top of page

Security and Data at Thirdfort

We (Thirdfort) understand that sharing personal information using an app might seem scary. After all, we’re usually being told to do the exact opposite! But as we move to a digital world traditional methods of sharing information are outdated. We have provided the following information to give guidance and comfort as to how Thirdfort works.

What is digital identity verification?

Digital identity verification lets you confirm who you are and that your ID is authentic using technology. Businesses are increasingly moving processes online and digital identity verification is a natural progression, much like banks moving to ‘online banking’. Electronic identity checks are proven to be a safe way to verify your identity & you can use it from the comfort of your own home.

What happens to my data?

The Thirdfort app has been built with security at its core. Thirdfort only temporarily stores your data while we carry out your checks. Once completed, we pass your relevant data to Thurstan Hoskin Solicitors and permanently delete it from our database. Thurstan Hoskin Solicitors will handle your data in line with their Privacy Policy:

Do you (Thirdfort) store my data after I complete my checks?

Your data will be stored locally on your device. Thirdfort does not store your data and we cannot view it. All we keep is your mobile number as a unique identifier which allows you to access the app and reuse your locally stored data in the future. Alternatively, you can delete the Thirdfort app at any time and the local data will be deleted from your mobile. For further information, you can view our Privacy Policy at:

Is there help and support available?

Yes, you can read more FAQs and support articles via the support section of the Thirdfort app or on their online help portal:

Why does Thirdfort want to access my bank?

We need to know your bank details so we can let Thurstan Hoskin Solicitors know where to expect your transaction funds are coming from, it helps them to match funds to your matter quicker. It also enables them to return any residual funds to your nominated account after completion.


Additionally, whenever you transfer a large amount of money, law firms must make sure they investigate the origin of that money under UK Legislation. To do this, they will ask to see paper bank statements. Thirdfort can do this digitally using government backed Open Banking technology. You can read more about Open Banking below.


What is Open Banking?

Open Banking is the secure way to give regulated Third Party Providers secure access to your financial information. More detail is listed overleaf, or you can find out more at:


What is a Third Party Provider?

A Third Party Provider is a regulated organisation that can, with your consent, access your account information in order to help you manage it. Thirdfort is an authorised Third Party Provider and regulated by the Financial Conduct Authority.


Does Thirdfort see my login details?

No. With Open Banking, your login details are safe, as you don’t share them with us. The Thirdfort app will always direct you to your mobile banking app or your bank’s secure Open Banking website which allows you to enter your credentials without us seeing them.


Is my information safe?

Open Banking uses application programming interfaces (APIs) to allow the software at one company to access information from the software at another company.


Unlike screen scraping, which is dependent on you sharing your login details with an app, APIs allow users to regulate the data they share, with whom and for how long without ever sharing password information. This means you can control what information you share via Thirdfort and you can easily revoke access.


Only Third-Party Providers that are highly regulated are permitted access to Open Banking APIs. Thirdfort is regulated by the Financial Conduct Authority. As part of our registration, we are obliged to be careful with your data and be open and honest about how we use it. You can visit the FCA website ( to check that we are registered and authorised to carry out relevant activities.


What if Thirdfort gets hacked?

Thirdfort doesn’t store any of your banking credentials. This means that your bank account cannot be breached at any time, even if our servers get compromised.

FCA regulated

Thirdfort is registered with the Financial Conduct Authority and adheres to European data protection laws.

ICO Registered

We (Thirdfort) are registered with the Information Commissioner's Office under the Data Protection Act. Our registration number is A8225019.

Bank-Grade Encryption

Thirdfort uses state of the art security measures, including end-to-end 256-bit TLS encryption used by all major banks to encrypt your data.

Cyber Essentials.png

Cyber Essentials Plus

We (Thirdfort) are certified by the UK government cyber security accreditation scheme, Cyber Essentials Plus, who conduct an annual audit on our systems and processes.

GDPR Compliant

We comply with the Data Protection Act 2018 and protect your data under EU law.

Can't find what you're looking for?

If you're struggling to find the information you need, don't hesitate to contact us by the website chat or send us a message and we'll do our best to help

Can't find what you're looking for?

bottom of page