By: Chang-Hun Yoo, Founder & CEO, swIDch
The anticipated growth in Open Banking, a requirement for financial institutions offering UK current account services, is not surprising given the potential opportunities it opens up by allowing third parties access to consumer banking data in order to tailor products and services, as well as to continue to drive innovation and value for the customer.
In fact, with 94% of FinTechs considering how open banking can enhance their provision and 71% of financial institutions supporting open banking as a positive initiative, it seems the industry is primed for extensive growth.
The ability to provide more tailored products and services while also helping to facilitate better innovation, convenience and value for customers today seems a no brainer. However, as with the management of any sensitive data, giving third parties direct access to customers’ financial information brings a slew of cybersecurity risks with it.
A Censuswide survey, commissioned by Mambu, found that more than half (52%) of consumers have never heard of open banking and 61% have never used it, in spite of 80% of respondents using one or more mobile finance apps.
From Payment Authentication to Network Vulnerabilities, Open Banking Brings Question Marks
With the management of data of any kind – in particular, that which is sensitive – also comes great security risks from authorisation and authentication to payment fraud, data breaches and network vulnerabilities. Open Banking is sparking a real mix of opinions from consumers and businesses and this disconnect may inhibit the uptake of the technology.
There are many ways that personal data can be breached; malicious code infection of open API related information processing system, insufficient management of user organisations that provide API data to 3d parties and theft of open API access keys on the company side to malware infections, service application vulnerabilities, phishing and fake sites on the consumer side – to name a few! These attacks will continue to increase in severity and prevalence, so the time is right now for our financial institutions to step up and ensure the safety and security of their data and also educate consumers about the technologies and processes in place to safeguard them.
Tech Innovation is Key to User Protection in Open Banking
A cyber-attack takes place somewhere around the world once every 39 seconds. As a result, 8 billion pieces of sensitive personal information was leaked to the market in 2019, costing the global economy a staggering $2.9M every minute in 2020. And these breaches can all be avoided.
On the tech side, rather than trying to prevent all these situations, the use of innovative technology can help financial institutions be more proactive, agile and cautious in the way in which they adopt Open Banking. Solutions such as authentication codes and biometric authentication can remove the need minimise security vulnerability and alleviate user-inconvenience caused by ID/passwords log-in.
Currently, the industry relies on static information: card numbers, IDs, passwords, and PINs to authenticate user credentials. As a user, these security steps are quite frankly akin to having a recurrent nightmare every single day. Remembering multiple logins, passwords, passphrases, or having to use a security device to log into accounts is a major headache for users and costly for organisations to maintain. What’s more, static authentication can be easily lost or stolen, and often requires additional steps in the authentication process which not only complicates the experience for the user, but also opens up additional risks and vulnerabilities for cyber criminals to exploit.
As our interconnected world grows, so too will common cyber crimes such as identity theft, card-not-present fraud, phishing and hijacking scams, and account impersonation.With these security threats abound, it’s more than high time for financial service institutions to put technology in place to proactively safeguard against such attacks.
This is where technology such as OTAC comes in, drawing on all of the advantages of the three most common authentication systems – user ID/passwords, RSA hardware/software for generating authentication codes, and tokenisation to provide a solution that is more efficient and effective than any of these security measures individually. It generates a single dynamic code that both identifies and authenticates the user at the same time and can do so without a network connection. And, because it’s a single-use, time-based code that is unique to the user, it cannot be used more than once or by anyone else.
The Role of Financial Institutions to Create Trust in Open Banking
But clever tech is all very well if your customers won’t use it. The COVID-19 pandemic has certainly increased internet banking usage in the older generation and with an increased threat of cybersecurity breaches resulting from the increase in home workers during the pandemic, it is more important than ever that financial institutions raise awareness of how they are protecting their customers. Today’s leading financial institutions have a big role to play in educating their customers on Open Banking, communicating not just the benefits it can bring them, but also ensuring customers feel their financial institution can be trusted and will protect them against these risks in the most secure and appropriate way.
The good news is that some institutions are already taking action:
Lloyds teamed up with We Are Digital to provide guidance and remote training to vulnerable customers through a dedicated phone line, allowing them to stay in control of and connected to their finances online.
Similarly, RBS has created ‘Digital Lessons’ to help older customers with their day-to-day banking activities online, while also establishing dedicated phone lines for NHS workers and elderly customers. .
Through Barclays’s ‘Digital Eagles’ team, the bank has launched a number of initiatives to help its customers – from regular communication with vulnerable customers to ensure account access to offering ‘virtual tea and teach’ sessions to help instil elderly customers with confidence in online banking.
These measures taken by our leading financial institutions across the country may seem obvious, simple and straightforward. Yet, it is these that will help drive the adoption of digital, online banking for all customers. Advancements in technology like OTAC can help prevent the damage caused by information leaks and data breaches, promoting safe and secure environments for customers with strong, safe, secure, and trusted user authentication access that is easy to understand and easy to use.
Suffice it to say that there are several factors that will drive the successful future of Open Banking, but while the role and importance of continued tech innovation is paramount, arguably of equal weight is ensuring that users trust in their financial institutions to protect and safeguard them in the ever-growing face of cyber attacks. This real understanding of the problems that customers face and bespoke education will not only reduce the risk of consumer side threats but will promote a trusting and long lasting relationship with your customers. The organisations that get this balance between technology, user trust and protection right will really gain momentum in the digital transformation race as we know it today.