In this article, Rodrigo Tumaián dives into the Open Banking cybersecurity landscape and the importance of user’s protection for any company that leverages the power of this new technology. He talks about the main risks and how to overcome them.
Open Banking is going from being an industry buzzword to an increasingly logical pathway for financial institutions and fintech companies, and with good reason. The framework, wherein banks enable third parties to access customers’ financial data in order to provide new products and services and provide a higher degree of transparency to customers, is already making wavesOpens a new window in the finance sector.Â
Open Banking enables consumers to gain a more detailed understanding of their finances and accounts, incentivizes incumbents to innovate and improve their services, and lowers the barriers to entry for new players.Â
However, as the cybersecurity landscape becomes increasingly complex and hackers develop new techniques to access financial data, many users may be left reluctant to sign up for such a transparent model. Between phishing attacks and ever-evolving bots, the threats are high. Any company leveraging the power of Open Banking must prioritize cybersecurity and protect its users.
Learn More: How To Avoid Cyber Attacks During a Particularly Risky Tax Season
The Inherent Risks of Open Banking
Open banking is based on the principle that the user is the owner of their information, and therefore, can perform the operations they desire by using their information and money. We frequently use this simple principle in our daily lives. For example, when consumers buy a new laptop, restoring backed-up data from the old computer to the new one is simple. However, as things stand currently, it is not so simple with our financial information.Â
Open Banking proposes that we, as users, have the power to change laptops or banks through a simple and smooth process, without losing information. Open Banking extends this concept further and talks not only about changing laptops or bank accounts, but any financial app, entity, or company the user wants to share their information with.
With these updated rights, there must be a conversation about new risks when it comes to how — and with who — we share our data. Nearly, 50% of all bank customersOpens a new window think that their assets will be less safe if they try Open Banking.
So, plainly, what are the main risks to open banking? Many would agree that data breaches, as well as any kind of human error, are the primary threats. But while there are risks associated with Open Banking, every innovation and human experimentation would include risks. One way to think about the prevailing risks would be to measure the risk of using a credit card on the internet or using your own bank’s app on public Wi-Fi. The risk profile would be similar if not lean toward Open Banking as being a better solution. Although, there are real threats that exist. Because Opening Banking depends upon the functionality of APIs from third-party providers (TPP), if the outside TPP’s security is not up to par, there could be a data breachOpens a new window .Â
However, the advocates of Open Banking’ aver non-implementation of Open Banking is the biggest risk. Currently, the financial system is full of intermediaries, old methodologies, and manual operators, which make access to the financial system expensive, slow, and distant from the population, especially in places like Latin America.
It could perhaps be helpful to view the risks associated with Open Banking like driving a car. Do accidents occur while driving? Of course. But people do not stop driving cars every time something happens. That is because driving a car is faster, safer, and more convenient than the alternatives within our modern society.Â
There also needs to be an onus upon the user to protect their own assets. The general public should be more aware of how their choices impact their personal data. A majority of targeted cyber breaches are aimed at individual users. Of all cyberattacks, 81% have targeted users that have weak or repeated passwords — 61% of peopleOpens a new window use the same password for all their accounts, meaning, one stolen password leads to breaches across all your accounts. To circle back to our car analogy, users know that accidents happen, that is why they should wear a seatbelt to further ensure their safety.
Learn More: Why Cyber Risk Should Be a Top Consideration During Mergers and Acquisitions
Overcoming Obstacles to Cybersecurity in Open Banking
Firstly, there are a number of ways to reduce the security vulnerability of Open Banking systems nearly immediately. The most efficient of these is implementing multi-factor authentication (MFA). MFAs require not only a password but also another step to enter into an account. These can include an additional question, using something only a physical account holder would have like a text sent to their phone, or a biometric scan like using your fingerprint to unlock an account. Studies have shownOpens a new window that MFAs block 99.9% of all potential hacks.Â
Another option would be to implement machine learning systems into Open Banking processes. These automated systems could analyze unusual activity on any payments made through an Open Banking API. Not only is this much faster than any human could analyze the same data set, but it will also reduce fraudulent charges by 65% and the amount paid out to fraudsters by 75%.Â
It’s also important to acknowledge the importance of regulation. Regulators could be the most crucial piece for providing Open Banking a pathway to widespread use, as many of the hindrances around its expansion stem from the lack of consistent regulations. There is a legitimate need for a consensus when it comes to cybersecurity in open Banking as a whole.Â
The credit card industry, for example, is very regulated when it comes to the management of user data. These regulations are global drivers of credit cards’ legitimacy. Without these agreed-upon rules, credit cards would struggle to operate outside of their home region and wouldn’t be able to service clients seeking to use their product for larger purchases or overseas.Â
Open banking regulators should look to the example that credit card companies have set to guide new best practices. In doing so, companies from all over the world will leverage Open Banking to expand on the already 10,000 financial institutionsOpens a new window using Open Banking and reduce the 13% of countriesOpens a new window that do not allow Open APIs.Â
Despite some major growth in the last couple of years, it is fair to say that Open Banking is in its fledgling stage of becoming a leading banking method within the fintech world. However, that doesn’t mean that players in the financial sector should shy away from leveraging its potential. The groundwork being laid today could very well lead the way toward how everyone handles their finances in the future. It is hard to say exactly what fintech will become but what we are seeing currently implies an unrivaled convenience and speed which should be appealing to most consumers. By addressing any risks through proper cybersecurity management, the 50% of consumers who think their assets are less safe in Open Banking systems will significantly plummet.
Let us know if you liked this article or tell us on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!