To Succeed, Open Banking Must First Allay Privacy Concerns
by VPNHaus | 03/13/2018
The banking industry in the UK and the rest of Europe is undergoing a quiet revolution.
Under new rules, EU banks must share the data of consenting customers with third parties. Designed to increase competition and innovation in the financial services sector, the measures have been met with unease in some quarters.
The chief concern is that start-ups and disruptors will enter the market with systems that put customer convenience ahead of security. Banks hold a lot of personal data.
Some industry commentators fear that sharing this data with third parties will increase the risk of privacy breaches.
One way to reassure consumers that the privacy of their data is beyond compromise is for the financial sector to universally adopt encryption/authentication technologies like virtual private networks (VPNs) for data communications.
In January 2018, British retail banks were legally required to start sharing the data of consenting customers with third party providers in a standard format. Known as Open Banking, the initiative aims to give a welcome boost to the financial services market following years of complacency and relatively poor consumer value.
Britain’s banking changes are part of wider EU banking reforms embodied in the second Payment Services Directive (PSD2). In principle, Open Banking is as secure as online banking.
To be industry compliant, the banking APIs that enable data sharing must have strong customer authentication. In addition, new entrants to the industry must first be approved by the Financial Services Authority (FSA) before they can start to offer services.
Mixed Consumer Response
These are early days and the banks still have much to do in terms of boosting consumer awareness and standardizing their systems.
According to the Emerging Payments Association, 34% of consumers are unwilling to let financial institutions share their account data with other providers. Yet, 35% would be all right with it if they could be certain the data would always be secure.
In a UK survey by MuleSoft, this proportion rises to 48% if sharing transaction data with third parties means they receive a more personalised service. A third of respondents would even welcome tech giants like Google, Apple and Facebook if they started to offer personalized financial services. Among millennials the figure rises further to 50%.
However, it may take more than this before most consumers are satisfied the privacy of their financial data is guaranteed. Many banks missed the January deadline and have cobbled together screen-scraping alternatives to APIs as an interim alternative.
The problem with such alternatives is that they need a login and password before data can be shared with a third party. This is a weakness hackers will inevitably seek to exploit.
Financial institutions already have a job on their hands convincing consumers of the benefits of a more open way of banking. A data breach is the last thing they need.
VPNs for Financial Services
VPNs are pivotal to making financial networks safe for e-Banking. The success or failure of Open Banking as an experiment will ultimately depend on the financial sector universally adopting industry standard encryption/authentication solutions to keep customer data communications private.
VPNs need to be flexible, work with multiple VPN protocols and capable of scaling up to serve an ever changing and expanding population of users with ease.
With VPN security, financial organizations can quickly define which applications and resources are available to their customers. Services such as loan syndication, up-to-the-minute account updates and stock portfolio reports can be implemented seamlessly and securely over the public Internet.
In summary, financial institutions require professional-quality VPNs that are highly secure, easy-to-manage, flexible and affordable to make Open Banking work.
Additionally, they must be able to multiple protocols, operating systems and future market changes.
VPNs that meet all these criteria are a fit for the Open Banking revolution where banks, brokers, lenders and credit card agencies provide financial services remotely and in total privacy to customers all over the world.