x Want to participate? Join the group to interact
  • State Suggested Answer
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 1475 views
  • Users 0 members are here
Browse Forums
Announcements
73
topics
0
replies
Making Tax Digital
37
topics
47
replies
Sage Accounting General Discussion
1k
topics
1k
replies
Sage Accounting Start General Discussion
168
topics
280
replies
Sage Individual General Discussion
19
topics
34
replies
David07

Bank Feed security

SUGGESTED
Posted By

I understand using bank feeds that are direct between Sage and the bank are secure. My belief is that the portal that opens in Sage is actually created by the Bank and so all personal security data is only seen by the bank who then gives access to retrieving data to Sage. Is this correct and if it is variable how can I know if this is the case or not?

As some of my bank feeds may be set up through one of the third party companies, how is my sign in information held and protected? Also in the case that there is a loss of my secure sign in data with subsequent losses, where does the responsibility lie, as I would not want to be the one in the middle trying to sort out the issues as to who is responsible etc.

Having recently looked into some cryptography write ups, I believe that the banks have a method of encrypting and having transferred personal secure data that is only viewable by them. Is this in place for bank feed secure data in Sage, whether direct or via 3rd party?

Finally, I assumed that open banking is a direct connection between the bank and the FCA approved other (which I assume Sage is) so will the 3rd parties be removed over the upcoming months or will they always be used.

Thanks

  • 0

    Hi David,

    Thank you for your query. As your questions are quite detailed and complex, I have escalated this onto the appropriate team so that we can get the answers for you.

    As soon as I hear back, I will let you know.

    Thank you,

  • 0 in reply to DJ Byrne
    SUGGESTED

    Hi David,

    Apologies for the delay in responding. Here is the answer I have received from our banking team:

    At Sage we have two different methods to communicate with banks.

    The first is called "direct", this is based on an offline authorisation process with the bank, and the bank securely sending transactions to Sage.

    The second method, called "indirect", is based on using online feeds. These are managed by connections through third parties and are protected by the latest banking and payments directive regulations called PSD2 and the UKI equivalent, Open Banking where third parties process your data under these strict regulations, and while this directive is fully implemented on all the actors of these connections, they can still offer you a fallback to a previous pre-PSD2 mechanism to connect to your online transactions.

    These mechanisms have been reviewed and approved by the FCA.

    If you are interested in knowing more about how we protect your data rights and obligations, please visit our terms and conditions for our Bank Feeds Service, which may answer many of your concerns:

    Sage Bank Feeds Service Terms

    Further information:


    PSD2 - Payment services (PSD 2) - Directive (EU) 2015/2366
    Open Banking - What is Open Banking?

    If this has answered your question please click More > Verify Answer.

    Thank you,

  • 0 in reply to DJ Byrne

    That is useful, thank you. I could not find in the documentation anything that says if the third party has access to the sign in details or if that is held encrypted and only seen by the bank itself. if the former then i wonder if it trip up over the bank's statement that if i share the sign in information with a 3rd party i may be liable for any loss of funds.

  • 0 in reply to David07

    Hi David,

    Please see our Terms & Conditions for this.

    Thank you,

*Community Hub is the new name for Sage City