Those who believe that ‘tap and go’ credit cards are the pinnacle of banking payment solutions could be in for a big surprise.
Chris Michael, a UK-based payments specialist and head of technology at Open Banking Limited UK, says that developments in open banking APIs could render card payments obsolete and significantly reduce levels of card fraud.
Open Banking is a non-profit organisation established to help banks comply with The UK’s Competition and Market Authority (CMA) Order and Europe’s second Payment Services Directive (PSD2).
Michael, who visited South Africa as a guest of identity-focused security provider Ubusha Technology, held a series of discussions with local banks to discuss Open Banking and PSD2.
European regulators believe that the directive will lead to a single integrated market for payment services and usher in an era of increased competition and transparency among banking and third-party financial services providers worldwide.
“Open Banking is supporting the move to PSD2 by developing a set of standards for APIs; a platform that manages the identities of banks and regulated third parties; and a suite of software and services to establish and run an open banking ecosystem,” says Michael.
The API standards, which sit at the heart of the open banking ecosystem, are more secure and transparent than current solutions which often rely on risky ‘screen scraping’ and credential sharing to access accounts and complete payments.
The open banking methodology centres on the customer’s exclusive ownership of his or her data, with the customer having the final say as to which third-party providers can access this information.
“A core principle of open banking is that customers do not have to share their banking credentials,” says Michael. “In conjunction with the Open ID Foundation, we have developed a security model that allows them to authenticate any payment transaction using their biometric data – via their banking app – without sharing sensitive data with a third-party.”
The result is that customers can give third party service providers access to their bank accounts in a manner that is secure, traceable and entirely regulated.
The open banking environment will rely heavily on customer identity & access management (CIAM) to ensure that the right customer has secure and seamless access to the right applications, services & APIs. Customer identities will be secured using strong customer authentication – also referred to as multi-factor authentication.
Stakeholders in the domestic banking sector have been following market responses to PSD2 since its introduction in January 2018. “Improving customer outcomes is a key objective for banks and new Fintech firms, and those who learn from the PSD2 adoption – and the trend towards open banking solutions – will have a definite edge,” comments Michael.
It is also hoped that Fintech start-ups deploying under an open banking environment will assist in meeting South Africa’s financial sector transformation goals. The sharing of data between banks and third parties will remove barriers to entry and result in competitive, cost-effective solutions that will greatly improve access to financial services among lower income consumers.
“Ubusha realises the need for businesses to achieve ‘secure information postures’ thus allowing them to thrive in the modern era,” comments Maruis Agenbag, CEO of Ubusha Technology.
He adds, “Firms that launch in an open banking environment will have to combines service and software in beginning-to-end solutions that closely match customers’ needs.”
Ubusha is already working with banks and other large enterprises in the delivery of CIAM solutions across multiple digital channels. Its ‘multi-factor customer authentication’ offering will give an immediate edge to firms looking to launch into the open banking environment.
“Open banking APIs make it easier to analyse expenditures, and to provide a range of services that help people to manage their money better,” concludes Michael. “In the payments space open banking APIs have the potential to replace cards and card schemes entirely – the technology is more secure, more reliable and allows financial service providers to operate at lower costs.”