There is a growing tension between data sharing - the basic tenet of Open Banking - and high profile data breaches, as customers grow increasingly aware of and sensitive to data security issues.

This is according to a new report from TLT, which surveyed 130 senior decision makers in UK banks, building societies, challenger banks, payment service providers and FinTech firms – including board members, heads of department and transformation programme managers.

The law firm found that three quarters (77 per cent) of respondents agreed that trust and understanding of Open Banking was low when it first launched in January and only 30 per cent reckon this has improved since then.

Progress is threatened by high profile data breaches, which half (49 per cent) of respondents said has damaged customer trust in Open Banking, even though none of these breaches have yet happened in the Open Banking space.

Two thirds of respondents also said damage to customer trust where data is lost or misused is the biggest risk in relation to data sharing under Open Banking – trumping other concerns over potential data loss via third party providers (52 per cent), increased fraud risk due to a larger 'attack surface' for hackers (50 per cent) and increased risks and liabilities arising from regulatory obligations (32 per cent).

As a result of these concerns, most financial services companies are taking significant measures to protect themselves and customers against potential threats including risk-sharing arrangements with counter-parties.

TLT found that 63 per cent now have a ‘comprehensive strategy’ in place for Open Banking, with dedicated teams and investment to tackle cyber security and fraud risks. Companies also plan to take action to improve customer communications about Open Banking (42 per cent), increase data security (40 per cent), update customer-facing websites and digital banking channels (42 per cent) and undertake advertising campaigns to promote their Open Banking offerings (23 per cent).

Brian Craig, data protection legal director at TLT, said that the challenge for Open Banking players is to both respond to emerging threats and anticipate the future by investing in technological infrastructure and procedures to keep customer data secure. “Successful companies will communicate effectively with customers about how new security protocols and services work and implement the measures to deliver them."

David Gardner, technology partner at TLT, pointed out that Open Banking and second payments services directive (PSD2) actually bring significant improvements to data security for banking customers, including encryption, tokenisation and Strong Customer Authentication requirements.

“These mean that customers using Open Banking channels have enhanced protection over and above that which is offered by existing services using less secure methods, such as screen-scraping,” he stated.

"However, customer fears about data security are real and understandable in the context of heavily reported, high profile data breaches elsewhere – the financial services industry faces a challenge to overcome these fears.”

Share Story: