Open Banking: Convenience, Privacy Threat or Both?
Your bank knows a lot about you. Not just how much money you have in a given account, but how you use that money: Whose bills you pay, how much you spend on fuel or food, and any number of other things.
What if your bank started sharing that information with third-party financial providers? Would that be a good thing or a bad thing? It may not matter because it’s already happening.
Open financial data, also known as open banking, is a potentially disruptive trend that’s taken shape over the past five years or so. In its simplest form open banking allows third-party service providers to access the personal data held by your bank via a series of application program interfaces (APIs). Generally this would require your granting permission to do so, perhaps via a check box in an online application. These third-party providers would then have the ability to aggregate your financial information from a number of sources and to act on your behalf in completing financial transactions.
For a visual, consider the old way of doing things as a straight line with arrows on either end running between you and your bank and representing the flow of information in both directions. With open banking, that straight line becomes a spider web with a different provider at each intersection. If you use an app to track your spending or financial goals, chances are you’re already experiencing open banking.
Open banking is not restricted to the United States, which frankly is a bit behind the global curve. The U.S. is just beginning to draft regulations, while the European Union, United Kingdom, South Korea and others have passed laws and granted licenses.
Why would open banking be a good thing? Proponents say it will lead to a more competitive landscape, allowing smaller institutions to operate on a more equal footing with large ones. In theory, greater competition will lead to improved services, additional tools for managing finances and more transparency in pricing.
Other potential benefits include the more detailed financial picture that’s likely to emerge from examining multiple financial sources. This can benefit consumers, offering more information on which to base financial decisions like taking on a new mortgage or car payment. And financial providers could benefit as well in being able to better fine-tune their offerings based on that additional data.
Further, the API technology is a more secure way of managing data than sharing login information with multiple institutions. Previously, this data sharing required ‘screen scraping,’ where you would provide the same username and password you use for your bank account to the third party, which could then choose which information it needed. APIs instead offer direct access to only the necessary data, closing that security gap. In theory at least, API technology should also streamline currently complex tasks such as switching a checking account from one bank to another.
APIs are not without security risks, however, and those risks encompass not only your own finances but liabilities on the part of the financial institutions. The landscape is fairly new, and it’s not unlikely that there will be some technological missteps. In our current environment where each day seems to bring a newsworthy ransomware attack, this is a legitimate concern.
A less immediate worry is that the economies of scale in all this aggregation of financial data might lead to a similar concentration of financial providers, running contrary to the promise of increased competition. And of course our financial institutions have a record that’s far from unblemished when it comes to managing our personal data.
Like it or not, open banking is more than just the future of finance … in many ways we’re already there. As with so many other things, the pandemic spiked consumer interest in financial apps, further accelerating the trend. The good news is that most objective sources agree that the benefits far outweigh the risks.