By Rolands Mesters, CEO and co-founder of Nordigen
With the infamous data breaches, such as that of Facebook as well as the association with the word “open” to be “open for all,” it is no wonder that people wrongly believe open banking is not safe and secure.
Add in the subconscious connection with terms like “open source code,” which refers to code that is designed to be publicly accessible and “open data” which is exploitable, shareable and customisable, and it is unsurprising that similar assumptions will arise when it comes to open banking. This causes an unfortunate linguistic misunderstanding and creates a perspective on open banking that is far from the truth.
Not all “open” things are meant to be freely available for viewing and editing with everyone. Open banking is one such example. While financial data is shareable with third-party service providers through explicit consent, it is not accessible to anyone outside of the agreed parties.
Open banking was introduced four years ago and since then the practice has seen growth in adoption among consumers globally, with over 5 million users in the UK alone. Despite this, the Censuswide survey commissioned by Mambu found that 48% of 2,000 consumers interviewed were scared to use open banking and 53% believed that open banking is a dangerous use of data sharing. A recent Mastercard study also supported the notion, revealing consumers’ distrust towards open banking.
It is evident that the reason these fears exist has more to do with a lack of understanding on the subject, rather than with the security of open banking.
The apparent discord
The survey by Mambu found that 52% of consumers wanted more control over their finances. As of 2020 24.7 million people worldwide use open banking services, and this number is forecast to reach 132.2 million by 2024. This leads us to a disconnect between customers claiming they do not trust open banking while at the same time embracing services that use it. Therefore, the terminology could be the biggest issue when it comes to consumers’ distrust of something they already use.
The concept of sharing data can be daunting and with confidential financial information even more so. However, data sharing to innovate products and services has been around for quite some time and the consumers aren’t always even aware of it.
A study by pCloud found that 52% of all apps share their users’ data with third parties. The sharing takes place without notification on what it is for. Inversely, the introduction of open banking has highlighted these issues and enhanced the role of the consumer in the data sharing process by emphasizing that sharing data needs to be not merely a choice but an informed one.
Open doesn’t actually mean open
Misunderstandings stem from misinterpretation of information, or lack thereof. The open banking phenomenon does not mean “the financial data door is wide open for anyone to take what they want.” It is quite the contrary.
Open banking in Europe is governed by PSD2, also known as the Second Payment Services Directive, that aims to allow authorised third-party developers to connect bank accounts with a centralised platform to analyse and use data to provide personalised products and services. Under the directive none of this can happen without features like Strong Customer Authentication (SCA) and Consent Management.
Consented access gives control to the customers, meaning that no data can be accessed without their knowledge. SCA embraces a two-step authentication method to verify user identity without impeding user experience. Many banks have fraud detection mechanisms to identify fraudulent transactions.
Any third-party financial product and service provider is obligated to demonstrate necessary data security features to be able to exchange data with banks and the system behind it is far more complex than what the customer sees. Therefore, with consent, authentication, and regulations governing open banking, the practice makes customer data security stronger and not the other way around.
Open banking: Etymology
The term open banking can be connected to “open innovation,” a concept coined by Henry Chesbrough, a professor and faculty director at the Haas School of Business (UC Berkeley). The idea behind open innovation is that data should be shared and should not be “owned” by the corporate or organisational entity that holds it. Transformed into “open banking” by financial institutions that ran with it, the core idea remains the same, with the aim of promoting data sharing for the improvement of user experience and services.
Prior to “open banking,” the practice of gathering financial data in one place was more commonly referred to as “account aggregation”. Account aggregators allowed all financial data from different banks, investment, credit card and other accounts to be displayed and interacted with through one interface.
With open banking being a confusing concept to the uninitiated, alternative naming suggestions have been brought up within the industry. Mambu, for example, put forth “smart banking.” Personally, I prefer “programmable banking.” As the open banking industry is moving further towards payments, direct payments have been referred to as Bank Pay, Pay by Bank, or simply as account-to-account (A2A) payments.
Towards a new meaning
Misunderstanding and the lack of transparency with previous data sharing has led to an array of privacy concerns around open banking of data-conscious individuals. However, by addressing knowledge gaps to ease customers’ fears, emphasizing the actual security and safety of open banking, the financial industry can significantly increase the trustworthiness of open banking and encourage new and existing users.
It is not the fault of open banking that it was given a terrible name, however it is now the responsibility of banks and fintech companies to give “open” a new meaning.
Author: Rolands Mesters
#OpenBanking #Data #OpenData #PSD2 #OpenInnovation
About the author
Rolands Mesters is the CEO and co-founder of Nordigen, the only freemium open banking API that connects to more than 2,300 banks making it the largest network of bank connections in Europe. Rolands is a sales and growth hacker who is passionate about fintech and alternative lending. Nordigen began as a data analytics company that builds solutions for categorising and analysing bank account data. In December 2020, the company launched Europe’s first free open banking account data API. Rolands has been featured in the Forbes Latvia 30 Under 30 list as well as being featured in TechCrunch, Sifted, and the Financial Times. Rolands regularly shares fintech insights and analysis on open banking at top international fintech events, and is considered one of the foremost experts on open banking worldwide.