From Money to Data to Trust: How Open Finance Improves SecurityAs the industry embraces open finance ecosystems, it’s an opportunity to raise the bar on securing financial data.
link copied
The financial services industry has long been a trusted steward of consumer’s money. Consumers turn to banks, credit unions, and other financial providers to keep their money safe and make sure their funds are accessible when they need them. But in today’s data-driven world, being a trusted steward of money is just one piece of the equation. Now more than ever, financial providers must be a trusted steward of the consumer’s personal data and also, a steward of trust itself.
“Customers need to be able to trust financial institutions and fintechs to keep their money safe, to protect their personal data, and to deliver reliable services that help them manage and use their money responsibly. However, trust in financial services is hard won and fragile.” — A Time for Trust: The Consumer Money Experience.
It’s no surprise that security is at the core of building and maintaining trust. As our industry embraces open finance ecosystems, it’s an opportunity to raise the bar on securing financial data.
At MX, Open Finance means secure and reliable access for consumers to share their data with the financial apps and tools they choose to use. It is based on the idea that consumers own their data and should have control over who has access to it.
And, of all the benefits that Open Finance provides, the most important is protecting consumer data while giving them control over which organizations they choose to share it with. Current data-sharing methods like screen scraping, for example, put a customer at higher risk unless careful security protocols are in place.
Open Finance helps alleviate security concerns and improves the experience for the consumer by offering:
Simply put, Open Finance can be more secure as it eliminates the need for consumers to share their credentials in order to connect financial accounts into a single view. This is why leading organizations are on a journey to secure access to open data in a digital ecosystem. Moving from screen scraping to secure, reliable open finance APIs is the best way to protect open data.
Data breaches, scams, and fraud have reached record levels. The Federal Trade Commission reports that consumers lost nearly $8.8 billion to scams in 2022 — an increase of more than 30% over the previous year. Among the types of scams where consumers fell victim, imposter scams top the list as the most prevalent form of fraud with losses of $2.6 billion.
For financial institutions, the story is the same. A recent study found that credit union call centers saw over a 70% increase in fraud rates last year. This same report also shows that more than 300 million people have been affected by data breaches since 2020 — and that data compromises are at an all-time high.
While better controls won’t completely eliminate fraud, financial institutions and fintechs should look to not only strengthen, but promote their security practices to protect consumers and their business. And, they should consider how Open Finance can enhance their processes and systems throughout the consumer money experience to mitigate risk:
The touchpoint with one of the highest levels of associated risk along the customer journey is when they first open an account. In fact, new account fraud increased 109% in 2021 according to Javelin Strategy & Research’s 2022 ID Fraud Study.
At the same time, consumers are quick to bail if the account opening process is too cumbersome. This makes the account opening process a critical touchpoint for both security and a business’s bottom line.
Leveraging Instant Account Verification (IAV) and identity verification technologies can enable a smoother and more secure experience. Organizations can verify accounts in less than 5 seconds using direct OAuth connections that eliminate the reliance on microdeposits to verify an account. With microdeposits, the customer typically has to wait anywhere from one to three business days for these small deposits to show up on their account, and then they have to log in again to validate their account.
By contrast, IAV is faster, more cost-effective, and helps significantly decrease drop-off rates as customers aren’t weighed down waiting to verify via microdeposits for several days. Additionally, IAV technology is able to determine whether or not the connected account is owned by the same person who is opening a new account, further safeguarding the account opening process.
Previous MX research shows that consumers across all generations want more security and control of their financial accounts. And, when it comes to logging in, most consumers pointed to multi-factor authentication (MFA) and biometric login options as features they want in their money experience.
That said, adding layers like MFA can make the login process longer for consumers who have little patience. Financial providers should consider how to strike the balance between a speedy login process and a secure one. Financial providers should consider how to keep pace with new authentication standards and experiences across other industries to ensure they are delivering a secure, seamless experience for their consumers.
Account aggregation enables consumers to link together all of their financial accounts into a single view. This financial data sharing enables consumers to gain a 360-degree view of their finances, empowering them to make better financial decisions and get closer to reaching their financial goals.
However, the majority of financial data sharing is historically done through screen scraping, which requires consumers to share their usernames and passwords with a third party, putting both consumers and businesses at risk. Open Finance enables a better way.
By leveraging an open finance API, consumers never have to share their username and password. Instead, organizations leverage tokenized API and OAuth connections to enable consumers to connect to and share their financial data — on their terms. Only authorized third-party providers can connect to bank APIs. Consent management gives control to the end user, not allowing their data to be shared without their consent and knowledge. Connecting to financial institutions through secure connections also activates anti-fraud systems already in place.
The better financial providers understand their customers, the more risk can be curbed. Financial institutions have a wealth of data about their customers including where, when, and how they manage their money.
By tapping into this data to establish and monitor patterns, financial providers can better identify anomalies and proactively take action or alert the customer when something doesn’t look right. Greater insights into the financial lives of consumers means it’s easier to spot anomalies and potential fraud, reducing risk for both the organization and customer.
Open Finance not only enables organizations to reduce risk and mitigate fraud, but also improve the money experience for consumers. And, in today’s economic landscape, delivering world-class experiences backed by secure, reliable systems are two ways companies can become a trusted partner for consumers.
Account Opening and Connection:
Information Security:
Open Finance: