If you have seen the latest banking news, you may have seen that the Competition and Markets Authority in the UK recently launched a consultation on the future of open banking to set out the principal features for open banking in its next phase of implementation. While it is important to keep the powerful forward momentum of open banking, it is not inevitable that it will continue on the same trajectory – a feat that could have major implications for tackling financial inclusion.
In the past, attempting to reduce the gap between the banked and unbanked was a much more difficult challenge. Countries had to find a way to build more bank branches in new locations and find staff to look after these centres. The digitalisation of banking has fundamentally changed this, reducing the demand for physical branches and giving financial institutions new, scalable tools that could help bring services to financially excluded citizens – a figure which, according to World Bank data, currently sits around 2.5 billion people across the world. Since its introduction three years ago, open baking has helped reduce this egregious disparity.
In addition, with the pandemic lockdowns forcing the closure of many in-person bank branches, being able to remotely access our banks digitally has never been more important to the seamless continuation of the industry.
The role of Open Banking
The adoption of the Payment Services Directive (PSD2) legislation in Europe in 2018 paved the way for big changes in banking with regards to the ownership of customer data. While previously all this personal and financial information was controlled by your bank, PSD2 required all banks in the EU to create application programming interfaces (APIs) – a technology infrastructure that provides a secure and effective way to expose this data – and then share them with officially approved third parties.
In essence, the idea behind open banking was to offer customers the chance to give their bank credentials to these brands, which then use the data to create better products or facilitate easier payments. In terms of financial inclusion, open banking also provides a wider range of financial services to a larger proportion of the global population at a lower cost.
Financial Inclusion and Open Banking in practice
Some banks and software companies have already begun to explore the new opportunities offered by open banking, although the extent to which they are focusing specifically on accessible banking varies.
In Europe, for example, Spain’s BBVA opened its APIs in 2013 with the goal to allows companies and businesses to better manage their operations. The company help their customers maximise the value of the information they extract from the 25-30 million transactions they handle each day. Then, if one of their small business customers wanted to set up a shop selling ice cream in Madrid, BBVA can use this data to show them where is the best spot to set up is based on previous sales and what time of day they are likely to have the most customers.
On the other side of the world in India, the fintech Teknospire is helping banks develop accessible banking and payment products for customers on low incomes. With an Open API design, the platform allows suppliers to have access to, and efficiently use, the suitable financial services they need to enhance their living. This includes things like easy access to a bank account via authorised third-party apps, increased financial literacy, and the ability to reach out to more urban clients without the need to leave home.
However, for continued growth in open banking across the world and for the technology realise its full potential, banks and other financial institutions will have to prove they can be trusted with user data.
Securing Open Banking
Nonetheless, for customers to want to use and take advantage of the benefits open banking can bring to them, it is essential that they trust the technology and that their data is safe, despite the fact it is being shared with third parties.
To try and reassure citizens on this point, EU regulators are insisting that strong two-factor authentication be enabled for all PSD2-related transactions. While, at present, the legislation hasn’t defined exactly what measures need to be in place to create strong authentication, there are a number of techniques that can be used to secure the data flows between all parties involved.
One such method is to use a number of risk management services in conjunction with one-another. These services analyse thousands of attributes from the user and the device, such as geo-location, device profiling, IP address, device assessment, and behavioural biometrics – all with the aim of flagging any suspicious transactions made by the end user. Where needed, this data can also be anonymised – giving customers further reassurance that in the event of a data breach an attacker would not be able to gain any personal information on them.
Not only do these solutions go way beyond the just implementing the two factors required legally but, crucially, they keep the authentication process seamless as they often go on in the background without the customer having to instigate or progress them.
As open banking continues to mature and to deliver results, it is important to keep the goal of financial inclusion in mind and assess the degree to which this is taking place. We should see open banking initiatives leading to an increase in commerce and broadening a population’s range of economic opportunities, if implemented in a safely and secure way. This revolves around getting the security and authentication behind the technology right.
Finally, getting this framework right for open banking could pave the way for greater uptake of open finance – the next stage in opening up a customers’ entire financial footprint (including mortgages, savings, pensions, insurance and consumer credit) to trusted third party APIs.
Learn how Thales can help enable open banking security for you here.