Putting the “Open” in Open Banking: Trust, Security and Privacy

Open Banking, or the system of accessing consumer banking and financial accounts through third-party applications, is growing in popularity around the world. Between January and September 2020, the number of customers using Open Banking-enabled products rose to more than two million in the United Kingdom.  Given the rising adoption rates of online banking specifically and digital services in general, many assert that the United States is next.

Central to this question of Open financial technology is the matter of trust: individuals are concerned about the security of their data as more parties are granted access and that access is provided more frequently. In a recent ING survey, only 30% of retail bank customers across Europe were comfortable with their bank accounts being shared by third-party providers (TPPs), even if the customers had already given their permission for that sharing previously.

Therefore, where technology is the first half of the equation, building trust is the second half to equate to adoption of Open financial systems. While Open Banking regulators established strict standards for firms wanting to participate that firms can meet, the TPPs are small FinTech start-ups unequipped to deal with the regulatory hurdles that include demonstrating data storage, security, privacy and IT compliance. Yet Open Banking will need more of these FinTechs, plus other financial institutions, to create an Open ecosystem going forward.

So how can FinTechs and financial institutions meet the necessary Open Banking standards needed to gain and keep the trust of consumers? Enter Envestnet | Yodlee®.

Lean on a Trusted Leader

As an independent data aggregator and one of the original FinTech companies in the United States, Envestnet | Yodlee has long understood how trust, security and privacy are entwined with and underpin the provision of financial services. It’s why we’ve made it our mission to provide secure open access of financial data that consumers and organizations need for their financial wellbeing lives, products, and future, as described below.

Higher Level Data Security and Privacy

Envestnet | Yodlee follows the rules of OAuth to create Open Banking compliant workflows for responsible data access. This prevents the requirement for consumers to share their login credentials with third parties. Envestnet | Yodlee also employs bank-level encryption protocols so that the data aggregated from financial institutions within these secure workflows meets the highest level of security.

Envestnet | Yodlee remains abreast of evolving Open Banking regulations across many jurisdictions. We lead within industry groups crafting next-generation technical standards (like the Financial Data Exchange) and advocating for consumers’ rights to secure access and secure use of their data by TPPs (such as through the Financial Data and Technology Association).

Of equal importance, Envestnet | Yodlee applies a strict privacy policy that requires transactional data to be:

  • Consumer permissioned;
  • safeguarded through each workflow; and
  • de-identified in any derived analytics and reports.

These requirements include storing and managing data in separate networks, and only refreshing permissioned data on behalf of the user to support data agreements.

Trust Envestnet | Yodlee

As Open Banking is a larger part of the financial wellness equation, data security and privacy will remain top concerns for both regulators and consumers. Partnering with Envestnet | Yodlee can give you the peace of mind to know you’ll get open access tools for financial data designed with security in mind to bring consumers’ new financial experiences to life. Continue learning more about Open Banking: What is Open Banking and see some Open Banking Examples