radial gradient

< Back to Blog

Secure Data Access is the Key to an Open Finance Ecosystem

July 20, 2022 | 0 min read


Financial institutions and fintechs are looking to Open Banking, and more broadly — Open Finance, to drive new value for both consumers and businesses. A new report from Aite-Novarica group, Open Banking, Open Finance, Open Economy: The New Identity of Finance, dives deep into the regulations, use cases, and challenges of an open ecosystem. 

While Open Banking is focused on sharing banking data, Open Finance extends the scope to all financial data. And, according to Aite-Novarica, an Open Economy is the end state where all data is shared among financial institutions and other companies, such as utility providers, big tech, and even, social media. It’s essentially the Internet of Things for finance — connecting all financial data across the ecosystem. 

The key to building an open ecosystem is enabling secure data access. While U.S. regulations are still forthcoming around consumer data rights, the report outlines several points that all financial institutions and fintechs should consider: 

Consumers own the rights to their data

An open ecosystem must operate on the basis that consumers own the rights to their financial and nonfinancial data. FIs and fintech firms operate “on behalf of” consumers requesting services.

Consumer consent is paramount

Today’s screen scraping approach to the majority of financial data doesn’t allow for consumers to give permission or manage consent for their data. In an open ecosystem, consumers must provide explicit consent for their data to be shared or accessed. The process should also be frictionless for consumers to give and withdraw consent. 

Consumer identity and access management needs to be strong

Financial providers should invest in consumer identity and verification solutions as a strategic business capability. Modern identity management solutions are vital for open ecosystems, but they appear lacking: The challenge is to enable a secure, convenient, and trustworthy open environment for customers.

Third-party access needs to be transparent and secure

Third-party providers must securely identify themselves to data providers (e.g., FIs) to prevent data access from malicious entities. And, third-party access, whether via API or other mechanisms, should be enabled only over secure (encrypted) channels to protect customer data exchange from unauthorized disclosure.

Related Blog Posts

Don’t let Digital Porch Pirates Ruin the Holidays

December 7, 2022 | 2 min read

Modern, secure tech helps safely connect accounts for payments, but fintech providers must ensure bad actors don’t ruin holidays. 

Talking Fintech: Definitions from E to M

October 11, 2022 | 2 min read

In part 2 of this series, we discuss common fintech terms and definitions from the letters E to M.

Money Matters: Key Takeaways from Money Experience Summit 2022

September 30, 2022 | 1 min read

Financial data that's driven by open finance, can lead to powerful customer experiences for financial institutions and fintechs.

Sign up to receive the latest news, announcements, and event info from MX.

envelope with airplane