01Mar, 2019

Open Banking

How will Open Banking impact payments?

Open Banking will soon be a reality in Australia. Starting July 2019, Australia’s ‘Big Four’ banks, Commonwealth Bank of Australia (CBA), the National Australia Bank (NAB), Australia and New Zealand Banking Group (ANZ), and Westpac have agreed to make CDR (consumer data records) data related to credit cards, debit cards and deposit data available for an open banking framework. This is set to have a significant impact on the financial services industry with the “big four” controlling more than 90% market share in the financial industry in Australia.

What is Open Banking?

Open Banking is about giving customers control of their financial data and allowing other organisations to access your data (with your permission).  Currently, it’s difficult for customers to access their data and for banks to send that data to other companies. The current banking environment restricts the development of new value-added financial services and also restricts movement to new products or services.

The new Open Banking Framework is designed to benefit consumers and stimulate innovation in the fintech industry value-added services and products around the data and API.  Having access to your data and ability to share it with other technology product vendors can open up a world of intelligence and services for consumers. For example, a simple service which consolidates transaction data across all your banking usage such as transactions in your cards, wallets, and accounts can provide significant insights into your spending habits and potentially a better way to manage your finances.

Many newer business models are possible with open banking with this aiding new trends such as context-based payments, omnichannel payments, more modern financial instruments, contactless payments and many more.

The three major areas affected by Open Banking are banks, payment companies, and consumers. Here we look at that impact on all three areas concerning technology, business models and regulations.

Impact on Banking

Banks are the most affected with many of their traditional business models affected by Open Banking. However, given the significance of the change, it provides opportunities to work with fintechs to create the new products thus benefiting everyone in the finance ecosystem.

Data Munging and Wrangling.

While the premise of sharing data is easier to understand, the reality of implementing it is complicated. One of the complexities is the consistent formatting of data as per open banking standards. Without this, it is tough for payment companies to do anything meaningful with the data.  In the near term, it requires a lot of effort on the part of banks involved and will lead to investments in software and systems to produce data that conforms to open banking standards.

Open Application Programming Interface (API) for Data Access.

Open Banking API is the key to the framework and offers tremendous benefits to independent companies and developers. APIs allow access to data without the need to store and manage the data themselves. They also help safeguard data from misuse and provide a certain level of security.

However, the real benefit of APIs is that software or other internet-connected devices can become a payment application. The software or systems could be chat forums, e-commerce sites, chat apps websites and can connect with APIs to conduct transactions. This has far-reaching effects on banking and payments as people no longer need to login to the banks, and the payment process becomes more context-based and happens behind the scenes.

Banks now need to consider scalability as there is potential for billions of new API requests as a result of Open Banking access.

Security, Privacy, Consent, and Regulations

As access to data increases, increased effort and investment needs to be made towards security and privacy. Both call detail records (CDR) and open API require careful design so as not to expose personally identifiable information. Masking, tokenisation, and encryption are essential and provide privacy to a great extent, but careful planning of the data is also a must. A poorly designed data framework can invariably expose the consumer to a data breach.

Consent, forms the crux of CDR sharing, so a lot of effort should go towards building easy to use consent frameworks. Consumer awareness and education is also an important part and all the ecosystem players, not just banks need to share this responsibility.

Compliance and regulations become complex to manage as the data becomes fluid. Banks need to make an additional effort to manage relevant regulations such as PCI-DSS, ISO 27018 (protecting PII) and Australian Prudential Regulation Authority (APRA) Standards (Prudential standards for financial services institutions).

Impact on Payments

The open API will increase the growth of context-based payments and omnichannel payments as organisations change in line with customer expectations. This requires the implementation of flexible and scalable payment technology that can adapt to potential new products and services that arise from Open Banking.

Australia is ready for disruption in payments. With 90% of the Australians owning a smartphone, 5G network speeds to be rolled out in 2019 and 80% growth in wearables make it the right time to exploit open banking API.

Reduced Time to Market.

Open API provides new opportunities for payment companies and new startups alike. There is potential for increased competition from new players with a reduction in the time to market.    This, in turn, will drive innovation and require flexibility to manage this competition.

On the other hand, this API gives new players the opportunity to compete with bigger, more established companies.

Increased need for certification and regulatory compliance.

To compete, payment companies will be required to meet stricter regulatory standards and compliance requirements. Standards such as PCI DSS compliance and new requirements from the Australian Prudential Regulation Authority (APRA) require third-party payment providers to demonstrate compliance and a focus on data security. This will require many payment companies to overhaul their security systems to cater to this new reality.

As a payment provider, IPSI provides payment solutions that are all Level 1 PCI DSS compliant and align with APRA’s prudential standard for cloud-based providers.

Impact on Consumers.

For consumers, Open Banking means more significant benefits, more choices and richer apps. Open Banking aims to make a positive impact on the financial services industry with greater choice and control over your financial data.

If you would like to discuss Open Banking and its potential impact on your organisation, please contact us on 1300 975 630 or email us at [email protected]

Related Articles

The benefits of mandatory data breach notification laws in Australia

Mandatory data breach notification laws would result in greater security for Australians and improved protection of their sensitive information. And i

Read More

Cost of data breach report (with Australian Statistics)

Ponemon Institute 2013 Cost of Data Breach report The 2013 Cost of Data Breach report published by the Ponemon Institute (sponsored by Symantec) revea

Read More

How to survive a data breach

In the past two years, LinkedIn, eHarmony, Twitter, Adobe and, most recently, Target have suffered data breaches that together exposed more than 120 m

Read More

Credit card data discovery tools lay the foundation for good data security

Card Holder Data (CHD) discovery tools are becoming essential in identifying none secure sensitive data locations. Since December 2013, a series of da

Read More