Connect with us
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Top Stories

Securing the Open Banking Ecosystem

Securing the Open Banking Ecosystem

Paul van der Lee, Director EMEA, Ping Identity

On the 13th January, Open Banking Ltd., also known as the Open Banking Implementation Entity, or OBIE, announced that the roll out of Open Banking across the UK had begun. Set to fundamentally transform the financial services landscape, Open Banking will allow consumers to give companies other than their bank or building society permission to securely access their accounts. They may, for example, choose to aggregate a view of all of their bank accounts through one provider or initiate a payment to an online retailer directly from their account as a bank transfer.

However, with changes occurring rapidly, there are two key factors that remain critical to success as the next-generation banking ecosystem continues to evolve:

Security at the heart of OBIE 

Since the start of online banking, it has been ingrained upon us to protect access to our bank accounts to prevent fraudulent activities from removing funds. Now with Open Banking, third party companies can be allowed access to view our financial transactions and remove funds. Naturally then, consumers are concerned about the security of third party access.

However, what consumers need to understand is that the concept of ‘privacy by default’ lies at the heart of this new era. OBIE, banks and technology companies are fully focused on ensuring that every customer can be explicit on what information is shared, with who, and that only trusted, pre-approved third parties are able to use this information. 

In addition to data privacy, the Open Banking Directory, at the heart of the whole ecosystem, is a marketplace of white-listed third party providers, who have all been through a robust enrollment process. Only once registered are they able to securely access customer data (with customer consent), and interact with the bank, to develop and deliver a set of personalised services. 

These interactions are also through standardised interfaces that have been designed by the OBIE with an exacting degree of security, usability and interoperability in mind. In fact, the regulatory specifications are based on established and mature industry standards like OAuth, with broad support from the financial and technical community in the UK. Even countries as far as Australia are now looking at the UK as the starting point for their own open banking endeavors, proving testament to the work, guideline and principles that the OBIE has put in place. 

The last layer of security and privacy that consumers should be aware of is Strong Customer Authentication (SCA) which is mandated to verify consumer consent from at least two of three factors that prove knowledge (e.g. password), ownership (e.g. mobile device) or inherence (e.g. fingerprint or facial recognition).

All those involved in delivering Open Banking are working to ensure that the process of allowing a third party to access a bank account is highly secure, while also being as frictionless as possible for the customer. Consumers should feel confident that third parties are not able to gain access or move money without their explicit consent, via methods that will include passcode, thumbprint, facial and other biometrics.

Consumers playing their part 

While significant changes have been made to develop the impressive, robust range of new security measures that make up the Open Banking ecosystem, consumers also play a fundamental role in how safe their data stays. In fact, it is critical they understand how to engage with third parties with the CMA 9 Banks now leading the charge. For the past decade it has been possible for consumers to share sensitive data with third parties via ‘screen-scrape’ technologies, meaning third parties have gained their log-in credentials.

Now consumers will be sharing information via standardised open banking APIs, which will be more secure. However, while consumers should have confidence when operating inside the Open Banking framework, they still need to be vigilant against phishing attacks and understand that fraudulent operators will always try and target consumer negligence. It’s important for consumers to remember that they don’t have to share their data if they don’t want to, and that permission can be withdrawn at any time.

Consumer adoption over time will act as the best form of education, and as integration through technology also continues we’ll see much smarter use of the products and services Open Banking has to offer. Just consider that applying for a mortgage with just two clicks, in a process that will be reduced to a few minutes from start to finish, will soon become second nature for consumers all as soon as these services become available.

Trust will follow when people see the proof in the pudding, but UK consumers should be confident that a lot of people have worked very hard with their best interests at heart from the start of this whole concept.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking and Finance Review, Alpha House, Greater London, SE1 1LB, You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post