As Australian financial institutions prepare for Open Banking, they’re leveraging open banking application programming interfaces (APIs) to securely share data and build banking applications. This is reducing the need for screen scraping.
What Is Screen Scraping?
Screen scraping is the act of extracting information on a digital display to be used for a different purpose. In general, screen scraping utilises display data from a specific user interface (UI) or document. Depending on what the process is being used for, screen scraping can be accomplished in several ways.
The Difference Between Screen Scraping and Data Scraping
It’s important to distinguish data scraping from screen scraping. Data scraping is a specific screen scraping technique and is specifically used for extracting data from the web. Screen scraping and data scraping are similar in their goals to extract data, but they differ in where they pull data from. Screen scraping involves copying information on a digital display, while data scraping involves copying information from the web.
What Is Screen Scraping Used For?
Screen scraping’s wide range of applications have made it a versatile method for copying data to use for other purposes. Within the financial services industry, these applications have included:
- Data aggregation and enrichment of financial transaction data to power Personal Finance Management (PFM) and lending applications
- Providing third party applications with access to banking data, such as credit card interest rate comparison applications
Is Screen Scraping Safe?
Whilst some Financial Institutions in Australia have expressed concerns around their customers sharing banking credentials with screen scrapers, Australian Regulators are not opposed to this practice whilst the Australian banking regime is being built.
Screen scraping applications involve customers sharing banking credentials to allow screen scrapers to read their bank account and financial data to power Fintech and banking applications.
To avoid putting users at risk of being exposed to fraud and their credentials falling into the wrong hands, it is important to work with a screen scraper who adheres to strict security standards, carries out third party due diligence audits and applies credential encryption.
Screen Scraping in FinTech
In the FinTech industry, screen scraping can be an effective method to gather financial data. Users share their login information with a third party who uses it to access their financial transaction data by logging into digital ports for customers. Once granted access, screen scraping apps can retrieve the incoming and outgoing transactions across accounts and keep track of data as it’s updated. It can be costly for FinTech companies to build and maintain effective and secure screen scraping systems that are also secure. A screen scraper’s functionality is fragile, and requires updating when financial institutions making minor or unexpected changes or MFA promtps.
Screen Scraping and Open Banking
Screen scraping is being phased out by a standardised and regulated way to gather financial data in open banking APIs.
Open banking APIs can provide access to bank account and financial data without users providing their credentials to third parties.
Fintech in Australia is moving toward open banking with the Consumer Data Right (CDR) going into effect. The CDR gives consumers more control over their financial data, like choosing the types of data collected and which third party organisations they wish to share it with. As the country rolls out its open banking regime, the use of screen scraping by financial organisations is likely to see a major shift.
Will Screen Scraping Be Banned?
Under the CDR, Australian consumers can choose to give accredited third party organisations access to their financial data via open banking APIs. To become accredited, third party organisations and FinTech companies must meet the regulatory standards for functionality and security by the Australian government.
The increased level of security open banking APIs have compared to screen scraping was recognised by the European Banking Authority as they determined security standards for sharing data via APIs under the EU’s Payment Services Directive (PSD2). The European Commission made extensive clarifications for API security standards, and pushed to the end the practice of screen scraping. Whether Australia will follow suit to end screen scraping is yet to be seen. No official ban has been announced or hinted at yet.
Open Banking Timeline in Australia
Open banking in Australia has arrived, and is already changing how banks and financial institutions share financial data.
From 01 July 2020, Australia’s major banks must make their data open banking ready so consumers can choose whether to share their financial data with accredited third party data recipients. Other Authorised Deposit-Taking Institutions (ADIs) will do the same for consumers at later dates.
From 01 November 2020 and beyond, Australian banks will add to the types of financial data ready to share via APIs, further expanding the use cases supported by open banking APIs.
For a full timeline of the Australia open banking rollout, visit the Australian Banking Association.