Open banking in Australia explained — what it is, how it works, and why BetterSelf uses it
Open banking is the Australian government's way of letting you share your bank data with apps you trust — without ever giving them your password. Here's what that means, how it works, who regulates it, and exactly what BetterSelf does (and doesn't do) with the access.
The one-paragraph version
Open banking lets you ask your bank to share your transaction data with an accredited app, on your terms, for a set period, in a read-only way. You don't hand over login details. The bank itself authorises the access, and either of you can switch it off at any moment. It runs on the Consumer Data Right (CDR), a law passed in 2019, and it's overseen by the ACCC and the OAIC.
How CDR actually works
When you connect your bank to BetterSelf, here's the flow:
- You tap Connect bank, choose your bank, and BetterSelf hands you off to your bank's own consent page.
- Your bank — not us — asks you to log in and confirm which accounts you want to share, and for how long.
- Your bank issues a time-limited, read-only access token to Basiq (our accredited data recipient) and tells BetterSelf what you've agreed to.
- From then on, BetterSelf can read your transactions for the period you authorised — typically 12 months — and you can revoke that access from inside the app, or from your bank's dashboard, any time.
At no point does BetterSelf see your bank password. We never could, even if we wanted to. The protocol simply doesn't carry it.
Who regulates open banking in Australia?
Two main bodies:
- The ACCC — accredits and audits every Consumer Data Right participant. They publish a public register so you can verify any app you connect.
- The OAIC — enforces the privacy obligations attached to CDR data, including how it's stored, deleted and disclosed.
Banks themselves are obligated by law to participate — that's why the big four, plus most mid-tier banks and credit unions, are all on the CDR network. It's not opt-in for them.
Why read-only matters
Open banking access through CDR is one-way by design. Apps that connect via the CDR can only read your transaction data. They cannot:
- Move, transfer or withdraw money
- Make payments on your behalf
- Change any setting in your bank account
- Access anything outside the scope you authorised
This is fundamentally different from screen scraping (more on that below), and it's why every fintech app worth taking seriously has moved to CDR.
What BetterSelf does and doesn't do with the data
We are deliberately narrow about this. Here's the honest list:
What we do
- Read your transactions so we can identify and categorise gambling spend automatically
- Show you your own spending in a clear dashboard
- Apply your self-set weekly limits and surface the 48-hour cool-off when you change them
- Calculate Avoided Spend against your own pre-BetterSelf baseline
- Store your data encrypted at rest (AES-256) and in transit (TLS), with reputable cloud providers
What we don't do
- Move money. Ever. Open banking doesn't even allow it.
- Sell, rent or trade your data. Not to advertisers, not to anyone.
- Share your data with third parties beyond what's needed to deliver the service (e.g. Basiq as our CDR intermediary).
- Keep your data after you delete your account — deletion is immediate and final.
The detail lives in our Privacy Policy, and the granular product walkthrough is on our features page.
How to connect your bank to BetterSelf
- Open BetterSelf and tap Connect bank.
- Choose your bank from the list — 150+ Australian banks are supported via the CDR network.
- You'll be sent to your bank's own secure consent page. Log in there, choose the accounts you want to share, and approve.
- You'll bounce back to BetterSelf with your transactions already loading. No paperwork, no setup forms.
Whole process takes about 90 seconds. Want to disconnect later? Same place: Settings → Connections → Disconnect. Done.
Open banking vs screen scraping — the comparison that matters
Some older finance apps still use screen scraping: you give them your bank login, they log in as you, and they read what they see. It works, but it's less safe by every measure. Here's the gap:
| Feature | Open banking (CDR) | Screen scraping |
|---|---|---|
| Password sharing? | No — never required | Yes — you hand it over |
| Read-only by design? | Yes — protocol enforced | No — same access you have |
| Government regulated? | Yes — ACCC + OAIC | No — terms vary by app |
| Bank-issued consent? | Yes — at the bank | No — at the third-party app |
| Revoke from bank's dashboard? | Yes — instantly | Usually no |
| Time-limited access? | Yes — typically 12 months | Indefinite unless you change passwords |
| Voids your bank's fraud protection? | No | Often yes — sharing passwords usually breaches T&Cs |
If an app asks for your bank password directly rather than redirecting you to your bank, walk away. In 2026 there's no good reason for it.
Frequently asked
Is open banking safe?
It's the safest way to share bank data with apps. You don't hand over your password, your bank does the authentication, the access is read-only, and the data is regulated under federal privacy law. Compared to screen scraping, it's a different category of safety.
Will my bank account get blocked or affected?
No. Open banking is a separate data pathway — it doesn't touch your account balance, settings, or fraud protections. Your bank stays your bank.
How do I revoke access?
Two ways. From inside BetterSelf: Settings → Connections → Disconnect. Or from your bank's online banking under Data sharing — every CDR-accredited bank is required to give you that control. Either route, access stops immediately.
Why does BetterSelf use Basiq?
Basiq is an ACCC-accredited Consumer Data Right intermediary. They handle the CDR connection to your bank on our behalf. That accreditation involves audits, security obligations and ongoing reporting that we, as a smaller team, would take years to replicate — and they do it better. The CDR framework is designed for this kind of partnership.
Is my data stored in Australia?
Your data is stored with reputable cloud providers, encrypted at rest with AES-256 and in transit with TLS. We're not selling, renting or sharing it. Our Privacy Policy has the full detail on where it lives and how long it stays.
BetterSelf uses open banking to give Australians an honest view of their gambling spending — and the tools to slow it down when they want to. Get on the waitlist and you'll be among the first to use it.
Join the waitlist