The Capital One breach shows that we need new ways to share financial dataThe records of 100 million Capital One customers have been stolen, illustrating the dangers of centralised cloud computing platforms
While a story such as the Capital One breach is always likely to grab the headlines, this is an issue that has much wider implications for the rapidly growing global fintech sector.
In recent years, innovative fintech companies have been taking the speed and efficiency of mobile technologies and bringing it to finance. To take a basic example — the days of the bureau de change are now numbered: transferring funds from one currency to another can be achieved with a few swipes on a smartphone using a service like Revolut or Transferwise. Challenger banks are using apps to speed up financial transactions, while other fintech players promise to make applications for loans, insurance and other financial services faster than ever before.
Like many other industries affected by digitisation, all this convenience does come with some trade-offs. In particular, financial institutions have an increasingly shrinking physical presence on the high street. A 2018 report by Which found that banks in the UK close down about 60 branches a month and a similar trend can be observed in much of the developed world. As a result, consumers have less and less personal contact with the financial institutions which serve them.
Douglas Diamond pointed out in the 1980s that the fundamental role of a bank is to reduce information asymmetries between investors and borrowers. When assessing the risk of doing business with a client, banks often need to work with limited or incomplete information. One of the ways this problem was traditionally overcome was through ‘relationship banking’, which involved getting to know the client face-to-face, offering them as large a range of financial services as possible, and maintaining a relationship over the long term.
This is the reason why it was so common to have a meeting with your bank manager before taking out a big loan, and why banks offer financial consultation for free. It is also the reason why you may get preferential rates if you use multiple financial services from the same institution. This is not merely to engender customer loyalty, it is also to gain valuable information: if, for example, you have a current account, savings account, credit card and mortgage all at the same institution, that institution can much more accurately gauge how risky it would be to offer you credit.
Ensuring data security
This all begs the question: how can agile fintech newcomers, which are usually specialised in a specific market segment and have no physical branches, get access to the data they need to make informed decisions?
Here, artificial intelligence (AI) could potentially make an important contribution in determining the creditworthiness of clients based on data rather than personal interactions. For AI algorithms to work, however, they still require data. And in the fintech landscape of the near future, this data could be scattered across multiple sources.
Financial services businesses are unprepared for technology disruption
This poses two challenges. Firstly, in order for the fintech ecosystem to thrive, the same data would need to be accessible to firms potentially in competition with each other. This issue is being partially addressed by open banking legislation, such as the Revised Payment Services Directive (PSD2), which will come into force in the European Union in September 2019.
Secondly, if information needs to be accessible to multiple parties, ensuring data security becomes more problematic than before. Indeed, the Capital One breach underlines the weaknesses of relying on centralised cloud storage solutions. In addition to giving hackers a centralised target to aim at, it means that one bad actor with insider knowledge or access can potentially expose the records of millions of users (as appears to have happened in this case).
Digital Leader Summit 2019: the future of money in an ageing population
Ahead of his keynote at the Digital Leader Summit 2019, Information Age spoke with Gareth Johnson, head of digital channels at Brewin Dolphin, to discuss how digital channels are responding to customer engagement in an ageing population
In summary, we have a market that has many stakeholders, who need to share data in a secure way, and whose incentives are not always aligned. Anybody who is familiar with distributed ledger technology (DLT) will realise that this is a potentially ideal use case. For it to be a practical option, however, we need to have an underlying blockchain network that is fast, secure and scalable.
Once this has been accomplished, decentralised cloud storage networks could be used in the fintech sector, perhaps coupled with smart contracts to manage access to specific information securely. By combining DLT with open banking legislation in this way, we can create a fintech sector which fosters innovation and competition, while protecting user data.
Written by Darren Oliveiro-Priestnall, CEO at Atlas City