is transferred electronically and automatically between providers.

The CDR consent process must explain what data is shared, how it will be used, who can access it, how long access lasts, and how consent can be managed or withdrawn.

What screen scraping is

The Australian Treasury, in its 2023 discussion paper on screen scraping, describes screen scraping as a practice in which consumers "hand over their credentials, like log in details and passwords, for a third party to access their account."

In 2022, the independent Statutory Review of the Consumer Data Right recommended that screen scraping be banned where CDR is a viable alternative.

What CDR changes

CDR is built around explicit consent, regulated participants, privacy safeguards, and API-based transfer. The OAIC says strict privacy protections and security requirements are built into the CDR system.

Under CDR, identity is verified by your existing provider via a one-time password, not by handing over your bank login. CDR also sits inside a 13-safeguard privacy regime regulated by the OAIC.

In Cove Money, CDR bank connections are handled through Fiskil. Cove Money does not receive or store bank login credentials. Authentication and consent are handled through the CDR flow made available by your bank, Fiskil, and the CDR framework.

What this article does not claim

This article does not claim that screen scraping is illegal in Australia. As of the article's last review, the Government had recommended and consulted on a ban where CDR is a viable alternative, but the legislative position can change. Always check the current Treasury position before relying on a "ban" as a fact.

Practical takeaway

Before connecting a finance app, ask how it accesses data, whether it uses the Consumer Data Right, what entity is accredited or operating as a CDR representative, what data is requested, how long consent lasts, and how you can withdraw access.

---

This article is general information only and does not constitute personal financial advice. Consider seeking advice from a licensed adviser before acting.