The reform of open banking is rapidly gathering momentum. Although this transition may improve the operational efficiency of the banking business and enhance the user experience, it may also expose individuals to privacy and security breaches. Due to require banks to provide personal financial information, it may be difficult to provide basic protection, which is the source of self sovereignty of digitally ID verification.
Benefits of open banking
It has been one year since the second payment service directive (PSD2) took effect. During that time, despite the Covid-19 interference, more than 2 million customers still started using Open Bank-supported products. Since January 2020, this number has doubled, with a steady increase of 160,000 users per month.
The Open Banking plan has inspired consumers to exercise their data rights to benefit themselves and their finances. At the same time, it expands the market for financial touting business models, promotes competition, and allows small businesses to attract the attention of consumers.
Open banking represents a desperately needed consumer of interoperability. Since its inception, a large number of applications and tools for managing finances have swept the market, allowing users to easily access once isolated banking systems, thereby simplifying processes in a single application and even consolidating separate accounts.
This is not purely accounting-centric. Open banking has allowed third-party developers to produce a series of novel products, such as coupons, rewards and discount applications, to help mortgage applicants get rid of the starting point of credit establishment, and even allow token holding Some convert applications by means of cryptocurrency payment.
Opening up banks, increasing risks
Although open banking wants to maintain its fashion and its adoption rate continues to rise, privacy and security deficiencies still have potential problems. For banks, the biggest danger is that they have provided this service in accordance with the requirements of regulatory agencies, but once it exceeds their scope, privacy and security problems will arise. This is not good for us, our customers or the bank.
Under the supervision of open banking, if customer data falls into the wrong hands, there is almost no protection measure to protect customer data . For example, a malicious actor may effortlessly establish a fintech company just for the purpose of plundering important financial data. The risk also extends to the use of legitimate fintech infrastructure. All it has to do is to attack the central server of the fintech company (even through the application itself) so that bad actors can collect what they need to impersonate users.
In addition, many fintech applications still use outdated and insecure two-factor authentication (2FA) to verify transactions in the form of text messages or emails, so they are no longer suitable for this purpose. Hacking via SIM card exchange and email can easily circumvent 2FA in its most basic form.
However, the end user is at the greatest risk of attack . Phishing emails come from third-party providers that require passwords or other sensitive information, which may put users’ data at risk.
Although many consumers have become accustomed to ignoring such communications from banks, applications tend to use their mailing lists to push users new products, services, transactions and even newsletters. In this way, unsuspecting consumers may be caught off guard and unknowingly provide access to malicious actors and hackers.
Similarly, open banking can easily send the wrong money to the wrong person. Bad actors can achieve this through invoice fraud, or send payment by sending an email with a classification code and account number.
The globalization brought about by open banking innovation has also brought global regulatory risks. The due diligence process is no longer limited to a country, language or regulatory agency. Now, it is important to have a real-time panoramic view of all regulated entities, so that customer data and financial information can be protected, and the ecosystem of open banking can operate as expected in a safe manner. There, a verified digital identity can solve this problem.
Own our own data
Disclosure of financial data is always destined to be frightening, but this does not mean that it must remain in this way. On the contrary, consumers and businesses on both sides need to control and protect their data, and digitally verified identities and payment methods may be the answer.
Utilizing the immutability of the blockchain and connecting to the payment source, and the digital ID verified by biometrics, not only eliminates the responsibility of third-party businesses to ensure the security of our financial data, but also eliminates fraudulent push and identity Risk of misappropriation.
Customers do not need to use outdated username and password combinations and insecure SMS and email verification, but can bind their digital ID to the bank through applications, platforms and services without any need for intermediaries to endanger the privacy and privacy of customers. Security does not even endanger the privacy and security of customers, as well as the bank itself. In turn, banks can safely provide customers with legal rights to use services and products.
Digitally verified IDs can also help mitigate (or even eliminate) push payment fraud. Either party to the transaction uses a verified ID and cannot and will not process payment requests made outside of the established channels.
Perhaps most importantly, the digital ID ensures that the person logging in is the rightful owner and that the service that connects the user to his bank is performed in a secure environment.
This also limits the possibility of using a password to protect all data leaks. In addition, through the use of technologies such as zero-knowledge proof, the information can be ciphered without revealing any information . According to the customer’s special requirements or functions, the digital identity can be verified through biometrics, controlled devices or other forms of biometric verification. Seek other verification.
Blockchain can also help develop systems by recording private transactions and activities to inform and strengthen future legal interactions and prevent abnormal interactions.
Undoubtedly, this will improve the feasibility and success of open banking, enable the entire service ecosystem to safely provide more services to consumers, and foster further innovation in the financial sector, and bring ease to individuals and banks Privacy protection, security and peace of mind.
The original text comes from the English version of Forbes, compiled by Blockchain Knight, the English copyright belongs to the original author, please contact the compiler for Chinese reprint.