By David Smith, Consultant at Cardzgroup,
The revised Payment Services Directive (PSD2) adopted in October 2015, by the European Union aims to promote the concept of open banking in the financial services industry. The underlying principle of open banking is to enable easy access to financial data for consumers. Thus open banking involves sharing of, what can be called open data between financial institutions through API’s (Application Programming Interface) and the use of open-source technology. From a consumer perspective, open banking is a secure way of giving providers access to your financial information. These providers will be regulated by global or regional regulatory bodies.
Open banking is expected to pave the path for new financial products and services that can be used online and/or on mobile. It is seen as a disruptive force in the financial services industry that will change the way we engage with banks and financial services providers. However, consumers reservations about data security appear to be the biggest challenge to the acceptance and adoption of open banking standards. While some consumers have not heard about the concept, there are others who are worried about the possibility of data being compromised by providers due to a data breach or possibility of data being sold to other companies. Historically, traditional banks have been known to keep their consumer data secure. But they will now be required to expose consumer data through API’s to third parties authorized by the consumer. As such it is crucial that every financial institution that is a part of the open banking network offers secure communication, identification, authentication and authorization of the consumers. Proactive cybersecurity needs to be implemented at ever layer of the network to ensure security of consumers data. From a providers perspective, this would involve
1.Implementing secure API’s using latest encryption technology, ensuring that they are tested and issues addressed to prevent potential attacks.
2.Implementing strong customer authentication (SCA) through multi-factor authentication
3.Compliance with GDPR and other regulations by gaining customer consent for sharing data, recording it for audit purposes and allowing customers to revoke consent at any time
4.Educating and empowering customers so that they can make informed decisions about what information they wish to share and the benefits and implications of sharing it.
5.Establishing secure communication channels with partners through authentication and only sharing the information that the customer has consented to.
6.Ensuring that partners have the required cybersecurity capabilities.
7.Ensuring that policy and procedure is in place to delete sensitive data when it is no longer required.
Open banking can offer multiple direct and indirect advantages to consumers as well as financial institutions and provides a stronger, robust and mutually beneficial financial ecosystem for everyone involved. Following are some of the multiple ways it can impact the different parties involved
1.Communication and collaboration between banks, fintech partners, regulators and government agencies, ensures development of strong guidelines, standards and best practices.
2.Sharing of common services like compliance and KYC, helps to free-up some of the resources required at each parties end
3.Openness ensures transparency for customers as well as service providers and results in an increase in trust among consumers and providers.
4.Improved AI capabilities due to greater data availability that can be used to further ensure security of data and transactions
5.Easy access to data can form the basis for new products, business models and revenue streams.
6.Improved end-user experience due to easy availability of a wide range of services to choose from and an all-in-one oversight of their finances.
7.Potential for tapping otherwise underserved markets increasing the inclusion and reach of financial services.
8.Ability to support comprehensive credit reporting where by lenders would be able to easily vet out consumers and apply dynamic risk based pricing.
Countries like UK and Australia already have a roadmap and a timeline for banks and financial institutions to start supporting open banking. Other countries are likely to follow suit. While open banking does offer many advantages, to consumers, financial institutions and FinTech companies, it is important to remember that data security should be a shared goal as well as responsibility. Financial service providers may ensure this by following necessary regulations. A consumer however, must perform the due diligence to safe guard his interest, read the fine print carefully and ensure that they know what it means when the click the “I Agree” button.