Solving the open data dilemma: enjoy seamless experiences, while staying safe and compliant

As the API economy builds momentum across industries, banks and fintechs have begun to explore the unique service propositions and use cases that Open Banking provides

Banks have started to look beyond account aggregation and payment innovation benefits of Open Banking, to dive into more creative and beneficial use cases such as the provision of an assured digital identity. This service can bring significant benefits to consumers and businesses alike by speeding up digital experiences (digital onboarding and KYC processes), making them safer (customer being in control of her/his data), compliant (detect money laundering activities), and processed at lower cost (by cutting operational costs for businesses).

What is the connection between Open Banking and digital identity?

In maths, equality is a relationship between two mathematical expressions, asserting that the expressions have the same value and represent the same mathematical object. Having this in mind, please read the definitions below:

Definition A: Open Banking = a collaborative model in which banking data is securely shared through APIs between two or more third-party developers to build (enhanced) applications and services around the financial institution. This enables customers to select from multiple service providers available leading to improved and secured customer experience and new revenue streams for banks.

Definition B: Digital Identity (Schemes) = a person’s ID issued and shared securely by a national or local government, by a consortium of private or non-profit organisations, or by an individual entity. Strictly referring to financial services, a digital identity enables a streamlined identification and authentication of users/customers, secure digital payments, and assists FIs with e-KYC.

Based on the definition of equality we reach the following conclusion: the innovation behind Open Banking regulation can enable financial institutions build digital identity schemes/utilities that help FIs to detect and fight fraud and financial crime while staying AML/KYC compliant. Moreover, because the digital ID process involves identity proofing (the process by which an identity service provider collects, validates, and verifies information about a person) and authentication (the process which establishes that the individual seeking to access an account is the same person who has been identity proofed, enrolled, and credentialed and has possession and control of the binding credentials), digital identity can make the opening of a bank account process smooth, secure, and fast.

But there are situations when these outputs remain only projections, as in reality financial institutions tend to lag innovation, as the current COVID-19 pandemics, that forced many businesses to migrate online, has revealed.

What is currently happening?

1.1         There is a rising demand for a legal digital identity in different areas – health sector – keeping track of COVID-19 vaccinated people, governments - delivering of government services to their citizens, financial sector – opening bank accounts, access finance solutions, societies – focusing on financial inclusion, reaching the unreachable.

1.2         Customers not in control of their data – users cannot control/ stop all the info they share about them. For instance, a person has to present the whole physical ID to prove that there are over 18; this instance not only interferes with data privacy, but it can also lead to bad actors accessing their data, without the user’s consent/knowledge.

1.3         Siloed identity data can lead to poor user experiences when accessing financial services – many times customers must enter repeatedly the same info to authenticate themselves. Instead, this data could be reused across multiple areas within the same organisation or across organisations to avoid friction during a transaction.

Moreover, based on the data behind these usages, the bank can create value-added services, boosting customer’s loyalty. By analysing your customers’ transactions/log-ins to their accounts, the banks might spot patterns that help them serve those customers better/keep them loyal. For instance, in 2018, Monzo Bank partnered with a global automation platform IFTTT (If This Then That), enabling each customer to set up powerful mini-programs on their account to do things like giving yourself a reward when you go to the gym, or saving a specific amount of money on your salary day. These programs can be suggested by the bank to its clients, based on transactions and usages, of course as long as it not too intrusive.

If we refer to digital onboarding (e-KYC), there are some institutions still highly dependent on paper-based identity checks and manual identity verification which lead to errors and cost increases, as the bank needs more personnel to check IDs.

1.4         Increased demand for diverse and secure payment methods, coupled with a surge of Account-to-Account/ Open Banking payments – PSD2 requires that Strong Customer authentication (SCA) is applied to all electronic payments, including proximity, remote and m-payments, within the European Economic Area. Still, other payment options provide the same level of fraud protection that SCA is driving towards (including bank-to-bank payments and Open Banking payments) and these could be layered on the foundation of users’ digital identity.

1.5         Rise of (different types of) fraud – the increased use of digital channels has enabled fraudsters to perpetrate financial fraud at scale, like using synthetic identities (when a criminal creates an identity based on stolen customer data from real people) or conducting financial identity theft (when criminals obtain someone’s financial information to get money, products, or other financial benefits). The absence of a single data source to verify individual identities makes this issue very challenging for FIs.

1.6         Rise of money laundering activities - another threat coming from financial identity theft includes money laundering. Criminals illegally obtain personal information and use it to create accounts which are then used to launder money.

Open Banking principles as the building layer for digital identity

But, if an interoperable digital identity framework/layer were built, many of these challenges would be overcome, and even more, additional benefits/services would be created.

The creation of this digital identity layer is based (and it is also a premise of) on open finance principles, standards, and regulations like Open Banking and data sharing strategies. And the opposite is also true. By building and enabling an Open Banking infrastructure, financial services firms (banks) can accelerate the development of a digital identity framework. Furthermore, Open Banking principles can be easily expanded by banks to create monetisable APIs that can be used to develop more nuanced customer services based on identity attributes shared by customers (with their consent).

A digital identity framework based on Open Banking/open APIs would create a trusted/adaptable digital identity for a person, based on a set of standards and a set of shared, digitally identifying data attributes permissioned by that person. This framework would be compounded by identities that are verified and authenticated to a high degree of assurance, that meet both government and private-sector institutions’ standards for initial registration and subsequent acceptance for a multitude of important civic and economic uses; these IDs should be unique, established with individual consent, aiming to protect user privacy and ensure control over personal data. Once this framework is in place, there are a plethora of benefits that can be achieved to meet the needs of all participants within the new digital economy.

Benefits of a digital identity framework based on Open Banking

• Keeping users in control of the data they share - customers have control over who accesses their data and for how long, knowing that data may only be accessed when they give their consent and authorisation.

• Boosting the digital onboarding process (and UX in general when accessing digital financial services) – for instance, customers can seamlessly prove their identity to access any financial or non-financial product or service without presenting a physical ID document or go through another repetitive digital onboarding process.

• Preventing illegal activity or money laundering - rigorous KYC controls, that prevent banks from being used by criminals for money laundering activities, can be enhanced by Open Banking processes such as digital passporting which allow for permissioned exchange of trusted KYC data between parties, with users ‘consent.

There are situations when fintech payment apps that integrate with banks to support quick money transfers are used by criminals to transfer ill-gotten gains; however, a reliable digital identity verification method enables screening new and existing customers to detect and take on attempted money laundering.

• Offering seamless ecommerce experience – by combining digital identities with Open Banking payments customers can validate their address or age and make a payment in one go to complete a transaction.

• Data sharing within the units of the same organisations or with other businesses – by exposing customer data attributes over secure open APIs, with the consent of the customer, cooperation within organisation’s units and cross-industry use cases can be achieved, e.g., age verification, enabling FIs to build an ecosystem of partners and unlock new revenue opportunities.

• Boosting cross-sector/domain collaboration - open APIs drive collaboration not only between banks and fintech but also between financial regulators and government bodies to steer best practices and standards across the sector.

All in all, what has started as a European regulation around securely sharing banking data between financial institutions and third-party providers to build better financial products and services has become the building principle of an open data economy across the globe. An open data economy that encapsulates not only payments and boosting the UX, but also fighting fraud, preserving the integrity of citizens, creating value and trust across continents.

The article was originally published in The Paypers’ Open Banking Report 2021.

About Mirela Ciobanu

Mirela Ciobanu is a Senior Editor at The Paypers and has been actively involved in drafting industry reports, carrying out interviews, and writing about innovation in payments and fintech. She is passionate about finding the latest news on AI, crypto, blockchain, DeFi and she is an active advocate of the need to keep our online data/presence protected. Mirela has a bachelor’s degree in English language and holds a master’s degree in Marketing. She can be reached at mirelac@thepaypers.com or via LinkedIn.