Francesco Simoneschi, CEO and Co-founder of financial API provider TrueLayer, discusses whether security concerns surrounding Open Banking are justified.
Since Open Banking came into force in mid-January, plenty has been written in the media about security and the risk of hacking. The vast majority of these stories are inaccurate and built on a misunderstanding of how Open Banking works.
It is only natural in the current climate of data breaches for there to be some reticence about the prospect of sharing data with ‘third-parties’. This fear can seem well founded when the data in question is highly sensitive financial information. However, the reality is that for a company, app or service to use personal financial data through Open Banking, it needs to pass rigorous security and compliance procedures, including regulatory licensing. The entire licensing process is overseen by the FCA and results in companies having a level of security akin to banks and other financial institutions. Only a handful of licenses have been granted so far because of the complexity of the process and the high level of security required.
Consumers also need to explicitly provide permission to a third party for that company to access data. This is not a free-for-all of companies tricking people into handing over their most sensitive information. Access is granted through an Application Programming Interface (“API”) that is made available in conjunction with the banks, and is compliant with EU and UK regulatory and technical standards.
In short, Open Banking has been designed to prevent fraudulent companies springing up and putting consumers in a position where they can request and receive access to financial information. In most instances, third parties that use Open Banking data will not be able to access the data directly – they will merely be a conduit through which it is analysed and displayed to the customer.
It is also worth noting that Open Banking is not based on blanket use of personal data. Access to data is both time-limited and limited to the minimum amount of information required to service the user.
Speculation about widespread hacking and data breaches is also obscuring the fact that Open Banking presents a huge opportunity to consumers and businesses. It will open the door to a range of great new financial technology, will make financial services more competitive and, ultimately, reduce prices. Open Banking has been designed specifically to give consumers more freedom and choice, and prevent cartel behaviour by financial institutions. Although we are just at the beginning of the journey, the destination will be a boom in a choice of services and products, improvements to customer service, more much needed competition and a reduction in prices. Associated with that will be high growth in the fintech sector, new challenger banks and a need for existing financial institutions to raise their game.
Businesses and consumers will soon gain access to services that will make their life a lot easier. On a basic level, this could include services to vastly increase access to credit – going far beyond what is currently available today. Price comparison sites will soon become the norm – doing for financial products what has already happened for hotels and flights. More complex finance management tools will be built. Undoubtedly, by creating new opportunities for direct bank payments, competition and consumer choice will increase, especially in the credit card market. The list goes on and on and will include game-changing technology that completely changes how we all deal and think about money.
Open Banking is a wide-ranging liberalisation of the financial system, which, in my opinion will have profound implications. As with any technological revolution, it is only natural that there is a degree of uncertainty. However, as consumers begin to see the benefits in their daily lives and the security apparatus built around Open Banking does its job, fear of hacking or fraud will soon dissipate.