Budgeting apps share your financial data, but how safe are they?

Ajay Unni, cyber expert and founder of StickmanCyber, says when downloading an app users should read the terms of agreement and understand how the data will be used. He says that a marker of good security is if the app is compliant with ISO 27001 – a widely recognized international standard that dictates how digital information should be secured.


It is a good idea to also Google the app to see if it has been red-flagged by any users on online forums, he says.

Christoph Hebeisen, director of Lookout, says users of budgeting apps can reduce the risk by using a well-known and well-reviewed app that has had many downloads.

The business behind the budgeting app Frollo, as well as accredited with ISO 27001 is also accredited with Consumer Data Right (CDR) scheme, of which open banking is a part. Its accreditation with CDR means your financial information to be accessed easily and quickly by the app. WeMoney is also CDR certified.

It is a federal government initiative designed to foster competition by making it easier for consumers to shift financial products between banks, without having to fill out bundles of paperwork.


You give consent to an accredited third party, such as a budgeting app, to access your accounts. The user can choose which accounts are shared and for how long the data is to be stored before it is deleted.

Those who are accredited with CDR must meet certain privacy and information security standards and have cyber insurance against losses due to a cyberattack, as the bank providing your data will not be liable.

The big banks, though slow to get off the mark, are also enhancing their apps with more budgeting tools. Westpac bought budgeting app MoneyBrillant last year and has incorporated it into its own app to allow Westpac customers to track their spending and monitor monthly income and expenses.

Westpac plans to introduce features that will allow its customers to view accounts held with other banks through its app. Commonwealth Bank also intends to allow its customers to view account balances from other financial institutions through its app.

As well as tips specific to apps, there are those that apply whenever accessing or sending sensitive data.

Lookout’s Hebeisen says users should always update their apps and keep their device’s operating system up-to-date. He recommends you enable two-factor authentication, whether it is with SMS or an authenticator app, to protect your accounts.

StickmanCyber’s Unni says to try and avoid accessing your fintech applications, or any sensitive data, via public Wi-Fi, as it can be easily compromised.

Those who want to reduce the risk to zero could go old school instead and use pen and paper to create a budget, which has been shown to provide better retention of information than using spreadsheets or an app.

  • Advice given in this article is general in nature and is not intended to influence readers’ decisions about investing or financial products. They should always seek their own professional advice that takes into account their own personal circumstances before making any financial decisions.

Leave a Comment

Your email address will not be published. Required fields are marked *