A recent report released by the United Nations found that 132 out of 194 countries have now introduced data protection regulations of some kind, all varying in terms of what type of information they protect and the severity of their restrictions. These regulations are being crafted in a world where consumers and businesses are now conducting a large number of their daily tasks and transactions virtually.
This trend toward digital has only increased since the beginning of the COVID-19 pandemic, and this growing population of online-only or online-majority customers also means that identifying those consumers has become essential for businesses and financial institutions (FIs) in global markets. Merchants and their banks must therefore keep a close eye on how privacy and open banking trends are changing, as well as what data they can use to help authenticate these customers under these emerging laws.
In the latest Merchants Guide To Navigating Global Payment Regulations, PYMNTS analyzes how the ongoing global health crisis is driving data privacy and open banking regulations forward as well as how this is impacting the need for more robust digital identity verification solutions. It also examines how these shifts are affecting merchants as they look to compete within this changing environment.
Around The Data Protection World
The European Union may have set the standard for open banking or privacy worldwide when it ratified the General Data Protection Regulation (GDPR) and the revised Payment Services Directive (PSD2), but one recent study suggests that EU consumers still remain wary of sharing details with unknown or third-party services. Only 20 percent of these consumers stated they would be comfortable sharing their data with outside sources, the report found. Yet it is also important to note that familiar institutions also do not inspire confidence when it comes to privacy protections among consumers, as only 17 percent of consumers agreed they felt more at ease sharing private data with these entities compared to FinTechs or third-parties. This indicates that both legacy FIs, as well as new FinTechs, may still need to work to gain consumers’ trust even as open banking laws advance in this market.
The United States has been cultivating its open banking and privacy rules more slowly, however, an ongoing debate that is casting more attention on how banks and other companies identify their customers. One recent study found that more than half of North American banks still require customers to visit branches or complete identity verification in-person for new accounts. The report also found that only 16 percent of these FIs are using real-time identity verification solutions that allow customers to open accounts via fully digital processes. This is significant for several reasons, especially because more consumers are being driven to interact with their banks virtually only due to the ongoing pandemic — putting more pressure on banks to be sure they are accurately verified. This makes it critical to develop standards to govern the sharing of consumer information as well as how customers can be identified.
Meanwhile, other markets are continuing to adjust with their own data protection laws. Regulators in Singapore have relaxed some of the requirements surrounding where and how businesses can collect consumers’ personal information, for example. The changes to the country’s Personal Data Protection Act (PDPA) now allow businesses within Singapore to make use of consumers’ data if the information is used either for research purposes or to improve the business in some manner. This grants companies more flexibility when it comes to collecting this data, but the PDPA changes also come with much more severe financial penalties should these requirements be breached. Companies could now be fined up to 10 percent of their annual revenue, according to lawmakers.
For more on these stories and other headlines, read the Tracker’s News & Trends.
How NowRx Is Engineering Prescription Privacy During The Pandemic
Consumers are approaching healthcare differently since mid-March, with many turning to telehealth services or ordering their medications online to avoid risky in-person trips to crowded medical facilities. The healthcare industry already had robust data protection requirements before the pandemic, but the advance of telehealth and other virtual services is putting increased pressure on healthcare providers. Insurers or pharmacies must make sure that they confirm consumers’ identities before releasing medical prescriptions or personal information to these individuals virtually, explained Cary Breese, CEO of California-based online pharmacy and prescription delivery service NowRx in a recent PYMNTS interview. To learn more about how the pandemic is impacting consumers’ and regulators’ expectations surrounding data privacy within the healthcare industry, visit the Tracker’s Feature Story.
Deep Dive: How Merchants Can Keep Pace With Changing Digital Identity Needs As Open Banking Progresses
The ongoing COVID-19 pandemic has continued to push the number of consumers turning to digital platforms to fulfill all of their needs from financial to medical, meanwhile. One recent study found that 4.5 million U.K. consumers are now using bank accounts that are digital-only, for example. A higher number of consumers in global markets are making more retail purchases digitally as well. This makes being able to confirm that consumers are who they say they are using purely digital means a must for banks and merchants, especially as they look to create services that comply with emerging data protection and security regulations in their respective markets.
To learn more about why digital identity verification solutions that can swiftly and accurately confirm consumers’ identities are critical for merchants competing under open banking standards, visit the Tracker’s Deep Dive.
About The Tracker
The Merchants Guide To Navigating Global Payments Regulations, a PYMNTS and Ekata collaboration, is the go-to monthly resource for updates on the trends and changes regarding PSD2 as well as other privacy and data protection regulations.