SECURITY

What is Open Banking?

Open Banking is a way of seeing all your accounts together in one place, wherever you bank.

It allows you to share information safely with third party apps and websites offering services such as:

private-account (1).png

Sharing your account information

invoice (1).png

Comparing prices to help you shop around

presentation (1).png

Budgeting tools

operation.png

Making payments

mobile-payment.png

Helping you to manage your money

salary.png

Setting up automated Variable Recurring Payments

How does Open Banking work in iPYGG App?

Use Open Banking

Open Banking works by enabling financial institutions to share account information through APIs (application programming interfaces). This means you can safely allow access to your data without needing to share your log-on details.

 

To access your account for information sharing, our app will ask you for your consent and you’ll be securely redirected to the accounts' authentication process. This will be similar to the way you log on to online banking. 

If you’re having trouble authenticating, make sure you follow the on-screen instructions on how to generate the security code.

Once authenticated, all the account information and transaction records will be shown in iPYGG app.

Customer Data

bank (1).png
data-classification.png

Open APIs

api.png
api_edited.png
api_edited.png

iPYGG App

user-profile.png
app-development (1).png
data-analytics.png

Sharing users' Online Banking details with authorised third parties

This is another way for third parties to access your accounts. We are using Plaid, Basip and Finverse, Fintech companies that deliver reliable and easy integration to thousands of financial institutions' APIs. Unlike with Open Banking, you may need to share your log-on details with the service provider to allow them to access your accounts.

They may access your accounts by logging on using your online banking security credentials. They’ll need to request this information from you each time, which they’ll share with us.

They’re only legally permitted to access screens and information for accounts that you’ve given consent to. If you’re concerned about the data you’ve shared and feel it may have been used incorrectly, get in touch with us!

plaid.png
finverse.png
basiq.png

Using Robotic Process Automation (RPA)

Our app is using web scraper as a tool to extract data from different financial institutions. The web scraper takes the collected information and exports the data into a spreadsheet for deeper analysis. Web scraping with Robotic Process Automation (RPA) utilizes bots to automate the process of web data extraction from these financial institutions and store it for use.

 

RPA delivers faster results by eliminating the need for performing repetitive tasks, like logging into applications and systems, moving files and folders, extracting, copying, and inserting data, filling in forms, and completing routine analyses and reports.

Safety and Security Initiatives

iPYGG bank security level.png

Bank Level Security Level - AES-256 Encyption

Our cyber-security is built on the standard bank-level encryption - 256-bit AES, or advanced encryption standard. This is the most professional-grade security systems that use a similar encryption standard to protect your data from being intercepted by third parties.

We use bank-level security to make sure that your sensitive personal and financial information is fully encrypted and securely stored.

Is iPYGG regulated by HKMA?

We are not regulated by HKMA as we are not one of the banks. Your credentials are encrypted the same as bank security level, and it is stored on AWS with its credentials manager. We are now in the process of applying ISO27001 to ensure security as well. All users' information is anonymous and there is no KYC requirement. 

Urban Skyline

Your security is our main priority

Your money security is our priority concern. Therefore, your wealth is unmovable in the app. We are not able to access your bank account since users' credentials will only be stored in the users' devices.