4 Ways Open Finance Uplevels Security
August 28, 2023 | 2 min read
In this post, we will cover:
Consumer-permissioned data, also referred to as authorized or user-permissioned data, is when a consumer consents to share their data with a third party.
Creating a social media account. Sharing your name and birthday to sign up for a rewards program or get an extra coupon. Accepting the Terms and Conditions on the latest mobile app that you downloaded. In each of these cases, you’re granting access to some of your personal data to a business or organization so that you can use their services and get a better customer experience.
In the financial services industry, consumer-permissioned data sharing is the crux of Open Banking and Open Finance. It means granting a bank, credit union, fintech, or other financial provider access to your personal financial data, such as account information, transaction history, and spending habits.
Think about the typical consumer’s finances. The average consumer has at least 5 to 7 different financial accounts. And, it’s not uncommon for some consumers to have more than 30+ accounts across checking, savings, investments, loans, credit cards, etc. As a result, very few consumers — and few financial institutions — have a complete picture of a consumer’s finances in one place. This makes it difficult for consumers to manage their finances. And, it means financial providers can’t deliver the best experiences for consumers with only a fraction of the picture.
For instance, our latest survey of 1,000+ American consumers found that most consumers do not have a good way to track and manage their finances. Nearly half (45%) only check finances through their financial accounts — meaning they must look across multiple providers to try to get a full picture.
However, with open data access powered by consumer-permissioned data sharing, financial institutions, fintechs, and their consumers can better understand and do more with financial data. This can lead to better financial management for consumers, more personalized solutions from providers, and ultimately, better outcomes for both consumers and businesses.
Data warehouses are commonly used to store consumer data. However, this method poses risks to consumer privacy and security while leaving consumers with little to no control or visibility into how their data is shared and with whom. Some companies leverage data warehouses as a way to sell consumer data to other third-party organizations.
A common example of this is a consumer verifying their income when applying for a loan. A lender that uses a data warehouse would prompt the consumer to upload a pay stub to verify their income – a manual process that includes sharing and storing additional data listed on the paystub that is not necessary for the loan application.
In contrast, consumer-permissioned data sharing would allow the consumer to consent to sharing their data with a lender in this one instance and limits what is shared to only the data necessary for the application. This creates a more seamless and secure money experience for both the consumer and the financial provider.
Consumer-permissioned data sharing typically occurs in one of three ways within a financial institution or fintech:
This requires consumers to share their credentials (username and password) with the data recipient to grant access to their data. Screen scraping is less secure than more modern connectivity solutions like open finance APIs and places a heavy technical burden on bank infrastructure, which creates unstable customer experiences as a single point of access.
Whitelisted IPs allow the financial institution to sanction data sharing with specific IP addresses and see who is accessing their consumers’ data. Whitelisted IPs allow consumers to link their accounts to valuable third-party apps, creating a more consistent experience and generating higher connectivity rates.
Open finance APIs allow consumers to share data without the need to provide usernames and passwords by replacing credentials with tokens, delivering higher levels of security, faster speeds, and higher connection success rates. Consumers also gain greater visibility and control over which apps and institutions access their data — enabling them to grant, manage, and revoke access at any time.
Of all the benefits that Open Finance provides, the most important is protecting consumer data while giving them control over sharing their financial data. Current data-sharing methods like screen scraping, for example, put a customer at higher risk unless careful security protocols are in place.
Open finance APIs help alleviate security concerns and improve the experience for the consumer by enabling safe and secure data connections through industry standards provided by FDX that don’t rely on sharing or storing credentials.
Leveraging APIs is also faster and more cost-effective for organizations, enabling them to more quickly build and deploy new connections and solutions. Financial providers can not only accelerate their time-to-market and reduce costs to deploy, but can also speed up processes within a money experience by eliminating manual processes, such as reviewing paperwork to make a decision on a loan application.
MX’s Data Access platform enables institutions to deliver a safe and secure connectivity experience. Data Access is an open API platform built on FDX standards that improves time-to-market and reduces costs to deliver secure consumer-permissioned data sharing, as well as provide the groundwork for greater insights about customer behaviors, trends, and needs.
August 28, 2023 | 2 min read
August 7, 2023 | 4 min read
June 9, 2023 | 3 min read