Open Banking

Open banking: The race to protect data rights

February 16, 2021 | By Matthew Driver

This article was originally published on The Paypers.

Data has driven incredible improvements in people’s experiences with financial services over the last decade. Services that once could only be done at bank branches can be easily accessed online and people now have powerful financial information, products, and management tools at their fingertips via their mobile devices. 

The global expansion of Open Banking – where consumers can agree to share their data with third-party developers and fintechs in exchange for new services – promises to catalyse another generation of innovation across the industry. Services such as the ability to see all savings across multiple banks in one spot or manage household expenses and budgets fundamentally change the boundaries of banking relationships.

But for participants to best take advantage of this technology requires responsible data practices. The key differentiator that sets the world of Open Banking apart from previous innovation environments is the requirement for transparency, openness and consumer consent in data sharing.

Trust is critical in our hyper-connected digital environment. Nowhere is this more important than in banking and payments. Ensuring these services clearly rely on explicit consumer consent – enabling end-users to have a choice in how their data is used – is vital if the latest group of financial innovators are to create true value for consumers and businesses alike.

Data needs to be treated like any other valuable asset. Just as people will put money only in banks they trust, they’ll provide consent only to companies that adhere to their permissions, treat their data with respect and use it only for intended purposes.

As a result, the financial ecosystems of the future must develop and stick to a strong set of principles to ensure the ethical use and sharing of consumer data. These principles should be the guiding force built into every part of all technology processes and solutions by companies looking to create the new hyperpersonalised and convenient services that Open Banking will enable.

At Mastercard, this code is a natural extension of our own cultural values – to treat everyone with decency. As such, we see the fundamental principles for data decency as follows:

  1. Elevate data decency as a core corporate value;
  2. Respect that consumer data is personal;
  3. Ensure consumers are the beneficiaries of their data assets;
  4. Enable consumers to own and control their data;
  5. Provide consistent and well-tended cybersecurity data protection.

Data decency will ensure long-term success

As the race to take advantage of Open Banking takes off, inevitably it will be tempting for some companies to misuse consumer data. But in the long run, the most transparent players will win. This is because consumers are already aware that too many companies have benefited from leveraging their personal data while hiding behind the opaque convenience of the internet economy. With awareness of data rights rising, people will naturally decide to work with companies that are transparent and avoid companies that are not.

Indeed, we expect that tomorrow’s winning companies will go beyond giving consumers the ability to consent to the sharing of their data and will also empower them with the ability to review, revise and delete their information, which is already becoming a requirement in many countries. Organisations that fully respect data in this way will have a major competitive advantage because they will demonstrate a respect for consumer data and, in the process, build trust.

The best companies will also prioritise cybersecurity protections to the highest standard, including providing multiple layers of protection and constantly upgrading systems to ensure that consumer data is always safeguarded.

Providing a secure ecosystem is foundational to our business. At Mastercard, your transactions are tokenized and fully encrypted right from the point of sale and ATMs across 210 countries and territories.

The area of authentication has also been extensively upgraded. From the use of static or one-time passwords, we now also have advanced tools such as biometrics and AI-based analytics to check and validate every one of the 75 billion transactions that flow over our network before they’re approved, examining how a specific account is used over time to detect normal and abnormal spending behaviours.

These measures not only work to prevent fraud but also to improve the customer experience when seamlessly integrated into the digital transaction flow. With this focus on data decency and protection, we ensure that consumer trust is never compromised.

Systems such as ours call for radically different approaches to data and security than most companies are now comfortable making. But we know consumer trust is our most valuable asset. Ensuring that we have systems, processes and policies in place to protect that trust is mission critical.

How Open Banking, if done well, will change the world

Mastercard’s recently acquired partner Finicity, a US-based financial data-sharing ecosystem developed to expand Open Banking, is a powerful example of how consumer-centric data sharing has the potential to unlock new opportunities within financial services.

Finicity relies on consumer permissioning for its services to exist. This means people are asked whether they agree to provide access to specific data that would enable a service to be made available to them – before they enroll in the service.

Finicity’s consumer permissioning, together with the highest standards of data safety and security, delivers a platform that allows technology and financial services providers to enable a host of new tools and services. The impact goes beyond providing better experiences to creating significantly more industry transparency and, ultimately, greater digital and financial inclusion.

We believe the success of the Finicity model can be replicated around the world – as long as all players cultivate the same recognition of the value of consumer data and the importance of protecting it. In short, privacy protections, transparency and cybersecurity must be viewed as innovation catalysts rather than sources of friction.

For Open Banking stakeholders, navigating this course of change requires skill and self-awareness. It also requires a commitment – from everyone – to build and preserve trust by putting data decency front and center.

The gains from these efforts will be well worth it. Open Banking’s potential to change how people experience financial services – based on clear and transparent data principles and ethical standards – is just beginning. Responsible data practices create sustainable business practices and, if the ecosystem can put data decency and ethical data usage at its core, the future offers an incredible opportunity for growth and innovation.

Photo of Matthew Driver
Matthew Driver, Executive Vice President, Head of Services, Asia Pacific, Mastercard