The age of open banking is being accelerated by the pandemic.
Finicity Founder and CEO Steve Smith told PYMNTS in an interview that, with the increasing use of online channels to do everything from opening accounts to transacting, the specter looms of account takeovers (ATOs) — but the transparency inherent in open banking offers a robust line of defense.
At a high level, he said of open banking, the process lets individual account owners — whether consumers or businesses — provide permission to access their financial information associated with their account.
The initial use cases that are gaining traction, “and the ones that most people understand quickly,” Smith said, including providing information that is in turn used in online personal finance apps. Those services give users a 360-degree view of their finances, spanning credit cards, checking and savings accounts and other financial instruments.
“We’ve reached the stage in 2021 where open banking represents far ‘more’ in terms of what it opens — and that includes new account openings themselves,” he said.
That comes against the backdrop where, in the midst of the pandemic, banks were shuttered, and banking shifted online.
Smith noted the data that is used to set up accounts also can be used to authenticate users, and it can be used for account-to-account (A2A) transfers of funds.
In that way, he said, “the account is up and running and ready to go in real time,” while the frictions tied to traditional processes of account openings fall by the wayside.
The Balancing Act
Of course, the balancing act must be struck between ease of consumer use and security.
“We’ve walked many of these tightropes over the years in technology,” Smith said. “In order to advance technology, you have to put yourself in the position of the consumer.”
Democratizing data is important, yes, but so is doing it in ways that do not increase risk. He pointed to Finicity’s involvement in the Financial Data Exchange, the industry group formed to help provide industry standards over data access, control, transparency, traceability and security.
The overarching principle, he said, is that the end consumer controls the data and has a right to that data — and it’s a fundamental right. Doing this securely does not require screen scraping or sharing of credentials.
“Let’s use what’s been developed by the industry as best in class [application programming interface (API)]-based direct access technology that allows the user or the consumer to authenticate with their bank and then have the bank share a token for data access from their data store to the third party that’s being permissioned to use or gain access to the data.”
In that manner, the permission and traceability of the data flow is secure — and transparent.
“The data maps transparently to the permission that was granted,” he said. “If we wrap security around that, today’s level of security … you’ve built out a framework to deliver open banking’s promise and benefits in a frictionless, responsible way.”
In addition, in further evidence of transparency, the third-party provider is known to the bank.
“The third party wouldn’t be able to access data without having engaged together with the bank to create direct API connections for the appropriate security interchange or via interchange protocols,” said Smith.
Looking ahead, beyond making account opening and maintenance more secure, we’ll see complete, end-to-end digital transformations of verticals, such as personal financial management and payments, he said. Providing a 360-degree overview of the consumer allows enterprises and consumers to have easier access to capital, and for underwriters to gauge risk more accurately.
“If you think about the upside opportunity to digitize and remove paper from payment and other processes, then what can be established [with open banking] really is substantial,” he told PYMNTS. “Open banking is going to impact every aspect of financial services over the next decade.”