Open banking and the challenge of customer data privacyWhat are the privacy concerns surrounding open banking, and what can tech banks and FinTechs adopt to ensure customer data is secure?
In the digital age, customer identity has become the most precious value, and customers have an intrinsic trust that companies will protect their personal data. Customers are already demonstrating trust by giving companies their personal information, from names and addresses to bank and account details – but for the businesses involved, this can be both a blessing and a curse.
This data drives competitive new sales and service channels as well as an improved customer experience, and it can benefit both customer and company in equal measure. A company’s reputation, however, can be tarnished in one fell swoop with a loss of security and trust, which can damage a business irrevocably.
Open banking: the data revolution begins
With data security at the top of the global technology agenda, new EU guidelines on open banking are of real interest. The new rules require banks to share their customers’ financial information with other authorised providers, meaning banks can no longer prevent FinTechs from acting on behalf of account holders and using their data for this purpose – as long as they meet the requirements for strong customer authentication.
The efficiency with which financial services can be offered and processed is increased by the new ability to make already digitised information available to third parties with customer consent, but this revolution doesn’t come without several major challenges.
For customers, the benefits are manifest. Thanks to open banking, customers will have vastly improved access to their own data, making it easier to control their finances and manage multiple accounts across different providers. They will, however, also expect a new and improved customer journey – and rightly so.
This means that financial service providers, in particular more ‘traditional’ banking institutions, must soon offer their customers uncomplicated and smart digital and mobile services for easy financial management and payment transfers – all in an extremely secure environment. This is also important when we consider the infiltration of large tech companies into the financial sector. Internet giants from Amazon to Paypal are starting to offer more and more new and improved services to challenge traditional financial institutions once and for all.
Getting banks on board
It is necessary therefore for banks to reposition themselves. One way to comply with PSD2 is by being a ‘bank as a service’ – establishing a secure environment and providing strong customer authentication, authorisation and secure communication for customers, all within an entirely new playing field full of new competitors and ever-changing dynamics.
PSD2 also gives banks the opportunity to become a ‘bank as a platform’. By taking advantage of the trust that customers already have in them, banks can craft exciting new business models to strengthen customer loyalty and improve their own performance. Banks can then simultaneously position themselves more strongly than before in other open ecosystems, where they are able to offer their services and products. But banks must be particularly forward-looking as they build their own ecosystems: they could start partnerships with related companies in order to create a new digital environment, which offers different advantages to different parties, but they should also ensure that their business will be the main instrument of all digital identities in this ecosystem.
Loyalty and security – the key to change
Open banking is fundamentally changing security requirements, as strong customer authentication has become a requirement for electronic payment transactions. This has the sole purpose of greater customer security. Today’s banking systems still work on the basis of direct customer interaction, which means that banks themselves have all the necessary information to determine if a transaction is counterfeit or fradulent.
Above all, banks must create confidence. According to a Which? survey, 92% of the public don’t know what open banking is or how it could affect them. Moreover, over half (51%) of respondents said they would be unlikely to share their financial data, even if it led to products and services more suited to them. Security concerns and anxiety about hacks, identity theft and passing on data without consent are sure to be key reasons behind this.
As well as developing new financial services internally, banking institutions should be informing their customers about open banking and the benefits it will bring – notably providing a newly-secure environment and ensuring accountability and consumer protection against fraud. In order to take care of these privacy concerns and build a ‘core of trust’ in light of open banking, banks must take into account their levels of IT security.
Technology is the solution
The answer to the challenge is simple: an end-to-end security platform providing strong customer authentication and authorisation, using trusted identities for continuous, engaging and reliable communication between banks, third parties and their customers. It’s also important to employ public key infrastructure (PKI) solutions that utilise advanced screening, protection, prevention, detection and reporting mechanisms.
Security experts consider multiple levels of security, as ensuring a ‘core of trust’ must take a number of issues into account. These are wide-ranging, and include using trusted identities from users for strong customer authentication, secure application shielding, onboarding of existing and new customers, digital signatures, secure release processes, trusted communications, and collaborative environments.
At the heart of the open banking revolution is the need for greater security for customer data – to reassure their customers, banks must ensure trust above all else. To really compete with challengers and continue winning over customers new and old, newly redesigned business models are imperative to success.
Combining this with an existing basis of trust means banks can reposition themselves as institutions that put loyalty, new technology and security at their heart. Being ahead of the curve will be good for the future of traditional banks – but they must be sure to take their customers along for the ride.
Sourced by Ismet Koyun, founder and CEO of KOBIL Systems